Data compression using dynamic Markov modelling
The Computer Journal
Arithmetic coding for data compression
Communications of the ACM
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Information Theory and Reliable Communication
Information Theory and Reliable Communication
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
The CoralReef Software Suite as a Tool for System and Network Administrators
LISA '01 Proceedings of the 15th USENIX conference on System administration
A Mathematical Theory of Communication
A Mathematical Theory of Communication
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Hi-index | 0.00 |
In the last few years, the classification of IP traffic flows according to application level protocols has emerged as a key issue for the design and development of multiservice IP networks. Several proposals have been made to address this problem and to enhance such systems, but to the best of our knowledge none of them is suitable for reliably identifying the application that generated the IP traffic. This paper introduces a new approach, based on the use of compression algorithms, which can be used to classify applications running over TCP. Three different compression algorithms are taken into consideration and applied to real traffic traces, so as to demonstrate the effectiveness of the proposed method and to evaluate the performance.