Analyzing peer-to-peer traffic across large networks
IEEE/ACM Transactions on Networking (TON)
A behavioral approach to worm detection
Proceedings of the 2004 ACM workshop on Rapid malcode
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Identifying Known and Unknown Peer-to-Peer Traffic
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
Unexpected means of protocol inference
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Role classification of hosts within enterprise networks based on connection patterns
ATEC '03 Proceedings of the annual conference on USENIX Annual Technical Conference
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Forensic Analysis for Epidemic Attacks in Federated Networks
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
Unconstrained endpoint profiling (googling the internet)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Hit-list worm detection and bot identification in large networks using protocol graphs
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
A survey of techniques for internet traffic classification using machine learning
IEEE Communications Surveys & Tutorials
LCGT: a low-cost continuous ground truth generation method for traffic classification
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Fine-grained traffic classification with netflow data
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
An approach towards anomaly based detection and profiling covert TCP/IP channels
ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
Internet traffic classification demystified: on the sources of the discriminative power
Proceedings of the 6th International COnference
NeTraMark: a network traffic classification benchmark
ACM SIGCOMM Computer Communication Review
Graption: A graph-based P2P traffic classification framework for the internet backbone
Computer Networks: The International Journal of Computer and Telecommunications Networking
Measuring the effectiveness of infrastructure-level detection of large-scale botnets
Proceedings of the Nineteenth International Workshop on Quality of Service
Discriminating graphs through spectral projections
Computer Networks: The International Journal of Computer and Telecommunications Networking
Kiss to abacus: a comparison of P2P-TV traffic classifiers
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
A Modular Machine Learning System for Flow-Level Traffic Classification in Large Networks
ACM Transactions on Knowledge Discovery from Data (TKDD)
An efficient fuzzy controller based technique for network traffic classification to improve QoS
Proceedings of the Fifth International Conference on Security of Information and Networks
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
The state of peer-to-peer network simulators
ACM Computing Surveys (CSUR)
Protocol misidentification made easy with format-transforming encryption
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
Monitoring network traffic and classifying applications are essential functions for network administrators. In this paper, we consider the use of Traffic Dispersion Graphs (TDGs) to classify network traffic. Given a set of flows, a TDG is a graph with an edge between any two IP addresses that communicate; thus TDGs capture network-wide interactions. Using TDGs, we develop an application classification framework dubbed Graption (Graph-based classification). Our framework provides a systematic way to harness the power of network-wide behavior, flow-level characteristics, and data mining techniques. As a proof of concept, we instantiate our framework to detect P2P applications, and show that it can identify P2P traffic with recall and precision greater than 90% in backbone traces, which are particularly challenging for other methods.