Ethereal Packet Sniffing
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
The CoralReef Software Suite as a Tool for System and Network Administrators
LISA '01 Proceedings of the 15th USENIX conference on System administration
Packet-level traffic measurements from the Sprint IP backbone
IEEE Network: The Magazine of Global Internetworking
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
Unexpected means of protocol inference
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Using visual motifs to classify encrypted traffic
Proceedings of the 3rd international workshop on Visualization for computer security
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Identifying and discriminating between web and peer-to-peer traffic in the network core
Proceedings of the 16th international conference on World Wide Web
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
A markovian signature-based approach to IP traffic classification
Proceedings of the 3rd annual ACM workshop on Mining network data
Byte me: a case for byte accuracy in traffic classification
Proceedings of the 3rd annual ACM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
Offline/realtime traffic classification using semi-supervised learning
Performance Evaluation
Lightweight application classification for network management
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Accurate and real time method for network packet classification
AIC'06 Proceedings of the 6th WSEAS International Conference on Applied Informatics and Communications
Synergy: blending heterogeneous measurement elements for effective network monitoring
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Semi-supervised approach to rapid and reliable labeling of large data sets
Proceedings of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining
Network exception handlers: host-network control in enterprise networks
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Unconstrained endpoint profiling (googling the internet)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Topnet: a network-aware top(1)
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
A nonlinear, recurrence-based approach to traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient application identification and the temporal and spatial stability of classification schema
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automatic discovery of botnet communities on large-scale communication networks
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
BotCop: An Online Botnet Traffic Classifier
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
On Metrics to Distinguish Skype Flows from HTTP Traffic
Journal of Network and Systems Management
GTVS: Boosting the Collection of Application Traffic Ground Truth
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
TIE: A Community-Oriented Traffic Classification Platform
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Accurate, Fine-Grained Classification of P2P-TV Applications by Simply Counting Packets
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Identify P2P Traffic by Inspecting Data Transfer Behaviour
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Enhancing Application Identification by Means of Sequential Testing
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Review: Application classification using packet size distribution and port association
Journal of Network and Computer Applications
Classifying SSH encrypted traffic with minimum packet header features using genetic programming
Proceedings of the 11th Annual Conference Companion on Genetic and Evolutionary Computation Conference: Late Breaking Papers
Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Predictions with Confidence in Applications
MLDM '09 Proceedings of the 6th International Conference on Machine Learning and Data Mining in Pattern Recognition
On the impacts of human interactions in MMORPG traffic
Multimedia Tools and Applications
Early traffic classification using support vector machines
Proceedings of the 5th International Latin American Networking Conference
Application-specific packet capturing using kernel probes
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Traffic Classification Based on Flow Similarity
IPOM '09 Proceedings of the 9th IEEE International Workshop on IP Operations and Management
Service-based traffic classification: principles and validation
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
Graph-based P2P traffic classification at the internet backbone
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Machine learning based encrypted traffic classification: identifying SSH and skype
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Distributed P2P traffic identification method
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
A network traffic identification method based on finite state machine
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
A novel self-learning architecture for p2p traffic classification in high speed networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Fast, accurate, and lightweight real-time traffic identification method based on flow statistics
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Survey on traffic of metro area network with measurement on-line
ITC20'07 Proceedings of the 20th international teletraffic conference on Managing traffic performance in converged networks
Traffic classification - towards accurate real time network applications
HCI'07 Proceedings of the 12th international conference on Human-computer interaction: applications and services
Improving cost and accuracy of DPI traffic classifiers
Proceedings of the 2010 ACM Symposium on Applied Computing
Composite lightweight traffic classification system for network management
International Journal of Network Management
Trends and differences in connection-behavior within classes of internet backbone traffic
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Network traffic classification based on error-correcting output codes and NN ensemble
FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 3
Identify P2P traffic by inspecting data transfer behavior
Computer Communications
An experimental evaluation of the computational cost of a DPI traffic classifier
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Using network motifs to identify application protocols
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Fine-grained traffic classification with netflow data
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Identifying the use of data/voice/video-based P2P traffic by DNS-query behavior
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Relational network-service clustering analysis with set evidences
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
Digging into HTTPS: flow-based classification of webmail traffic
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Co-match: fast and efficient packet inspection for multiple flows
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Profiling-By-Association: a resilient traffic profiling solution for the internet backbone
Proceedings of the 6th International COnference
Internet traffic classification demystified: on the sources of the discriminative power
Proceedings of the 6th International COnference
NeTraMark: a network traffic classification benchmark
ACM SIGCOMM Computer Communication Review
Clustering botnet communication traffic based on n-gram feature selection
Computer Communications
Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
Journal of Network and Systems Management
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of the impact of sampling on NetFlow traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
KISS: stochastic packet inspection classifier for UDP traffic
IEEE/ACM Transactions on Networking (TON)
Graption: A graph-based P2P traffic classification framework for the internet backbone
Computer Networks: The International Journal of Computer and Telecommunications Networking
Characterization of the busy-hour traffic of IP networks based on their intrinsic features
Computer Networks: The International Journal of Computer and Telecommunications Networking
The network from above and below
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack
WSEAS TRANSACTIONS on COMMUNICATIONS
Computer Networks: The International Journal of Computer and Telecommunications Networking
Session-based classification of internet applications in 3G wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 23rd International Teletraffic Congress
Deja vu: fingerprinting network problems
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Traffic modeling and classification using packet train length and packet train size
IPOM'06 Proceedings of the 6th IEEE international conference on IP Operations and Management
Uncovering relations between traffic classifiers and anomaly detectors via graph theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Kiss to abacus: a comparison of P2P-TV traffic classifiers
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Traffic classification using a statistical approach
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Journal of Network and Computer Applications
Network traffic classification via HMM under the guidance of syntactic structure
Computer Networks: The International Journal of Computer and Telecommunications Networking
Challenges in network application identification
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Feature selection for optimizing traffic classification
Computer Communications
A pipelined processor architecture for regular expression string matching
Microprocessors & Microsystems
Methodology for detection and restraint of p2p applications in the network
ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part IV
Machine learning-based classification of encrypted internet traffic
MLDM'12 Proceedings of the 8th international conference on Machine Learning and Data Mining in Pattern Recognition
Statistical traffic classification by boosting support vector machines
Proceedings of the 7th Latin American Networking Conference
Deep packet inspection tools and techniques in commodity platforms: Challenges and trends
Journal of Network and Computer Applications
High throughput and programmable online trafficclassifier on FPGA
Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Toward an efficient and scalable feature selection approach for internet traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Online NetFPGA decision tree statistical traffic classifier
Computer Communications
Reviewing traffic classification
DataTraffic Monitoring and Analysis
| Hi-index | 0.00 |
Well-known port numbers can no longer be used to reliably identify network applications. There is a variety of new Internet applications that either do not use well-known port numbers or use other protocols, such as HTTP, as wrappers in order to go through firewalls without being blocked. One consequence of this is that a simple inspection of the port numbers used by flows may lead to the inaccurate classification of network traffic. In this work, we look at these inaccuracies in detail. Using a full payload packet trace collected from an Internet site we attempt to identify the types of errors that may result from port-based classification and quantify them for the specific trace under study. To address this question we devise a classification methodology that relies on the full packet payload. We describe the building blocks of this methodology and elaborate on the complications that arise in that context. A classification technique approaching 100% accuracy proves to be a labor-intensive process that needs to test flow-characteristics against multiple classification criteria in order to gain sufficient confidence in the nature of the causal application. Nevertheless, the benefits gained from a content-based classification approach are evident. We are capable of accurately classifying what would be otherwise classified as unknown as well as identifying traffic flows that could otherwise be classified incorrectly. Our work opens up multiple research issues that we intend to address in future work.