Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Automated Traffic Classification and Application Identification using Machine Learning
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
ACM SIGCOMM Computer Communication Review
Offline/realtime traffic classification using semi-supervised learning
Performance Evaluation
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Polyglot: automatic extraction of protocol message format using dynamic binary analysis
Proceedings of the 14th ACM conference on Computer and communications security
Discoverer: automatic protocol reverse engineering from network traces
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Prospex: Protocol Specification Extraction
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
All your droid are belong to us: a survey of current android attacks
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Reverse Engineering of Protocols from Network Traces
WCRE '11 Proceedings of the 2011 18th Working Conference on Reverse Engineering
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
| Hi-index | 0.00 |
The evolution of the Internet in the last few years has been characterized by dramatic changes to the way users behave, interact and utilize the network. This has posed new challenges to network operators. To deal with the increasing number of threats to enterprise networks, operators need greater visibility and understanding of the applications running in their networks. In years gone by, the biggest challenge in network application identification used to be of providing real-time classification at increasing wire speeds. But now the operators are facing another challenge - the ability to keep pace with the tremendous rate of development of new applications. This problem can be attributed largely to the explosive growth in the number of web and mobile applications. This combined with application hiding techniques like encryption, port abuse, and tunneling have rendered the traditional approaches for application identification ineffective. In this paper, we discuss the challenges facing the network operators and the limitations of current state of the art approaches in both the commercial and the research world in solving these problems.