Analyzing peer-to-peer traffic across large networks
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Automatically inferring patterns of resource consumption in network traffic
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
An analysis of Internet chat systems
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Fully automatic cross-associations
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Analysis of communities of interest in data networks
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Traffic classification on the fly
ACM SIGCOMM Computer Communication Review
Realistic and responsive network traffic generation
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Beyond bloom filters: from approximate membership checks to approximate state machines
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
Unexpected means of protocol inference
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Using visual motifs to classify encrypted traffic
Proceedings of the 3rd international workshop on Visualization for computer security
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Identifying and discriminating between web and peer-to-peer traffic in the network core
Proceedings of the 16th international conference on World Wide Web
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
An empirical approach to modeling inter-AS traffic matrices
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Byte me: a case for byte accuracy in traffic classification
Proceedings of the 3rd annual ACM workshop on Mining network data
Passive measurement of one-way and two-way flow lifetimes
ACM SIGCOMM Computer Communication Review
ACM SIGCOMM Computer Communication Review
Offline/realtime traffic classification using semi-supervised learning
Performance Evaluation
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Lightweight application classification for network management
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Towards high-performance flow-level packet processing on multi-core network processors
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
A generic language for application-specific flow sampling
ACM SIGCOMM Computer Communication Review
An adaptive anomaly detector for worm detection
SYSML'07 Proceedings of the 2nd USENIX workshop on Tackling computer systems problems with machine learning techniques
On web browsing privacy in anonymized NetFlows
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Identifying dynamic IP address blocks serendipitously through background scanning traffic
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Accurate and real time method for network packet classification
AIC'06 Proceedings of the 6th WSEAS International Conference on Applied Informatics and Communications
A comparative analysis of web and peer-to-peer traffic
Proceedings of the 17th international conference on World Wide Web
Early application identification
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Learning for accurate classification of real-time traffic
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
CSAMP: a system for network-wide flow monitoring
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
What's going on?: learning communication rules in edge networks
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Unconstrained endpoint profiling (googling the internet)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
P4p: provider portal for applications
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Implementation Issues of Early Application Identification
AINTEC '07 Proceedings of the 3rd Asian conference on Internet Engineering: Sustainable Internet
The Contact Surface: A Technique for Exploring Internet Scale Emergent Behaviors
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Continuous Time Bayesian Networks for Host Level Network Intrusion Detection
ECML PKDD '08 Proceedings of the European conference on Machine Learning and Knowledge Discovery in Databases - Part II
Context-aware clustering of DNS query traffic
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Fast monitoring of traffic subpopulations
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Traffic analysis of mobile broadband networks
WICON '07 Proceedings of the 3rd international conference on Wireless internet
Inter-domain policy violations in multi-hop overlay routes: Analysis and mitigation
Computer Networks: The International Journal of Computer and Telecommunications Networking
Acceleration of decision tree searching for IP traffic classification
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Understanding IPv6 Usage: Communities and Behaviors
APNOMS '08 Proceedings of the 11th Asia-Pacific Symposium on Network Operations and Management: Challenges for Next Generation Network Operations and Service Management
Fast Traffic Classification in High Speed Networks
APNOMS '08 Proceedings of the 11th Asia-Pacific Symposium on Network Operations and Management: Challenges for Next Generation Network Operations and Service Management
Pattern Recognition Approaches for Classifying IP Flows
SSPR & SPR '08 Proceedings of the 2008 Joint IAPR International Workshop on Structural, Syntactic, and Statistical Pattern Recognition
Topnet: a network-aware top(1)
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
Online hybrid traffic classifier for Peer-to-Peer systems based on network processors
Applied Soft Computing
Bittorrent peer identification based on behaviors of a choke algorithm
Proceedings of the 4th Asian Conference on Internet Engineering
Traffic classification using en-semble learning and co-training
AIC'08 Proceedings of the 8th conference on Applied informatics and communications
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
A nonlinear, recurrence-based approach to traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Characterizing network traffic by means of the NetMine framework
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient application identification and the temporal and spatial stability of classification schema
Computer Networks: The International Journal of Computer and Telecommunications Networking
Profiling and identification of P2P traffic
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 18th international conference on World wide web
Behavioural Characterization for Network Anomaly Detection
Transactions on Computational Science IV
PBS: Periodic Behavioral Spectrum of P2P Applications
PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Automatic discovery of botnet communities on large-scale communication networks
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
BotCop: An Online Botnet Traffic Classifier
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
Online Classification of Network Flows
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
On Metrics to Distinguish Skype Flows from HTTP Traffic
Journal of Network and Systems Management
Inferring undesirable behavior from P2P traffic analysis
Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems
Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems
GTVS: Boosting the Collection of Application Traffic Ground Truth
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
TIE: A Community-Oriented Traffic Classification Platform
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Accurate, Fine-Grained Classification of P2P-TV Applications by Simply Counting Packets
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
KISS: Stochastic Packet Inspection
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Identify P2P Traffic by Inspecting Data Transfer Behaviour
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Real Time Identification of SSH Encrypted Application Flows by Using Cluster Analysis Techniques
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Enhancing Application Identification by Means of Sequential Testing
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Review: Application classification using packet size distribution and port association
Journal of Network and Computer Applications
Swing: realistic and responsive network traffic generation
IEEE/ACM Transactions on Networking (TON)
Classifying SSH encrypted traffic with minimum packet header features using genetic programming
Proceedings of the 11th Annual Conference Companion on Genetic and Evolutionary Computation Conference: Late Breaking Papers
Browser Fingerprinting from Coarse Traffic Summaries: Techniques and Implications
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
On the impacts of human interactions in MMORPG traffic
Multimedia Tools and Applications
Classification of P2P and HTTP Using Specific Protocol Characteristics
EUNICE '09 Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop on The Internet of the Future
GT: picking up the truth from the ground for internet traffic
ACM SIGCOMM Computer Communication Review
Early traffic classification using support vector machines
Proceedings of the 5th International Latin American Networking Conference
Challenging statistical classification for operational usage: the ADSL case
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Macroscope: end-point approach to networked application dependency discovery
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Exploiting dynamicity in graph-based traffic analysis: techniques and applications
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Behavior rule based intrusion detection
Proceedings of the 5th international student workshop on Emerging networking experiments and technologies
Discriminating internet applications based on multiscale analysis
NGI'09 Proceedings of the 5th Euro-NGI conference on Next Generation Internet networks
On traffic characteristics of a broadband wireless internet access
NGI'09 Proceedings of the 5th Euro-NGI conference on Next Generation Internet networks
A visualization tool for exploring multi-scale network traffic anomalies
SPECTS'09 Proceedings of the 12th international conference on Symposium on Performance Evaluation of Computer & Telecommunication Systems
Application-specific packet capturing using kernel probes
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Traffic Classification Based on Flow Similarity
IPOM '09 Proceedings of the 9th IEEE International Workshop on IP Operations and Management
Statistical texture analysis methods for network traffic classification
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
Service-based traffic classification: principles and validation
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
Detection of illicit traffic based on multiscale analysis
SoftCOM'09 Proceedings of the 17th international conference on Software, Telecommunications and Computer Networks
Graph-based P2P traffic classification at the internet backbone
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Exploring graph-based network traffic monitoring
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Machine learning based encrypted traffic classification: identifying SSH and skype
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Distributed P2P traffic identification method
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
A network traffic identification method based on finite state machine
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
A novel self-learning architecture for p2p traffic classification in high speed networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Early recognition of encrypted applications
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Fast, accurate, and lightweight real-time traffic identification method based on flow statistics
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Real-time behaviour profiling for network monitoring
International Journal of Internet Protocol Technology
Traffic classification - towards accurate real time network applications
HCI'07 Proceedings of the 12th international conference on Human-computer interaction: applications and services
Composite lightweight traffic classification system for network management
International Journal of Network Management
Hit-list worm detection and bot identification in large networks using protocol graphs
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Improving topological routing in N2R networks
CAAN'07 Proceedings of the 4th conference on Combinatorial and algorithmic aspects of networking
A visualization framework for traffic data exploration and scan detection
NTMS'09 Proceedings of the 3rd international conference on New technologies, mobility and security
On the validation of traffic classification algorithms
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Network traffic classification based on error-correcting output codes and NN ensemble
FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 3
Identify P2P traffic by inspecting data transfer behavior
Computer Communications
Better network traffic identification through the independent combination of techniques
Journal of Network and Computer Applications
HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency
Computer Networks: The International Journal of Computer and Telecommunications Networking
Inferring applications at the network layer using collective traffic statistics
Proceedings of the ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Impact of asymmetric routing on statistical traffic classification
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
An experimental evaluation of the computational cost of a DPI traffic classifier
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Using network motifs to identify application protocols
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Hybrid traffic classification approach based on decision tree
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Internet application traffic classification using fixed IP-port
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Volume traffic anomaly detection using hierarchical clustering
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Fine-grained traffic classification with netflow data
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Upgrading mice to elephants: effects and end-point solutions
IEEE/ACM Transactions on Networking (TON)
Googling the internet: profiling internet endpoints via the world wide web
IEEE/ACM Transactions on Networking (TON)
Identifying the use of data/voice/video-based P2P traffic by DNS-query behavior
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
An automatic and dynamic parameter tuning of a statistic-based anomaly detection algorithm
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Peer-to-peer application recognition based on signaling activity
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
An approach towards anomaly based detection and profiling covert TCP/IP channels
ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
Link homophily in the application layer and its usage in traffic classification
INFOCOM'10 Proceedings of the 29th conference on Information communications
URCA: pulling out anomalies by their root causes
INFOCOM'10 Proceedings of the 29th conference on Information communications
Predictive blacklisting as an implicit recommendation system
INFOCOM'10 Proceedings of the 29th conference on Information communications
Diffprobe: detecting ISP service discrimination
INFOCOM'10 Proceedings of the 29th conference on Information communications
Visualizing host traffic through graphs
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Traffic classification using visual motifs: an empirical evaluation
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
AjaxTracker: active measurement system for high-fidelity characterization of AJAX applications
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
An evaluation of automatic parameter tuning of a statistics-based anomaly detection algorithm
International Journal of Network Management
Unsupervised host behavior classification from connection patterns
International Journal of Network Management
Relational network-service clustering analysis with set evidences
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
Proceedings of the 2010 Workshop on Economics of Networks, Systems, and Computation
Digging into HTTPS: flow-based classification of webmail traffic
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Revisiting the case for a minimalist approach for network flow monitoring
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
An incentive-based approach to traffic management for peer-to-peer overlays
ETM'10 Proceedings of the Third international conference on Incentives, overlays, and economic traffic control
Network DVR: a programmable framework for application-aware trace collection
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
Network prefix-level traffic profiling: Characterizing, modeling, and evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking
NET-FLi: on-the-fly compression, archiving and indexing of streaming network traffic
Proceedings of the VLDB Endowment
Profiling-By-Association: a resilient traffic profiling solution for the internet backbone
Proceedings of the 6th International COnference
Internet traffic classification demystified: on the sources of the discriminative power
Proceedings of the 6th International COnference
An FPGA-based system for tracking digital information transmitted via Peer-to-Peer protocols
International Journal of Security and Networks
Nfsight: netflow-based network awareness tool
LISA'10 Proceedings of the 24th international conference on Large installation system administration
NeTraMark: a network traffic classification benchmark
ACM SIGCOMM Computer Communication Review
Clustering botnet communication traffic based on n-gram feature selection
Computer Communications
A VoIP Traffic Identification Scheme Based on Host and Flow Behavior Analysis
Journal of Network and Systems Management
Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
Journal of Network and Systems Management
Properties and Evolution of Internet Traffic Networks from Anonymized Flow Data
ACM Transactions on Internet Technology (TOIT)
Intrusion detection using continuous time Bayesian networks
Journal of Artificial Intelligence Research
Summary-invisible networking: techniques and defenses
ISC'10 Proceedings of the 13th international conference on Information security
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of the impact of sampling on NetFlow traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
KISS: stochastic packet inspection classifier for UDP traffic
IEEE/ACM Transactions on Networking (TON)
Host-Based P2P Flow Identification and Use in Real-Time
ACM Transactions on the Web (TWEB)
Improving matching performance of DPI traffic classifier
Proceedings of the 2011 ACM Symposium on Applied Computing
Graption: A graph-based P2P traffic classification framework for the internet backbone
Computer Networks: The International Journal of Computer and Telecommunications Networking
Mining unclassified traffic using automatic clustering techniques
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Inferring users' online activities through traffic analysis
Proceedings of the fourth ACM conference on Wireless network security
BotTrack: tracking botnets using NetFlow and PageRank
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
Machine learning approach for IP-flow record anomaly detection
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
Using of time characteristics in data flow for traffic classification
AIMS'11 Proceedings of the 5th international conference on Autonomous infrastructure, management, and security: managing the dynamics of networks and services
Discriminating graphs through spectral projections
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Session-based classification of internet applications in 3G wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 23rd International Teletraffic Congress
Self-adaptive QoS control mechanism in cognitive networks based on intelligent service awareness
WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
SMILER: Towards Practical Online Traffic Classification
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Session level flow classification by packet size distribution and session grouping
Computer Networks: The International Journal of Computer and Telecommunications Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
Uncovering relations between traffic classifiers and anomaly detectors via graph theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Kiss to abacus: a comparison of P2P-TV traffic classifiers
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
K-dimensional trees for continuous traffic classification
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Realtime classification for encrypted traffic
SEA'10 Proceedings of the 9th international conference on Experimental Algorithms
A Modular Machine Learning System for Flow-Level Traffic Classification in Large Networks
ACM Transactions on Knowledge Discovery from Data (TKDD)
Witnessing distributed denial-of-service traffic from an attacker's network
Proceedings of the 7th International Conference on Network and Services Management
Journal of Network and Computer Applications
Finding peer-to-peer file-sharing using coarse network behaviors
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Network traffic classification via HMM under the guidance of syntactic structure
Computer Networks: The International Journal of Computer and Telecommunications Networking
Cooperative traffic management for video streaming overlays
Computer Networks: The International Journal of Computer and Telecommunications Networking
Network flow classification based on the rhythm of packets
ICONIP'11 Proceedings of the 18th international conference on Neural Information Processing - Volume Part II
Network traffic classification using a parallel neural network classifier architecture
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Challenges in network application identification
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
ICDEM'10 Proceedings of the Second international conference on Data Engineering and Management
Internet access traffic measurement and analysis
TMA'12 Proceedings of the 4th international conference on Traffic Monitoring and Analysis
Unmasking the growing UDP traffic in a campus network
PAM'12 Proceedings of the 13th international conference on Passive and Active Measurement
An application-level content generative model for network applications
Proceedings of the 5th International ICST Conference on Simulation Tools and Techniques
A framework for attack patterns' discovery in honeynet data
Digital Investigation: The International Journal of Digital Forensics & Incident Response
UARA in edge routers: an effective approach to user fairness and traffic shaping
International Journal of Communication Systems
Real-time creation of bitmap indexes on streaming network data
The VLDB Journal — The International Journal on Very Large Data Bases
Detecting anomalies in netflow record time series by using a kernel function
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Classifying internet one-way traffic
Proceedings of the 2012 ACM conference on Internet measurement conference
AFR: automatic multi-stage forensic data retrieval
Proceedings of the 2012 ACM conference on CoNEXT student workshop
High throughput and programmable online trafficclassifier on FPGA
Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays
Application traffic classification at the early stage by characterizing application rounds
Information Sciences: an International Journal
Review: A survey of network flow applications
Journal of Network and Computer Applications
A supervised machine learning approach to classify host roles on line using sFlow
Proceedings of the first edition workshop on High performance and programmable networking
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Massive scale cyber traffic analysis: a driver for graph database research
First International Workshop on Graph Data Management Experiences and Systems
Toward an efficient and scalable feature selection approach for internet traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
A framework for monitoring and measuring a large-scale distributed system in real time
Proceedings of the 5th ACM workshop on HotPlanet
Online NetFPGA decision tree statistical traffic classifier
Computer Communications
Protocol misidentification made easy with format-transforming encryption
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
IEEE/ACM Transactions on Networking (TON)
A scalable network forensics mechanism for stealthy self-propagating attacks
Computer Communications
P2P traffic classification using ensemble learning
Proceedings of the 5th IBM Collaborative Academia Research Exchange Workshop
PeerRush: mining for unwanted p2p traffic
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Traffic classification combining flow correlation and ensemble classifier
International Journal of Wireless and Mobile Computing
Information Sciences: an International Journal
Hi-index | 0.00 |
We present a fundamentally different approach to classifying traffic flows according to the applications that generate them. In contrast to previous methods, our approach is based on observing and identifying patterns of host behavior at the transport layer. We analyze these patterns at three levels of increasing detail (i) the social, (ii) the functional and (iii) the application level. This multilevel approach of looking at traffic flow is probably the most important contribution of this paper. Furthermore, our approach has two important features. First, it operates in the dark, having (a) no access to packet payload, (b) no knowledge of port numbers and (c) no additional information other than what current flow collectors provide. These restrictions respect privacy, technological and practical constraints. Second, it can be tuned to balance the accuracy of the classification versus the number of successfully classified traffic flows. We demonstrate the effectiveness of our approach on three real traces. Our results show that we are able to classify 80%-90% of the traffic with more than 95% accuracy.