IEEE Transactions on Software Engineering - Special issue on computer security and privacy
HTTP/TCP connection and flow characteristics
Performance Evaluation - Special issue on internet performance modelling
Stochastic Protocol Modeling for Anomaly Based Network Intrusion Detection
IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
An analysis of Internet chat systems
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Early application identification
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Detecting VoIP Traffic Based on Human Conversation Patterns
Principles, Systems and Applications of IP Telecommunications. Services and Security for Next Generation Networks
Efficient application identification and the temporal and spatial stability of classification schema
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automatic discovery of botnet communities on large-scale communication networks
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Online Classification of Network Flows
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
On traffic characteristics of a broadband wireless internet access
NGI'09 Proceedings of the 5th Euro-NGI conference on Next Generation Internet networks
An FPGA-based system for tracking digital information transmitted via Peer-to-Peer protocols
International Journal of Security and Networks
Session-based classification of internet applications in 3G wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
In this paper we present a real-time automatic process to traffic classification and to the detection of abnormal behaviors in IP traffic. The proposed method aims to detect anomalies in the traffic associated to a particular service, or to automatically recognize the service associated to a given sequence of packets at the transport layer. Service classification is becoming a central issue because of the emergence of new services (P2P, VoIP, Streaming video, etc...) which raises new challenges in resource reservation, pricing, network monitoring, etc... In order to identify a specific signature to an application, we first of all model the sequence of its packets at the transport layer by means of a first order Markov chain. Then, we decide which service should be associated to any new sequence by means of standard decision techniques (Maximum Likelihood criterion, Neyman-Pearson test). The evaluation of our automatic recognition procedure using live GPRS Orange France traffic traces demonstrates the feasibility and the excellent performance of this approach.