Network Security Monitoring-Oriented Application-Level Protocol Identification Technology

Wang, Dong-xia; Feng, Yan-ru

doi:10.1007/978-1-4471-2467-2_76

Dong-xia Wang⁴ &
Yan-ru Feng⁴

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 138))

101 Accesses

Abstract

Along with the development of the Internet and strengthening of network protocol, it becomes more and more difficult to monitor network. And some sensitive information have been leaked outside the application environment. Application protocol identification plays an important role in network security monitoring. With accurate application protocol identification, it can improve the accuracy and robustness of the Network Security Monitoring (NSM). A new method of application protocol identification based on classification and characteristic matching is proposed in this paper. According to the experiment, the method can enhance the accuracy of identification. In this paper, we outline the traditional methods of protocol identification, and then propose a layer protocol identification method based on classification and characteristics analysis, which is applied to NSM. The method classifies the identified data stream by coarseness to match the different characteristics, achieving the purpose of identifying more intrusion. Experimental results show that the method greatly improves the efficiency of protocol recognition.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 429.00; Price excludes VAT (USA)

Hardcover Book: USD 549.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

IANA http://www.iana.org/assignments/port-numbers
Thomas K, Andre B, Michalis F, Claffy Kc (2004) Transport layer identification of P2P traffic. In: IMC’04. ACM Press, New York, pp 121–134
Google Scholar
Liang C, Jian G, Xuan X (2009) Feature-based application layer protocol identification string. Comput Eng Appl 42(24):16–19
Google Scholar
Kang HJ, Kim MS, Hong JW-K (2005) A method on multimedia service traffic monitoring and analysis. In: DSOM 2003. Heidelgerg, Germany, pp 93–105
Google Scholar

Download references

Author information

Authors and Affiliations

Information Engineering, Jiyuan Vocational and Technical College, Jiyuan, 459000, Henan, China
Dong-xia Wang & Yan-ru Feng

Authors

Dong-xia Wang
View author publications
You can also search for this author in PubMed Google Scholar
Yan-ru Feng
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dong-xia Wang .

Editor information

Editors and Affiliations

, School of Electrical Engineering and, Henan Polytechnic University, Jiaozuo, China, People's Republic
Xudong Wang
, School of Electrical Engineering and, Henan Polytechnic University, Jiaozuo, China, People's Republic
Fuzhong Wang
, College of Elementary Education, Chongqing Normal University, Chongqing, China, People's Republic
Shaobo Zhong

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wang, Dx., Feng, Yr. (2012). Network Security Monitoring-Oriented Application-Level Protocol Identification Technology. In: Wang, X., Wang, F., Zhong, S. (eds) Electrical, Information Engineering and Mechatronics 2011. Lecture Notes in Electrical Engineering, vol 138. Springer, London. https://doi.org/10.1007/978-1-4471-2467-2_76

Download citation

DOI: https://doi.org/10.1007/978-1-4471-2467-2_76
Published: 13 March 2012
Publisher Name: Springer, London
Print ISBN: 978-1-4471-2466-5
Online ISBN: 978-1-4471-2467-2
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics