Abstract
Along with the development of the Internet and strengthening of network protocol, it becomes more and more difficult to monitor network. And some sensitive information have been leaked outside the application environment. Application protocol identification plays an important role in network security monitoring. With accurate application protocol identification, it can improve the accuracy and robustness of the Network Security Monitoring (NSM). A new method of application protocol identification based on classification and characteristic matching is proposed in this paper. According to the experiment, the method can enhance the accuracy of identification. In this paper, we outline the traditional methods of protocol identification, and then propose a layer protocol identification method based on classification and characteristics analysis, which is applied to NSM. The method classifies the identified data stream by coarseness to match the different characteristics, achieving the purpose of identifying more intrusion. Experimental results show that the method greatly improves the efficiency of protocol recognition.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Thomas K, Andre B, Michalis F, Claffy Kc (2004) Transport layer identification of P2P traffic. In: IMC’04. ACM Press, New York, pp 121–134
Liang C, Jian G, Xuan X (2009) Feature-based application layer protocol identification string. Comput Eng Appl 42(24):16–19
Kang HJ, Kim MS, Hong JW-K (2005) A method on multimedia service traffic monitoring and analysis. In: DSOM 2003. Heidelgerg, Germany, pp 93–105
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag London Limited
About this paper
Cite this paper
Wang, Dx., Feng, Yr. (2012). Network Security Monitoring-Oriented Application-Level Protocol Identification Technology. In: Wang, X., Wang, F., Zhong, S. (eds) Electrical, Information Engineering and Mechatronics 2011. Lecture Notes in Electrical Engineering, vol 138. Springer, London. https://doi.org/10.1007/978-1-4471-2467-2_76
Download citation
DOI: https://doi.org/10.1007/978-1-4471-2467-2_76
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-2466-5
Online ISBN: 978-1-4471-2467-2
eBook Packages: EngineeringEngineering (R0)