Abstract
This paper describes a protocol detection using statistic information about a flow extended by packet sizes and time characteristics, which consist of packet inter-arrival times. The most common way of network traffic classification is a deep packet inspection (DPI). Our approach deals with the DPI disadvantage in power consumption using aggregated IPFIX data instead of looking into packet content. According to our previous experiments, we have found that applications have their own behavioral pattern, which can be used for the applications detection. With a respect to current state of development, we mainly present the idea, the results which we have achieved so far and of our future work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bernaille, L., Teixeira, R., Salamatian, K.: Early Application Identification. In: ADETTI/ISCTE CoNEXT Conference, Lisboa, Portugal (2006)
Deza, M.M., Deza, E.: Encyclopedia of Distances. Springer, Heidelberg (2009)
Erman, J., Arlitt, M., Mahanti, A.: Traffic classification using clustering algorithms. SIGCOMM (2006)
Heyer, L.J., Kruglyak, S., Yooseph, S.: Exploring expression data: Identification and analysis of coexpressed genes. Genome Research 9(11), 1106–1115 (1999)
Hjelmvik, E., John, W.: Breaking and Improving Protocol Obfuscation, Technical Report No: 2010-05, Department of Computer Science and Engineering, Chalmers University of Technology, Gothenburg, Sweden (2010)
Internet Assigned Numbers Authority (IANA), http://www.iana.org/assignments/port-numbers
Karagiannis, T., Papagiannaki, K., Faloutsos, M.: Blinc multilevel traffic classification in the dark. SIGCOMM (2005)
Liberouter, http://www.liberouter.org/
MacQueen, J.B.: Some methods for classification and analysis of multivariate observations. In: Proceedings of 5-th Berkeley Symposium on Mathematical Statistics and Probability, pp. 281–297. University of California Press, Berkeley (1967)
Netflow Sensor (NfSen), http://nfsen.sourceforge.net/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Piskac, P., Novotny, J. (2011). Using of Time Characteristics in Data Flow for Traffic Classification. In: Chrisment, I., Couch, A., Badonnel, R., Waldburger, M. (eds) Managing the Dynamics of Networks and Services. AIMS 2011. Lecture Notes in Computer Science, vol 6734. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21484-4_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-21484-4_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21483-7
Online ISBN: 978-3-642-21484-4
eBook Packages: Computer ScienceComputer Science (R0)