Networking

An Automatic Application Signature Construction System for Unknown Traffic

Download Now Free registration required

Executive Summary

Identifying applications and classifying network traffic flows according to their source applications are critical for a broad range of network activities. Such a decision can be based on packet header fields, packet payload content, statistical characteristics of traffic and communication patterns of network hosts. However, most present techniques rely on some sort of a priori knowledge, which means they require labor-intensive preprocessing before running and cannot deal with previously unknown applications. In this paper, the authors propose a traffic classification system based on application signatures, with a novel approach to fully automate the process of deriving signatures from unidentified traffic.

  • Format: PDF
  • Size: 413.6 KB