Flexible Traffic and Host Profiling Via DNS Rendezvous

The ability to accurately classify network traffic and to perform timely detection of the presence of unwanted classes of traffic has important implications for network operations and security. In recent years, classification has become more challenging due to applications that use ports that are not well-known that overload or masquerade with other applications' well-known ports, and that may encrypt or otherwise obfuscate their payload. The goal of the paper is to develop a method for traffic classification that is flexible, i.e., that can be used to create arbitrary organizations of traffic from coarse to fine-grained groups, and can identify encrypted traffic as well as new applications.

Provided by: University of Wisconsin Topic: Mobility Date Added: Mar 2011 Format: PDF

Find By Topic