A Reliable Network Application Identification Based on Transition Pattern of Payload Length
In recent years, information leakage through the Internet has become a new social problem. Many information leakage incidents are caused by illegal applications such as Peer-To-Peer (P2P) file sharing software. To prevent information leakage, early detection and blocking of the traffic exchanged by illegal applications is strongly required. The authors have proposed a method for application identification based on the transition pattern of payload length of startup phase of the communication. The method can identify applications without using port numbers, which can be easily spoofed.