TY - GEN
T1 - A reliable network application identification based on transition pattern of payload length
AU - Yagi, Shinnosuke
AU - Waizumi, Yuji
AU - Tsunoda, Hiroshi
AU - Nemoto, Yoshiaki
PY - 2008/12/1
Y1 - 2008/12/1
N2 - In recent years, information leakage through the Internet has become a new social problem. Many information leakage incidents are caused by illegal applications such as Peer-to-Peer (P2P) file sharing software. To prevent information leakage, early detection and blocking of the traffic exchanged by illegal applications is strongly required. We have proposed a method for application identification based on the transition pattern of payload length of startup phase of the communication. The method can identify applications without using port numbers, which can be easily spoofed. However, the method can identify only applications which the method learned and cannot discriminate unlearned applications. In this paper, we propose a new application identification method by introducing "Unknown" category to handle flows of unlearned applications.
AB - In recent years, information leakage through the Internet has become a new social problem. Many information leakage incidents are caused by illegal applications such as Peer-to-Peer (P2P) file sharing software. To prevent information leakage, early detection and blocking of the traffic exchanged by illegal applications is strongly required. We have proposed a method for application identification based on the transition pattern of payload length of startup phase of the communication. The method can identify applications without using port numbers, which can be easily spoofed. However, the method can identify only applications which the method learned and cannot discriminate unlearned applications. In this paper, we propose a new application identification method by introducing "Unknown" category to handle flows of unlearned applications.
UR - http://www.scopus.com/inward/record.url?scp=67249114801&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=67249114801&partnerID=8YFLogxK
U2 - 10.1109/GLOCOM.2008.ECP.370
DO - 10.1109/GLOCOM.2008.ECP.370
M3 - Conference contribution
AN - SCOPUS:67249114801
SN - 9781424423248
T3 - GLOBECOM - IEEE Global Telecommunications Conference
SP - 1915
EP - 1919
BT - 2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
T2 - 2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
Y2 - 30 November 2008 through 4 December 2008
ER -