A reliable network application identification based on transition pattern of payload length

Shinnosuke Yagi, Yuji Waizumi, Hiroshi Tsunoda, Yoshiaki Nemoto

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

In recent years, information leakage through the Internet has become a new social problem. Many information leakage incidents are caused by illegal applications such as Peer-to-Peer (P2P) file sharing software. To prevent information leakage, early detection and blocking of the traffic exchanged by illegal applications is strongly required. We have proposed a method for application identification based on the transition pattern of payload length of startup phase of the communication. The method can identify applications without using port numbers, which can be easily spoofed. However, the method can identify only applications which the method learned and cannot discriminate unlearned applications. In this paper, we propose a new application identification method by introducing "Unknown" category to handle flows of unlearned applications.

Original languageEnglish
Title of host publication2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
Pages1915-1919
Number of pages5
DOIs
Publication statusPublished - 2008 Dec 1
Event2008 IEEE Global Telecommunications Conference, GLOBECOM 2008 - New Orleans, LA, United States
Duration: 2008 Nov 302008 Dec 4

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference

Other

Other2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
CountryUnited States
CityNew Orleans, LA
Period08/11/3008/12/4

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'A reliable network application identification based on transition pattern of payload length'. Together they form a unique fingerprint.

Cite this