Network Application Identification Using Sequential Transition Patterns of Payload Length
-
- WAIZUMI Yuji
- Graduate School of Information Sciences, Tohoku University
-
- SATO Tsuyoshi
- Graduate School of Information Sciences, Tohoku University
-
- TANAKA Kazuyuki
- Graduate School of Information Sciences, Tohoku University
Abstract
A person-to-person information sharing is easily realized by P2P networks that servers are not essential. Information leakages, which are caused by malicious accesses for P2P networks, has become new social issues. To prevent information leakage, it is necessary to detect and block traffics of P2P software. Since some P2P softwares can spoof port numbers, it is difficult to detect the traffics sent from P2P softwares by using port numbers. It is more difficult to devise effective countermeasures for detecting the software because their protocol are not public. In this paper, we propose a method to identify applications using sequential transition patterns of payload length. Through real traffic experiment we show that proposed method can quickly and accurately identify network applications.
Journal
-
- Interdisciplinary Information Sciences
-
Interdisciplinary Information Sciences 18 (2), 189-196, 2012
The Editorial Committee of the Interdisciplinary Information Sciences
- Tweet
Details 詳細情報について
-
- CRID
- 1390282679413112448
-
- NII Article ID
- 130002531680
- 120005428606
-
- ISSN
- 13476157
- 13409050
-
- HANDLE
- 10097/57185
-
- Text Lang
- en
-
- Data Source
-
- JaLC
- IRDB
- Crossref
- CiNii Articles
- KAKEN
-
- Abstract License Flag
- Disallowed
