| Presentation | 2010-11-18 Network Application Identification using Observation Probability of Payload Length Yuji WAIZUMI, Tsuyoshi SATO, Kazuyuki TANAKA, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Recently, increasing of information leakages caused by illegal use of network applications have been reported. To prevent the occurrence of such incidents, a network administrator should block the traffic exchanged by unauthorized applications by checking incoming and outgoing traffic of network. A simple application identification method utilizes port numbers. This method is based on an assumption that applications can be mapped to corresponding port numbers. However, this method is not effective because port number setting for applications can be change easily. Therefore, we need a method which quickly identification without port numbers, which are easily spoofed. In this report, we assume that same application flows have similar transition pattern of payload length of each packet in the first stage of connection, and propose a method to identify applications using observation probabilities of payload length. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Application / Identification / Payload Length / Transition pattern / Joint Probability |
| Paper # | NC2010-53 |
| Date of Issue |
| Conference Information | |
| Committee | NC |
|---|---|
| Conference Date | 2010/11/11(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Neurocomputing (NC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Network Application Identification using Observation Probability of Payload Length |
| Sub Title (in English) | |
| Keyword(1) | Application |
| Keyword(2) | Identification |
| Keyword(3) | Payload Length |
| Keyword(4) | Transition pattern |
| Keyword(5) | Joint Probability |
| 1st Author's Name | Yuji WAIZUMI |
| 1st Author's Affiliation | Graduate School of Information Sciences, Tohoku University() |
| 2nd Author's Name | Tsuyoshi SATO |
| 2nd Author's Affiliation | Graduate School of Information Sciences, Tohoku University |
| 3rd Author's Name | Kazuyuki TANAKA |
| 3rd Author's Affiliation | Graduate School of Information Sciences, Tohoku University |
| Date | 2010-11-18 |
| Paper # | NC2010-53 |
| Volume (vol) | vol.110 |
| Number (no) | 295 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |