Statistical network protocol identification with unknown pattern extraction

Autor: Yu Wang, Hanxiao Xue, Waixi Liu, Yang Liu
Rok vydání: 2019
Předmět:
Zdroj: Annals of Telecommunications. 74:473-482
ISSN: 1958-9395
0003-4347
DOI: 10.1007/s12243-019-00704-y
Popis: Network traffic classification is an enabling technique for network security and management for both traditional networks and emerging networks such as Internet of Things. Due to the decreasing effectiveness of traditional port-based and payload-based methods, lots of research attentions are devoted to an alternative approach based on flow and packet-level traffic characteristics. A variety of statistical classification schemes are proposed in this context, but most of them embody an implicit assumption that all protocols are known in advance and well presented in the training data. This assumption is unrealistic because real-world networks constantly witness emerging traffic patterns and protocols that are previously unknown. In this paper, we revisit the problem by proposing a learning scheme with unknown pattern extraction for statistical protocol identification. The scheme is designed with a more realistic setting, in which we assume that the training data only consists of labeled samples from a limited number of protocols, and the goal is to identify these known patterns out of arbitrary traffic mixture of both known and unknown protocols. Our experiments based on real-world traffic show that the proposed scheme outperforms previous approaches by accurately identifying both known and unknown protocols.
Databáze: OpenAIRE
Externí odkaz: