A nonparametric approach to the automated protocol fingerprint inference. (1st December 2017)
- Record Type:
- Journal Article
- Title:
- A nonparametric approach to the automated protocol fingerprint inference. (1st December 2017)
- Main Title:
- A nonparametric approach to the automated protocol fingerprint inference
- Authors:
- Wang, YiPeng
Yun, Xiaochun
Zhang, Yongzheng
Chen, Liwei
Wu, Guangjun - Abstract:
- Abstract: Protocol fingerprints are a set of byte subsequences within packet payload that can distinguish individual application protocols. They play an important role for deep packet analysis in traffic normalization and network management. In this paper, we propose ProPrint, a network trace-based protocol fingerprint inference system. In ProPrint, we first build a protocol language model based on a modified nonparametric Bayesian statistical model. Second, we use the corresponding protocol language model to identify field boundaries in packet payload, such that we can segment each payload into a set of protocol feature words according to the hidden structure information. Third, we propose a ranking algorithm that selects true protocol fingerprints from the candidate protocol feature words. In evaluations, we measure ProPrint on real-world network traces, and also compare ProPrint to existing state-of-the-art solutions, ProWord and Securitas. The experimental results show that ProPrint performs better than ProWord and Securitas on f-measure for online application classification.
- Is Part Of:
- Journal of network and computer applications. Volume 99(2017)
- Journal:
- Journal of network and computer applications
- Issue:
- Volume 99(2017)
- Issue Display:
- Volume 99, Issue 2017 (2017)
- Year:
- 2017
- Volume:
- 99
- Issue:
- 2017
- Issue Sort Value:
- 2017-0099-2017-0000
- Page Start:
- 1
- Page End:
- 9
- Publication Date:
- 2017-12-01
- Subjects:
- Protocol fingerprints -- Network traffic -- Nonparametric method
Microcomputers -- Periodicals
Computer networks -- Periodicals
Application software -- Periodicals
Micro-ordinateurs -- Périodiques
Réseaux d'ordinateurs -- Périodiques
Logiciels d'application -- Périodiques
Application software
Computer networks
Microcomputers
Periodicals
004.05
004 - Journal URLs:
- http://www.sciencedirect.com/science/journal/10848045 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.jnca.2017.10.009 ↗
- Languages:
- English
- ISSNs:
- 1084-8045
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5021.410600
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 5298.xml