Mobile app identification for encrypted network flows by traffic correlation. (December 2018)
- Record Type:
- Journal Article
- Title:
- Mobile app identification for encrypted network flows by traffic correlation. (December 2018)
- Main Title:
- Mobile app identification for encrypted network flows by traffic correlation
- Authors:
- He, Gaofeng
Xu, Bingfeng
Zhang, Lu
Zhu, Haiting - Abstract:
- Mobile application (simply "app") identification at a per-flow granularity is vital for traffic engineering, network management, and security practices. However, uncertainty is caused by a growing fraction of encrypted traffic such as Hypertext Transfer Protocol Secure. To address this challenge, we have carefully analyzed mobile app traffic (mainly including Domain Name System, Hypertext Transfer Protocol, and encrypted traffic such as Secure Sockets Layer and Transport Layer Security) and observed that (1) the sets of server hostnames queried by different apps are distinguishable; (2) mobile apps may query multiple server hostnames simultaneously, that is, apps may send several Domain Name System lookups within a short time interval; and (3) the encrypted traffic may be similar to various other network flows generated by the same app. Based on these three observations, in this article, we propose a novel app identification methodology for encrypted network flows. To be specific, temporal, lexical, and metadata similarity are investigated to select correlated traffic and information retrieving techniques are adopted to identify apps. We ran a thorough set of experiments to assess the performance of the proposed approaches. The experimental results show that the identification accuracy can be as high as 95%, and the proposed methods have low storage requirements as well as fast training speeds.
- Is Part Of:
- International journal of distributed sensor networks. Volume 14:Number 12(2018)
- Journal:
- International journal of distributed sensor networks
- Issue:
- Volume 14:Number 12(2018)
- Issue Display:
- Volume 14, Issue 12 (2018)
- Year:
- 2018
- Volume:
- 14
- Issue:
- 12
- Issue Sort Value:
- 2018-0014-0012-0000
- Page Start:
- Page End:
- Publication Date:
- 2018-12
- Subjects:
- Mobile app -- encrypted network traffic -- Domain Name System -- similar traffic retrieval -- traffic correlation
Sensor networks -- Periodicals
Intelligent agents (Computer software) -- Periodicals
Multisensor data fusion -- Periodicals
681.2 - Journal URLs:
- http://www.informaworld.com/smpp/title~content=t714578688~db=all ↗
http://www.metapress.com/openurl.asp?genre=journal&issn=1550-1329 ↗
http://dsn.sagepub.com/ ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1177/1550147718817292 ↗
- Languages:
- English
- ISSNs:
- 1550-1329
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4542.186400
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 9321.xml