Abstract : This paper describes a protocol detection using statistic information about a flow extended by packet sizes and time characteristics, which consist of packet inter-arrival times. The most common way of network traffic classification is a deep packet inspection (DPI). Our approach deals with the DPI disadvantage in power consumption using aggregated IPFIX data instead of looking into packet content. According to our previous experiments, we have found that applications have their own behavioral pattern, which can be used for the applications detection. With a respect to current state of development, we mainly present the idea, the results which we have achieved so far and of our future work.
https://hal.inria.fr/hal-01585856 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Tuesday, September 12, 2017 - 10:19:22 AM Last modification on : Wednesday, November 18, 2020 - 6:32:03 PM Long-term archiving on: : Wednesday, December 13, 2017 - 4:18:27 PM
Pavel Piskac, Jiri Novotny. Using of Time Characteristics in Data Flow for Traffic Classification. 5th Autonomous Infrastructure, Management and Security (AIMS), Jun 2011, Nancy, France. pp.173-176, ⟨10.1007/978-3-642-21484-4_21⟩. ⟨hal-01585856⟩