Skip to Main content Skip to Navigation
Conference papers

Automatic Transition System Model Identification for Network Applications from Packet Traces

Abstract : A wide range of network management tasks such as balancing bandwidth usage, firewalling, anomaly detection and differentiating traffic pricing, depend on accurate traffic classification. Due to the diversity and variability of network applications, port-based and statistical signature detection approaches become inefficient and hence, behavioral classification approaches have been considered recently. However, so far, there is no automated general method to obtain the behavioral models of applications. In this research, we propose an automatic procedure to infer a transition system model from generated traffic of an application. Our approach is based on passive automata learning theory and evidence driven state merging technique using the rules of the network domain. We consider the behavior of well-known network protocols to generate the model which includes unobserved behaviors and excludes invalid ones as much as possible. To this aim, we present a new equivalence relation regarding the given protocol behaviors to induce proper state merging conditions. This idea has led the time complexity order of the algorithm to be linear rather than exponential. Finally, we apply the model of some real applications to evaluate the precision and execution time of our approach.
Document type :
Conference papers
Complete list of metadata

Cited literature [25 references]  Display  Hide  Download

https://hal.inria.fr/hal-01760863
Contributor : Hal Ifip <>
Submitted on : Friday, April 6, 2018 - 5:21:13 PM
Last modification on : Monday, September 24, 2018 - 3:30:02 PM

File

459025_1_En_14_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Zeynab Sabahi-Kaviani, Fatemeh Ghassemi, Fateme Bajelan. Automatic Transition System Model Identification for Network Applications from Packet Traces. 7th International Conference on Fundamentals of Software Engineering (FSEN), Apr 2017, Teheran, Iran. pp.212-227, ⟨10.1007/978-3-319-68972-2_14⟩. ⟨hal-01760863⟩

Share

Metrics

Record views

200

Files downloads

96