论文信息 - Traffic classification on the fly

Traffic classification on the fly

The early detection of applications associated with TCP flows is an essential step for network security and traffic engineering. The classic way to identify flows, i.e. looking at port numbers, is not effective anymore. On the other hand, state-of-the-art techniques cannot determine the application before the end of the TCP flow. In this editorial, we propose a technique that relies on the observation of the first five packets of a TCP connection to identify the application. This result opens a range of new possibilities for online traffic classification.

[1] Michalis Faloutsos,et al. Is P2P dying or just hiding? [P2P traffic measurement] , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[2] Mischa Schwartz,et al. ACM SIGCOMM computer communication review , 2001, CCRV.

[3] Nicolas Hohn,et al. Inverting sampled traffic , 2003, IEEE/ACM Transactions on Networking.

[4] Anthony McGregor,et al. Flow Clustering Using Machine Learning Techniques , 2004, PAM.

[5] Andrew W. Moore,et al. Traffic Classification Using a Statistical Approach , 2005, PAM.

[6] Andrew W. Moore,et al. Internet traffic classification using bayesian analysis techniques , 2005, SIGMETRICS '05.

[7] Matthew Roughan,et al. Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification , 2004, IMC '04.

[8] J. MacQueen. Some methods for classification and analysis of multivariate observations , 1967 .

[9] Michalis Faloutsos,et al. BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.