An association analysis and identification for unknown protocol of bitstream oriented

As for the bitstream data features in mobile wireless network, a method based on association rules was proposed to identify the unknown protocol in certain circumstances. The method improved traditional protocol identification technology to reduce its limitation by ways of port number and fixed features of known protocol. Through capturing bitstream data transmitted in wireless environment, the method extracted the feature information and also mined the association rules to identify and mark the unknown protocol using the learning mechanism of machine. Then the unknown protocol in a specific environment was found and analyzed by marking the fingerprint information of protocol. Finally, the efficiency of the method was evaluated by two kinds of protocol to obtain that the average recognition rate of protocol was more than 99%, while the average false‐recognition rate is less than 0.6%. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Lan Chen,et al.  Semantic Link Network-Based Model for Organizing Multimedia Big Data , 2014, IEEE Transactions on Emerging Topics in Computing.

[2]  Yang Hong-wa Bitstream-oriented Frequent Pattern Sequence Mining Algorithm , 2011 .

[3]  Matthew S. Gast,et al.  802.11 Wireless Networks: The Definitive Guide , 2002 .

[4]  Ramakrishnan Srikant,et al.  Mining sequential patterns , 1995, Proceedings of the Eleventh International Conference on Data Engineering.

[5]  Lan Chen,et al.  Knowle: A semantic link network based system for organizing large scale online news events , 2015, Future Gener. Comput. Syst..

[6]  Matthew S Gast 802.11 Wireless Networks: The Definitive Guide, Second Edition , 2005 .

[7]  Tomasz Imielinski,et al.  Mining association rules between sets of items in large databases , 1993, SIGMOD Conference.

[8]  Shunxiang Zhang,et al.  Mining temporal explicit and implicit semantic relations between entities using web search engines , 2014, Future Gener. Comput. Syst..

[9]  Jaroslav Zendulka,et al.  Mining Association Rules from Relational Data - Average Distance Based Method , 2003, CoopIS/DOA/ODBASE.

[10]  Zhang Wei,et al.  A Filter Algorithm for Approximate String Matching Based on Match-Region Features , 2010 .

[11]  C.J. Coit,et al.  Towards faster string matching for intrusion detection or exceeding the speed of Snort , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[12]  Xue Chen,et al.  Building Association Link Network for Semantic Link on Web Resources , 2011, IEEE Transactions on Automation Science and Engineering.

[13]  Anja Feldmann,et al.  Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection , 2006, USENIX Security Symposium.

[14]  Wang Pan-qing Ethernet protocol identification algorithm based on pattern matching , 2007 .

[15]  Qin Zhi-guang An Improved AC Algorithm for Intrusion Detection , 2010 .

[16]  Oliver Spatscheck,et al.  Accurate, scalable in-network identification of p2p traffic using application signatures , 2004, WWW '04.

[17]  Ye Meng Multi-pattern Matching and Application of Improved Algorithm to Protocol Identification , 2012 .

[18]  Liu Qi Application of Key Words Recommendation Based on Apriori Algorithm in Theme-Oriented Personalized Search , 2006 .

[19]  Rajiv Ranjan,et al.  G-Hadoop: MapReduce across distributed data centers for data-intensive computing , 2013, Future Gener. Comput. Syst..

[20]  Ur Informatik,et al.  Dynamic Protocol Analysis for Network Intrusion Detection Systems , 2005 .

[21]  Jian Pei,et al.  Mining frequent patterns without candidate generation , 2000, SIGMOD '00.

[22]  Nen-Fu Huang,et al.  A fast string-matching algorithm for network processor-based intrusion detection system , 2004, TECS.

[23]  Cormac J. Sreenan,et al.  mmdump: a tool for monitoring internet multimedia traffic , 2000, CCRV.

[24]  James Won-Ki Hong,et al.  A Method on Multimedia Service Traffic Monitoring and Analysis , 2003, DSOM.

[25]  Craig A. Schiller,et al.  Botnets: The Killer Web Applications , 2007 .