Machine Learning and keyword-matching integrated Protocol Identification

Identifying the underlying protocol carried in the data traffic (i.e., Protocol Identification) is of fundamental important to QoS, Security, Network management and many other purposes. Port-based, content-based and behavior-based are commonly used identification methods in today's networks. However, all of these methods have their own shortcomings. In this paper, a new Machine Learning and Keyword-matching Integrated (MALKI) protocol identification method is proposed to overcome the shortcomings brought by these existing methods. The proposed method combines the content and behavior-based technologies together to identify the underlying protocol in the data flow. A prototype is implemented on a high performance multi-core processor platform. From the experimental results, we can see the proposed method is effective and efficient when applied into the protocol identification.