Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IMC
2006
ACM
2006
ACM
Unexpected means of protocol inference
Network managers are inevitably called upon to associate network traffic with particular applications. Indeed, this operation is critical for a wide range of management functions ranging from debugging and security to analytics and policy support. Traditionally, managers have relied on application adherence to a well established global port mapping: Web traffic on port 80, mail traffic on port 25 and so on. However, a range of factors — including firewall port blocking, tunneling, dynamic port allocation, and a bloom of new distributed applications — has weakened the value of this approach. We analyze three alternative mechanisms using statistical and structural content models for automatically identifying traffic that uses the same application-layer protocol, relying solely on flow content. In this manner, known applications may be identified regardless of port number, while traffic from one unknown application will be identified as distinct from another. We evaluate eac...
Real-time TrafficDynamic Port Allocation | IMC 2006 | Port | Port 25 |
Related Content
| Added | 13 Jun 2010 |
| Updated | 13 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | IMC |
| Authors | Justin Ma, Kirill Levchenko, Christian Kreibich, Stefan Savage, Geoffrey M. Voelker |
Comments (0)
Researcher Info
|
