Assessing Unknown Network Traffic
نویسندگان
چکیده
Recent measurements have shown that a growing fraction of all Internet traffic is unknown: it is unclear which applications are causing the traffic. Therefore we have developed and applied a novel methodology to find out what applications are running on the network. This methodology is based on the notion of “induced traffic”: traffic cannot (wide-scale) be on unknown ports, thus, the hypothesis is that such traffic on unknown ports should be preceeded by traffic on known ports between the same peers. We have developed and implemented an algorithm to test this hypothesis. After applying the algorithm in two case studies we, unfortunately, have to conclude that although some improvement is made, there is still a significant fraction of traffic unidentifiable.
منابع مشابه
Detecting Active Bot Networks Based on DNS Traffic Analysis
Abstract—One of the serious threats to cyberspace is the Bot networks or Botnets. Bots are malicious software that acts as a network and allows hackers to remotely manage and control infected computer victims. Given the fact that DNS is one of the most common protocols in the network and is essential for the proper functioning of the network, it is very useful for monitoring, detecting and redu...
متن کاملBehavioral Analysis of Traffic Flow for an Effective Network Traffic Identification
Fast and accurate network traffic identification is becoming essential for network management, high quality of service control and early detection of network traffic abnormalities. Techniques based on statistical features of packet flows have recently become popular for network classification due to the limitations of traditional port and payload based methods. In this paper, we propose a metho...
متن کاملFeature Extraction to Identify Network Traffic with Considering Packet Loss Effects
There are huge petitions of network traffic coming from various applications on Internet. In dealing with this volume of network traffic, network management plays a crucial rule. Traffic classification is a basic technique which is used by Internet service providers (ISP) to manage network resources and to guarantee Internet security. In addition, growing bandwidth usage, at one hand, and limit...
متن کاملA Systematic Method to Analyze Transport Networks: Considering Traffic Shifts
Current network modeling practices usually assess the network performance at specified time interval, i.e. every 5 or 10 years time horizon. Furthermore, they are usually based on partially predictable data, which are being generated through various stochastic procedures. In this research, a new quantitative based methodology which combines combinatorial optimization modeling and transportation...
متن کاملTraffic Impact Assessment of Land Use Proposals: Fifty Years of Australian Experience
Draft traffic impact assessment (TIA) guidelines for various landuses in general, and for high traffic generating buildings in particular, were published in Iran in the middle of 2016. In formulating that report the Traffic Committee of the Iranian Building Engineering Order reviewed international experience, including that of Australia. Traffic impact assessment started in Australia in the 196...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004