Abstract
Communication networks, including the Internet, support a wide range of packet-based applications. It is often necessary to know what applications are in use. Traditionally, applications were readily identified by inspection of data held in the packet header such as the destination port number. However, newer and real-time applications cannot always be detected by such a simple investigation and hence other techniques such as packet classification or deep packet analysis have been developed. Deep packet analysis however has significant problems such as its inability to operate on encrypted data packets, and its need to capture specific packets from the traffic stream. The paper considers an alternative approach to the detection of real-time applications. A search was made for a statistical fingerprint derivable from the observable traffic streams generated by such applications. This has been found to be the packet size distribution of the application, and the paper considers this statistic for a range of such applications and network conditions. A detector, based on the described approach, is presented and evaluated using real network traffic.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
