Publication:
Mejoras en la identificación de tráfico de aplicación basado en firmas

Consultable a partir de

Date

2008

Director

Publisher

Acceso abierto / Sarbide irekia
Contribución a congreso / Biltzarrerako ekarpena

Project identifier

Abstract

Traffic identification has been based traditionally on transport protocol ports, associating always the same ports with the same applications. Nowadays that assumption is not true and new methods like signature identification or statistical techniques are applied. This work presents a method based on signature identification with some improvements. The use of regular expressions for typical applications has been studied deeply and its use has been improved in the aspects of percentage identification and resources consumption. On the other hand, a flows-record structure has been applied in order to classify those packets that do not verify any regular expression. Results are compared with the opensource related project L7-filter, and the improvements are presented. Finally, detailed regular expressions for analyzed applications are included in the paper, especially P2P applications.

Description

Trabajo presentado a las Jornadas de Ingeniería Telemática (Jitel 2008), 16-18 de septiembre de 2008, Alcalá de Henares (España). Pg. 93-102

Keywords

Identificación de tráfico, Firmas

Department

Automática y Computación / Automatika eta Konputazioa

Faculty/School

Degree

Doctorate program

item.page.cita

item.page.rights

Los documentos de Academica-e están protegidos por derechos de autor con todos los derechos reservados, a no ser que se indique lo contrario.