Generating Statistic Application Signatures for Inference of Unknown Applications

In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method...

Full description

Saved in:
Bibliographic Details
Main Authors: Jian-Zhen Luo, Shun-Zheng Yu
Format: Conference Proceeding
Language:English
Subjects:
Application Signature
Data mining
Entropy
Internet
Probabilistic logic
Probabilistic Prefix Tree Acceptor
Protocol Keyword Extraction
Protocols
Reverse engineering
Traffic Analysis
Unknown Application Inference
World Wide Web
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method to generate statistic signature of unknown application leveraging machine learning and probabilistic models. The experiment results show that our approach extract protocol keywords of application in high accuracy, the false positive and false negative of application identification using our method are very low. Our technique can also discover new application in unknown traffic.
ISSN:2155-6083
2155-6091
DOI:10.1109/GCIS.2013.45