Generating Statistic Application Signatures for Inference of Unknown Applications

In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method...

Full description

Saved in:
Bibliographic Details
Main Authors: Jian-Zhen Luo, Shun-Zheng Yu
Format: Conference Proceeding
Language:English
Subjects:
Application Signature
Data mining
Entropy
Internet
Probabilistic logic
Probabilistic Prefix Tree Acceptor
Protocol Keyword Extraction
Protocols
Reverse engineering
Traffic Analysis
Unknown Application Inference
World Wide Web
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 245
container_issue
container_start_page 241
container_title
container_volume
creator Jian-Zhen Luo
Shun-Zheng Yu
description In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method to generate statistic signature of unknown application leveraging machine learning and probabilistic models. The experiment results show that our approach extract protocol keywords of application in high accuracy, the false positive and false negative of application identification using our method are very low. Our technique can also discover new application in unknown traffic.
doi_str_mv 10.1109/GCIS.2013.45
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_6805942</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>6805942</ieee_id><sourcerecordid>6805942</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-9642df27dcab10358ce8b8f72c8e182368ea89e2400f79154c3524c198f03df33</originalsourceid><addsrcrecordid>eNpNjMtKA0EQRdsXqDE7d276ByZW9bN6GYLGQEAkZh0mnerQGnvCzIj49wZ84OpwOYcrxDXCCBHC7XQyW4wUoB4ZeyQu0fgQFJGDY3Gh0NrKQcATMQyefp0Np3-O9LkYdt0LAGBw3jl3IZ6mXLit-1y2ctEf2PU5yvF-v8vxsJoiF3lb6v695U6mppWzkrjlElk2SS7La2k-yv--uxJnqd51PPzhQCzv754nD9X8cTqbjOdVRm_7KjijNkn5TazXCNpSZFpT8ioSIyntiGsKrAxA8gGtidoqEzFQAr1JWg_EzfdvZubVvs1vdfu5cgQ2GKW_AHCmU4Y</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Generating Statistic Application Signatures for Inference of Unknown Applications</title><source>IEEE Xplore All Conference Series</source><creator>Jian-Zhen Luo ; Shun-Zheng Yu</creator><creatorcontrib>Jian-Zhen Luo ; Shun-Zheng Yu</creatorcontrib><description>In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method to generate statistic signature of unknown application leveraging machine learning and probabilistic models. The experiment results show that our approach extract protocol keywords of application in high accuracy, the false positive and false negative of application identification using our method are very low. Our technique can also discover new application in unknown traffic.</description><identifier>ISSN: 2155-6083</identifier><identifier>ISBN: 9781479928859</identifier><identifier>ISBN: 1479928852</identifier><identifier>EISSN: 2155-6091</identifier><identifier>EISBN: 1479928860</identifier><identifier>EISBN: 9781479928866</identifier><identifier>DOI: 10.1109/GCIS.2013.45</identifier><identifier>CODEN: IEEPAD</identifier><language>eng</language><publisher>IEEE</publisher><subject>Application Signature ; Data mining ; Entropy ; Internet ; Probabilistic logic ; Probabilistic Prefix Tree Acceptor ; Protocol Keyword Extraction ; Protocols ; Reverse engineering ; Traffic Analysis ; Unknown Application Inference ; World Wide Web</subject><ispartof>2013 Fourth Global Congress on Intelligent Systems, 2013, p.241-245</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/6805942$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2056,27923,54553,54918,54930</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/6805942$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Jian-Zhen Luo</creatorcontrib><creatorcontrib>Shun-Zheng Yu</creatorcontrib><title>Generating Statistic Application Signatures for Inference of Unknown Applications</title><title>2013 Fourth Global Congress on Intelligent Systems</title><addtitle>gcis</addtitle><description>In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method to generate statistic signature of unknown application leveraging machine learning and probabilistic models. The experiment results show that our approach extract protocol keywords of application in high accuracy, the false positive and false negative of application identification using our method are very low. Our technique can also discover new application in unknown traffic.</description><subject>Application Signature</subject><subject>Data mining</subject><subject>Entropy</subject><subject>Internet</subject><subject>Probabilistic logic</subject><subject>Probabilistic Prefix Tree Acceptor</subject><subject>Protocol Keyword Extraction</subject><subject>Protocols</subject><subject>Reverse engineering</subject><subject>Traffic Analysis</subject><subject>Unknown Application Inference</subject><subject>World Wide Web</subject><issn>2155-6083</issn><issn>2155-6091</issn><isbn>9781479928859</isbn><isbn>1479928852</isbn><isbn>1479928860</isbn><isbn>9781479928866</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2013</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNpNjMtKA0EQRdsXqDE7d276ByZW9bN6GYLGQEAkZh0mnerQGnvCzIj49wZ84OpwOYcrxDXCCBHC7XQyW4wUoB4ZeyQu0fgQFJGDY3Gh0NrKQcATMQyefp0Np3-O9LkYdt0LAGBw3jl3IZ6mXLit-1y2ctEf2PU5yvF-v8vxsJoiF3lb6v695U6mppWzkrjlElk2SS7La2k-yv--uxJnqd51PPzhQCzv754nD9X8cTqbjOdVRm_7KjijNkn5TazXCNpSZFpT8ioSIyntiGsKrAxA8gGtidoqEzFQAr1JWg_EzfdvZubVvs1vdfu5cgQ2GKW_AHCmU4Y</recordid><startdate>201312</startdate><enddate>201312</enddate><creator>Jian-Zhen Luo</creator><creator>Shun-Zheng Yu</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201312</creationdate><title>Generating Statistic Application Signatures for Inference of Unknown Applications</title><author>Jian-Zhen Luo ; Shun-Zheng Yu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-9642df27dcab10358ce8b8f72c8e182368ea89e2400f79154c3524c198f03df33</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2013</creationdate><topic>Application Signature</topic><topic>Data mining</topic><topic>Entropy</topic><topic>Internet</topic><topic>Probabilistic logic</topic><topic>Probabilistic Prefix Tree Acceptor</topic><topic>Protocol Keyword Extraction</topic><topic>Protocols</topic><topic>Reverse engineering</topic><topic>Traffic Analysis</topic><topic>Unknown Application Inference</topic><topic>World Wide Web</topic><toplevel>online_resources</toplevel><creatorcontrib>Jian-Zhen Luo</creatorcontrib><creatorcontrib>Shun-Zheng Yu</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore Digital Library</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Jian-Zhen Luo</au><au>Shun-Zheng Yu</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Generating Statistic Application Signatures for Inference of Unknown Applications</atitle><btitle>2013 Fourth Global Congress on Intelligent Systems</btitle><stitle>gcis</stitle><date>2013-12</date><risdate>2013</risdate><spage>241</spage><epage>245</epage><pages>241-245</pages><issn>2155-6083</issn><eissn>2155-6091</eissn><isbn>9781479928859</isbn><isbn>1479928852</isbn><eisbn>1479928860</eisbn><eisbn>9781479928866</eisbn><coden>IEEPAD</coden><abstract>In this paper, we propose a novel approach of protocol reverse engineering to extract protocol keywords of unknown application from raw network traffic data without a prior knowledge about the application based on compression theory, entropy and variance analysis. We also present an efficient method to generate statistic signature of unknown application leveraging machine learning and probabilistic models. The experiment results show that our approach extract protocol keywords of application in high accuracy, the false positive and false negative of application identification using our method are very low. Our technique can also discover new application in unknown traffic.</abstract><pub>IEEE</pub><doi>10.1109/GCIS.2013.45</doi><tpages>5</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 2155-6083
ispartof 2013 Fourth Global Congress on Intelligent Systems, 2013, p.241-245
issn 2155-6083
2155-6091
language eng
recordid cdi_ieee_primary_6805942
source IEEE Xplore All Conference Series
subjects Application Signature
Data mining
Entropy
Internet
Probabilistic logic
Probabilistic Prefix Tree Acceptor
Protocol Keyword Extraction
Protocols
Reverse engineering
Traffic Analysis
Unknown Application Inference
World Wide Web
title Generating Statistic Application Signatures for Inference of Unknown Applications
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T18%3A21%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Generating%20Statistic%20Application%20Signatures%20for%20Inference%20of%20Unknown%20Applications&rft.btitle=2013%20Fourth%20Global%20Congress%20on%20Intelligent%20Systems&rft.au=Jian-Zhen%20Luo&rft.date=2013-12&rft.spage=241&rft.epage=245&rft.pages=241-245&rft.issn=2155-6083&rft.eissn=2155-6091&rft.isbn=9781479928859&rft.isbn_list=1479928852&rft.coden=IEEPAD&rft_id=info:doi/10.1109/GCIS.2013.45&rft.eisbn=1479928860&rft.eisbn_list=9781479928866&rft_dat=%3Cieee_CHZPO%3E6805942%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-9642df27dcab10358ce8b8f72c8e182368ea89e2400f79154c3524c198f03df33%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=6805942&rfr_iscdi=true