Qiang Xu, Thomas Andrews, Yong Liao, S. Miskovic, Z. Morley Mao, M. Baldi, A. Nucci
{"title":"FLOWR: a self-learning system for classifying mobileapplication traffic","authors":"Qiang Xu, Thomas Andrews, Yong Liao, S. Miskovic, Z. Morley Mao, M. Baldi, A. Nucci","doi":"10.1145/2591971.2592022","DOIUrl":null,"url":null,"abstract":"We aim to devise a method that can identify mobile apps related to each individual traffic flow in the wild. Mobile apps are becoming preferred means of Internet access for a growing user population. Such departure from browser based Internet poses a unique challenge to traffic management tools, still largely incapable of handling mobile apps. Consequently, enterprises and service providers become hindered by being unable to deploy effective mobile policies and security solutions. Traditionally, desktop applications and networking protocols were identified by signatures derived from transport-layer ports, ip addresses, or domain names [2, 5]. It is not suitable for mobile apps any more. The main reason is that most mobile apps communicate via generic HTTP/HTTPS traffic, thus being a priori indistinguishable from Internet browsing. State-of-the-art solutions attempted to develop signatures via user studies or app emulations [6, 4, 1]. Neither of the two approaches scales due to a number of key challenges: • Similarity. Besides using similar protocols (HTTP/HTTPS), mobiles apps communicate with largely similar IP-/domainlevel destinations, Content Delivery Networks (CDNs), and cloud services, which makes them difficult to distinguish. • Scalability. With hundreds of thousands of apps, the identification has to devise very efficient matching algorithms at line speeds. Moreover, the references for matching have to be obtained efficiently. One cannot assume running all","PeriodicalId":306456,"journal":{"name":"Measurement and Modeling of Computer Systems","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Measurement and Modeling of Computer Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2591971.2592022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 13
Abstract
We aim to devise a method that can identify mobile apps related to each individual traffic flow in the wild. Mobile apps are becoming preferred means of Internet access for a growing user population. Such departure from browser based Internet poses a unique challenge to traffic management tools, still largely incapable of handling mobile apps. Consequently, enterprises and service providers become hindered by being unable to deploy effective mobile policies and security solutions. Traditionally, desktop applications and networking protocols were identified by signatures derived from transport-layer ports, ip addresses, or domain names [2, 5]. It is not suitable for mobile apps any more. The main reason is that most mobile apps communicate via generic HTTP/HTTPS traffic, thus being a priori indistinguishable from Internet browsing. State-of-the-art solutions attempted to develop signatures via user studies or app emulations [6, 4, 1]. Neither of the two approaches scales due to a number of key challenges: • Similarity. Besides using similar protocols (HTTP/HTTPS), mobiles apps communicate with largely similar IP-/domainlevel destinations, Content Delivery Networks (CDNs), and cloud services, which makes them difficult to distinguish. • Scalability. With hundreds of thousands of apps, the identification has to devise very efficient matching algorithms at line speeds. Moreover, the references for matching have to be obtained efficiently. One cannot assume running all
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
