{"title":"基于流量的统计特征流量检索","authors":"Jun Zhang, A. Goscinski","doi":"10.1109/IWBIS.2016.7872885","DOIUrl":null,"url":null,"abstract":"This paper proposes a new technique, flow-based traffic retrieval (FBTR), to find traffic flows that satisfy an information need from within large collections of network traffic. It is shown that flow-based traffic retrieval will become a powerful tool in network management and security. For example, the retrieved traffic flows can be used to help analysing new applications/protocols and detecting unknown attacks. In the context of flow-based traffic retrieval, a traffic flow is represented by a vector that consists of a set of flow statistics, such as the average of packet sizes and the average of inter-packet times. The user can submit a traffic flow, or several traffic flows, and ask for “similar” traffic flows to be retrieved from a traffic collection. Similarity search is based on comparing flow vectors in a feature space. We have done some preliminary experiments to evaluate the performance of flow-based traffic retrieval. The results show flow-based traffic retrieval has potential to quickly and accurately find user-interested network traffic, even encrypted traffic.","PeriodicalId":193821,"journal":{"name":"2016 International Workshop on Big Data and Information Security (IWBIS)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Flow-based traffic retrieval using statistical features\",\"authors\":\"Jun Zhang, A. Goscinski\",\"doi\":\"10.1109/IWBIS.2016.7872885\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes a new technique, flow-based traffic retrieval (FBTR), to find traffic flows that satisfy an information need from within large collections of network traffic. It is shown that flow-based traffic retrieval will become a powerful tool in network management and security. For example, the retrieved traffic flows can be used to help analysing new applications/protocols and detecting unknown attacks. In the context of flow-based traffic retrieval, a traffic flow is represented by a vector that consists of a set of flow statistics, such as the average of packet sizes and the average of inter-packet times. The user can submit a traffic flow, or several traffic flows, and ask for “similar” traffic flows to be retrieved from a traffic collection. Similarity search is based on comparing flow vectors in a feature space. We have done some preliminary experiments to evaluate the performance of flow-based traffic retrieval. The results show flow-based traffic retrieval has potential to quickly and accurately find user-interested network traffic, even encrypted traffic.\",\"PeriodicalId\":193821,\"journal\":{\"name\":\"2016 International Workshop on Big Data and Information Security (IWBIS)\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 International Workshop on Big Data and Information Security (IWBIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IWBIS.2016.7872885\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Workshop on Big Data and Information Security (IWBIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IWBIS.2016.7872885","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Flow-based traffic retrieval using statistical features
This paper proposes a new technique, flow-based traffic retrieval (FBTR), to find traffic flows that satisfy an information need from within large collections of network traffic. It is shown that flow-based traffic retrieval will become a powerful tool in network management and security. For example, the retrieved traffic flows can be used to help analysing new applications/protocols and detecting unknown attacks. In the context of flow-based traffic retrieval, a traffic flow is represented by a vector that consists of a set of flow statistics, such as the average of packet sizes and the average of inter-packet times. The user can submit a traffic flow, or several traffic flows, and ask for “similar” traffic flows to be retrieved from a traffic collection. Similarity search is based on comparing flow vectors in a feature space. We have done some preliminary experiments to evaluate the performance of flow-based traffic retrieval. The results show flow-based traffic retrieval has potential to quickly and accurately find user-interested network traffic, even encrypted traffic.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
