Towards Accurate Network-Traffic Characterization
<-- Return to the list
Date: 03-28-2005
Start Time:
2:00pm
End Time: 3:00pm
Speaker: Andrew Moore
From:
Cambridge University/Intel
Location: CEPSR Interschool Lab
Hosted by:
Distributed Network Analysis (DNA) Lab
Abstract:
Accurate traffic classification is the keystone of numerous other network activities, from security monitoring to accounting, and from Quality of Service to providing operators with useful forecasts for long-term provisioning. Well-known port numbers can no longer be used to reliably identify network applications. There is a variety of new Internet applications that either do not use well-known port numbers or use other protocols, such as HTTP, as wrappers in order to go through firewalls without being blocked. One consequence of this is that a simple inspection of the port numbers used by flows may lead to the inaccurate classification of network traffic.
With a motivation to provide accurate traffic characterization this talk will cover issues of network monitoring, the challenges of traffic characterization and discuss some results gained using both labour-intensive and more broadly-applicable techniques.