Paper Info
Title
SigBox: Automatic Signature Generation Method for Fine-grained Traffic Identification.
Abstract
The continual appearance of new applications and their frequent updates emphasize the need for automatic signature generation. Although several automatic methods have been proposed, there are still limitations to their adoption in a real network environment in terms of automation, robustness, and elaboration. To address this issue, we propose an automatic signature generation method, so called SigBox, for fine-grained traffic identification. Using a modified sequence pattern algorithm, this system extracts three types of signatures: content, packet, and flow signature. A flow signature, the final result of this system, consists of a series of packet signatures, and a packet signature consists of a series of content signatures. A content signature is defined as a distinguishable and unique substring of the packet payload. By using the modified sequence pattern algorithm, we can improve the system performance in terms of automation and robustness. In addition, the proposed method can generate an elaborated signature for fine-grained traffic identification by using flow-level features beyond those of the packet level. In order to verify the feasibility of our proposed system, we present the results of experiments based on ten popular applications according to three defined metrics: redundancy, coverage, and accuracy. In addition, we show the quality of the generated signatures as compared to those produced by existing methods.
Year
Venue
Keywords
2017
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING
traffic identification,traffic classification,automatic signature generation,sequence pattern algorithm,Apriori algorithm
Field
DocType
Volume
Traffic identification,Computer science,Distributed computing
Journal
33
Issue
ISSN
Citations 
2
1016-2364
0
PageRank 
References 
Authors
0.34
17
4
Name
Order
Citations
PageRank
Kyu-Seok Shim177.72
Sung-Ho Yoon27811.90
Su-Kang Lee352.95
Myung-Sup Kim432545.01