HEDGE: efficient traffic classification of encrypted and compressed packets
As the size and source of network traffic increase, so does the challenge of monitoring and
analyzing network traffic. Therefore, sampling algorithms are often used to alleviate these …
analyzing network traffic. Therefore, sampling algorithms are often used to alleviate these …
Seeing through network-protocol obfuscation
Censorship-circumvention systems are designed to help users bypass Internet censorship.
As more sophisticated deep-packet-inspection (DPI) mechanisms have been deployed by …
As more sophisticated deep-packet-inspection (DPI) mechanisms have been deployed by …
Can Android applications be identified using only TCP/IP headers of their launch time traffic?
HF Alan, J Kaur - Proceedings of the 9th ACM conference on security & …, 2016 - dl.acm.org
The ability to identify mobile apps in network traffic has significant implications in many
domains, including traffic management, malware detection, and maintaining user privacy …
domains, including traffic management, malware detection, and maintaining user privacy …
Protocol misidentification made easy with format-transforming encryption
Deep packet inspection (DPI) technologies provide much-needed visibility and control of
network traffic using port-independent protocol identification, where a network flow is …
network traffic using port-independent protocol identification, where a network flow is …
ScrambleSuit: A polymorphic network protocol to circumvent censorship
Deep packet inspection technology became a cornerstone of Internet censorship by
facilitating cheap and effective filtering of what censors consider undesired information …
facilitating cheap and effective filtering of what censors consider undesired information …
Are we missing labels? A study of the availability of ground-truth in network security research
S Abt, H Baier - 2014 third international workshop on building …, 2014 - ieeexplore.ieee.org
Network security is a long-lasting field of research constantly encountering new challenges.
Inherently, research in this field is highly data-driven. Specifically, many approaches employ …
Inherently, research in this field is highly data-driven. Specifically, many approaches employ …
[PDF][PDF] Анализ сетевого трафика в режиме реального времени: обзор прикладных задач, подходов и решений
В данной работе дается обзор научных исследований в области анализа сетевого
трафика в режиме реального времени, а также рассматриваются конкретные …
трафика в режиме реального времени, а также рассматриваются конкретные …
Detecting encrypted botnet traffic
H Zhang, C Papadopoulos… - 2013 Proceedings IEEE …, 2013 - ieeexplore.ieee.org
Bot detection methods that rely on deep packet inspection (DPI) can be foiled by encryption.
Encryption, however, increases entropy. This paper investigates whether adding …
Encryption, however, increases entropy. This paper investigates whether adding …
Crossing the threshold: Detecting network malfeasance via sequential hypothesis testing
The domain name system plays a vital role in the dependability and security of modern
network. Unfortunately, it has also been widely misused for nefarious activities. Recently …
network. Unfortunately, it has also been widely misused for nefarious activities. Recently …
Detecting encrypted traffic: a machine learning approach
Detecting encrypted traffic is increasingly important for deep packet inspection (DPI) to
improve the performance of intrusion detection systems. We propose a machine learning …
improve the performance of intrusion detection systems. We propose a machine learning …