Abstract:
Today's network environment is becoming very complicated. Accordingly, traffic classification for network management becomes difficult. For the study of traffic classific...Show MoreMetadata
Abstract:
Today's network environment is becoming very complicated. Accordingly, traffic classification for network management becomes difficult. For the study of traffic classification, the development of automatic payload signature generation system was carried out very actively. However, the existing automatic payload signature generation system has problems such as semi-automatic system, disposable signature generation, false-positive signature generation and not up-to-date signature. Therefore, we propose the SigManager. SigManager performs all process such as traffic collection, signature generation, signature management and signature verification. The traffic collection stage automatically collects ground-truth traffic through TMA and TMS. The signature management stage removes unnecessary signatures and the signature generation stage generates the new signatures. Finally, the signature verification stage removes the false-positive signatures. We solved the problem of existing automatic signature generation system through this system. As a result of applying this system to campus network, we could maintain high completeness and low false-positive rate for 4 applications.
Date of Conference: 27-29 September 2017
Date Added to IEEE Xplore: 02 November 2017
ISBN Information: