Learn More
Traditionally, Internet applications have been identified by using predefined well-known ports with questionable accuracy. An alternative approach, application-layer signature mapping, involves the exhaustive search of reliable signatures but with more promising accuracy. With a prior protocol knowledge, the signature generation can guarantee a high(More)
This paper presents the design of a next generation network traffic monitoring and analysis system, called NG-MON (Next Generation MONitoring), for high-speed networks such as 10 Gbps and above. Packet capturing and analysis on such high-speed networks is very difficult using traditional approaches. Using distributed, pipelining and parallel processing(More)
One recent trend in network security attacks is an increasing number of indirect attacks which influence network traffic negatively, instead of directly entering a system and damaging it. In future, damages from this type of attack are expected to become more serious. In addition, the bandwidth consumption by these attacks influences the entire network(More)
The necessity of network traffic monitoring and analysis is growing dramatically with increasing network usage demands from individual users as well as business communities. Most network traffic monitoring and analysis systems are based on flows. One key asset with these systems is to compress a significant amount of packet data into flows. However, the(More)
One of t he main problems with today's Internet traffic analysis is the large number of network-based applications whose types and traffic patterns are not simple compared to the past. Today, peer-to-peer (P2P), streaming media, and game traffic are increasing continuously. The difficulty with the traffic analysis is that this newly emerging traffic is not(More)
—The traffic dynamics of the Internet's dominant applications, such as peer-to-peer and multimedia, worsen the accuracy of the existing application traffic identification. There is a strong need for both practical and reliable identification methods with proof of accuracy. This paper proposes a hybrid approach of signature matching and session behavior(More)
Machine to Machine (M2M) technology has the potential to increase the revenue, decrease the costs and improve the customer services of an organization. We have analyzed the management requirements of M2M systems, which are based on existing M2M network use cases and services. The most important characteristics including sleeping devices, low power lossy(More)
— As the Internet evolves into an all-IP communication infrastructure, a key issue to consider is that of creating and managing IP-based services with efficient resource utilization in a scalable, flexible, and automatic way. In this paper, we present the Autonomic Service Architecture (ASA), a uniform framework for automated management of both Internet(More)
Recently, as network flooding attacks such as DoS/DDoS and Internet Worm have posed devastating threats to network services, rapid detection and proper response mechanisms are the major concern for secure and reliable network services. However, most of the current Intrusion Detection Systems (IDSs) focus on detail analysis of packet data, which results in(More)
– ISPs typically provide sufficient bandwidth according to increasing traffic requirements. However, in the case of QoS-sensitive applications such as VoIP, service quality may not be up to expectations even in underutilized links because of sporadic but non-negligible losses due to traffic bursts. This study aims to detect and analyze packet loss(More)