Statistical Protocol IDentification with SPID: Preliminary Results
Paper in proceeding, 2009

Identifying application layer protocols within network sessions is important when assigning Quality of Service (QoS) priorities as well as when conducting network security monitoring. This paper introduces a Statistical Protocol IDentification algorithm (SPID) utilizing various statistical flow and application layer data features. We have identified application layer protocols by comparing probability vectors created from observed network traffic to probability vectors of known protocols. Promising preliminary results are presented, showing average precision of 100% and recall of 92% for a small set of protocols within traffic traces from an access network. To further improve the results, a number of ongoing and future directions with SPID are discussed, such as optimization of the attribute meters and improving robustness against different network environments.

Traffic Classification

Internet Measurement

Traffic Analysis

Author

Erik Hjelmvik

Wolfgang John

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Other publications Research

Swedish National Computer Networking Workshop

Subject Categories

Computer Engineering

More information

Created

10/6/2017

Feedback and support

If you have questions, need help, find a bug or just want to give us feedback you may use this form, or contact us per e-mail research.lib@chalmers.se.

About

Research.chalmers.se contains research information from Chalmers University of Technology, Sweden. It includes information on projects, publications, research funders and collaborations.

More about coverage period and what is publicly available

Privacy and cookies

Accessibility

Citation Style Language
citeproc-js (Frank Bennett)

Links

Chalmers Library
Chalmers Research
Chalmers Student Theses

Chalmers University of Technology

SE-412 96 GOTHENBURG, SWEDEN
PHONE: +46 (0)31-772 10 00
WWW.CHALMERS.SE