A Survey of Methods for Encrypted Traffic Classification and Analysis

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F15%3A00080523" target="_blank" >RIV/00216224:14610/15:00080523 - isvavai.cz</a>

Výsledek na webu

<a href="http://is.muni.cz/repo/1305020/a-survey-of-methods-for-encrypted-traffic-classification-and-analysis.pdf" target="_blank" >http://is.muni.cz/repo/1305020/a-survey-of-methods-for-encrypted-traffic-classification-and-analysis.pdf</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1002/nem.1901" target="_blank" >10.1002/nem.1901</a>

Jazyk výsledku

angličtina

Název v původním jazyce

A Survey of Methods for Encrypted Traffic Classification and Analysis

Popis výsledku v původním jazyce

With the widespread use of encrypted data transport network traffic encryption is becoming a standard nowadays. This presents a challenge for traffic measurement, especially for analysis and anomaly detection methods which are dependent on the type of network traffic. In this paper, we survey existing approaches for classification and analysis of encrypted traffic. First, we describe the most widespread encryption protocols used throughout the Internet. We show that the initiation of an encrypted connection and the protocol structure give away a lot of information for encrypted traffic classification and analysis. Then, we survey payload and feature-based classification methods for encrypted traffic and categorize them using an established taxonomy. The advantage of some of described classification methods is the ability to recognize the encrypted application protocol in addition to the encryption protocol.

Název v anglickém jazyce

A Survey of Methods for Encrypted Traffic Classification and Analysis

Popis výsledku anglicky

With the widespread use of encrypted data transport network traffic encryption is becoming a standard nowadays. This presents a challenge for traffic measurement, especially for analysis and anomaly detection methods which are dependent on the type of network traffic. In this paper, we survey existing approaches for classification and analysis of encrypted traffic. First, we describe the most widespread encryption protocols used throughout the Internet. We show that the initiation of an encrypted connection and the protocol structure give away a lot of information for encrypted traffic classification and analysis. Then, we survey payload and feature-based classification methods for encrypted traffic and categorize them using an established taxonomy. The advantage of some of described classification methods is the ability to recognize the encrypted application protocol in addition to the encryption protocol.

Druh

J_x - Nezařazeno - Článek v odborném periodiku (Jimp, Jsc a Jost)

CEP obor

IN - Informatika

OECD FORD obor

—

Projekt

<a href="/cs/project/VF20142015037" target="_blank" >VF20142015037: Dekódování šifrovaných datových komunikací</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2015

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

International Journal of Network Management

ISSN

1055-7148

e-ISSN

—

Svazek periodika

25

Číslo periodika v rámci svazku

5

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

20

Strana od-do

355-374

Kód UT WoS článku

000360842100007

EID výsledku v databázi Scopus

—