[1]万月亮,朱贺军,刘宏志.流特征的Skype流量识别[J].智能系统学报,2010,5(02):139-143.
 WAN Yue-liang,ZHU He-jun,LIU Hong-zhi.Skype traffic identification based on flow characteristics[J].CAAI Transactions on Intelligent Systems,2010,5(02):139-143.
点击复制

流特征的Skype流量识别(/HTML)
分享到:

《智能系统学报》[ISSN:1673-4785/CN:23-1538/TP]

卷:
第5卷
期数:
2010年02期
页码:
139-143
栏目:
出版日期:
2010-04-25

文章信息/Info

Title:
Skype traffic identification based on flow characteristics
文章编号:
1673-4785(2010)02-0139-05
作者:
万月亮1朱贺军2刘宏志1
1.北京工商大学 计算机与信息工程学院,北京 100048;
2. 公安部第三研究所 北京锐安科技有限公司,北京 100044
Author(s):
WAN Yue-liang1 ZHU He-jun2 LIU Hong-zhi1
1.College of Computer and Information Engineering, Beijing Technology and Business University, Beijing 100048, China; 2. The Third Research Institute of Ministry of Public Security Run Technologies Co.,Ltd. ,Beijing 100044, China
关键词:
流量识别朴素贝叶斯分类深度包检测实时流特征
Keywords:
traffic identification naive Bayesian classification deep packet inspection realtime flow characteristic
分类号:
TP393
文献标志码:
A
摘要:
Skype流识别的研究大多局限于在静态载荷特征和通信机制,没有考虑网络流特征在Skype流量识别中的作用.提出了一种基于朴素贝叶斯分类的Skype流量识别模型.选择流的连接特征和实时特征作为分类特征集,根据流的连接特征组织网络流,再进一步根据流的包长度、平均发送间隔和突发带宽消耗等实时流特征识别Skype流量.在北京联通骨干网络上的实验表明该模型能有效地识别Skype流,是一种有效的Skype流识别算法.
Abstract:
Most of the Skype traffic identification models are limited to Skype communication mechanisms and static payload characteristics. No net flow characteristics are considered in identification algorithms. To overcome this limitation, a hierarchical Skype traffic identification model based on naive Bayesian classification was developed. Flows were analyzed according to network connection modes. Results were then obtained according to realtime flow characteristics, such as packet size, average interpacket gap and burstiness of bandwidth consumption. The validity of the algorithm was proven by testing conducted on the Beijing China Unicom backbone network.

参考文献/References:

[1]BASET S A, SCHULZRINNE H. An analysis of the Skype peertopeer internet telephony protocol[C]// IEEE Infocom’06. Barcelona, Spain, 2006:111.
[2]BIONDI P, DESCLAUX F. Silver needle in the Skype[C]//Black Hat Europe’06. Amsterdam, The Netherlands, 2006, 1:2547.
 [3]YU Y F, LIU D D, LI J, et al. Traffic identification and overlay measurement of Skype[C]//Proc of IEEE International Conference on Computational Intelligence and Security. Guangzhou, China, 2006: 10431048.
[4]CHEN K T, HUANG C Y, HUANG P, et al. Quantifying fying Skype user sattsfaction[C]//ACM SIGCOMM’06. Pisa, Italy, 2006:399410.
[5]LU L, JEFFREY H, SAFAVINAINII R, et al. Transport layer identification of Skype traffic[C]//ICOIN 2007. Estoril, Portugal, 2007:465481.
[6]DARIO B, MARCO M, MICHELA M. Revealing Skype traffic when randomness plays with you[C]//ACM Sigcomm’07. Kyoto, Japan, 2006:3748.
[7]FALOUTSOS M, KARAGIANNIS C K, BROIDO A T. Transport layer identification of P2P traffic[C]// Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement. Taormina, Sicily, Italy, 2004: 121134.
[8]MOORE A,ZUEV D. Internet raffic classification using Bayesian analysis[C]//ACM Sigmetrics BANFF, CA, 2005:5060
[9]FENG W, CHANG F, FENG W, et al. A traffic characterization of popular online games[J]. IEEE/ACM Transactions on Networking,2005,13(3): 488500.

备注/Memo

备注/Memo:
收稿日期:2009-12-27.
通信作者:万月亮.E-mail:yueliang_wan@126.com
万月亮,男,1973年生,讲师,博士,主要研究方向为网络信息安全、海量数据挖掘、网络行为分析、网络视频挖掘.发表学术论文近10篇,出版编著1部.
朱贺军,男,1973年生,硕士,主要研究方向为网络信息安全、互联网挖掘与数据挖掘.
 刘宏志,男,1964年生,教授,博士,主要研究方向为信息工程监理与电子政务、软件工程、计算机网络,发表学术论文60余篇,主编、参编论著及教材10余部
更新日期/Last Update: 2010-05-24