| Title |
Unauthorized network services detection by flow analysis / |
| Another Title |
Neautorizuotų tinklo paslaugų nustatymas analizuojant duomenų srautus. |
| Another Title |
Определение несанкционированных сетевых приложений путем анализа потока сетевого трафика. |
| Authors |
Ekmanis, M ; Novikovs, V ; Ruško, A |
| Full Text |
|
| Is Part of |
Elektronika ir elektrotechnika.. Kaunas : Technologija. 2008, Nr. 5, p. 53-56.. ISSN 1392-1215. eISSN 2029-5731 |
| Abstract [eng] |
There is no strong semantic structure in network traffic behavior so the most general abstraction query-by-example can be used to identify particular application. Automatic traffic grouping is also possible according to some similarity or dissimilarity distance, if such is defined. We propose a new distinction distance as a method to define the distance between network flows. Cluster analysis is done using distinction distance matrix calculated from real traffic flow dumps. The experiment shows the ability of algorithm to identify a traffic source by example and group similar sources together. |
| Published |
Kaunas : Technologija |
| Type |
Journal article |
| Language |
English |
| Publication date |
2008 |
| CC license |
|
