Computer Laboratory Home Page Search A-Z Directory Help
University of Cambridge Home Computer Laboratory
Thursday Jan 20th, 2005 - 4:30pm
Computer Laboratory > Research > Systems Research Group > NetOS > Seminars > Thursday Jan 20th, 2005 - 4:30pm

Towards Accurate Network-Traffic Characterization

Andrew Moore
Accurate traffic classification is the keystone of numerous other network activities, from security monitoring to accounting, and from Quality of Service to providing operators with useful forecasts for long-term provisioning. Well-known port numbers can no longer be used to reliably identify network applications. There is a variety of new Internet applications that either do not use well-known port numbers or use other protocols, such as HTTP, as wrappers in order to go through firewalls without being blocked. One consequence of this is that a simple inspection of the port numbers used by flows may lead to the inaccurate classification of network traffic.

With a motivation to provide accurate traffic characterization this talk will cover issues of network monitoring, the challenges of traffic characterization and discuss some results gained using both labour-intensive and more broadly-applicable techniques.