Result Details
Flow Measurement Extension for Application Identification
Modern networks are expected to provide wide range of application-oriented services. While some applications require a network to be loss-free, low delay with low jitter, others are fault tolerant and happily trade off quality for higher bandwidth. In order to measure these requirements and subsequently provide them, network nodes must be able to determine the application in traffic carried. Since flow measurement is usually utilized to gain information about the traffic mix, we propose to extend it with L7 decoder based on signature matching to identify the part of applications that are not covered by other methods, such as port lookup, fingerprinting and behavioral analysis. As an example, we compare signature matching and port lookup on a CESNET backbone link in order to motivate our future work on a hybrid application identification system based on a combination of several approaches.
application identification, flow, measurement
@inbook{BUT91438,
author="Martin {Žádník}",
title="Flow Measurement Extension for Application Identification",
booktitle="Networking Studies IV, Selected Technical Reports",
year="2010",
publisher="CESNET National Research and Education Network",
address="Praha",
pages="57--70",
isbn="978-80-904173-8-0"
}