B. Park, Y. Won, and J. Kim, M.~Hong, "Towards Automated Application Signature Generation", in IEEE/IFIP Network Operations and Management Symposium (NOMS), Apr 2008.
|Towards Automated Application Signature Generation|
M. Hong, J. Kim
|Published:||IEEE/IFIP Network Operations and Management Symposium (NOMS), 2008|
|Abstract:||Traditionally, Internet applications have been identified by using predefined well-known ports with questionable accuracy. An alternative approach, applicationlayer signature mapping, involves the exhaustive search of reliable signatures but with more promising accuracy. With a prior protocol knowledge, the signature generation can guarantee a high accuracy. As more applications use proprietary protocols, it becomes increasingly difficult to obtain an accurate signature while avoiding time-consuming and manual signature generation process. This paper proposes an automated approach for generating application-level signature, the LASER algorithm, that does not need to be preceded by an analysis of application protocols. We show that our approach is as accurate and efficient as the approach that uses preceding application protocol analysis.|