[1] |
Internet netflow statistics[EB/OL]. , 2010.
|
[2] |
TCP and UDP port numbers[EB/OL]. , 2008.
|
[3] |
ROUGHAN M , SEN S , SPATSCHECK O ,et al. Class-of-service mapping for QoS:a statistical signature-based approach to IP traffic classification[A]. Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement[C]. Taormina,Sicily,Italy, 2004. 135-148.
|
[4] |
ZHANG J , CHEN C , XIANG Y . An effective network traffic classifi-cation method with unknown flow detection[J]. IEEE Transactions on Network and Service Management, 2013,10(1): 1-15.
|
[5] |
KARAGIANNIS T , PAPAGIANNAKI K , FALOUTSOS M . BLINC:multilevel traffic classification in the dark[J]. SIGCOMM Computer Communication Review, 2005,35(4): 229-240.
|
[6] |
CABALLERO J , YIN H , LIANG Z ,et al. Polyglot:automatic extrac-tion of protocol message format using dynamic binary analysis[A]. Proceedings of the 14th ACM Conference on Computer and Commu-nications Security[C]. Virginia,USA, 2007. 317-329.
|
[7] |
LIN Z , JIANG X , XU D ,et al. Automatic protocol format reverse engineering through context-aware monitored execution[A]. Proceedings of the 15th Network and Distributed System Security Symposium[C]. California,USA, 2008. 1-17.
|
[8] |
WONDRACEK G , MILANI P , KRUEGEL C ,et al. Automatic net-work protocol analysis[A]. Proceedings of the 16th Network and Dis-tributed System Security Symposium[C]. California,USA, 2008. 1-18.
|
[9] |
CUI W , PEINADO M , CHEN K ,et al. Tupni:automatic reverse engi-neering of input formats[A]. Proceedings of the 15th ACM Conference on Computer and Communications Security[C]. Virginia,USA, 2008. 391-402.
|
[10] |
HAFFNER P , SEN S , SPATSCHECK O ,et al. ACAS:automated construction of application signatures[A]. Proceedings of the 2005 ACM SIGCOMM Workshop on Mining Network Data[C]. Pennsylva-nia,USA, 2005. 197-202.
|
[11] |
KANNAN J , JUNG J , PAXSON V ,et al. Semi-automated discovery of application session structure[A]. Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement[C]. New York,USA, 2006. 119-132.
|
[12] |
MA J , LEVCHENKO K , KREIBICH C ,et al. Unexpected means of protocol inference[A]. Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement[C]. Rio de Janeriro,Brazil, 2006. 313-326.
|
[13] |
CUI W , KANNAN J , WANG H J . Discoverer:automatic protocol reverse engineering from network traces[A]. Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium[C]. Boston,MA, 2007. 313-326.
|
[14] |
FINAMORE A , MELLIA M , MEO M ,et al. KISS:stochastic packet inspection classifier for UDP traffic[J]. IEEE/ACM Tra tions on Networking, 2010,18(5): 1505-1515.
|
[15] |
MANNING C , SCHUTZE H . Foundations of Statistical Natural Language Processing[M]. MIT Press, 1999.
|
[16] |
ANGLUIN D . Queries and concept learning[J]. Machine Learning, 1988,2(4): 319-342.
|
[17] |
COHN D , ATLAS L , LADNER R . Improving generalization with active learning[J]. Machine Learning, 1994,15(2): 201-221.
|
[18] |
LEWIS D , GALE W . A sequential algorithm for training text classifi-ers[A]. Proceedings of the 17th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval[C]. New York,USA, 1994. 3-12.
|
[19] |
SETTLES B.Active learning literature survey[EB/OL]. .
|
[20] |
TONG S , KOLLER D . Support vector machine active learning with applications to text classification[J]. Journal of Machine Learning Research, 2002,2: 45-66.
|
[21] |
GRINGOLI F , SALGARELLI L , DUSI M ,et al. GT:picking up the truth from the ground for internet traffic[J]. SIGCOMM Computer Communication Review, 2009,39(5): 12-18.
|