[1] |
BERNAILLE L , TEIXEIRA R . Early recognition of encrypted applications[C]// The 8th International Conference on Passive and Active Network Measurement. Belgium, 2007: 165-175.
|
[2] |
HAFFNER P , SEN S , SPATSCHECKO ,et al. ACAS:automated construction of application signatures[C]// ACM SIGCOMM Workshop on Mining Network Data. Philadelphia,PA,USA, 2005: 197-202.
|
[3] |
MOORE A , ZUEV D , CROGAN M . Discriminators for use in flow-based classification:technical report,RR-05-13[R]. UK:Quecn Mayr University of London, 2005.
|
[4] |
BERNAILLE L , TEIXEIRA R , SALAMATIAN K . Early application identification[C]// ACM CoNEXT,Lisboa,Portugal, 2006.
|
[5] |
ZHANG J , XIANG Y , WANG Y ,et al. Network traffic classification using correlation information[J]. IEEE Transactions on Parallel &Distributed Systems, 2013,24(1): 104-117.
|
[6] |
BARALIS E M , MELLIA M , GRIMAUDO L . Self-learning classifier for internet traffic[J]. IEEE INFOCOM,Turin,Italy, 2013,11(2): 423-428.
|
[7] |
DIVAKARAN D M , SU L , LIAU Y S ,et al. SLIC:self-learning intelligent classifier for network traffic[J]. Computer Networks, 2015,91: 283-297.
|
[8] |
XIE G W , ILIOFOTOU M , KERALAPURA R ,et al. SubFlow:Towards practical flow-level traffic classification[C]// IEEE INFOCOM. Orlando,Florida,USA, 2012: 2541-2545.
|
[9] |
ACETO G , DAINOTTI A , DONATO W ,et al. PortLoad:taking the best of two worlds in traffic classification[C]// IEEE INFOCOM. San Diego, 2010: 1-5.
|
[10] |
DONATO WD , PESCAPè A , DAINOTTI A . TIE:a community-oriented traffic classification platform[C]// International Workshop on Traffic Monitoring and Analysis(TMA),Springer Berlin Heidelberg. 2009.
|
[11] |
LEE S , KIM H-C , BARMAN D ,et al. NeTraMark:a network traffic classification benchmark[C]// ACM SIGCOMM. Toronto,ON,Canada, 2011.
|
[12] |
张众, 杨建华, 谢高岗 . 高效可扩展的应用层流量识别架构[J]. 通信学报, 2008,29(12): 22-31. ZHANG Z , YANG J H , XIE G G . Efficient and extensible architecture of traffic identification at application layer[J]. Journal on Communications, 2008,29(12): 22-31.
|
[13] |
BEDDOE M . The Protocol information project[EB/OL]. .
|
[14] |
CUI W D , KANNAN J , WANG H J . Discoverer:automatic protocol reverse engineering from network traces[C]// The 16th USENIX Security Symposium on USENIX Security Symposium. Berkeley:USENIX, 2007: 199-212.
|
[15] |
朱玉娜, 韩继红, 袁霖 ,等. SPFPA:一种面向未知密码协议的格式解析方法[J]. 计算机研究与发展, 2015,52(10): 2200-2211. ZHU Y N , HAN J H , YUAN L ,et al. SPFPA:a format parsing approach for unknown security protocols[J]. Journal of Computer Research and Development, 2015,52(10): 2200-2211.
|
[16] |
JOGLEKAR S P , TATE S R . Protomon:embedded monitors for cryptographic protocol intrusion detection and prevention[C]// International Conference on Information Technology:Coding and Computing,2004.ITCC 2004. IEEE, 2004,1: 81-88.
|
[17] |
LECKIE T , YASINSAC A . Metadata for anomaly-based security protocol attack deduction[J]. IEEE Transactions on Knowledge and Data Engineering, 2004,16(9): 1157-1168.
|
[18] |
FADLULLAH Z M , TALEB T , ANSARI N ,et al. Combating against attacks on encrypted protocols[C]// In Communications,IEEE International Conference on ICC'07. 2007: 1211-1216.
|
[19] |
FADLULLAH Z M , TALE B T , VASIAKOS A V ,et al. DTRAB:combating against attacks on encrypted protocols through traffic-feature analysis[J]. IEEE/ACM Transactions on Networking (TON), 2010,18(4): 1234-1247.
|
[20] |
YASINSAC A . An environment for security protocol intrusion detection[J]. Journal of Computer Security, 2002,10(1/2): 177-188.
|
[21] |
MAEDCHE A . Ontology learning for the semantic Web[M]. Boston: Kluwer Academic PublishersPress, 2002.
|
[22] |
GAN G , WU J . A convergence theorem for the fuzzy subspace clustering (FSC)algorithm[J]. Pattern Recognition, 2008,41(6): 1939-1947.
|
[23] |
朱玉娜, 韩继红, 袁霖 ,等. 基于主体行为的多方密码协议会话识别方法[J]. 通信学报, 2015,11(36): 190-200. ZHU Y N , HAN J H , YUAN L ,et al. Towards session identification using principal behavior for multi-party secure protocol[J]. Journal on Communications, 2015,11(36): 190-200.
|
[24] |
KHAKPOUR A R , LIU A X . High-speed flow nature identification[C]// International Conference on Distributed Computing Systems. Montreal,Canada, 2009: 510-517.
|