scholarly journals A Heterogeneous Service-Oriented Deep Packet Inspection and Analysis Framework for Traffic-Aware Network Management and Security Systems

IEEE Access ◽  
2016 ◽  
Vol 4 ◽  
pp. 5918-5936 ◽  
Author(s):  
Muhammad Asrar Ashraf ◽  
Habibullah Jamal ◽  
Shoab Ahmed Khan ◽  
Zaheer Ahmed ◽  
Muhammad Iram Baig
Keyword(s):  
Network Management ◽  
Deep Packet Inspection ◽  
Analysis Framework ◽  
Security Systems ◽  
Service Oriented ◽  
Packet Inspection ◽  
Heterogeneous Service

scholarly journals IMPLEMENTASI TEKNIK DEEP PACKET INSPECTION DENGAN MENGGUNAKAN WIRESHARK PADA SISTEM OPERASI UBUNTU

2018 ◽  
Vol 1 (2) ◽  
pp. 79-85
Author(s):  
I Putu Agus Eka Pratama ◽  
Putu Adhika Dharmesta
Keyword(s):  
Information Technology ◽  
Network Management ◽  
Data Stream ◽  
Deep Packet Inspection ◽  
Data Packets ◽  
Slowing Down ◽  
Packet Inspection ◽  
Network Speed

Deep Packet Inspection (DPI) is a technique commonly used by network administrator to be able to monitor in detail the flow of data in the form of data packets that occur at that moment. This data stream will produce an information that can be used for network management purposes. One example of a case study that can be done with this technique is the intranet that is available in Information Technology major Udayana University’s. Deep Packet Inspection Technique is done with purpose to identifying the initial slowing down of network speed on Information Technology major Udayana University’s.

scholarly journals DSM: Delayed Signature Matching in Deep Packet Inspection

Symmetry ◽  
2020 ◽  
Vol 12 (12) ◽  
pp. 2011
Author(s):  
Yingpei Zeng ◽  
Shanqing Guo ◽  
Ting Wu ◽  
Qiuhua Zheng
Keyword(s):  
Deep Packet Inspection ◽  
Memory Consumption ◽  
Security Systems ◽  
The Core ◽  
Signature Matching ◽  
Packet Inspection ◽  
And Performance ◽  
Abstract Syntax Trees ◽  
Core Part ◽  
Rule Evaluation

Deep Packet Inspection (DPI) is widely used in network management and network security systems. The core part of existing DPI is signature matching, and many researchers focus on improving the signature-matching algorithms. In this paper, we work from a different angle: The scheduling of signature matching. We propose a Delayed Signature Matching (DSM) method, in which we do not always immediately match received packets to the signatures since there may be not enough packets received yet. Instead, we predefine some rules, and evaluate the packets against these rules first to decide when to start signature matching and which signatures to match. The predefined rules are convenient to create and maintain since they support custom expressions and statements and can be created in a text rule file. The correctness and performance of the DSM method are theoretically analyzed as well. Finally, we implement a prototype of the DSM method in the open-source DPI library nDPI, and find that it can reduce the signature-matching time about 30∼84% in different datasets, with even smaller memory consumption. Note that the abstract syntax trees (ASTs) used to implement DSM rule evaluation are usually symmetric, and the DSM method supports asymmetric (i.e., single-direction) traffic as well.

Efficient Regular Expression Compression Algorithm for Deep Packet Inspection

2009 ◽  
Vol 20 (8) ◽  
pp. 2214-2226 ◽  
Author(s):  
Qian XU ◽  
Yue-Peng E ◽  
Jing-Guo GE ◽  
Hua-Lin QIAN
Keyword(s):  
Regular Expression ◽  
Compression Algorithm ◽  
Deep Packet Inspection ◽  
Packet Inspection

scholarly journals Research on QoS Classification of Network Encrypted Traffic Behavior Based on Machine Learning

Electronics ◽  
2021 ◽  
Vol 10 (12) ◽  
pp. 1376
Author(s):  
Yung-Fa Huang ◽  
Chuan-Bi Lin ◽  
Chien-Min Chung ◽  
Ching-Mu Chen
Keyword(s):  
Machine Learning ◽  
Majority Voting ◽  
Deep Packet Inspection ◽  
Traffic Classification ◽  
K 13 ◽  
Packet Inspection ◽  
Majority Voting Method ◽  
Encrypted Traffic ◽  
Traffic Behavior

In recent years, privacy awareness is concerned due to many Internet services have chosen to use encrypted agreements. In order to improve the quality of service (QoS), the network encrypted traffic behaviors are classified based on machine learning discussed in this paper. However, the traditional traffic classification methods, such as IP/ASN (Autonomous System Number) analysis, Port-based and deep packet inspection, etc., can classify traffic behavior, but cannot effectively handle encrypted traffic. Thus, this paper proposed a hybrid traffic classification (HTC) method based on machine learning and combined with IP/ASN analysis with deep packet inspection. Moreover, the majority voting method was also used to quickly classify different QoS traffic accurately. Experimental results show that the proposed HTC method can effectively classify different encrypted traffic. The classification accuracy can be further improved by 10% with majority voting as K = 13. Especially when the networking data are using the same protocol, the proposed HTC can effectively classify the traffic data with different behaviors with the differentiated services code point (DSCP) mark.

Sign in / Sign up

Export Citation Format

Share Document