Heuristic network traffic classification using byte-distributions
A network device has counters that are configured to generate for a plurality of byte positions in a specified portion of data packets, a count indicative of a correspondence of a value found at the byte position corresponding to a rule such that occurrences of predetermined byte values in the plura...
Gespeichert in:
Hauptverfasser: | , , |
---|---|
Format: | Patent |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | A network device has counters that are configured to generate for a plurality of byte positions in a specified portion of data packets, a count indicative of a correspondence of a value found at the byte position corresponding to a rule such that occurrences of predetermined byte values in the plurality of byte positions may be counted. A packet classifier is configured to receive from the counters a number of byte values corresponding to the rules and to classify data packets based on the analysis. |
---|