Heuristic network traffic classification using byte-distributions

A network device has counters that are configured to generate for a plurality of byte positions in a specified portion of data packets, a count indicative of a correspondence of a value found at the byte position corresponding to a rule such that occurrences of predetermined byte values in the plura...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Kardashov, Timor, Plotnikov, Anatoli, Sanivsky, Ievgeny
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A network device has counters that are configured to generate for a plurality of byte positions in a specified portion of data packets, a count indicative of a correspondence of a value found at the byte position corresponding to a rule such that occurrences of predetermined byte values in the plurality of byte positions may be counted. A packet classifier is configured to receive from the counters a number of byte values corresponding to the rules and to classify data packets based on the analysis.