Document details

Improving traffic classification and policing at application layer

Author(s): Pereira, Hélder cv logo 1 ; Ribeiro, André Gentil cv logo 2 ; Carvalho, Paulo cv logo 3

Date: 2010

Persistent ID: http://hdl.handle.net/1822/17443

Origin: RepositóriUM - Universidade do Minho

Subject(s): Network traffic; Traffic classification


Description
http://www.ieee-iscc.org/2010/ The common process of classifying network traffic resorting to a set of IP header fields and well-known communication ports is highly fallible as some applications try to hide their true nature by, for instance, using dynamic, non default ports. In this paper, we argue and demonstrate that application layer inspection is a possible and convenient approach to derive the correct application protocol. This detection and classification process is crucial to allow an efficient control of traffic entering the network. Taking pfSense as a case study, we extend its current layer 3 and 4 classification scheme with layer 7 (L7) capabilities, providing a powerful solution to control traffic based on application patterns. We propose the concept and use of L7 containers so that a user can easily create a set of rules for inspection, which will drive lower-level traffic control. In addition, we propose and implement a mechanism to create automatically useful application inspection scenarios.
Document Type Article
Language English
delicious logo  facebook logo  linkedin logo  twitter logo 
degois logo
mendeley logo

Related documents

Planeamento rodoviário e inércia da procura de transporte em Portugal

Pereira, Hélder

more

Date: 2012

Performance Evaluation of a Web-Service-Based DMCS

Viegas, Vítor ; Girão, P. Silva ; Pereira, J. M. Dias

more

Date: 2010



    Financiadores do RCAAP
Fundação para a Ciência e a Tecnologia Universidade do Minho   Governo Português Ministério da Educação e Ciência Programa Operacional da Sociedade do Conhecimento EU