Title :
An Improved PrefixSpan-Based Signatures Mining Algorithm with Offset Constraint
Author :
Lin, Guanzhou ; Xin, Yang ; Yang, Yixian
Author_Institution :
Inf. Security Center, Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
The approach based on payload signatures presents more accurately than that using port number and machine learning algorithms in network traffic identification. The performance of payload-based approach heavily depends on abundant and real-time signatures database. Existing approaches to payload signatures identification involved a manual process which is time-consulting and complicated. In this paper, an improved payload signatures mining algorithm based on PrefixSpan is proposed to automatically extract signatures from special network application traffic. Offset constraint in mining process significantly reduces the size of final signatures database and accelerates extracting process. Moreover, patterns matching algorithm can use offset information to discover signatures in network traffic efficiently.
Keywords :
database management systems; handwriting recognition; learning (artificial intelligence); pattern matching; PrefixSpan-based signatures mining algorithm; machine learning algorithms; offset information; pattern matching algorithm; payload signatures identification; port number; real-time signatures database; special network application traffic; Data mining; Hidden Markov models; Information security; Laboratories; Machine learning algorithms; Payloads; Protocols; Spatial databases; Telecommunication traffic; Traffic control;
Conference_Titel :
Intelligent Systems and Applications (ISA), 2010 2nd International Workshop on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5872-1
Electronic_ISBN :
978-1-4244-5874-5
DOI :
10.1109/IWISA.2010.5473443
