Home WakeSpace Scholarship › Electronic Theses and Dissertations

Identifying Application Protocols in Computer Networks Using Vertex Profiles

Electronic Theses and Dissertations

Item Files

Item Details

abstract
Security and management of computer network resources exemplify two critical activities that challenge system administrators. They face potential threats from outside intruders as well as internal users whom already have access to the organization’s assets. It is imperative that administrators are aware of what applications are being executed, but the use of data encryption techniques and non-standard port numbers presents difficulties that must be overcome. To that end, this thesis introduces a novel method to identify application protocols based on the analysis of application graphs, which model application-level communications between computers. The performance of two types of node descriptions, called vertex profiles, are compared. “Traditional” vertex profiles characterize each node using several well-studied graph measures. Furthermore, this work uniquely applies motif-based analysis, which has previously been used primarily in systems biology, to the study of application graphs by creating a second type of vertex profile based on a node’s participation in statistically significant motifs. Machine learning techniques are employed to evaluate the importance of specific profile features. The experimental results, using a nearest-neighbor classifier, show that this type of analysis can correctly classify the applications observed with greater than 80% accuracy.
subject
Computer science
contributor
Allan, Edward Jr (author)
Errin W. Fulp (committee chair)
David J. John (committee member)
William H. Turkett, Jr. (committee member)
date
2008-12-19T15:47:57Z (accessioned)
2010-06-18T18:58:20Z (accessioned)
2008-12-19T15:47:57Z (available)
2010-06-18T18:58:20Z (available)
2008-12-19T15:47:57Z (issued)
degree
Computer Science (discipline)
identifier
http://hdl.handle.net/10339/14755 (uri)
language
en_US (iso)
publisher
Wake Forest University
rights
Release the entire work for access only to the Wake Forest University system for one year from the date below. After one year, release the entire work for access worldwide. (accessRights)
title
Identifying Application Protocols in Computer Networks Using Vertex Profiles
type
Thesis

Usage Statistics