Towards Automatic Signature Generation for Identification of HTTP-based Applications

Today, network traffic is rapidly increasing by development of Internet with growth of smart devices such as smartphone, tablet PC, smart TV, etc. Specifically, since smart devices are using the HTTP protocol in various applications, HTTP traffic has been increasing continuously. In order to manage the increased network traffic, many studies such as well-known port based analysis, signature based analysis, statistical based analysis, have been conducted. Signature-based analysis among these network traffic analyses has relatively high accuracy, but it also has an overhead to create signatures. Hence, many studies have been conducted for reduce the overhead to create signatures. In this paper, we propose an automated signature generation system in order to exactly identify applications in HTTP traffic and reduce the overhead to create signatures. In addition, we propose a 'signature ranking method' for effectively applying our analysis system to real-time environment. We show our method feasibility through the experiment in a campus network.(1)