For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Effect Evaluation of Video Surveillance System on the Basis of Principal Component Analysis
p.479
Research on Monitoring System of Water Supply Pipe Network Based on GPRS Technology
p.482
Realization of an Execution System of Distributed Performance Testing Based on TTCN-3
p.486
Based on Wireless Sensor Network (NWK) of Non-Contact Tremor Monitoring Equipment Improvement for Parkinson's Disease
p.491
Ultra Surf Flow Detection Based on Statistical Classification
p.495
Comparison and Analysis on Environmental Function Matrix Computing in Separation of Guidance Instrument Systematic Errors
p.500
Ionosphere Delay Correction by Using Multifrequency Measuring Data
p.504
The Research of Embedded Remote Monitoring System Based on B/S Framework
p.508
In-Depth Research Information Differential Method of Measurement
p.512

Ultra Surf Flow Detection Based on Statistical Classification

Article Preview

Abstract:

Unbounded browsing software is an application worked in Internet client. It uses a custom encryption protocol to break the traditional network filtering. In this paper, we can detect this application through classifying the Ultra Surf T mode (TCP packets) packets and using SPID. The experimental results show that we can effectively reduce the false alarm rate and detect the application accurately by classifying the Ultra Surf T mode (TCP packets) packets and using SPID.

You might also be interested in these eBooks
Mechatronics Engineering and Modern Information Technologies in Industrial Engineering View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 713-715)

Pages:

495-499

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.713-715.495

Citation:

Cite this paper

Online since:

January 2015

Authors:

Xun Yi Ren*, Han Qing Hu

Keywords:

Classifying Recognition, SPID, Ultra Surf

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2015 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] Besikas C, Mantar H A, Real-Time traffic classification based on cosine similarity using sub-application vectors, Traffic Monitoringamd Analysis, Springer Berlin Heidelberg, 2012, pp.89-92.

DOI: 10.1007/978-3-642-28534-9_10

Google Scholar

[2] Fan Chen, DawuGu. Reverse analysis software FreeGate, The twenty-third National Computer Security Symposium, (2008).

Google Scholar

[3] Information on http: /iptables- tutorial. frozentux. net/iptables-tutorial. html.

Google Scholar

[4] Sharpe Richard, Warnicke Ed, and Lamping Ulf, Ethereal User's Guide V2. 00 for Ethereal 0. 10. 5. http: /www. rootsecure. net/ content/downloads/pdf/ethereal_guide. pdf, (2004).

Google Scholar

[5] Feitian, Software encryption principle and Application. Beijing: Publishing House of electronics industry, (2004).

Google Scholar

[6] KARAGIANNIS TBROIDO AFALOUYSOS M. Transport layer identification of P2P traffic, Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement. New York , 2004, pp.121-134.

DOI: 10.1145/1028788.1028804

Google Scholar

[7] IANA. PORT NUMBERS http: /www. iana. org/assignment/service-names-port-numbers/service-names-port-numbers. xml.

DOI: 10.17487/rfc6335

Google Scholar

[8] Liang Chen, Jian Gong. The application layer protocol identification algorithm overview. Computer science, 34 (2007): 73-75.

Google Scholar

[9] Hjelmvik E and John W. Breaking and Improving Protocol Obfuscation. Department of Computer Science and Engineering, Chalmers University of Technology, Technical Report, (2010).

Google Scholar

[10] Hjelmvik E. Document of Statistical Protocol Identification AttributeMeters. http: /sourceforge. net/apps/mediawiki/spid/index. php?title=AttributeMeters.

Google Scholar

[11] M. Zhang, W. John, K. Claffy, and N. Brownlee, State of the art intraffic classification: A research review, PAM Student Workshop, (2009).

Google Scholar

[12] W. John and S. Tafvelin, Heuristics to classify internet backbone trafficbased on connection patterns, ICOIN, (2008).

DOI: 10.1109/icoin.2008.4472818

Google Scholar

[13] B. -C. Park, Y. J. Win, M. -S. Kim, and J. W. Hong., Towards automatedapplication signature generation for traffic identification, NOMS, (2008).

Google Scholar

[14] E. Bursztein, Probabilistic identification for hard to classify protocol, in WISTP, (2008).

Google Scholar

[15] Yinhui L, Jingbo X, Silan Z, et al. An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Systems with Applications, 39 (2012): 424–430.

DOI: 10.1016/j.eswa.2011.07.032

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.