Please use this identifier to cite or link to this item:
Title: Finding Clustering Configurations to Accurately Infer Packet Structures from Network Data
Authors: Esoul, Othman
Walkinshaw, Neil
First Published: 19-Oct-2016
Citation: arXiv:1610.06089 [cs.NI], 2016
Abstract: Clustering is often used for reverse engineering network protocols from captured network traces. The performance of clustering techniques is often contingent upon the selection of various parameters, which can have a severe impact on clustering quality. In this paper we experimentally investigate the effect of four different parameters with respect to network traces. We also determining the optimal parameter configuration with respect to traces from four different network protocols. Our results indicate that the choice of distance measure and the length of the message has the most substantial impact on cluster accuracy. Depending on the type of protocol, the $n$-gram length can also have a substantial impact.
Version: Pre-print
Type: Preprint
Rights: Copyright © The Author(s), 2016.
Appears in Collections:Published Articles, Dept. of Computer Science

Files in This Item:
File Description SizeFormat 
1610.06089v1.pdfPre-review (submitted draft)438.4 kBAdobe PDFView/Open

Items in LRA are protected by copyright, with all rights reserved, unless otherwise indicated.