Google-based Traffic Classification Aleksandar Kuzmanovic Northwestern University IEEE Computer Communications Workshop (CCW 08) October 23, 2008

Slides:

Advertisements

Similar presentations

Skynet: A Cloud-Hopping Data Transfer Architecture Aleksandar Kuzmanovic

Advertisements

The Internet Unit Information Systems, Higher. The Internet HTML Two sets of notes.

Enabling Secure Internet Access with ISA Server

Taming User-Generated Content in Mobile Networks via Drop Zones Ionut Trestian Supranamaya Ranjan Aleksandar Kuzmanovic Antonio Nucci Northwestern University.

Measuring Serendipity: Connecting People, Locations and Interests in a Mobile 3G Network Ionut Trestian Supranamaya Ranjan Aleksandar Kuzmanovic Antonio.

® Microsoft Office 2010 Browser and Basics.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

SYSTEM ADMINISTRATION Chapter 19

Marios Iliofotou (UC Riverside) Brian Gallagher (LLNL)Tina Eliassi-Rad (Rutgers University) Guowu Xi (UC Riverside)Michalis Faloutsos (UC Riverside) ACM.

The process of increasing the amount of visitors to a website by ranking high in the search results of a search engine.

SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.

COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.

Unconstrained Endpoint Profiling (Googling the Internet)‏ Ionut Trestian Supranamaya Ranjan Aleksandar Kuzmanovic Antonio Nucci Northwestern University.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Internet Technologies Networking / Internet Protocols (TCP/IP) Server/Client Software Communication via Ports Web Page Technology Recipe of Web Page Development.

Words & Definitions By: Naftaly Garcia Birruete. Address Bar  The space provided on a web browser that shows the addresses of websites.

SEO PACKAGES. Types of Plans Starter Plan Business Plan Enterprises Plan.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Department Of Computer Engineering

Boris Tshibangu. What is a proxy server? A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from.

1 Enabling Secure Internet Access with ISA Server.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Norman SecureSurf Protect your users when surfing the Internet.

By: Bihu Malhotra 10DD.   A global network which is able to connect to the millions of computers around the world.  Their connectivity makes it easier.

1 Introduction to Web Development. Web Basics The Web consists of computers on the Internet connected to each other in a specific way Used in all levels.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

What is FORENSICS? Why do we need Network Forensics?

Chapter 6 The World Wide Web. Web Pages Each page is an interactive multimedia publication It can include: text, graphics, music and videos Pages are.

Chapter 13 – Network Security

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.

Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.

HOW WEB SERVER WORKS? By- PUSHPENDU MONDAL RAJAT CHAUHAN RAHUL YADAV RANJIT MEENA RAHUL TYAGI.

Intrusion Detection and Prevention. Objectives ● Purpose of IDS's ● Function of IDS's in a secure network design ● Install and use an IDS ● Customize.

CIS 450 – Network Security Chapter 3 – Information Gathering.

The Internet TCIP/IP  TCP/IP stands for Transmission Control Protocol/Internet Protocol, which is a set of networking protocols that allows two or more.

Lesson 1 What Is the World Wide Web?. Objectives Upon completion of this lesson, you should be able to: Explain what the World Wide Web is and how it.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

FTP Research Convert investigation of ftp servers and other file to file platforms.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 8 Omar Meqdadi Department of Computer Science and Software Engineering University of.

McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.

Chapter 2 The Internet Underlying Architecture. How the DNS works? DNS: Domain Name System Visiting a website: - Write the address - IP will use the address.

Unconstrained Endpoint Profiling Googling the Internet Ionut Trestian, Supranamaya Ranjan, Alekandar Kuzmanovic, Antonio Nucci Reviewed by Lee Young Soo.

5 Firewalls in VoIP Selected Topics in Information Security – Bazara Barry.

TCP/IP Model & How it Relates to Browsing the Internet Anonymously BY: HELEN LIN.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Module 10: Windows Firewall and Caching Fundamentals.

Lecture 2- Internet, Basic Search, Advanced Search COE 201- Computer Proficiency.

Connection Technologies and IP Addressing CONNECTING TO THE INTERNET.

Googling the Internet (and Beyond) Aleksandar Kuzmanovic EECS Department Northwestern University

Internet Privacy Define PRIVACY? How important is internet privacy to you? What privacy settings do you utilize for your social media sites?

Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.

IP - Internet Protocol No. 1  Seattle Pacific University IP: The Internet Protocol Kevin Bolding Electrical Engineering Seattle Pacific University.

18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

CONNECTING TO THE INTERNET

Software Applications for end-users

Real Life Networking Examples

Introduction to Networking

Web Traffic Analysis Script PHP Web Traffic Analysis Script PHP Web Traffic Analysis Software.

6.6 Firewalls Packet Filter (=filtering router)

Hyperlinks and Protocols

Read this to find out how the internet works!

WJEC GCSE Computer Science

COMPUTER NETWORKS AND THE INTERNET Chapter 6

Unconstrained Endpoint Profiling (Googling the Internet)‏

Presentation transcript:

Google-based Traffic Classification Aleksandar Kuzmanovic Northwestern University IEEE Computer Communications Workshop (CCW 08) October 23,

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) 2 Traffic Classification Problem – traffic classification Current approaches (port-based, payload signatures, numerical and statistical etc.) Our approach –Use information about destination IP addresses available on the Internet A. Kuzmanovic Google-based Traffic Classification

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) 3 Getting External Information Use Google! Can we systematically exploit search engines to harvest endpoint information available on the Internet? Huge amount of endpoint information available on the web A. Kuzmanovic Google-based Traffic Classification

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) 4 Websites run logging software and display statistics Some popular proxy services also display logs Popular servers (e.g., gaming) IP addresses are listed Blacklists, banlists, spamlists also have web interfaces Even P2P information is available on the Internet since the first point of contact with a P2P swarm is a publicly available IP address Where Does the Information Come From? Servers Clients P2P Malicious A. Kuzmanovic Google-based Traffic Classification

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) URL Hit text URL Hit text URL Hit text …. Rapid Match Domain name Keywords Domain name Keywords …. IP tagging IP Address xxx.xxx.xxx.xxx Website cache Search hits 5 Methodology – Web Classifier and IP Tagging A. Kuzmanovic Google-based Traffic Classification

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) Tagged IP Cache Traffic Classification Mail server Website Router Halo server Hold a small % of the IP addresses seen Look at source and destination IP addresses and classify traffic A. Kuzmanovic Google-based Traffic Classification

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) When no sampling is done UEP outperforms BLINC UEP maintains a large classification ratio even at higher sampling rates BLINC stays in the dark 2% at sampling rate 100 UEP retains high classification capabilities with sampled traffic UEP retains high classification capabilities with sampled traffic 7 Working with Sampled Traffic A. Kuzmanovic Google-based Traffic Classification

I. Trestian Unconstrained Endpoint Profiling (Googling the Internet) Summary Shift research focus from mining operational network traces to harnessing information that is already available on the web Deep packet inspection and legal issues: –Federal Wiretap Act: thou shalt not intercept the contents of communications. Violations can result in civil and criminal penalties. The worst offenses may be investigated by the FBI, Secret Service, DEA, and IRS as felony prosecutions. –Only 2 exceptions: The provider protection exception Consent 8 A. Kuzmanovic Google-based Traffic Classification