Abstract
Much of Internet traffic modeling, firewall, and intrusion detection research requires traces where some ground truth regarding application and protocol is associated with each packet or flow. This paper presents the design, development and experimental evaluation of gt, an open source software toolset for associating ground truth information with Internet traffic traces. By probing the monitored host's kernel to obtain information on active Internet sessions, gt gathers ground truth at the application level. Preliminary experimental results show that gt's effectiveness comes at little cost in terms of overhead on the hosting machines. Furthermore, when coupled with other packet inspection mechanisms, gt can derive ground truth not only in terms of applications (e.g., e-mail), but also in terms of protocols (e.g., SMTP vs. POP3).
- The Ground Truth software tools. http://www.ing.unibs.it/ntw/tools/gt.Google Scholar
- J. Erman, M. Arlitt, and A. Mahanti. Traffic classification using clustering algorithms. In Proc. ACM SIGCOMM MINENET Workshop, Pisa, Italy, Sep. 2006. Google ScholarDigital Library
- H. Kim, K. Claffy, M. Fomenkova, D. Barman, and M. Faloutsos. Internet Traffic Classification Demystified: The Myths, Caveats and Best Practices. In Proc. ACM CoNEXT, Madrid, Spain, Dec. 2008. Google ScholarDigital Library
- The Cooperative Association for Internet Data Analysis (CAIDA). http://www.caida.org.Google Scholar
- LBNL/ICSI Enterprise Tracing Project. http://www.icir.org/enterprise-tracing.Google Scholar
- M. Dusi, M. Crotti, F. Gringoli, and L. Salgarelli. Tunnel hunter: Detecting application-layer tunnels with statistical fingerprinting. Elsevier Computer Netw., 53(1):81--97, 2009. Google ScholarDigital Library
- I. Trestian, S. Ranjan, A. Kuzmanovi, and A. Nucci. Unconstrained endpoint profiling (googling the Internet). SIGCOMM Comput. Commun. Rev., 38(4):279--290, 2008. Google ScholarDigital Library
- T. Karagiannis, K. Papagiannaki, and M. Faloutsos. BLINC: multilevel traffic classification in the dark. In Proc. ACM SIGCOMM, Philadelphia, PA, USA, Aug. 2005. Google ScholarDigital Library
- G. Szabo, D. Orincsay, S. Malomsoky, and I. Szabo. On the Validation of Traffic Classification Algorithms. In Proc. PAM2008, Cleveland, OH, USA, Apr. 2008. Google ScholarDigital Library
- M. Canini, W. Li, A.W. Moore, and R. Bolla. GTVS: Boosting the Collection of Application Traffic Ground Truth. In Proc. 1st Intl. Workshop on Traffic Monitoring and Analysis, Aachen, Germany, May 2009. Google ScholarDigital Library
- L7 Filter. http://l7-filter.sourceforge.net.Google Scholar
- Tcpdump/Libpcap. http://www.tcpdump.org.Google Scholar
- M. Baldi, A. Baldini, N. Cascarano, and F. Risso. Service-based traffic classification: Principles and validation. In Proc. IEEE 2009 Sarnoff Symposium, Princeton, NJ, USA, Mar. 2009. Google ScholarDigital Library
- P. Biondi and F. Desclaux. Silver Needle in the Skype. In BlackHat Europe, Amsterdam, The Netherlands, Mar. 2006.Google Scholar
Index Terms
- GT: picking up the truth from the ground for internet traffic
Recommendations
Generation of Ground Truth for Object Detection While Playing an Online Game: Productive Gaming or Recreational Working?
CVPRW '13: Proceedings of the 2013 IEEE Conference on Computer Vision and Pattern Recognition WorkshopsIn this paper we present a flash game that aims at generating easily ground truth for testing object detection algorithms. Flash the Fish is an online game where the user is shown videos from underwater environments and has to take photos of fish by ...
A low cost ground truth detection system for RoboCup using the Kinect
Robot Soccer World Cup XVGround truth detection systems can be a crucial step in evaluating and improving algorithms for self-localization on mobile robots. Selecting a ground truth system depends on its cost, as well as on the detail and accuracy of the information it ...
Truth Discovery from Conflicting Multi-Valued Objects
WWW '17 Companion: Proceedings of the 26th International Conference on World Wide Web CompanionTruth discovery is a fundamental research topic, which aims at identifying the true value(s) of objects of interest given the conflicting multi-sourced data. Although considerable research efforts have been conducted on this topic, we can still point ...
Comments