SSH Traffic Identification Using EM Clustering 


Vol. 37,  No. 12, pp. 1160-1167, Dec.  2012


PDF
  Abstract

Identifying traffic is an important issue for many networking applications including quality of service, firewall enforcement, and network security. Once we know the purpose of using the traffic in the firewall, we can allow or deny it and provide quality of service, and effective operation in terms of security. However, a number of applications encrypts traffics in order to enhance security or privacy. As a result, effective traffic monitoring is getting more difficult. In this paper, we analyse SSH encrypted traffic and identify differences among SSH tunneling, SFTP, and normal SSH traffics. By using EM clustering, we identify traffics and validate experiment results.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

K. Kim, M. Kim, H. Kim, "SSH Traffic Identification Using EM Clustering," The Journal of Korean Institute of Communications and Information Sciences, vol. 37, no. 12, pp. 1160-1167, 2012. DOI: .

[ACM Style]

Kyoung-lyoon Kim, Myung-sup Kim, and Hyoung-joong Kim. 2012. SSH Traffic Identification Using EM Clustering. The Journal of Korean Institute of Communications and Information Sciences, 37, 12, (2012), 1160-1167. DOI: .

[KICS Style]

Kyoung-lyoon Kim, Myung-sup Kim, Hyoung-joong Kim, "SSH Traffic Identification Using EM Clustering," The Journal of Korean Institute of Communications and Information Sciences, vol. 37, no. 12, pp. 1160-1167, 12. 2012.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880