Challenges in Network Application Identification presented at 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats 2012

by Alok Tongaonkar, Ram Keralapura, Antonio Nucci,

Tags: Network


Summary : The evolution of the Internet in the last few years has been characterized by dramatic changes to the way users behave, interact and utilize the network. This has posed new chal- lenges to network operators. To deal with the increasing number of threats to enterprise networks, operators need greater visibility and understanding of the applications running in their networks. In years gone by, the biggest challenge in network application identification used to be of providing real-time classification at increasing wire speeds. But now the operators are facing another challenge - the ability to keep pace with the tremendous rate of development of new applications. This problem can be attributed largely to the explosive growth in the number of web and mobile applica- tions. This combined with application hiding techniques like encryption, port abuse, and tunneling have rendered the tra- ditional approaches for application identification ineffective. In this paper, we discuss the challenges facing the network operators and the limitations of current state of the art ap- proaches in both the commercial and the research world in solving these problems.