GT: Picking up the truth from the ground for the internet
Cascarano, Claffy, Dusi, Gringoli, Salgarelli; 2009 Value to me : Angle : My Angle : Not really interested in the solution but rather the problem itself. Ground truth is interesting ... Glossary : ground truth — Any measurement of an observed quantity that can be used to validate or verify a new (often remote sensing) measurement or technique. General -> Most traffic analysis assumes the association of application/protocol ground truth with traffic traces -> Record traffic on a network and perform Deep Packet Inspection -> DPI doesnt help with encryption and port analysis is becoming less effective -> GT monitors a hosts kernel + associates each packet flow with controlling app ( woah, super invasive) -> Second Tool IPClass looks at traffic captured at the border using indep probe