 |
 |
|
|
|
Abstract: Cyberlocker is an on-line internet site for storage of personal digital files and the surge in popularity of Cyberlocker traffic has been reported in literature. Gehlen et al.[1] found that a Cyberlocker was among the top-10 Web applications and constituted 5% of the total Web traffic. Maier et al. [2] reported that a single Cyberlocker consumed 15% of total Web bandwidth in a large residential network. Allot [3] reported that Cyberlocker traffic accounted for 19% of the total mobile broadband traffic. Despite their popularity, there has been limited work on understanding the characteristic of traffic flows originated from Cyberlocker. Generally, when a user intend to download the resource shared by Cyberlocker through clicking the hyperlink, browser will pop up a page with download button, also called entry point. This page will show the resource information, such as publisher, posting time and so on. After user clicks the download button, his browser will automatically send out a series of requests to the server to generate redirection chains until successfully establishing the HTTP session to download resource. In this work, we aim to design and build a system to track the Cyberlocker resource’s entry point in large-scale network traffic, called Cyberlocker traffic tracking, is crucial for understanding the characteristic of traffic flows originated from Cyberlocker.
|