In recent years, information leakage through the Internet has become a new social problem. Many information leakage incidents are caused by illegal applications such as Peer-to-Peer (P2P) file sharing software. To prevent information leakage, early detection and blocking of the traffic exchanged by illegal applications is strongly required. In this paper, we propose a method for application discrimination of monitored traffic based on the transition pattern of payload length during start up phase of the communication. The proposed method does not need port numbers, which can be spoofed easily. Through experiments using real network traffic, we show that the proposed method can quickly and accurately discriminate applications.