In one embodiment, a device in a network determines a set of lattice points in a multi-dimensional space constructed using message characteristics of messages exchanged between endpoint nodes in the network. The device uses the lattice points to derive vector representations of communication channels in the network with each of the communication channels being associated with one or more of the exchanged messages. A vector representation of an application in the network is based on one or more of the derived vector representations of one or more channels used to exchange messages associated with the application. The device identifies the application as associated with a first one of the channels by determining a measure of similarity between the first channel and the vector representation of the application that approximates a maximum mean discrepancy (MMD) distance between the message characteristics for the vector representations of the first channel and the application.