Title :
Real-Time P2P Traffic Identification
Author :
Li, Jun ; Zhang, Shunyi ; Lu, Yanqing ; Yan, Junrong
Author_Institution :
Nanjing Univ. of Posts & Telecommun., Nanjing
Abstract :
Accurate and fast identification of network traffic is an important element of many network management tasks such as QoS provisioning and security monitoring. However, as many newly-emerged Peer-to-Peer (P2P) applications using dynamic port numbers, masquerading techniques, and payload encryption to avoid detection, the classical approaches based on port mapping and payload analysis are ineffective. An alternative approach is to classify traffic by distinguishing the behavior of an application within the first few packets of TCP connection. We pursue this approach and demonstrate that information of few packets is enough to effectively identify P2P traffic. In our work, C4.5 decision tree and REPTree are evaluated and compared with the previously used clustering method K-Means. Experimental results show that our approaches outperform K- Means algorithm in accuracy. In addition, the proposed approaches can accommodate known and unknown P2P traffic and even encrypted traffic in fast and accurate way, which ensures the real-time applications on the Internet traffic surveillance and QoS provisioning.
Keywords :
cryptography; decision trees; peer-to-peer computing; quality of service; telecommunication traffic; transport protocols; C4.5 decision tree; Internet traffic surveillance; QoS provisioning; REPTree; TCP connection; dynamic port numbers; masquerading techniques; payload encryption; peer-to-peer applications; real-time P2P traffic identification; Clustering algorithms; Clustering methods; Cryptography; Decision trees; Internet; Monitoring; Payloads; Peer to peer computing; Surveillance; Telecommunication traffic;
Conference_Titel :
Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE
Conference_Location :
New Orleans, LO
Print_ISBN :
978-1-4244-2324-8
DOI :
10.1109/GLOCOM.2008.ECP.475
