Multiple vector classification for P2P traffic identification

The identification of P2P traffic has become a principal concern for the research community in the last years. Although several P2P traffic identification proposals can be found in the specialized literature, the problem still persists mainly due to obfuscation and privacy matters. This paper presents a flow-based P2P traffic identification scheme which is based on a multiple classification procedure. First, every traffic flow monitored is parameterized by using three different groups of features: time related features, data transfer features and signalling features. After that, a flow identification process is performed for each group of features. Finally, a global identification procedure is carried out by combining the three individual classifications. Promising experimental results have been obtained by using a basic KNN scheme as the classifier. These results provide some insights on the relevance of the group of features considered and demonstrate the validity of our approach to identify P2P traffic in a reliable way, while content inspection is avoided.