• DocumentCode
    3308371
  • Title

    Non-intrusive Identification of Peer-to-Peer Traffic

  • Author

    Ulliac, Alexis ; Ghita, Bogdan V.

  • Author_Institution
    Centre for Security, Commun., & Network Res., Univ. of Plymouth, Plymouth, UK
  • fYear
    2010
  • fDate
    13-19 June 2010
  • Firstpage
    116
  • Lastpage
    121
  • Abstract
    Peer-to-peer protocols are increasingly implementing encryption and port randomisation to circumvent detection by traditional, signature-based classification systems. This paper proposes a novel method of identifying hosts and connections generating peer-to-peer traffic by observing the statistical attributes of the traffic. The method builds on existing statistical-based detection, but it uses a two-stage neural network to process the data and identify the peer-to-peer connections. A full architecture is also proposed to link the detection with a module producing ACL rules allowing segregating and blocking or shaping the peer-to-peer traffic in real time. The method was tested on real traffic, achieving accuracy between 85% and 98% at detecting peer-to-peer traffic from two packet traces.
  • Keywords
    Communication system security; Cryptography; Payloads; Peer to peer computing; Protocols; Quality of service; Reliability theory; Statistical analysis; Telecommunication network reliability; Telecommunication traffic; Networking; peer-to-peer detection; supervised neural network;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communication Theory, Reliability, and Quality of Service (CTRQ), 2010 Third International Conference on
  • Conference_Location
    Athens, TBD, Greece
  • Print_ISBN
    978-1-4244-7273-4
  • Type

    conf

  • DOI
    10.1109/CTRQ.2010.27
  • Filename
    5532777
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3308371