Identifying file-sharing P2P traffic based on traffic characteristics

Acta Metallurgica Sinica(English letters) ›› 2008, Vol. 15 ›› Issue (4): 112-120.doi:

Identifying file-sharing P2P traffic based on traffic characteristics

成卫青,龚俭,丁伟

College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

收稿日期:2008-04-01 修回日期:1900-01-01 出版日期:2008-12-30
通讯作者: 成卫青

Identifying file-sharing P2P traffic based on traffic characteristics

CHENG Wei-qing, GONG Jian, DING Wei

College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

Received:2008-04-01 Revised:1900-01-01 Online:2008-12-30
Contact: CHENG Wei-qing,

摘要/Abstract

摘要：

This article focuses on identifying file-sharing peer-to-peer (P2P) (such as BitTorrent (BT)) traffic at the borders of a stub network. By analyzing protocols and traffic of applications, it is found that file-sharing P2P traffic of a single user differs greatly from traditional and other P2P (such as QQ) applications’ traffic in the distribution of involved remote hosts and remote ports. Therefore, a method based on discreteness of remote hosts (RHD) and discreteness of remote ports (RPD) is proposed to identify BT-like traffic. This method only relies on flow information of each user host in a stub network, and no packet payload needs to be monitored. At intervals, instant RHD for concurrent transmission control protocol and user datagram protocol flows for each host are calculated respectively through grouping flows by the stub network that the remote host of each flow belongs to. On given conditions, instant RPD are calculated through grouping flows by the remote port to amend instant RHD. Whether a host has been using a BT-like application or not can be deduced from instant RHD or average RHD for a period of time. The proposed method based on traffic characteristics is more suitable for identifying protean file-sharing P2P traffic than content-based methods. Experimental results show that this method is effective with high accuracy.

关键词:

traffic;identification,;concurrent;flows,;P2P,;discreteness;of;remote;hosts,;discreteness;of;remote;ports

Abstract:

Key words:

traffic identification;concurrent flows;P2P;discreteness of remote hosts;discreteness of remote ports

CHENG Wei-qing, GONG Jian, DING Wei. Identifying file-sharing P2P traffic based on traffic characteristics[J]. Acta Metallurgica Sinica(English letters), 2008, 15(4): 112-120.

参考文献

1. BitTorrent. 2005, http://wiki.bitcomet.com/help-zh/ tracker (in Chinese)

2. Sung L, Li H. Neighbor selection strategies for P2P systems using tit-for-tat exchange algorithm. 2005, http://www. cs.uwa terloo.ca/~lgasung/

3. PPLive. 2006, http://www.pplive.com/zh-cn/index.html (in Chinese)

4. Network-based application recognition and distributed network-based application recognition. 2005, http://www.cisco.com/en/US/products/ ps6616/ productsios_protocol_grou p_home.html

5. BitTorrent will not be blocked and telecom providers are planning to charge by traffic. 2005, http://tele com.chinabyte.com/191/2129691.shtml (in Chinese)

6. Spognardi A, Lucarelli A, DiPietro R. A methodology for P2P file-sharing traffic detection. Proceedings of Second International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P 2005), Jul 21, 2005, San Diego, CA, USA. 2005: 52-61

7. Milojicic D, Kalogeraki V, Lukose R, et al. Peer-to-peer computing. 2003, http://www.hpl.hp.com/techreports/ 2002/HPL-2002-57R1.pdf

8. Choi T, Kim C, Yoon S, et al. Content-aware Internet application traffic measurement and analysis. Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 2004), Apr 19-23, 2004, Seoul, Korea. 2004: 511-524

9. Moore A, Papagiannaki K. Toward the accurate identification of network applications. Proceedings of Passive and Active Measurement Workshop 2005 (PAM2005), Mar 31-Apr 1, 2005, Boston, MA, USA. 2005: 41-54

10. Sen S, Spatscheck O, Wang D. Accurate, scalable in-network identification of P2P traffic using application signatures. Proceedings of the 13th international conference on World Wide Web (WWW 2004), May 17-22, 2004, New York, NY, USA. 2004: 512-521

11. Haffner P, Sen S, Spatscheck O, et al. ACAS: automated construction of application signatures. Proceedings of ACM SIGCOMM workshop on Mining network data. Aug 22-26, 2005, Philadelphia, PA, USA. New York, NY, USA: ACM, 2005: 197-202

12. Chou S C. Network behavior analysis and performance evaluation of peer-to-peer application. Taipei, China: National Taiwan University, 2004 (in Chinese)

13. Karagiannis T, Broido A, Faloutsos M, et al. Transport layer identification of P2P traffic. 2004 ACM SIGCOMM Internet Measurement Conference (IMC 2004), Oct 25-27, 2004, Taormina, Sicily, Italy. 2004: 121-134

14. Karagiannis T, Papagiannaki K, Faloutsos M. BLINC: Multilevel traffic classification in the dark. Proceedings of ACM SIGCOMM. Aug 22-26, 2005, Philadelphia, PA, USA. 2005: 229-240

15. Bernaille L, Teixeira R, Akodkenou I, et al. Traffic classification on the fly. Computer Communication Review, 2006, 36(2): 23-26

16. Sadasivan G, Brownlee N, Claise B, et al. Architecture for IP flow information export. 2006, http://www.ietf.org/ internet-drafts/draft-ietf- ipfix-architecture-12.txt

17. Egevang K, Francis P. The IP Network Address Translator (NAT). RFC1631. 1994

18. Senie D. Network Address Translator (NAT)-friendly application design guidelines. RFC3235. 2002

[1]	刘琨, 王辉, 申自浩. Prediction of network attack profit path based on NAPG model[J]. 中国邮电高校学报(英文版), 2020, 27(5): 91-102.
[2]	李绍贤吕凡王成瑞侯延昭. UWB positioning enhancement using Markov chain in indoor NLOS environment [J]. 中国邮电高校学报(英文版), 2020, 27(4): 54-58.
[3]	李亚张丹青田心记 . Power allocation scheme for maximizing spectrum efficiency and energy efficiency tradeoff for multi-cluster NOMA system[J]. 中国邮电高校学报(英文版), 2020, 27(3): 62-72.
[4]	李文正贺鸣升. Imp Raft: a consensus algorithm based on Raft and storage compression consensus for IoT scenario[J]. 中国邮电高校学报(英文版), 2020, 27(3): 53-61.
[5]	田世明宫飞翔莫爽李蒙吴文睿肖丁. End-to-end encrypted network traffic classification method based on deep learning[J]. 中国邮电高校学报(英文版), 2020, 27(3): 21-30.
[6]	Yuan Ye, Yu Minmin, Liu Jiming. Research on calculation method of text similarity based on smooth inverse frequency[J]. 中国邮电高校学报(英文版), 2020, 27(2): 56-64.
[7]	侯莹琳成卫青. Task allocation based on profit maximization for mobile crowdsourcing[J]. 中国邮电高校学报(英文版), 2020, 27(1): 26-37.
[8]	周国强，范译， ZHANG Shuai WANG Yilun DAI Gui-lan. IDL: Evaluating software quality based on PageRank algorithm[J]. 中国邮电高校学报(英文版), 2020, 27(1): 10-25.
[9]	刘亮冯文治吴志军岳猛. LDDoS attack detection method based on wavelet decomposition and sliding windows[J]. 中国邮电高校学报(英文版), 2020, 27(1): 51-61.
[10]	Peng Weiping, Su Zhe, Song Cheng, Jia Zongpu. Research on adaptive dual task offloading decision algorithm for parking space recommendation service[J]. 中国邮电高校学报(英文版), 2019, 26(6): 30-42.
[11]	Yu Cuiping, Gao Yuan, Wu Fan, Liu Yuanan. Miniaturized single-channel concurrent dual-band mixing architecture with one frequency-divided local oscillator[J]. 中国邮电高校学报(英文版), 2019, 26(4): 1-7.
[12]	Sun Lin, Zhu Qi. Coalitional game-based WiFi offloading algorithm in heterogeneous networks[J]. 中国邮电高校学报(英文版), 2019, 26(4): 25-35.
[13]	党乾龙谢莹李栋浩胡功成. Updatable block-level deduplication of encrypted data with efficient auditing in cloud storage[J]. 中国邮电高校学报(英文版), 2019, 26(3): 56-72.
[14]	张孝甜赵生妹. High Efficiency Polar coding key reconciliation scheme in wireless channel[J]. 中国邮电高校学报(英文版), 2019, 26(3): 50-55.
[15]	张志军牛凯董超. Iterative list decoding approach for Reed-Solomon codes[J]. 中国邮电高校学报(英文版), 2019, 26(3): 8-14.

Identifying file-sharing P2P traffic based on traffic characteristics

Identifying file-sharing P2P traffic based on traffic characteristics

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价