Profiling and identification of P2P traffic

Authors:
Yan Hu;Dah-Ming Chiu;John C. S. Lui
Affiliations:
Department of Information Engineering, Chinese University of Hong Kong, Hong Kong;Department of Information Engineering, Chinese University of Hong Kong, Hong Kong;Department of Computer Science and Engineering, Chinese University of Hong Kong, Hong Kong
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2009

Citing 18
Cited 6

Finding interesting rules from large sets of discovered association rules

CIKM '94 Proceedings of the third international conference on Information and knowledge management
Data mining: concepts and techniques

Data mining: concepts and techniques
Fast Algorithms for Mining Association Rules in Large Databases

VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Accurate, scalable in-network identification of p2p traffic using application signatures

Proceedings of the 13th international conference on World Wide Web
Transport layer identification of P2P traffic

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques

SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Profiling internet backbone traffic: behavior models and applications

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Automated Traffic Classification and Application Identification using Machine Learning

LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification

ACM SIGCOMM Computer Communication Review
Unexpected means of protocol inference

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Bro: a system for detecting network intruders in real-time

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Data mining approaches for intrusion detection

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Revealing skype traffic: when randomness plays with you

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Offline/realtime traffic classification using semi-supervised learning

Performance Evaluation
Early application identification

CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Finding peer-to-peer file-sharing using coarse network behaviors

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security

Generalization and optimization of feature set for accurate identification of P2P Traffic in the internet using neural network

WSEAS TRANSACTIONS on COMMUNICATIONS
Session-based classification of internet applications in 3G wireless networks

Computer Networks: The International Journal of Computer and Telecommunications Networking
Measuring the impact of the copyright amendment act on New Zealand residential DSL users

Proceedings of the 2012 ACM conference on Internet measurement conference
Detection and classification of peer-to-peer traffic: A survey

ACM Computing Surveys (CSUR)
PeerRush: mining for unwanted p2p traffic

DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Accurate identification of network applications is important for many network activities. The traditional port-based technique has become much less effective since many new applications no longer use well-known fixed port numbers. In this paper, we propose a novel profile-based approach to identifying traffic flows belonging to the target application. In contrast to the method used in previous studies, of classifying traffic based on statistics of individual flows, we build behavioral profiles of the target application, which describe dominant patterns in the application. Based on the behavior profiles, a two-level matching method is used to identify new traffic. We first determine whether a host participates in the target application by comparing its behavior with the profiles. Subsequently, we compare each flow of the host with those patterns in the application profiles to determine which flows belong to this application. We demonstrate the effectiveness of our method on-campus traffic traces. Our results show that one can identify popular P2P applications with very high accuracy.