Classification of P2P and HTTP Using Specific Protocol Characteristics

Authors:
John Hurley;Emi Garcia-Palacios;Sakir Sezer
Affiliations:
The Institute of Electronics, Communication and Information Technology (ECIT), Queens University of Belfast,;The Institute of Electronics, Communication and Information Technology (ECIT), Queens University of Belfast,;The Institute of Electronics, Communication and Information Technology (ECIT), Queens University of Belfast,
Venue:
EUNICE '09 Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop on The Internet of the Future
Year:
2009

Citing 11
Cited 0

Accurate, scalable in-network identification of p2p traffic using application signatures

Proceedings of the 13th international conference on World Wide Web
Transport layer identification of P2P traffic

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques

SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
A Model of Stateful Firewalls and Its Properties

DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
BLINC: multilevel traffic classification in the dark

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Traffic classification on the fly

ACM SIGCOMM Computer Communication Review
Towards Context-Based Flow Classification

ICAS '06 Proceedings of the International Conference on Autonomic and Autonomous Systems
A comparative analysis of web and peer-to-peer traffic

Proceedings of the 17th international conference on World Wide Web
Early recognition of encrypted applications

PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
A traffic identification method and evaluations for a pure p2p application

PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement

Quantified Score

Hi-index	0.00

Visualization

Abstract

A key aspect of traffic classification is the early identification of individual flows which may utilise strategies such as ephemeral ports and transport later encryption to `hide' on the network. This paper focuses on P2P and HTTP - the two main producers of network traffic - to determine the characteristics of their individual flows. We propose a heuristic based classification system to distinguish HTTP and P2P flows using only the structure of how packets are passed and the lengths of the individual packets. The classification system is then tested on real network traffic and results presented to show it can accurately detect P2P and HTTP within the early part of a TCP flow.