A novel self-learning architecture for p2p traffic classification in high speed networks

Authors:
Ram Keralapura;Antonio Nucci;Chen-Nee Chuah
Affiliations:
Narus Inc., 570 Maude Ct., Sunnyvale, CA 94085, United States;Narus Inc., 570 Maude Ct., Sunnyvale, CA 94085, United States;University of California, One Shields Ave, Davis, CA 95616, United States
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2010

Citing 12
Cited 1

Accurate, scalable in-network identification of p2p traffic using application signatures

Proceedings of the 13th international conference on World Wide Web
Transport layer identification of P2P traffic

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
BLINC: multilevel traffic classification in the dark

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures

Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Automated Traffic Classification and Application Identification using Machine Learning

LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
Identifying Known and Unknown Peer-to-Peer Traffic

NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Traffic classification using clustering algorithms

Proceedings of the 2006 SIGCOMM workshop on Mining network data
A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification

ACM SIGCOMM Computer Communication Review
Understanding churn in peer-to-peer networks

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Self-Learning Peer-to-Peer Traffic Classifier

ICCCN '09 Proceedings of the 2009 Proceedings of 18th International Conference on Computer Communications and Networks
Toward the accurate identification of network applications

PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Self-Learning IP traffic classification based on statistical flow characteristics

PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement

Viewing experience optimization based on adaptive requesting window adjustment in peer-to-peer media streaming

Computers and Electrical Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

The popularity of a new generation of smart peer-to-peer applications has resulted in several new challenges for accurately classifying network traffic. In this paper, we propose a novel two-stage p2p traffic classifier, called Self-Learning Traffic Classifier (SLTC), that can accurately identify p2p traffic in high speed networks. The first stage classifies p2p traffic from the rest of the network traffic, and the second stage automatically extracts application payload signatures to accurately identify the p2p application that generated the p2p flow. For the first stage, we propose a fast, light-weight algorithm called Time Correlation Metric (TCM), that exploits the temporal correlation of flows to clearly separate peer-to-peer (p2p) traffic from the rest of the traffic. Using real network traces from tier-1 ISPs that are located in different continents, we show that the detection rate of TCM is consistently above 95% while always keeping the false positives at 0%. For the second stage, we use the LASER signature extraction algorithm [20] to accurately identify signatures of several known and unknown p2p protocols with very small false positive rate (