Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Automated Traffic Classification and Application Identification using Machine Learning
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
Identifying Known and Unknown Peer-to-Peer Traffic
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
Understanding churn in peer-to-peer networks
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Self-Learning Peer-to-Peer Traffic Classifier
ICCCN '09 Proceedings of the 2009 Proceedings of 18th International Conference on Computer Communications and Networks
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Self-Learning IP traffic classification based on statistical flow characteristics
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Computers and Electrical Engineering
Hi-index | 0.00 |
The popularity of a new generation of smart peer-to-peer applications has resulted in several new challenges for accurately classifying network traffic. In this paper, we propose a novel two-stage p2p traffic classifier, called Self-Learning Traffic Classifier (SLTC), that can accurately identify p2p traffic in high speed networks. The first stage classifies p2p traffic from the rest of the network traffic, and the second stage automatically extracts application payload signatures to accurately identify the p2p application that generated the p2p flow. For the first stage, we propose a fast, light-weight algorithm called Time Correlation Metric (TCM), that exploits the temporal correlation of flows to clearly separate peer-to-peer (p2p) traffic from the rest of the traffic. Using real network traces from tier-1 ISPs that are located in different continents, we show that the detection rate of TCM is consistently above 95% while always keeping the false positives at 0%. For the second stage, we use the LASER signature extraction algorithm [20] to accurately identify signatures of several known and unknown p2p protocols with very small false positive rate (