Analyzing peer-to-peer traffic across large networks
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Measurement, modeling, and analysis of a peer-to-peer file-sharing workload
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
An analysis of Internet chat systems
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
An analysis of internet content delivery systems
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Dynamic application-layer protocol analysis for network intrusion detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Proceedings of the 23rd International Teletraffic Congress
An overview of VoIP and P2P copyright and lawful-interception issues in the United States and Taiwan
Digital Investigation: The International Journal of Digital Forensics & Incident Response
PeerRush: mining for unwanted p2p traffic
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Hi-index | 0.00 |
There are more and more P2P applications in the Internet, with or without encrypted content. The P2P applications can be classified into three categories: file sharing (BT, eMule), VoIP (Skype, MSN), and Video streaming (PPStream, PPLive). By observing the common communication nature among the peers, this paper proposes a simple but efficient way to identify the P2P traffic by the DNS query behavior. Experimental results illustrate that the proposed mechanism is able to accurately identify if a host is using data/voice/video-based P2P traffic, even the packet content is encrypted. The proposed mechanism is also capable of detecting future unknown P2P applications as long as they perform the common P2P behaviors.