Advanced P2P Multiprotocol Traffic Analysis Based on Application Level Signature Detection

Konferenz: networks 2006 - 12th International Telecommunications Network Strategy and Planning - Symposium
06.11.2006 - 09.11.2006 in New Delhi, India

Tagungsband: networks 2006

Seiten: 6Sprache: EnglischTyp: PDF

Persönliche VDE-Mitglieder erhalten auf diesen Artikel 10% Rabatt

Bleul, Holger; Rathgeb, Erwin P.; Zilling, Stefan (Computer Networking Technology Group, Institute for Experimental Mathematics, University of Duisburg-Essen, Ellernstrasse 29, 45326 Essen, Germany)

The ability to accurately detect peer-to-peer (P2P) network traffic associated with different applications has not only become crucial for a broad range of network management tasks and capacity planning but also for estimating protocol specific parameters needed for P2P traffic modelling and P2P network simulation. Traditional methods like port-based identification have become highly inaccurate, as P2P applications nowadays tend to camouflage their communications. Earlier work has shown that measurement systems based on application layer signatures can avoid these problems and provide high detection accuracy even for high volume data. In this paper, we propose enhancements to this concept allowing to capture and analyze the behaviour of P2P protocols in more detail. The feasibility and the benefits of these extensions are demonstrated by presenting results obtained in a field trial in a large university network.