Advanced P2P Multiprotocol Traffic Analysis Based on Application Level Signature Detection

Conference: networks 2006 - 12th International Telecommunications Network Strategy and Planning - Symposium
11/06/2006 - 11/09/2006 at New Delhi, India

Proceedings: networks 2006

Pages: 6Language: englishTyp: PDF

Personal VDE Members are entitled to a 10% discount on this title

Bleul, Holger; Rathgeb, Erwin P.; Zilling, Stefan (Computer Networking Technology Group, Institute for Experimental Mathematics, University of Duisburg-Essen, Ellernstrasse 29, 45326 Essen, Germany)

The ability to accurately detect peer-to-peer (P2P) network traffic associated with different applications has not only become crucial for a broad range of network management tasks and capacity planning but also for estimating protocol specific parameters needed for P2P traffic modelling and P2P network simulation. Traditional methods like port-based identification have become highly inaccurate, as P2P applications nowadays tend to camouflage their communications. Earlier work has shown that measurement systems based on application layer signatures can avoid these problems and provide high detection accuracy even for high volume data. In this paper, we propose enhancements to this concept allowing to capture and analyze the behaviour of P2P protocols in more detail. The feasibility and the benefits of these extensions are demonstrated by presenting results obtained in a field trial in a large university network.