Abstract
A key aspect of traffic classification is the early identification of individual flows which may utilise strategies such as ephemeral ports and transport later encryption to ‘hide’ on the network. This paper focuses on P2P and HTTP - the two main producers of network traffic - to determine the characteristics of their individual flows. We propose a heuristic based classification system to distinguish HTTP and P2P flows using only the structure of how packets are passed and the lengths of the individual packets. The classification system is then tested on real network traffic and results presented to show it can accurately detect P2P and HTTP within the early part of a TCP flow.
Chapter PDF
Similar content being viewed by others
Keywords
References
Karagiannis, T., Broido, A., Brownlee, N., Claffy, K.C., Faloutsos, M.: Is P2P dying or just hiding. In: Proceedings of the 47th IEEE Globecom Conference, Dallas, TX (2004)
Roughan, M., Sen, S., Spatscheck, O., Duffield, N.: Class-of-Service Mapping for QoS: A Statistical Signature-based. In: 4th ACM SIGCOMM conference on Internet measurement, Taormina, Sicily, Italy, October 25-27 (2004)
Kazaa, http://www.kazaa.com
Gouda, M.G., Liu, A.X.: A model of Stateful Firewalls and its properties. In: Proceedings of the IEEE International Conference on Dependable Systems and Networks (DSN 2005), pp. 320–327 (2005)
Ocampe, R., Galis, A., Todd, C., Meer, H.D.: Towards Context-Based Flow Classification. Autonomic and Autonomous Systems. In: ICAS 2006, p. 44 (2006)
Sen, S., Spatscheck, O., Wang, D.: Accurate, Scalable In-Network Identification of P2P Traffic Using Application Signatures. In: WWW 2004 (2004)
Karagiannis, T., Broido, A., Faloutsos, M., Claffy, K.C.: File-sharing in the Internet: A characterization of P2P traffic in the backbone. Technical report (2004), http://www.cs.usr.edu/~tkarag
Ohzahata, S., Hagiwara, Y., Terada, M., Kawashima, K.: A traffic identification method and evaluations for a pure P2P application. In: Dovrolis, C. (ed.) PAM 2005. LNCS, vol. 3431, pp. 55–68. Springer, Heidelberg (2005)
BitTorrent – A technical description of the bitTorrent protocol, http://www.cs.chalmers.se/~tsigas/Courses/DCDSeminar/Files/BitTorrent.pdf
Bernaille, L., Teixeira, R., Akodjenou, I., Soule, A., Salamatian, K.: Traffic Classification On The Fly. ACM SIGCOMM Computer Communication Review 36(2) (2006)
Bernaille, L., Teixeira, R.: Early recognition of encrypted applications. In: Uhlig, S., Papagiannaki, K., Bonaventure, O. (eds.) PAM 2007. LNCS, vol. 4427, pp. 165–175. Springer, Heidelberg (2007)
Karagiannis, T., Broido, A., Faloutsos, M., Claffy, K.C.: Transport Layer Identification of P2P Traffic. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement (IMC 2004), Italy, October 2004, pp. 121–134 (2004)
Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: Multilevel Traffic Classification in the Dark. In: Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, Philadelphia, Pennsylvania, USA, August 22-26 (2005)
Moore, A., Zuev, D.: Internet Traffic Classification Using Bayesian Analysis Techniques. In: ACM SIGMETRICS, Banff, Canada (June 2005)
Junior, G.P.S., Maia, J.E.B., Holanda, R., De Sousa, J.N.: P2P Traffic Identification using Cluster Analysis. In: Global Information Infrastructure Symposium. GIIS 2007, pp. 128–133 (July 2007)
Raahemi, B., Kouznetsov, A., Hayajneh, A., Rabinovitch, P.: Classification of Peer-to-Peer traffic using incremental neural networks (Fuzzy ARTMAP). In: Electrical and Computer Engineering, CCECE 2008, Canada, pp. 719–724 (2008)
Basher, N., Mahanti, A., Mahanti, A., Williamson, C., Arlitt, M.: A Comparative Analysis of Web and Peer-to-Peer Traffic. In: Proceeding of the 17th international conference on World Wide Web, China, pp. 287–296 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hurley, J., Garcia-Palacios, E., Sezer, S. (2009). Classification of P2P and HTTP Using Specific Protocol Characteristics. In: Oliver, M., Sallent, S. (eds) The Internet of the Future. EUNICE 2009. Lecture Notes in Computer Science, vol 5733. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03700-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-03700-9_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03699-6
Online ISBN: 978-3-642-03700-9
eBook Packages: Computer ScienceComputer Science (R0)