Transport Layer Identification of p2p Traffic T Karagiannis, A Broido, M. Faloutsos, K claffy
Transport Layer Identification of P2P Traffic T. Karagiannis, A. Broido, M. Faloutsos, K. Claffy
Outline ● Introduction ●Re| ated work Payload analysis Limitations Non-payload identification Experiments evaluation ●P2 P traffic trends e Conclusions
Outline • Introduction • Related work • Payload analysis & Limitations • Non-payload identification • Experiments & Evaluation • P2P traffic trends • Conclusions
Characters of p2P Traffic Traffic volume grows rapidly Frequently upgrades emergence of new protocols Disquise the traffic to circumvent firewalls legal issues Non-standard proprietary protocols(poor documented) Operate on arbitrary port numbers Support payload encryption
Characters of P2P Traffic • Traffic volume grows rapidly • Frequently upgrades & emergence of new protocols • Disguise the traffic to circumvent firewalls & legal issues – Non-standard, proprietary protocols (poorly documented) – Operate on arbitrary port numbers – Support payload encryption
Identification Methodology Examining packet payload Signature-based methodology Limitations Identifying at transport layer Based on flow patterns p2p behaviors Advantages
Identification Methodology • Examining packet payload – Signature-based methodology – Limitations • Identifying at transport layer – Based on flow patterns & P2P behaviors – Advantages
Contributions Develop a methodology for P2P traffic profiling by identifying flow patterns and behavior characteristics Evaluate the effectiveness by comparing with payload analysis Convince the growing of P2P traffic by analyzing backbone traces
Contributions • Develop a methodology for P2P traffic profiling by identifying flow patterns and behavior characteristics • Evaluate the effectiveness by comparing with payload analysis • Convince the growing of P2P traffic by analyzing backbone traces