Analysis of Peer-to-Peer Traffic Using a Behavioural Method Based on Entropy

The increasing number of applications offering their services over peer-to-peer (P2P) platforms is changing the properties of the traffic within computer networks. Their massive use raises a few imperative challenges for network administrators and Internet service providers, regarding the quality of service and security of their networks. It such scenario, it is important to develop mechanisms to control and efficiently manage the P2P traffic and prepare the networks to support it, for which it is necessary to study the effect of P2P applications in the traffic of computer networks and to develop methodologies to characterise its behaviour. In this paper, the characteristics of the traffic generated by P2P applications are analysed from the behavioural point of view, and entropy is used to measure the heterogeneity embedded in the packet sizes. The results obtained show evident difference between P2P and non-P2P traffic, being the proposed approach applicable to real-time and high-speed networks with encrypted P2P traffic, where the existing methodologies are useless.

[1]  Somesh Jha,et al.  Deflating the big bang: fast and scalable deep packet inspection with extended finite automata , 2008, SIGCOMM '08.

[2]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[3]  Sándor Molnár,et al.  Identification and Analysis of Peer-to-Peer Traffic , 2006, J. Commun..

[4]  Satoshi Ohzahata,et al.  A Traffic Identification Method and Evaluations for a Pure P2P Application , 2005, PAM.

[5]  Catherine Rosenberg,et al.  Behavioral authentication of server flows , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[6]  Michalis Faloutsos,et al.  Transport layer identification of P2P traffic , 2004, IMC '04.

[7]  Jinlong Hu,et al.  Measurement and Analysis of Peer-to-Peer Application Traffic Characteristics , 2008, 2008 ISECS International Colloquium on Computing, Communication, Control, and Management.

[8]  M. Eric Johnson,et al.  The Evolution of the Peer-to-Peer File Sharing Industry and the Security Risks for Users , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[9]  Renata Teixeira,et al.  Traffic classification on the fly , 2006, CCRV.

[10]  Kurt Tutschku,et al.  A Measurement-Based Traffic Profile of the eDonkey Filesharing Service , 2004, PAM.

[11]  Michalis Faloutsos,et al.  Is P2P dying or just hiding? [P2P traffic measurement] , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[12]  Michalis Faloutsos,et al.  File-sharing in the Internet: A characterization of P2P traffic in the backbone , 2003 .

[13]  Panayiotis Mavrommatis,et al.  Identifying Known and Unknown Peer-to-Peer Traffic , 2006, Fifth IEEE International Symposium on Network Computing and Applications (NCA'06).

[14]  Dragos Ilie,et al.  Traffic Measurements of P2P Systems , 2004 .

[15]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[16]  Dario Rossi,et al.  Revealing skype traffic: when randomness plays with you , 2007, SIGCOMM '07.

[17]  Nathaniel Leibowitz,et al.  ARE FILE SWAPPING NETWORKS CACHEABLE? CHARACTERIZING P2P TRAFFIC , 2002 .

[18]  Jia Wang,et al.  Analyzing peer-to-peer traffic across large networks , 2002, IMW '02.