A Cooperation Network Model for Secure Management in Dynamic P2P Flow

This paper discusses how to identify Peer-to-Peer (P2P) traffic using a blind technique without observing individual payload in the proposed cooperation network model. Traditionally, the payload inspection based traffic identification methodologies have been studied and developed for static internet traffic generated by well-known network applications such as http, ftp, telnet, smtp, etc. However, this approach is inadequate any more to detect and control newly emerging applications using P2P-like or P2P-based communication protocol. Also it strongly depends on the central intrusion detection system or firewall because signature as the prior-knowledge is normally built on that kind of systems. That fact derives three issues: performance overhead, central point of failure, and abnormality handling of traffic. Therefore, we propose the distributed detector strategy using tight cooperation between flow agent and secure gateway for indentifying the dynamic P2P traffic, even encrypted.

[1]  James Won-Ki Hong,et al.  Application‐Level Traffic Monitoring and an Analysis on IP Networks , 2005 .

[2]  Nahid Shahmehri,et al.  A Trust-Aware, P2P-Based Overlay for Intrusion Detection , 2006, 17th International Workshop on Database and Expert Systems Applications (DEXA'06).

[3]  John C. Strassner,et al.  Policy-based network management - solutions for the next generation , 2003, The Morgan Kaufmann series in networking.

[4]  T. Okabe,et al.  Statistical traffic identification method based on flow-level behavior for fair VoIP service , 2006, 1st IEEE Workshop on VoIP Management and Security, 2006..

[5]  Roberto Di Pietro,et al.  A methodology for P2P file-sharing traffic detection , 2005, Second International Workshop on Hot Topics in Peer-to-Peer Systems.

[6]  Yang Liu,et al.  Solving P2P Traffic Identification Problems Via Optimized Support Vector Machines , 2007, 2007 IEEE/ACS International Conference on Computer Systems and Applications.

[7]  Xiaohong Guan,et al.  Traffic Classification - Towards Accurate Real Time Network Applications , 2007, HCI.

[8]  Jeffrey Erman,et al.  Internet Traffic Identification using Machine Learning , 2006 .

[9]  J. Erman,et al.  QRP05-4: Internet Traffic Identification using Machine Learning , 2006, IEEE Globecom 2006.

[10]  Michalis Faloutsos,et al.  Transport layer identification of P2P traffic , 2004, IMC '04.

[11]  Oliver Spatscheck,et al.  Accurate, scalable in-network identification of p2p traffic using application signatures , 2004, WWW '04.

[12]  Ji Li,et al.  Dependency-based Distributed Intrusion Detection , 2007, DETER.

[13]  D. Milojicic,et al.  Peer-to-Peer Computing , 2010 .