MULTIPLE VECTOR CLASSIFICATION FOR P2P TRAFFIC IDENTIFICATION

F. J. Salcedo-Campos, J. E. Díaz-Verdejo, P. García-Teodoro

Abstract

The identification of P2P traffic has become a principal concern for the research community in the last years. Although several P2P traffic identification proposals can be found in the specialized literature, the problem still persists mainly due to obfuscation and privacy matters. This paper presents a flow-based P2P traffic identification scheme which is based on a multiple classification procedure. First, every traffic flow monitored is parameterized by using three different groups of features: time related features, data transfer features and signalling features. After that, a flow identification process is performed for each group of features. Finally, a global identification procedure is carried out by combining the three individual classifications. Promising experimental results have been obtained by using a basic KNN scheme as the classifier. These results provide some insights on the relevance of the group of features considered and demonstrate the validity of our approach to identify P2P traffic in a reliable way, while content inspection is avoided.

References

  1. Callado, A., Kamienski, C., Szabo, G., Gero, B.P., Kelner, J., 2009. ”A Survey on Internet Traffic Identification”. In IEEE Communications Surveys & Tutorials, vol. 11, n. 3, pp. 37-52.
  2. Callado, A., Kelner, J., Sadok, D., Kamienski, C.A., Fernandes, S., 2010. ”Better network traffic identification through the independent combination of techniques”. In Journal of Network and Computer Applications, vol. 33, pp. 433-446.
  3. Chen, H., Zhou, X., You, F., Wang, C., 2010. ”Study of Double-Characteristics-Based SVM Method for P2P Traffic Identification”. In Int. Conference on Networks Security Wireless Communications and Trusted Computing, pp. 202-205.
  4. Duda, R.O., Hart, P.E., Stork, D.G., 2001. ”Pattern Classfication”. John Wiley & Sons.
  5. Erman, J., Mahanti, A., Arlitt, M., Cohen, I., Williamson, C., 2007. ”Offline/RealtimeTtraffic Classification Using Semi-Supervised Learning”. In Performance Evaluation, vol. 64, pp. 1194-1213.
  6. Fontenelle, M., Bessa, J., Siqueira, G., Holanda, R., Sousa, J., 2007. ”Using Statistical Discriminators and Cluster Analysis to P2P and Attack Traffic Monitoring”, In Latin American Network Operations and Management Symposium, pp. 67-76.
  7. Gomez, J.M., Puertas, E., Maa, M.J., 2002. Evaluating cost-sensitive unsolicited bulk email categorization; in Proc. of the ACM Symposium and Applied Computing, ACM Press, pp. 615-620.
  8. JinSong, W., Yan, Z., Qing, W., Gong, W., 2007. ”Connection Pattern-based P2P Application Identification Characteristic”. In Proc. of Int. Conference on Network and Parallel Computing Workshops, pp. 437- 441.
  9. Karagiannis, T., Papagiannaki, K., Foloutsos, M., 2005. ”BLINC: Multilevel Traffic Classification in the Dark”. In Proc. of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 229-240.
  10. Keralapura, R. Nucci, A., Chuah, C., 2010. ”A Novel SelfLearning Architecture for P2P Traffic Classification in High Speed Networks”. In Computer Networks, vol. 54, pp. 1055-1068.
  11. Kohavi, R.: A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection; in Proc. of the 14th International Joint Conference on Artifcial Intelligence, Montreal, Canada, (1995)
  12. Li, X., Liu, Y., 2010. ”A P2P Network Traffic Identification Model Based on Heuristic Rules”. In Int. Conference on Computer Application and System Modeling, vol. 5, pp. 177-179.
  13. Madhukar, A., Williamson, C., 2006. ”A Longitudinal Study of P2P Traffic Classification”. In Proc. of Int. Symposium on Modeling, Analysis and Simulation, pp. 179-188.
  14. Mochalski, K., Schulze, H., 2009. ”Deep Packet Inspection. Technology, applications & net neutrality”. White Paper. Available at http://www.ipoque.com/resources/white-papers.
  15. OpenDPI, 2011. http://www.opendpi.org
  16. Segura, J.C, Rubio, A.J., Peinado, A.M., García, P., Román, R., 1994. ”Multiple VQ Hidden Markov Modelling for Speech Recognition”. In Speech Communication, vol. 14, no. 2, pp. 163-170.
  17. Sen, S., Spatscheck, O., Wang, D., 2004. ”Accurate, Scalable In-Network Identification of P2P Traffic Using Application Signatures”. In Proc. of the Int. Conference on World Wide Web, pp. 512-521.
  18. Sen, S., Wang, J., 2004. ”Analyzing Peer-to-Peer Traffic Across Large Networks”. In IEEE/ACM Transactions on Networking, vol. 12, n. 2, pp. 219-232
  19. Soysal, M., Schmidt, E.G., 2010. ”Machine Learning Algorithms for Accurate Flow-Based Network Traffic Classification: Evaluation and Comparison”. In Performance Evaluation, vol. 67, n. 6, pp. 451-467.
  20. Xuan-min, L., Jiang, P., Ya-jian, Z., 2010. ”A New P2P Traffic Identification Model Based on Node Status”. In Int. Conference on Management and Service Science, pp. 1-4.
  21. Yiran, G., Suoping, W., 2010. ”Traffic Identification Method for Specific P2P Based on Multilayer Tree Combination Classification by BP-LVQ NeuralNetwork”. In Int. Forum on Information Technology and Applications, pp. 34-38.
  22. Yuan, R., Li, Z., Guan, X., Xu, L., 2010. An SVMbased machine learning method for accurate internet traffic classification. Information Systems Frontiers, Springer-Verlag, V. 12, n. 2, pp. 149-156.
Download


Paper Citation


in Harvard Style

J. Salcedo-Campos F., E. Díaz-Verdejo J. and García-Teodoro P. (2011). MULTIPLE VECTOR CLASSIFICATION FOR P2P TRAFFIC IDENTIFICATION . In Proceedings of the International Conference on Data Communication Networking and Optical Communication System - Volume 1: DCNET, (ICETE 2011) ISBN 978-989-8425-69-0, pages 5-13. DOI: 10.5220/0003457800050013


in Bibtex Style

@conference{dcnet11,
author={F. J. Salcedo-Campos and J. E. Díaz-Verdejo and P. García-Teodoro},
title={MULTIPLE VECTOR CLASSIFICATION FOR P2P TRAFFIC IDENTIFICATION},
booktitle={Proceedings of the International Conference on Data Communication Networking and Optical Communication System - Volume 1: DCNET, (ICETE 2011)},
year={2011},
pages={5-13},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003457800050013},
isbn={978-989-8425-69-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Data Communication Networking and Optical Communication System - Volume 1: DCNET, (ICETE 2011)
TI - MULTIPLE VECTOR CLASSIFICATION FOR P2P TRAFFIC IDENTIFICATION
SN - 978-989-8425-69-0
AU - J. Salcedo-Campos F.
AU - E. Díaz-Verdejo J.
AU - García-Teodoro P.
PY - 2011
SP - 5
EP - 13
DO - 10.5220/0003457800050013