By Topic

Identification peer-to-peer traffic for high speed networks using packet sampling and application signatures

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Zhenbin Guo ; Institute of Information Science, Beijing Jiaotong University, 100044, China ; Zhengding Qiu

It is very difficult to identify peer-to-peer (P2P) traffic in high speed network environment because well-known port numbers are no longer reliable and application signatures are not efficient enough. In this paper, we present a P2P traffic identification method for high speed networks using packet sampling and application signatures. Models of false negatives and false positives are developed to analyze the effects of packet sampling probability (which is the probability of a packet to be captured when the packet passes through the monitor location) and application signatures probability (which is the probability of a packet containing application signature) on accuracy. We implemented the method with Snort by developing a flow state differentiating preprocessor. We have applied the method to identify BitTorrent traffic with 13 application signatures. The experiment results show that the efficiency and accuracy of the method are exciting and the method can be applied to high speed networks. The experiment results also show that the false negatives and false positives models are very accurate.

Published in:

2008 9th International Conference on Signal Processing

Date of Conference:

26-29 Oct. 2008