By Topic

Blink: Large-scale P2P network monitoring and visualization system using VM introspection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Ando, R. ; Nat. Inst. of Inf. & Commun. Technol., Koganei, Japan ; Kadobayashi, Y. ; Shinoda, Y.

P2P network is now widely pervasive and increase usability of Internet. However, with the difficulty of tracing flow of P2P traffic, security incident of P2P network has become now serious problem. In this paper we propose Blink, Large-scale P2P network monitoring and visualization system enhanced by VM introspection. We discuss a monitoring and visualizing P2P traffic using the combination of virtualized probe and analyzer on VMM side. In proposed system, probe and monitor are running on guest OS, which is connected to the analyzer and visualizer module on VMM and host OS. Traffic log is transferred to host OS using VM introspection and is analyzed and visualized. Proposed system makes it possible to enhance the analysis and visualization functionality with the least impact of guest OS. Also, proposed system supports large scale traffic log analysis with large amount of disks necessary using storage of host OS. In proposed system we have implemented monitors for two kinds of P2P software: BitTorrent and Winny. Also we have implemented visualization module using Google Earth by translating traffic log file to KML (Keyhole Markup Language). We show system output of visualizing of traffic log of Winny and BitTorrent. We can conclude that proposed system of double-layer architecture can enhance the functionality of analyzing, storing and visualizing P2P traffic logs.

Published in:

Networked Computing and Advanced Information Management (NCM), 2010 Sixth International Conference on

Date of Conference:

16-18 Aug. 2010