PeerRush: Mining for Unwanted P2P Traffic
نویسندگان
چکیده
In this paper we present PeerRush, a novel system for the identification of unwanted P2P traffic. Unlike most previous work, PeerRush goes beyond P2P traffic detection, and can accurately categorize the detected P2P traffic and attribute it to specific P2P applications, including malicious applications such as P2P botnets. PeerRush achieves these results without the need of deep packet inspection, and can accurately identify applications that use encrypted P2P traffic. We implemented a prototype version of PeerRush and performed an extensive evaluation of the system over a variety of P2P traffic datasets. Our results show that we can detect all the considered types of P2P traffic with up to 99.5% true positives and 0.1% false positives. Furthermore, PeerRush can attribute the P2P traffic to a specific P2P application with a misclassification rate of 0.68% or less.
منابع مشابه
Classification of Peer-to-Peer Traffic Using A Two-Stage Window-Based Classifier With Fast Decision Tree and IP Layer Attributes
This paper presents a new approach using data mining techniques, and in particular a two-stage architecture, for classification of Peer-to-Peer (P2P) traffic in IP networks where in the first stage the traffic is filtered using standard port numbers and layer 4 port matching to label well-known P2P and NonP2P traffic. The labeled traffic produced in the first stage is used to train a Fast Decis...
متن کاملA Framework For Concept Drifting P2P Traffic Identification
Identification of network traffic using port-based or payload-based analysis is becoming increasing difficult with many Peer-to-Peer (P2P) application using dynamic ports, masquerading techniques, and encryption to avoid detection. To overcome this problem, several machine learning technique were proposed to classify P2P traffics. But in the real P2P network environment, new communities of peer...
متن کاملCharacterizing Peer-to-Peer Traffic across Internet1
In this paper we, to the best of our knowledge, for the first time, launch a peer-to-peer network traffic measurement across the Internet backbone in China. Different from the existing studies, our data are derived from core routers on the Internet. Our study focuses on the three periodic peak value groups in the aggregation flow traffic, the heavy-tailed property in the distribution of traffic...
متن کاملQueries mining for efficient routing in P2P communities
Peer-to-peer (P2P) computing is currently attracting enormous attention. In P2P systems a very large number of autonomous computing nodes (the peers) pool together their resources and rely on each other for data and services. Peer-to-peer (P2P) Data-sharing systems now generate a significant portion of Internet traffic. Examples include P2P systems for network storage, web caching, searching an...
متن کاملMining and Visualizing Clusters in Densely Connected P2P Networks
Characterizing the topology of large scale P2P network is crucial in understanding the performance of the network and its impact on ISP traffic. However, due to the inherent lack of structure in large P2P networks, it is highly challenging in obtaining the pattern of relations between groups of P2P nodes, especially the clustering of hosts. The densely connected graph only gives the neighboring...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013