Monday, January 10, 2011

How to Build DPI Products? (Part VIII - Identification of P2P Traffic)

One of the major challenges of DPI products is to identify the use of P2P/file sharing applications. Actually, P2P traffic management (throttling) was the trigger of the DPI industry (here) and still today the reason for many service providers to implement a DPI solution both in fixed and mobile networks.
Today's articles cover technologies used to identify P2P flows. Both are originated from China, and some of the information is limited, without subscription and knowledge of the Chinese language. Nevertheless, I thought it may be interesting to the readers:

A Novel Method of P2P Traffic Classification Based on TCP Flow Analysis (here)


"Peer-to-Peer(P2P) applications have overtaken web stream as the most significant portions on the high-speed network, so P2P applications identification is important to a broad range of network operations. By deriving the transport/network layer headers of the packets of TCP flow, we obtained some attributes of all kinds of P2P traffic without relying on packet payload and port number, which leaded to a novel method for P2P traffic identification based on support vector machine(SVM).The method only needed to deal with the TCP packet of SYN and SYN+ACK flags. Experiment results show this method classifies the traffic achieved the high accuracy"

P2P-based Weighted Behavioral Characteristics Of Deep Packet Inspection Algorithm - by by LiJuan Zhang, DongMing Li, Jing Shi and JunNan Wang from College of Computer Science and Engineering Changchun University of Technology Changchun, China
Available - here.


"This paper deeply analyzes the characteristics of P2P flow and the most popular detection algorithm, on the basis of which, P2P-based weighted behavioral characteristics of deep packet inspection algorithm is proposed, which better combined two kinds of practical P2P detection technology, solving problems of a high rate of false behavioral detection technology positively in the way of P2P flow weighted behavioral characteristics, solving problems of the P2P flow classification through deep packet inspection technology, and providing better solutions both to decrease the delay of deep packet inspection and help to relieve the problems of large number of inspection affecting network speed."

