| With the rapid development of the Internet, various applications based on P2P technology become popular in the users. But the rapid development of P2P applications has brought many new problems to network service operator and network managers, such as wasting a lot of network bandwidth, digital copyright protection, and network security issues.Traditional P2P traffic detection techniques are based on port numbers to identify or deep packet inspection, but the latest P2P applications gradually adopt the temporary port or ports camouflage technology and application layer load content encryption against traffic detection. Even though based on machine learning and network behavior traffic detection technology can make up for the shortcomings of traditional methods, there isn’t a comprehensive and effective detection of P2P application traffic, further research is needed.This paper studies the key technology of P2P, the working mechanism of different P2P applications and traffic detection technology. The author develops a WinPcap-based traffic collection and analysis experimental platform. It can obtain the correspondence between application and its network packets, it also can analyze offline traffic data. The experimental platform collects the flow data of a large number of different P2P applications. This paper analyzes peer communication state of the P2P application, statistics between peers, the usage of transport layer and TCP port status. The charts are used to show the differences in behavior of different P2P applications and further reveal the mechanism of P2P application. The article author also observed UDP listen port for P2P applications analysis, and a port-based feature of P2P application identification has been presented. Experiment results show that the program can effectively identify different P2P applications. Especially for the video P2P applications, the recognition accuracy rate can reach... |
PDF Full Text Request