Based On The Deep Packet Inspection Of P2p Traffic Identification Technology Research

The ability to accurately identify network flow of various communicationprotocols is the fundamental requirement to a broad range of network operationsincluding network planning, customer behavior analysis, charging by business flow, etc.The current hotspot in flow classification domain is the transport-layer-based approachwhich statistically analyses flow’s transport layer attributes and uses machine learningalgorithms to classify network flows.Transport-layer-based flow classification canclassify unknown flows according to their transport layer attributes. However, it usuallyneeds accurately identified sample data for training.It is the goal of this research, which studies deep-packet-inspection-basedapproaches and identify P2P flows as accurately as possible while misidentify otherflows as P2P flows as less as possible, to provide the accurately identified sample datafor the transport-layer-based flow classification. In this paper, we conclude an effectiveapproach to analyze P2P protocols and extract their flow features. Furthermore, bymatching these features, we utilize the DPI(Deep Packet Inspecction) techniques toidentify the P2P flows. Adopting this approach, we comprehensively study a handful ofpopular P2P protocols including BitTorrent, eDonkey, DirectConnect, GnuTella,SoulSeek, PPS, PPTV, QQLive, xunlei, Ares, Skype. We analyse their networkarchitecture, protocol data unit format and communication process by examine someavailable documents and packet-level trace experiments, and conclude whether theirflows can be identified by utilizing DPI techniques. Furthermore, we provide feasibleapproaches for identifying most of the protocol flows. Besides, we managed to arrangea set of experiments to test and verify the approaches’ feasibility.Results confirm the apporach’s feasibility in analyzing P2P protocols andextracting their flow features. It is proved that we can use DPI techniques to identifyP2P flows and provide the appropriate sample data for the transport-layer-based flowclassification.