Research On P2P Traffic Identification Technology

With the development of P2P, P2P traffic which has occupied 60% to 90% of the total internet traffic has become one of the most significant of the internet traffic. The increase of P2P applications which have the characteristic of occupying the bandwidth resources unconditionally result in a huge consumption of network bandwidth, and lead to network congestion, and cause a threat to the quality of servise of other traditional applications, and damage the interests of ISP. On the other hand, the convenience of file-sharing and the expeditiousness of routing mechanism in P2P environment provide a better invasion opportunity for network virus and unheahthy information. Therefore, accurate identification of P2P traffic makes great sense for efficient network management and reasonable utility of network resources.This paper introduces P2P technology firstly. Separately, it analyzes the definition and characteristics and working principle of P2P and the classification of P2P application. Then, it expatiates questions that P2P brings to network management, and shows the actuality that P2P traffic are major component of the network traffic at home and abroad, and points out the importance of P2P traffic identification.This paper summarizes P2P traffic identification methods. In terms of the strtus quo of the current study at home and abroad, P2P traffic identification methods include the method based on experience of people and machine learning. At present, P2P traffic identification method based on experience of people can be divided into three categories. The first is the port-based identification method. This method is no longer effective for most P2P applications, because P2P applications can evade being detected by the technology of port hopping and random port selection and so on. The second is the application layer identification method. It picks up data from the P2P application layer and analyzes the characteristics of the payload to judge if the traffic belongs to P2P applications. The advantages of this method are high accuracy and robustness, and the disadvantages of this method are bad scalability and short of the ability of identifying payload-encrypted and unknown traffic. The third is the transport layer identification method. It identifies P2P traffic by analyzing packets of the transport layer and the traffic characteristics in the P2P network. In recent years, P2P traffic classification using machine learning has been a new direction in traffic identification field. This paper expatiates P2P traffic identification method based on machine learning from the perspective of SVM (support vector machine),decision tree,NN (neural network) and so on.In this paper, we use an approach for P2P traffic identification, which combines two fundamental characteristics of P2P traffic, such as the centrality of the mean of packet arrive time interval and the presence of many hosts acting both as servers and clients. It can increase the accuracy of P2P traffic identification effectively, and false positive is in the appropriate range.This paper proposes a new method based on decision-tree model, using C4.5 and P2P traffic characteristics to fulfill P2P traffic classification. The experiment shows this method can effectively avoid the instability of P2P traffic distribution change. Compared with SVM and NBK (Na?ve Bayes using Kernel density estimation) method, the average of classified precision can increase observably.In the end, this paper studies the P2P traffic identification system. P2P traffic identification system identifies P2P traffic using the method based on traffic characteristics of transport layer, and then through the control of strategy, it can effectively block P2P traffic data and protect network security. Identifying and controling P2P traffic effectively is not only conducive to rational network management and reasonable use of the internet infrastructure, but also help put an end to illegal information in the spread of P2P network. They will make contribution to safeguard the health of China's internet to create a harmonious environment and the network society.