| With the development of Internet, P2P (Peer-to-Peer) has already become one of the fastest developing network applications. It also brings along some problems while giving people huge convenience, such as the bandwidth shortage, Internet piracy, and network security management etc. These problems urge us to identify and control P2P effectively while developing P2P technology.In this paper, firstly, we summarize current reseaches on identification of P2P traffics in different categories and analyze the characteristics of P2P traffics that can be used for identification. Especially, we focus on the flow statistic characteristics. According to the different flow patterns and experimental results, we presented a new P2P traffic identification method based on the flow statistic characteristics. This method need not to check the payload information, so it will not be limited by data encryption and expands the identification scope of P2P protocols and applications.Secondly, we construct and implement a new P2P traffic identification system based on the compound characteristics with the combination of the flow statistic charateristics identification method with the port-based, the signature-based and the transport layer traffic charateristics identification method. This system has good scalability and can identify traffics of many P2P applications. We present the general design of this system, the design and implement of some key data structure, and detail design and implement of every module. And we integrate the whole system into a firewall frame under Linux, called Netfilter, to implement the online identification and control of P2P traffics.Finally, we validate the effectiveness of new system. According to the experiment data, we prove that the system not only can identify more P2P applications, but also has higher Identify-Rate and lower False Negative and False Positive. It has good effects in the actual network. |
PDF Full Text Request