| P2P becomes the most popular internet technology in recent years, it has been developed rapidly in the fields of VoIP, download, streaming media, coordinate calculation and so on. It has played a great role in promoting Internet business. But, on the other hand, P2P business takes up a large network bandwidth which is easy to cause congestion problems and potential safety problems, and this could hamper the development of the normal business. In order to ensure that network runs normally and orderly, ensure the high quality of other regular business services, we must identify and control P2P traffic. But as the dynamic port technology and data encryption technology, the recognition technology of P2P traffic is also facing a huge challenge.At first, we analyze the P2P network topology structure and C/S network topology structure, discuss the maintenance and resource inquires mechanism of three unstructured network topology; we analyze several main flow recognition technology existing, and point out their advantages and disadvantages; several common flow control methods are introduced simply. Secondly, using CommView tool, the behavior of main P2P applications are analyzed, and the machine learning algorithm and how the algorithm is used for flow identify are studied. For the disadvantages of conventional recognition methods, we put forward some solutions.This paper has done the following two jobs:Firstly, the domestic and international of the existing research results are comprehensivly analyzed, and based on related technologies at home and abroad, for the following questions recognition methods exist-computational complexity and cannot identification P2P applications in real time, we propose a kind of P2P application recognition method which is based on behavior characteristics. With this method, only the first five UDP packets of each flow are needed, and only the header informations of each packet are needed which make calculation greatly decreased. We can classify the flow as we don't need to wait until every flow over, so it can be used for P2P application recognition in real time. At the same time, unifying Naive Bayes algorithm with behavioral characteristics, allows the recognition method has a certain predictability that can discover the occurrence of new P2P network applications. In Weka environment, this method and the method based on flow statistical characteristics will be compared. The analysis of the performance index indicates that this method's performance is improved.Secondly, a nonlinear transformation thought and processing method to the network packets is proposed. In this method, practical values of packet size are mapped to the corresponding set, and according to the different set mapped to, it is given different values, the value of 0,1,2,-1 are used in this paper. By respective classification experiment using the original data sets and the improved data sets, it is proved in Weka that this method can make the degree of accuracy of the recognition method based on behavior characteristics improves greatly.Thirdly, combining with the deployment of identification control system in LAN specific environment, we complete a P2P application recognition program based on WinPcap technology in VC++6.0 environment, this application can identify P2P applications on the fly. Finally, the application identification method above is validated in real network environment, and the result proves that the method can effectively identify P2P applications. |
PDF Full Text Request