Research And Design Of P2P Traffic Detection System Base On DPI And DFI

With the development of the Internet, the application to P2P (Peer-to-Peer) increase day by day. Therefore, network telephone, network video, social networking and other applica-tions to P2P bring us a lot of benefits. On the other hand, the application to P2P is accompa-nied by serious side effects, in terms of malicious programs, occupied bandwidth, intellectual property, content monitoring, network security and other issues, In order to use these ad-vantages, we need to detect the application to P2P form Internet. How to detect accurately the P2P traffic is the problem what we need to solve.Based on the study of P2P traffic detection technology and P2P protocol, we put forward a joint detection scheme which is base on DPI (Deep Packet Inspection) and DFI (Deep Flow Inspection) combined detection technology. According to the thought of software engineering, we take the method of object-oriented to operate the demand analysis and system design to P2P traffic detection system. We use the UML, like case diagram, activity diagram, sequence diagram, deployment diagram, architecture diagram, etc. to design a detailed system module of traffic detection.The focus of this paper is the detailed design of traffic detection system. The system consists of three parts, including the acquisition of traffic module, the system feature library module, the traffic detection module. In the module design, we provide the detailed program-ming flow and algorithm. During the whole process of design, the main data structure is given in a JAVA format and the database table is described with storage structure. The model of de-sign, acquisition of data packet module and traffic detection module are the two most im-portant key parts.In the acquisition of traffic module design, the process of acquisition of data packet is achieved in JPcap class library provided by JAVA platform, the design start from the file stor-age to the database storage. The function, like Packet capture, storage of parsing and dump function are realized by multi-threading. The file storage management function is realized by timing grogram.In the system feature library module design, we design the classification of the single rule and multiple rule protocol classification, algorithm and traffic feature of DFI classifica-tion standards.In the traffic detection module design, we study all kinds of detection techniques and al-gorithms. The traffic detection is achieved by the leading DPI, and the combined detection of DPI with DFI. In the new detection algorithm, we use the multiple pattern matching AC (Aho-Corasick) algorithms and machine learning C4.5 algorithms. The performance of system is to improve. This is the innovation of this paper.At the end of detailed design, we took a test to the acquisition of traffic and the traffic detection. From testing result, we found the traffic acquisition accuracy is very high and the error rate and missed detection rate in the traffic detection are very low.