Towards Peer-to-Peer Traffic Analysis Using Flows

  • Myung-Sup Kim
  • Hun-Jeong Kang
  • James W. Hong
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2867)


One of the main problems with today’s Internet traffic analysis is caused by the large number of network-based applications whose types and traffic patterns are more complicated than in the past. Today, peer-to-peer (P2P), streaming media, and game traffic are continuously increasing. The difficulty the traffic analysis is that this newly emerging traffic is not as simple as past well-known port based traffic. This paper focuses on analyzing P2P traffic, which is the most complicated traffic among newly emerging Internet traffic. We describe the properties of P2P traffic and explain why P2P traffic analysis is more difficult than other types of Internet traffic analysis. Next, we propose a new algorithm suitable for P2P traffic analysis. The main idea of our algorithm is that flow grouping based on their relationships will increase the accuracy of P2P traffic analysis.


  1. 1.
    Graham, I.D., Cleary, J.G.: Cell level measurements of ATM traffic. In: Proc. of the Australian Telecommunications Networks and Applications Conference, December 1996, pp. 495–500 (1996)Google Scholar
  2. 2.
    Cisco, White Papers, NetFlow Services and Applications,
  3. 3.
    Phaal, P., Panchen, S., McKee, N.: InMon Corporation’s sFlow: A Method for Monitoring Traffic in Switched and Routed Networks, IETF RFC 3176 (September 2001)Google Scholar
  4. 4.
    Brownlee, N., Mills, C., Ruth, G.: Traffic Flow Measurement: Architecture, IETF RFC 2722 (October 1999)Google Scholar
  5. 5.
    Brownlee, N.: Traffic Flow Measurement: Experiences with NeTraMet, IETF RFC2123 (March 1997)Google Scholar
  6. 6.
    Keys, K., Moore, D., Koga, R., Lagache, E., Tesch, M., Claffy, K.: The Architecture of CoralReef: An Internet Traffic Monitoring Software Suite. In: PAM Workshop 2001 (April 2001)Google Scholar
  7. 7.
  8. 8.
    Han, S.-H., Kim, M.-S., Ju, H.-T., Hong, J.W.: The Architecture of NG-MON: A Passive Network Monitoring System. In: Feridun, M., Kropf, P.G., Babin, G. (eds.) DSOM 2002. LNCS, vol. 2506, pp. 16–27. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
  10. 10.
  11. 11.
  12. 12.
  13. 13.
  14. 14.
  15. 15.
    Ripeanu, M.: Peer-to-Peer Architecture Case Study: Gnutella Network, Technical Report TR-2001-26, University of Chicago (July 2001)Google Scholar
  16. 16.
    Sen, S., Wang, J.: Analyzing Peer-to-Peer Traffic Across Large Networks. In: IMW 2002 Workshop, Marseille, France (2002)Google Scholar
  17. 17.
    Microsoft, Windows Media Technology,
  18. 18.
    Schulzrinne, H., Rao, A., Lanphier, R.: Real Time Streaming Protocol (RTSP), RFC 2336 (April 1998)Google Scholar
  19. 19.
    van de Merwe, J., Caceres, R., Chu, Y.-h., Sreenan, C.: mmdump- A Tool for Monitoring Internet Multimedia Traffic. ACM Computer Communication Review 30(5) (2000)Google Scholar
  20. 20.
    Kang, H.-J., Ju, H.-T., Kim, M.-S., Hong, J.W.: Towards Streaming Media Traffic Monitoring and Analysis. In: APNOMS 2002, Jeju, Korea, September 2002 (2002)Google Scholar
  21. 21.
  22. 22.

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Myung-Sup Kim
    • 1
  • Hun-Jeong Kang
    • 1
  • James W. Hong
    • 1
  1. 1.Department of Computer Science and Engineering POSTECHKorea

Personalised recommendations