Advertisement

Towards the Detection of Encrypted BitTorrent Traffic through Deep Packet Inspection

  • David A. Carvalho
  • Manuela Pereira
  • Mário M. Freire
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 58)

Abstract

Nowadays, peer-to-peer file sharing applications are very popular, occupying the traffic volume generated by these applications a large percentage of the global network traffic. However, peer-to-peer traffic may compromise the performance of critical networked applications or network-based tasks in institutions, being need, in some cases, to block such traffic. However, this task may be particularly difficult, namely when that peer-to-peer traffic is encrypted and therefore being difficult to block. This paper presents a contribution towards the detection and blocking of encrypted peer-to-peer file sharing traffic generated by BitTorrent application. The proposed method is based on deep packet inspection and makes use of Snort, which is a popular open source network-based intrusion detection system. Experiments have been carried out to validate the proposed method as well as its accuracy.

Keywords

Peer-to-peer file-sharing applications traffic identification deep packet inspection traffic monitoring peer-to-peer content filtering and management 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    PeerApp: Comparing P2P Solutions (2007), http://www.peerapp.com/docs/ComparingP2P.pdf
  2. 2.
    Madhukar, A., Williamson, C.: A Longitudinal Study of P2P Traffic Classification. In: 14th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems ( MASCOTS 2006), pp. 179–188. IEEE Press, New York (2006)Google Scholar
  3. 3.
    Guo, Z., Qiu, Z.: Identification Peer-to-Peer Traffic for High Speed Networks Using Packet Sampling and Application Signatures. In: 9th International Conference on Signal Processing (ICSP 2008), pp. 2013–2019. IEEE Press, New York (2008)Google Scholar
  4. 4.
    Liu, H., Feng, W., Huang, Y., Li, X.: A Peer-To-Peer Traffic Identification Method Using Machine Learning. In: International Conference on Networking, Architecture, and Storage (NAS 2007), pp. 155–160. IEEE Press, New York (2007)CrossRefGoogle Scholar
  5. 5.
    Gomes, J., Inacio, P., Freire, M., Pereira, M., Monteiro, P.: Analysis of Peer-to-Peer Traffic Using a Behavioural Method Based on Entropy. In: IEEE International Performance, Computing and Communications Conference (IPCCC 2008), pp. 201–208. IEEE Press, New York (2008)CrossRefGoogle Scholar
  6. 6.
    Soysal, M., Schmidt, E.G.: An accurate evaluation of machine learning algorithms for flow-based P2P traffic detection. In: 22nd International International Symposium on Computer and Information Sciences (ISCIS 2007), pp. 1–6. IEEE Press, New York (2007)CrossRefGoogle Scholar
  7. 7.
    Gonzalez-Castano, F.J., Rodriguez-Hernandez, P.S., Martinez-Alvarez, R.P., Gomez, A., Lopez-Cabido, I., Villasuso-Barreiro, J.: Support Vector Machine Detection of Peer-to-Peer Traffic. In: IEEE International Conference on Computational Intelligence for Measurement Systems and Applications, pp. 103–108. IEEE Press, New York (2006)CrossRefGoogle Scholar
  8. 8.
    Gao, Z., Lu, G., Gu, D.: A Novel P2P Traffic Identification Scheme Based on Support Vector Machine Fuzzy Network. In: Second International Workshop on Knowledge Discovery and Data Mining (WKDD 2009), pp. 909–912. IEEE Press, New York (2009)CrossRefGoogle Scholar
  9. 9.
    Raahemi, B., Kouznetsov, A., Hayajneh, A., Rabinovitch, P.: Classification of Peer-to-Peer traffic using incremental neural networks (Fuzzy ARTMAP). In: Canadian Conference on Electrical and Computer Engineering (CCECE 2008), pp. 719–724. IEEE Press, New York (2008)CrossRefGoogle Scholar
  10. 10.
  11. 11.
    Spognardi, A., Lucarelli, A., Di Pietro, R.: A Methodology for P2P File-sharing Traffic Detection. In: Second International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P 2005), pp. 52–61. IEEE Press, New York (2005)CrossRefGoogle Scholar
  12. 12.
    Smoothwall open source project, http://www.smoothwall.org
  13. 13.
    Basic analysis and security engine (base), http://base.secureideas.net
  14. 14.
  15. 15.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • David A. Carvalho
    • 1
  • Manuela Pereira
    • 1
  • Mário M. Freire
    • 1
  1. 1.IT-Networks and Multimedia, Department of Computer ScienceUniversity of Beira InteriorCovilhãPortugal

Personalised recommendations

Cite paper

Buy options