摘要
P2P(peer-to-peer,对等体网络)技术在飞速发展的同时,占用大量网络可用带宽,并采用随机端口,数据加密和协议伪装等技术来逃避检测。因此需要一种健壮、高效的P2P流量检测方法。文章分析了4种典型的P2P流量识别方法的原理,从准确性、实时性和健壮性3个方面进行了性能比较。最后提出一种基于协议指纹的新型P2P流分类方案,并对P2P流量分类技术的发展提出了看法。
The fast progress of P2P (peer-to-peer)technology brings about Internet available band- width largely occupied, and many current P2P applications use several obfuscation techniques to a- void detection, including dynamic port numbers, encrypted payloads and protocol masquerading, therefore, a :robust and effective identification method was needed. This paper analyzed four typical methods of P2P traffic identification,then made a comparison of their performance from three aspects on accuracy, peculiarity of real-time and robustness. Finally,this paper presented a novel P2P traffic identification scheme based on the protocol fingerprints and gave some view about the evolution of P2P traffic identification.
出处
《信息工程大学学报》
2009年第2期275-279,共5页
Journal of Information Engineering University
基金
国家863计划资助项目(2007AA01Z2A1)
关键词
P2P
流量识别
协议指纹
协议指纹库
P2P(peer-to-peer)
traffic identification
protocol fingerprint
protocol fingerprint pro-file