P2P traffic has always been a dominant portion of Internet traffic since its emergence in the late 1990s. The method used to accurately classify P2P traffic remains a key problem for Internet Service Producers (ISPs...P2P traffic has always been a dominant portion of Internet traffic since its emergence in the late 1990s. The method used to accurately classify P2P traffic remains a key problem for Internet Service Producers (ISPs) and network managers. This paper proposes a novel approach to the accurate classification of P2P traffic at a fine-grained level, which depends solely on the number of special flows during small time intervals. These special flows, named Clustering Flows (CFs), are de- fined as the most frequent and steady flows generated by P2P applications. Hence we are able to classify P2P applications by detecting tlle appearance of corresponding CFs. Com- pared to existing approaches, our classifier can realise high classification accuracy by ex- ploiting only several generic properties of flows, instead of extracting sophisticated fea- tures from host behaviours or transport layer data. We validate our framework on a large set of P2P traffic traces using a Support Vector Machine (SVM). Experimental results show that our approach correctly classifies P2P ap- plications with an average true positive rate of above 98% and a negligible false positive rate of about 0.01%.展开更多
基金supported by the National Natural Science Foundation of China under Grants No.61170286,No.61202486
文摘P2P traffic has always been a dominant portion of Internet traffic since its emergence in the late 1990s. The method used to accurately classify P2P traffic remains a key problem for Internet Service Producers (ISPs) and network managers. This paper proposes a novel approach to the accurate classification of P2P traffic at a fine-grained level, which depends solely on the number of special flows during small time intervals. These special flows, named Clustering Flows (CFs), are de- fined as the most frequent and steady flows generated by P2P applications. Hence we are able to classify P2P applications by detecting tlle appearance of corresponding CFs. Com- pared to existing approaches, our classifier can realise high classification accuracy by ex- ploiting only several generic properties of flows, instead of extracting sophisticated fea- tures from host behaviours or transport layer data. We validate our framework on a large set of P2P traffic traces using a Support Vector Machine (SVM). Experimental results show that our approach correctly classifies P2P ap- plications with an average true positive rate of above 98% and a negligible false positive rate of about 0.01%.
