Fine-grained P2P traffic classification by simply counting flows

Jie HE; Yue-xiang YANG; Yong QIAO; Wen-ping DENG

doi:10.1631/FITEE.1400267

PDF(1088 KB)

Front. Inform. Technol. Electron. Eng ›› 2015, Vol. 16 ›› Issue (5) : 391-403. DOI: 10.1631/FITEE.1400267

Fine-grained P2P traffic classification by simply counting flows

Author information +

History +

Abstract

The continuous emerging of peer-to-peer (P2P) applications enriches resource sharing by networks, but it also brings about many challenges to network management. Therefore, P2P applications monitoring, in particular, P2P traffic classification, is becoming increasingly important. In this paper, we propose a novel approach for accurate P2P traffic classification at a fine-grained level. Our approach relies only on counting some special flows that are appearing frequently and steadily in the traffic generated by specific P2P applications. In contrast to existing methods, the main contribution of our approach can be summarized as the following two aspects. Firstly, it can achieve a high classification accuracy by exploiting only several generic properties of flows rather than complicated features and sophisticated techniques. Secondly, it can work well even if the classification target is running with other high bandwidth-consuming applications, outperforming most existing host-based approaches, which are incapable of dealing with this situation. We evaluated the performance of our approach on a real-world trace. Experimental results show that P2P applications can be classified with a true positive rate higher than 97.22% and a false positive rate lower than 2.78%.

Keywords

Traffic classification / Peer-to-peer (P2P) / Fine-grained / Host-based

Cite this article

EndNote

Ris (Procite)

Bibtex

Download citation ▾

Jie HE, Yue-xiang YANG, Yong QIAO, Wen-ping DENG. Fine-grained P2P traffic classification by simply counting flows. Front. Inform. Technol. Electron. Eng, 2015, 16(5): 391‒403 https://doi.org/10.1631/FITEE.1400267

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Auld, T., Moore, A.W., Gull, S.F., 2007. Bayesian neural networks for Internet traffic classification. IEEE Trans. Neur. Netw., 18(1): 223-239. [ CrossRef Google scholar

[2]	Ban, T., Guo, S., Eto, M., , 2012. A study on cost-effective P2P traffic classification. Proc. Int. Joint Conf. on Neural Networks, p.1-7. [ CrossRef Google scholar

[3]	Basher, N., Mahanti, A., Mahanti, A., , 2008. A comparative analysis of web and peer-to-peer traffic. Proc. 17th Int. Conf. on World Wide Web, p.287-296. [ CrossRef Google scholar

[4]	Bermolen, P., Mellia, M., Meo, M., , 2011. Abacus: accurate behavioral classification of P2P-TV traffic. Comput. Netw., 55(6): 1394-1411. [ CrossRef Google scholar

[5]	Chen, J.B., 2011. Fuzzy based approach for P2P file sharing detection. J. Internet Technol., 12(6): 921-930.

[6]	Dainotti, A., Pescapè, A., Claffy, K.C., 2012. Issues and future directions in traffic classification. IEEE Network, 26(1): 35-40. [ CrossRef Google scholar

[7]	Dhamankar, R., King, R., 2007. Protocol Identification via Statistical Analysis (PISA). White Paper, Tipping Point.

[8]	Este, A., Gringoli, F., Salgarelli, L., 2009. On the stability of the information carried by traffic flow features at the packet level. ACM SIGCOMM Comput. Commun. Rev., 39(3): 13-18. [ CrossRef Google scholar

[9]	Finamore, A., Mellia, M., Meo, M., , 2010. KISS: stochastic packet inspection classifier for UDP traffic. IEEE/ACM Trans. Netw., 18(5): 1505-1515. [ CrossRef Google scholar

[10]	Gallagher, B., Iliofotou, M., Eliassi-Rad, T., , 2010. Link homophily in the application layer and its usage in traffic classification. Proc. IEEE INFOCOM, p.1-5. [ CrossRef Google scholar

[11]	Gomes, J.V., Inácio, P.R.M., Pereira, M., , 2013. Detection and classification of peer-to-peer traffic: a survey. ACM Comput. Surv., 45(3), Article 30. [ CrossRef Google scholar

[12]	He, J., Yang, Y., Qiao, Y., , 2013. Accurate classification of P2P traffic by clustering flows. China Commun., 10(11): 42-51. [ CrossRef Google scholar

[13]	Huang, N.F., Jai, G.Y., Chao, H.C., 2008. Early identifying application traffic with application characteristics. Proc. IEEE Int. Conf. on Communications, p.5788-5792. [ CrossRef Google scholar

[14]	Hullár, B., Laki, S., Gyorgy, A., 2011. Early identification of peer-to-peer traffic. Proc. IEEE Int. Conf. on Communications, p.1-6. [ CrossRef Google scholar

[15]	Hurley, J., Garcia-Palacios, E., Sezer, S., 2011. Host-based P2P flow identification and use in real-time. ACM Trans. Web, 5(2), Article 7. [ CrossRef Google scholar

[16]	Iliofotou, M., Kim, H., Faloutsos, M., , 2011. Graption: a graph-based P2P traffic classification framework for the Internet backbone. Comput. Netw., 55(8): 1909-1920. [ CrossRef Google scholar

[17]	Karagiannis, T., Papagiannaki, K., Faloutsos, M., 2005. BLINC: multilevel traffic classification in the dark. ACM SIGCOMM Comput. Commun. Rev., 35(4): 229-240. [ CrossRef Google scholar

[18]	Moore, A., Zuev, D., Crogan, M., 2005. Discriminators for Use in Flow-Based Classification. Technical Report, University of London, UK.

[19]	Nguyen, T.T.T., Armitage, G., 2008. Clustering to assist supervised machine learning for real-time IP traffic classification. Proc. IEEE Int. Conf. on Communications, p.5857-5862. [ CrossRef Google scholar

[20]	Ohzahata, S., Hagiwara, Y., Terada, M., , 2005. A traffic identification method and evaluations for a pure P2P application. Proc. 6th Int. Workshop on Passive and Active Network Measurement, p.55-68. [ CrossRef Google scholar

[21]	Sandvine, 2014. Global Internet Phenomena Report 1H 2014. Technical Report. Sandvine Incorporated ULC, Waterloo, Ontario, Canada.

[22]	Tabatabaei, T.S., Adel, M., Karray, F., , 2012. Machine learning-based classification of encrypted Internet traffic. Proc. 8th Int. Conf. on Machine Learning and Data Mining in Pattern Recognition, p.578-592. [ CrossRef Google scholar

[23]	Valenti, S., Rossi, D., 2011. Identifying key features for P2P traffic classification. Proc. IEEE Int. Conf. on Communications, p.1-6. [ CrossRef Google scholar

[24]	Yang, D., Zhang, Y., Zhang, H., , 2009. Multi-factors oriented study of P2P Churn. Int. J. Commun. Syst., 22(9): 1089-1103. [ CrossRef Google scholar

[25]	Zhang, T., Ramakrishnan, R., Livny, M., 1996. BIRCH: an efficient data clustering method for very large databases. ACM SIGMOD Rec., 25(2): 103-114. [ CrossRef Google scholar