Abstract [eng] |
For several years we've witnessed an incredible growth in use of peer-to-peer (P2P) applications. Recent Internet traffic studies show no signs of this process slowing down. The unparalleled popularity of P2P applications and their bandwidth-intensive nature suggest that P2P traffic can have a significant effect on the underlying network infrastructure. It is therefore important to understand, characterize and accurately identify this type of traffic. Purpose of this work is to present, analyze and test specific characteristics of encrypted and non-encrypted BitTorrent P2P traffic, allowing it to be detected and classified. Work includes various P2P traffic detection techniques, which might not be usable as a standalone solution, but by combining them into a single framework it could be possible to achieve high BitTorrent P2P traffic detection ratio. Presented techniques vary by their nature starting with techniques based on packet payload inspection and finishing with techniques based on heuristic approach. |