Skip to main content
SpringerLink
Log in

Towards the Detection of Encrypted BitTorrent Traffic through Deep Packet Inspection

  • Conference paper
Book cover Security Technology (SecTech 2009)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 58))

Included in the following conference series:

Abstract

Nowadays, peer-to-peer file sharing applications are very popular, occupying the traffic volume generated by these applications a large percentage of the global network traffic. However, peer-to-peer traffic may compromise the performance of critical networked applications or network-based tasks in institutions, being need, in some cases, to block such traffic. However, this task may be particularly difficult, namely when that peer-to-peer traffic is encrypted and therefore being difficult to block. This paper presents a contribution towards the detection and blocking of encrypted peer-to-peer file sharing traffic generated by BitTorrent application. The proposed method is based on deep packet inspection and makes use of Snort, which is a popular open source network-based intrusion detection system. Experiments have been carried out to validate the proposed method as well as its accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. PeerApp: Comparing P2P Solutions (2007), http://www.peerapp.com/docs/ComparingP2P.pdf

  2. Madhukar, A., Williamson, C.: A Longitudinal Study of P2P Traffic Classification. In: 14th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems ( MASCOTS 2006), pp. 179–188. IEEE Press, New York (2006)

    Google Scholar 

  3. Guo, Z., Qiu, Z.: Identification Peer-to-Peer Traffic for High Speed Networks Using Packet Sampling and Application Signatures. In: 9th International Conference on Signal Processing (ICSP 2008), pp. 2013–2019. IEEE Press, New York (2008)

    Google Scholar 

  4. Liu, H., Feng, W., Huang, Y., Li, X.: A Peer-To-Peer Traffic Identification Method Using Machine Learning. In: International Conference on Networking, Architecture, and Storage (NAS 2007), pp. 155–160. IEEE Press, New York (2007)

    Chapter  Google Scholar 

  5. Gomes, J., Inacio, P., Freire, M., Pereira, M., Monteiro, P.: Analysis of Peer-to-Peer Traffic Using a Behavioural Method Based on Entropy. In: IEEE International Performance, Computing and Communications Conference (IPCCC 2008), pp. 201–208. IEEE Press, New York (2008)

    Chapter  Google Scholar 

  6. Soysal, M., Schmidt, E.G.: An accurate evaluation of machine learning algorithms for flow-based P2P traffic detection. In: 22nd International International Symposium on Computer and Information Sciences (ISCIS 2007), pp. 1–6. IEEE Press, New York (2007)

    Chapter  Google Scholar 

  7. Gonzalez-Castano, F.J., Rodriguez-Hernandez, P.S., Martinez-Alvarez, R.P., Gomez, A., Lopez-Cabido, I., Villasuso-Barreiro, J.: Support Vector Machine Detection of Peer-to-Peer Traffic. In: IEEE International Conference on Computational Intelligence for Measurement Systems and Applications, pp. 103–108. IEEE Press, New York (2006)

    Chapter  Google Scholar 

  8. Gao, Z., Lu, G., Gu, D.: A Novel P2P Traffic Identification Scheme Based on Support Vector Machine Fuzzy Network. In: Second International Workshop on Knowledge Discovery and Data Mining (WKDD 2009), pp. 909–912. IEEE Press, New York (2009)

    Chapter  Google Scholar 

  9. Raahemi, B., Kouznetsov, A., Hayajneh, A., Rabinovitch, P.: Classification of Peer-to-Peer traffic using incremental neural networks (Fuzzy ARTMAP). In: Canadian Conference on Electrical and Computer Engineering (CCECE 2008), pp. 719–724. IEEE Press, New York (2008)

    Chapter  Google Scholar 

  10. Snort, http://www.snort.org

  11. Spognardi, A., Lucarelli, A., Di Pietro, R.: A Methodology for P2P File-sharing Traffic Detection. In: Second International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P 2005), pp. 52–61. IEEE Press, New York (2005)

    Chapter  Google Scholar 

  12. Smoothwall open source project, http://www.smoothwall.org

  13. Basic analysis and security engine (base), http://base.secureideas.net

  14. Wireshark, http://www.wireshark.org

  15. Emerging threats, http://www.emergingthreats.net/rules/emerging-p2p.rules

Download references

Author information

Authors and Affiliations

  1. IT-Networks and Multimedia, Department of Computer Science, University of Beira Interior, Rua Marquês d’Ávila e Bolama, P-6201-001, Covilhã, Portugal

    David A. Carvalho, Manuela Pereira & Mário M. Freire

Authors
  1. David A. Carvalho
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manuela Pereira
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mário M. Freire
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Warsaw & Infobright Inc.,, Poland

    Dominik Ślęzak

  2. Hannam University, 306-791, Daejeon, South Korea

    Tai-hoon Kim

  3. National Chiao Tung University, Hsinchu, Taiwan

    Wai-Chi Fang

  4. Mississippi State University, Mississippi State MS, USA

    Kirk P. Arnett

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Carvalho, D.A., Pereira, M., Freire, M.M. (2009). Towards the Detection of Encrypted BitTorrent Traffic through Deep Packet Inspection. In: Ślęzak, D., Kim, Th., Fang, WC., Arnett, K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10847-1_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10847-1_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10846-4

  • Online ISBN: 978-3-642-10847-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation