research-article

Detection and classification of peer-to-peer traffic: A survey

Authors:
João V. Gomes

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal
View Profile

,
Pedro R. M. Inácio

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal
View Profile

,
Manuela Pereira

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal
View Profile

,
Mário M. Freire

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal

University of Beira Interior and Instituto de Telecomunicações, Covilh˜a, Portugal
View Profile

,
Paulo P. Monteiro

Nokia Siemens Networks, University of Aveiro and Instituto de Telecomunicações, Amadora, Portugal

Nokia Siemens Networks, University of Aveiro and Instituto de Telecomunicações, Amadora, Portugal
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 45 Issue 3Article No.: 30pp 1–40https://doi.org/10.1145/2480741.2480747

Published:03 July 2013Publication History

ACM Computing Surveys

Abstract

The emergence of new Internet paradigms has changed the common properties of network data, increasing the bandwidth consumption and balancing traffic in both directions. These facts raise important challenges, making it necessary to devise effective solutions for managing network traffic. Since traditional methods are rather ineffective and easily bypassed, particular attention has been paid to the development of new approaches for traffic classification. This article surveys the studies on peer-to-peer traffic detection and classification, making an extended review of the literature. Furthermore, it provides a comprehensive analysis of the concepts and strategies for network monitoring.

References

Adami, D., Callegari, C., Giordano, S., Pagano, M., and Pepe, T. 2009. A real-time algorithm for Skype traffic detection and classification. In Proceedings of the 9th International Conference on Next Generation Wired/Wireless Networking (NEW2AN'09). Lecture Notes in Computer Science, vol. 5764. Springer-Verlag, Berlin Heidelberg, 168--179. Google ScholarDigital Library
Allman, M. and Paxson, V. 2007. Issues and etiquette concerning use of shared measurement data. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'07). ACM, New York, NY, 135--140. Google ScholarDigital Library
Amer, P. D. and Cassel, L. N. 1989. Management of sampled real-time network measurements. In Proceedings of the 14th IEEE Conference on Local Computer Networks (LCN'89). IEEE Press, New York, NY, 62--68.Google Scholar
Angevine, D. and Zincir-Heywood, A. N. 2008. A preliminary investigation of Skype traffic classification using a minimalist feature set. In Proceedings of the 3rd International Conference on Availability, Reliability and Security (ARES'08). IEEE Computer Society Press, 1075--1079. Google ScholarDigital Library
Antoniades, D., Polychronakis, M., Antonatos, S., Markatos, E. P., Ubik, S., and Øslebø, A. 2006. Appmon: An application for accurate per application network traffic characterization. In Proceedings of the IST Broadband Europe Conference.Google Scholar
Apisdorf, J., Claffy, K. C., Thompson, K., and Wilder, R. 1996. OC3MON: Flexible, affordable, high performance statistics collection. In Proceedings of the 10th USENIX Systems Administration Conference (LISA'96). USENIX Association, Berkeley, CA, 97--112. Google ScholarDigital Library
Appmon. 2010. Appmon description. http://lobster.ics.forth.gr/&sim;appmon/appmon_description.html. (Last accessed 3/10).Google Scholar
Arlitt, M. and Williamson, C. 2007. The extensive challenges of Internet application measurement. IEEE Netw. 21, 3, 41--46. Google ScholarDigital Library
Auld, T., Moore, A. W., and Gull, S. F. 2007. Bayesian neural networks for Internet traffic classification. IEEE Trans. Neural Netw. 18, 1, 223--239. Google ScholarDigital Library
Azzouna, N. B. and Guillemin, F. 2003. Analysis of ADSL traffic on an IP backbone link. In Proceedings of the IEEE Global Communications Conference (GlobeCom'03), Vol. 7. IEEE, 3742--3746.Google Scholar
Baldi, M., Baldini, A., Cascarano, N., and Risso, F. 2009. Service-based traffic classification: Principles and validation. In Proceedings of the IEEE Sarnoff Symposium (SARNOFF'09). IEEE Press, Piscataway, NJ, 115--120. Google ScholarDigital Library
Bartlett, G., Heidemann, J., and Papadopoulos, C. 2007a. Inherent behaviors for on-line detection of peer-to-peer file sharing. In Proceedings of the IEEE Global Internet Symposium. IEEE, 55--60.Google Scholar
Bartlett, G., Heidemann, J., and Papadopoulos, C. 2007b. Understanding passive and active service discovery. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'07). ACM, New York, NY, 57--70. Google ScholarDigital Library
Basher, N., Mahanti, A., Mahanti, A., Williamson, C., and Arlitt, M. 2008. A comparative analysis of web and peer-to-peer traffic. In Proceedings of the 17th International Conference on World Wide Web (WWW'08). ACM, New York, NY, 287--296. Google ScholarDigital Library
Bernaille, L. and Teixeira, R. 2007. Early recognition of encrypted applications. In Proceedings of the Passive and Active Measurement Conference (PAM'07). Lecture Notes in Computer Science, vol. 4427, Springer-Verlag, Berlin Heidelberg, 165--175. Google ScholarDigital Library
Bernaille, L., Teixeira, R., Akodjenou, I., Soule, A., and Salamatian, K. 2006a. Traffic classification on the fly. ACM SIGCOMM Comput. Commun. Rev. 36, 2, 23--26. Google ScholarDigital Library
Bernaille, L., Teixeira, R., and Salamatian, K. 2006b. Early application identification. In Proceedings of the 2nd Conference on Future Networking Technologies (CoNEXT'06). ACM, 1--12. Google ScholarDigital Library
Bin, L., Zhi-Tang, L., and Hao, T. 2007. A methodology for P2P traffic measurement using application signature work-in-progress. In Proceedings of the 2nd International Conference on Scalable Information Systems (InfoScale'07), vol. 304. ICST, Brussels, Belgium, 1--2. Google ScholarDigital Library
Bonfiglio, D., Mellia, M., Meo, M., Rossi, D., and Tofanelli, P. 2007. Revealing Skype traffic: When randomness plays with you. ACM SIGCOMM Comput. Commun. Rev. 37, 4, 37--48. Google ScholarDigital Library
Branch, P. A., Heyde, A., and Armitage, G. J. 2009. Rapid identification of Skype traffic flows. In Proceedings of the 18th International Workshop on Network and Operating System Support for Digital Audio and Video (NOSSDAV'09). ACM, New York, NY, 91--96. Google ScholarDigital Library
Bro. 2010. Bro intrusion detection system. http://bro-ids.org. (Last accessed 3/10).Google Scholar
Cáceres, R., Duffield, N., Feldmann, A., Friedmann, J. D., Greenberg, A., Greer, R., Johnson, T., Kalmanek, C. R., Krishnamurthy, B., Lavelle, D., Mishra, P. P., Rexford, J., Ramakrishnan, K. K., True, F. D., and van der Merwe, J. E. 2000. Measurement and analysis of IP network usage and behavior. IEEE Commun. Mag. 38, 5, 144--151. Google ScholarDigital Library
Callado, A., Kamienski, C., Szabó, G., Gero, B. P., Kelner, J., Fernandes, S., and Sadok, D. 2009. A survey on Internet traffic identification. IEEE Commun. Surveys Tuts. 11, 3, 37--52. Google ScholarDigital Library
Callado, A., Kelner, J., Sadok, D., Kamienski, C. A., and Fernandes, S. 2010. Better network traffic identification through the independent combination of techniques. J. Netw. Comput. Appl. 33, 4, 433--446. Google ScholarDigital Library
Canini, M., Li, W., Moore, A. W., and Bolla, R. 2009. GTVS: Boosting the collection of application traffic ground truth. In Proceedings of the 1st International Workshop on Traffic Monitoring and Analysis (TMA'09). Springer Verlag, Heidelberg, Germany, 54--63. Google ScholarDigital Library
Cao, J., Chen, A., Widjaja, I., and Zhou, N. 2008. Online identification of applications using statistical behavior analysis. In Proceedings of the IEEE Global Telecommunications Conference (GlobeCom'08). IEEE, 1--6.Google Scholar
Carvalho, D. A., Pereira, M., and Freire, M. M. 2009a. Detection of peer-to-peer TV traffic through deep packet inspection. In Acta da 9ª Conference sobre Redes de Computadores. INESC-ID and Instituto Superior Técnico, 6.Google Scholar
Carvalho, D. A., Pereira, M., and Freire, M. M. 2009b. Towards the detection of encrypted BitTorrent traffic through deep packet inspection. In Proceedings of the International Conference on Security Technology (SecTech'09). Communications in Computer and Information Science Series, vol. 58, Springer-Verlag, Berlin Heidelberg, 265--272.Google Scholar
Cascarano, N., Ciminiera, L., and Risso, F. 2010a. Improving cost and accuracy of DPI traffic classifiers. In Proceedings of the 25th ACM Symposium on Applied Computing (SAC'10). ACM, New York, NY, 641--646. Google ScholarDigital Library
Cascarano, N., Este, A., Gringoli, F., Risso, F., and Salgarelli, L. 2009. An experimental evaluation of the computational cost of a DPI traffic classifier. In Proceedings of the IEEE Global Communications Conference (GlobeCom'09). IEEE, 1--8. Google ScholarDigital Library
Cascarano, N., Risso, F., Este, A., Gringoli, F., Finamore, A., and Mellia, M. 2010b. Comparing P2PTV traffic classifiers. In Proceedings of the IEEE International Conference on Communications (ICC'10). IEEE, 1--6.Google Scholar
Cavallaro, L., Lanzi, A., Mayer, L., and Monga, M. 2008. LISABETH: Automated content-based signature generator for zero-day polymorphic worms. In Proceedings of the 4th International Workshop on Software Engineering for Secure Systems (SESS'08). ACM, New York, NY, 41--48. Google ScholarDigital Library
Choi, K. and Choi, J. K. 2006. Pattern matching of packet payload for network traffic classification. In Proceedings of the Joint International Conference on Optical Internet and Next Generation Network (COIN-NGNCON'06). IEEE, 130--132.Google Scholar
Chopra, D., Schulzrinne, H., Marocco, E., and Ivov, E. 2009. Peer-to-peer overlays for real-time communication: Security issues and solutions. IEEE Commun. Surv. Tut. 11, 1, 4--12. Google ScholarDigital Library
Cisco NetFlow. 2010. http://www.cisco.com/web/go/netflow. (Last accessed 3/10).Google Scholar
Claffy, K. C., Braun, H.-W., and Polyzos, G. C. 1995. A parameterizable methodology for Internet traffic flow profiling. IEEE J. Sel. Areas Commun. 13, 8, 1481--1494. Google ScholarDigital Library
Claffy, K. C. and McCreary, S. 1999. Internet measurement and data analysis: Passive and active measurement. Am. Stat. Assoc.Google Scholar
Constantinou, F. and Mavrommatis, P. 2006. Identifying known and unknown peer-to-peer traffic. In Proceedings of 5th IEEE International Symposium on Network Computing and Applications (NCA'06). IEEE, 93--102. Google ScholarDigital Library
Couto, A., Nogueira, A., Salvador, P., and Valadas, R. 2008. Identification of peer-to-peer applications' flow patterns. In Proceedings of the Conference on Next Generation Internet Networks (NGI'08). IEEE, 292--299.Google Scholar
Crotti, M., Dusi, M., Gringoli, F., and Salgarelli, L. 2007. Traffic classification through simple statistical fingerprinting. ACM SIGCOMM Comput. Commun. Rev. 37, 1, 5--16. Google ScholarDigital Library
Crotti, M., Gringoli, F., Pelosato, P., and Salgarelli, L. 2006. A statistical approach to IP-level classification of network traffic. In Proceedings of the IEEE International Conference on Communications (ICC'06), Vol. 1. IEEE, 170--176.Google Scholar
Crovella, M. and Krishnamurthy, B. 2006. Internet Measurement: Infrastructure, Traffic and Applications. John Wiley & Sons, Inc., New York, NY. Google ScholarDigital Library
Dainotti, A., de Donato, W., Pescapè, A., and Rossi, P. S. 2008. Classification of network traffic via packet-level hidden markov models. In Proceedings of the IEEE Global Telecommunications Conference (GlobeCom'08). IEEE, 1--5.Google Scholar
Dainotti, A., de Donato, W., Pescapé, A., and Ventre, G. 2009. TIE: A community-oriented traffic classification platform. In Proceedings of the 1st International Workshop on Traffic Monitoring and Analysis (TMA'09). Lecture Notes in Computer Science, vol. 5537, Springer-Verlag, Berlin Heidelberg, 64--74. Google ScholarDigital Library
Dedinski, I., Meer, H. D., Han, L., Mathy, L., Pezaros, D. P., Sventek, J. S., and Xiaoying, Z. 2005. Cross-layer peer-to-peer traffic identification and optimization based on active networking. In Proceedings of the 7th Annual International Working Conference on Active and Programmable Networks (IWAN'05). Springer-Verlag, Berlin Heidelberg, 13--27. Google ScholarDigital Library
Dewes, C., Wichmann, A., and Feldmann, A. 2003. An analysis of Internet chat systems. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'03). ACM, New York, NY, 51--64. Google ScholarDigital Library
Dhamankar, R. and King, R. 2007. Protocol identification via statistical analysis (PISA). White Paper, Tipping Point.Google Scholar
Duffield, N., Lund, C., and Thorup, M. 2005. Estimating flow distributions from sampled flow statistics. IEEE/ACM Trans. Netw. 13, 5, 933--946. Google ScholarDigital Library
Duffield, N. G. 2004. Sampling for passive Internet measurement: A review. Stati. Sci. 19, 3, 472--498.Google Scholar
Dusi, M., Crotti, M., Gringoli, F., and Salgarelli, L. 2008. Detection of encrypted tunnels across network boundaries. In Proceedings of the IEEE International Conference on Communications (ICC'08). IEEE, 1738--1744.Google Scholar
Dusi, M., Crotti, M., Gringoli, F., and Salgarelli, L. 2009. Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting. Comput. Netw. 53, 1, 81--97. Google ScholarDigital Library
Early, J. P., Brodley, C. E., and Rosenberg, C. 2003. Behavioral authentication of server flows. In Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC'03). IEEE Computer Society, Los Alamitos, CA, 46--55. Google ScholarDigital Library
Ehlert, S. and Petgang, S. 2006. Analysis and signature of Skype VoIP session traffic. Tech. rep. NGNI-SKYPE-06b, Fraunhofer FOKUS, Berlin, Germany. July.Google Scholar
Endace. 2011. Enterprise network monitoring tools--network security system--application performance monitoring. http://www.endace.com. (Last accessed 7/11).Google Scholar
Erman, J., Arlitt, M., and Mahanti, A. 2006a. Traffic classification using clustering algorithms. In Proceedings of the ACM SIGCOMM Workshop on Mining Network Data (MineNet'06). ACM, New York, NY, 281--286. Google ScholarDigital Library
Erman, J., Mahanti, A., and Arlitt, M. 2006b. Internet traffic identification using machine learning. In Proceedings of the IEEE Global Telecommunications Conference (GlobeCom'06). IEEE, 1--6.Google Scholar
Erman, J., Mahanti, A., Arlitt, M., Cohen, I., and Williamson, C. 2007a. Offline/realtime traffic classification using semi-supervised learning. Perform. Eval. 64, 9-12, 1194--1213. Google ScholarDigital Library
Erman, J., Mahanti, A., Arlitt, M., and Williamson, C. 2007b. Identifying and discriminating between web and peer-to-peer traffic in the network core. In Proceedings of the 16th International Conference on World Wide Web (WWW'07). ACM Press, New York, NY, 883--892. Google ScholarDigital Library
Este, A., Gargiulo, F., Gringoli, F., Salgarelli, L., and Sansone, C. 2008. Pattern recognition approaches for classifying IP flows. In Proceedings of the Joint IAPR International Workshop on Structural, Syntactic, and Statistical Pattern Recognition (SSPR & SPR'08). Lecture Notes in Computer Science, vol. 5342, Springer-Verlag, Berlin Heidelberg, 885--895. Google ScholarDigital Library
Este, A., Gringoli, F., and Salgarelli, L. 2009. Support vector machines for TCP traffic classification. Comput. Netw. 53, 14, 2476--2490. Google ScholarDigital Library
Ettercap. 2010. http://ettercap.sourceforge.net. (Last accessed 3/10).Google Scholar
Finamore, A., Mellia, M., Meo, M., and Rossi, D. 2009. KISS: Stochastic packet inspection. In Proceedings of the 1st International Workshop on Traffic Monitoring and Analysis (TMA'09). Lecture Notes in Computer Science, vol. 5537, Springer-Verlag, Berlin Heidelberg, 117--125. Google ScholarDigital Library
Fraleigh, C., Moon, S., Lyles, B., Cotton, C., Khan, M., Moll, D., Rockell, R., Seely, T., and Diot, C. 2003. Packet-level traffic measurements from the Sprint IP backbone. IEEE Netw. 17, 6, 6--16. Google ScholarDigital Library
Freire, E. P., Ziviani, A., and Salles, R. M. 2008a. Detecting Skype flows in web traffic. In Proceedings of the IEEE Network Operations and Management Symposium (NOMS'08). IEEE, 89--96.Google Scholar
Freire, E. P., Ziviani, A., and Salles, R. M. 2008b. Detecting VoIP calls hidden in web traffic. IEEE Trans. Netw. Service Manag. 5, 4, 204--214. Google ScholarDigital Library
Freire, M. M., Carvalho, D. A., and Pereira, M. 2009. Detection of encrypted traffic in eDonkey network through application signatures. In Proceedings of the 1st International Conference on Advances in P2P Systems (AP2PS'09). IEEE Computer Society Press, Los Alamitos, CA, 174--179. Google ScholarDigital Library
Gerber, A., Houle, J., Nguyen, H., Roughan, M., and Sen, S. 2003. P2P, the gorilla in the cable. In Proceedings of the National Cable & Telecommunications Association (NCTA). 8--11.Google Scholar
Gomes, J. V. P., Inácio, P. R. M., Freire, M. M., Pereira, M., and Monteiro, P. P. 2008. Analysis of peer-to-peer traffic using a behavioural method based on entropy. In Proceedings of the 27th IEEE International Performance Computing and Communications Conference (IPCCC'08). IEEE Computer Society Press, Los Alamitos, CA, 201--208.Google Scholar
Gonzá1ez-Castaño, F. J., Rodríguez-Hernández, P. S., Martínez-Álvarez, R. P., Gómez, A., López-Cabido, I., and Villasuso-Barreiro, J. 2006. Support vector machine detection of peer-to-peer traffic. In Proceedings of IEEE International Conference on Computational Intelligence for Measurement Systems and Applications (CIMSA'06). IEEE, 103--108.Google Scholar
Gringoli, F., Salgarelli, L., Dusi, M., Cascarano, N., Risso, F., and Claffy, K. C. 2009. GT: Picking up the truth from the ground for Internet traffic. ACM SIGCOMM Comput. Commun. Rev. 39, 5, 13--18. Google ScholarDigital Library
Guo, Z. and Qiu, Z. 2008. Identification peer-to-peer traffic for high speed networks using packet sampling and application signatures. In Proceedings of the 9th International Conference on Signal Processing (ICSP'08). IEEE, 2013--2019.Google Scholar
Haffner, P., Sen, S., Spatscheck, O., and Wang, D. 2005. ACAS: Automated construction of application signatures. In Proceedings of the ACM SIGCOMM Workshop on Mining Network Data (MineNet'05). ACM, New York, NY, 197--202. Google ScholarDigital Library
Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., and Witten, I. H. 2009. The WEKA data mining software: An update. ACM SIGKDD Explor. Newsl. 11, 1, 10--18. Google ScholarDigital Library
Hu, Y., Chiu, D.-M., and Lui, J. C. S. 2008. Application identification based on network behavioral profiles. In Proceedings of the 16th International Workshop on Quality of Service (IWQoS'08). IEEE, 219--228.Google Scholar
Hu, Y., Chiu, D.-M., and Lui, J. C. S. 2009. Profiling and identification of P2P traffic. Comput. Netw. 53, 6, 849--863. Google ScholarDigital Library
Huang, N.-F., Jai, G.-Y., and Chao, H.-C. 2008. Early identifying application traffic with application characteristics. In Proceedings of the IEEE International Conference on Communications (ICC'08). IEEE, 5788--5792.Google Scholar
IANA. 2011. Port numbers. http://www.iana.org. (Last accessed 6/11).Google Scholar
IETF. 2008. Specification of the IP flow information export (IPFIX) protocol for the exchange of IP traffic flow information. RFC 5101. http://tools.ietf.org/html/rfc5101.Google Scholar
Iliofotou, M., Kim, H.-C., Faloutsos, M., Mitzenmacher, M., Pappu, P., and Varghese, G. 2009. Graph-based P2P traffic classification at the Internet backbone. In Proceedings of the 28th IEEE International Conference on Computer Communications Workshops (InfoCom'09). IEEE Press, Piscataway, NJ, 37--42. Google ScholarDigital Library
Iliofotou, M., Pappu, P., Faloutsos, M., Mitzenmacher, M., Singh, S., and Varghese, G. 2007. Network monitoring using traffic dispersion graphs (TDGs). In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'07). ACM, New York, NY, 315--320. Google ScholarDigital Library
Iliofotou, M., Pappu, P., Faloutsos, M., Mitzenmacher, M., Varghese, G., and Kim, H. 2008. Graption: Automated detection of P2P applications using traffic dispersion graphs (TDGs). Tech. rep. UCR-CS-2008-06080. June.Google Scholar
Inoue, H., Jansens, D., Hijazi, A., and Somayaji, A. 2007. NetADHICT: A tool for understanding network traffic. In Proceedings of the 21st Large Installation System Administration Conference (LISA'07). USENIX Association, 39--47. Google ScholarDigital Library
ipoque. 2011. Bandwidth management with deep packet inspection. http://www.ipoque.com. (Last accessed 7/11).Google Scholar
Jain, R. and Routhier, S. A. 1986. Packet trains--measurements and a new model for computer network traffic. IEEE J. Sel. Areas Commun. 4, 6, 986--995. Google ScholarDigital Library
John, W. and Tafvelin, S. 2008. Heuristics to classify Internet backbone traffic based on connection patterns. In Proceedings of the International Conference on Information Networking (ICOIN'08). IEEE, 1--5.Google Scholar
Johnson, M. E., McGuire, D., and Willey, N. D. 2008. The evolution of the peer-to-peer file sharing industry and the security risks for users. In Proceedings of the Proceedings of the 41st Hawaii International Conference on System Sciences (HICSS'08). IEEE Computer Society, Washington, DC. Google ScholarDigital Library
Johnson, M. E., McGuire, D., and Willey, N. D. 2009. Why file sharing networks are dangerous&quest; Commun. ACM 52, 2, 134--138. Google ScholarDigital Library
Jurga, R. E. and Hulbój, M. M. 2007. Packet sampling for network monitoring. Tech. rep., CERN — HP Procurve openlab project. Dec.Google Scholar
Karagiannis, T., Broido, A., Brownlee, N., Claffy, K., and Faloutsos, M. 2004a. File-sharing in the Internet: A characterization of P2P traffic in the backbone. Tech. rep.Google Scholar
Karagiannis, T., Broido, A., Brownlee, N., Claffy, K. C., and Faloutsos, M. 2004b. Is P2P dying or just hiding&quest; In Proceedings of the IEEE Global Telecommunications Conference (GlobeCom'04), Vol. 3. IEEE Computer Society Press, Piscataway, NJ, 1532--1538.Google Scholar
Karagiannis, T., Faloutsos, A. B. M., and Claffy, K. C. 2004c. Transport layer identification of P2P traffic. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'04). ACM, New York, NY, 121--134. Google ScholarDigital Library
Karagiannis, T., Papagiannaki, K., and Faloutsos, M. 2005a. BLINC: Multilevel traffic classification in the dark. In Proceedings of the ACM SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Vol. 35. ACM, New York, NY, 229--240. Google ScholarDigital Library
Karagiannis, T., Rodriguez, P., and Papagiannaki, K. 2005b. Should Internet service providers fear peer-assisted content distribution&quest; In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'05). USENIX Association, Berkeley, CA, 63--76. Google ScholarDigital Library
Kim, H., Claffy, K. C., Fomenkov, M., Barman, D., Faloutsos, M., and Lee, K. 2008. Internet traffic classification demystified: Myths, caveats, and the best practices. In Proceedings of the ACM International Conference on emerging Networking EXperiments and Technologies (CoNEXT'08). ACM, New York, NY, 1--12. Google ScholarDigital Library
Kim, H.-C., Fomenkov, M., Brownlee, N., Claffy, K. C., Barman, D., and Faloutsos, M. 2007. Comparison of Internet traffic classification tools. In Proceedings of the Workshop on Application Classification and Identification (WACI).Google Scholar
Kind, A., Dimitropoulos, X., Denazis, S., and Claise, B. 2008. Advanced network monitoring brings life to the awareness plane. IEEE Commun. Mag. 46, 10, 140--146. Google ScholarDigital Library
Krishnamurthy, B. and Wang, J. 2002. Traffic classification for application specific peering. In Proceedings of the 2nd ACM SIGCOMM Internet Measurement Workshop (IMW'02). ACM, New York, NY, 179--180. Google ScholarDigital Library
Kumar, S., Dharmapurikar, S., Yu, F., Crowley, P., and Turner, J. 2006. Algorithms to accelerate multiple regular expressions matching for deep packet inspection. ACM SIGCOMM Comput. Commun. Rev. 36, 4, 339--350. Google ScholarDigital Library
L7-filter. 2010. L7-filter, application layer packet classifier for Linux. http://l7-filter.sourceforge.net. (Last accessed 3/10).Google Scholar
l7-netpdlclassifier. 2010. Tools for L2-L7 traffic classification. http://netgroup.polito.it/research-projects/l7-traffic-classification/. (Last accessed 3/10).Google Scholar
Lakhina, A., Crovella, M., and Diot, C. 2005. Mining anomalies using traffic feature distributions. ACM SIGCOMM Comput. Commun. Rev. 35, 4, 217--228. Google ScholarDigital Library
Lawton, G. 2004. Is peer-to-peer secure enough for corporate use&quest; IEEE Comput. 37, 1, 22--25. Google ScholarDigital Library
Leibowitz, N., Bergman, A., Ben-Shaul, R., and Shavit, A. 2002. Are file swapping networks cacheable&quest; Characterizing P2P traffic. In Proceedings of the 7th International Workshop on Web Content Caching and Distribution (WCW).Google Scholar
Li, T., Guan, Z., and Wu, X. 2007. Modeling and analyzing the spread of active worms based on P2P systems. Comput. Security 26, 3, 213--218.Google ScholarDigital Library
Li, W., Canini, M., Moore, A. W., and Bolla, R. 2009. Efficient application identification and the temporal and spatial stability of classification schema. Comput. Netw. 53, 6, 790--809. Google ScholarDigital Library
Lin, Y.-D., Lu, C.-N., Lai, Y.-C., Peng, W.-H., and Lin, P.-C. 2009. Application classification using packet size distribution and port association. J. Netw. Comput. Appl. 32, 5, 1023--1030. Google ScholarDigital Library
Liu, H., Feng, W., Huang, Y., and Li, X. 2007. A peer-to-peer traffic identification method using machine learning. In Proceedings of the International Conference on Networking, Architecture, and Storage (NAS'07). IEEE, 155--160.Google Scholar
Ma, J., Levchenko, K., Kreibich, C., Savage, S., and Voelker, G. M. 2006. Unexpected means of protocol inference. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'06). ACM, New York, NY, 313--326. Google ScholarDigital Library
Madhukar, A. and Williamson, C. 2006. A longitudinal study of P2P traffic classification. In Proceedings of the 14th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS'06). IEEE Computer Society, Washington, DC, 179--188. Google ScholarDigital Library
Makhoul, J., Kubala, F., Schwartz, R., and Weischedel, R. 1999. Performance measures for information extraction. In Proceedings of the DARPA Broadcast News Workshop. 249--252.Google Scholar
Mantia, G. L., Rossi, D., Finamore, A., Mellia, M., and Meo, M. 2010. Stochastic packet inspection for TCP traffic. In Proceedings of the IEEE International Conference on Communications (ICC'10). IEEE, 1--6.Google Scholar
MAPI. 2010. MAPI, monitoring API. http://mapi.uninett.no. (Last accessed 3/10).Google Scholar
McGregor, A., Hall, M., Lorier, P., and Brunskill, J. 2004. Flow clustering using machine learning techniques. In Proceedings of the Passive and Active Measurement Workshop (PAM'04). Lecture Notes in Computer Science, vol. 3015, Springer-Verlag, Berlin Heidelberg, 205--214.Google Scholar
McGregor, T. 2002. Quality in measurement: Beyond the deployment barrier. In Proceedings of the Symposium on Applications and the Internet Workshops (SAINT-W'02). IEEE Computer Society, Washington, DC, 66--73. Google ScholarDigital Library
Moore, A. W. and Papagiannaki, K. 2005. Toward the accurate identification of network applications. In Proceedings of the Passive and Active Measurement Conference (PAM'05). Lecture Notes in Computer Science, vol. 3431. Springer-Verlag, Berlin Heidelberg, 41--54. Google ScholarDigital Library
Moore, A. W. and Zuev, D. 2005. Internet traffic classification using bayesian analysis techniques. ACM SIGMETRICS Perform. Eval. Rev. 33, 1, 50--60. Google ScholarDigital Library
Moore, A. W., Zuev, D., and Crogan, M. L. 2005. Discriminators for use in flow-based classification. Tech. rep. RR-05-13, Intel Research, Cambridge, U.K. Aug.Google Scholar
Moore, D., Keys, K., Koga, R., Lagache, E., and Claffy, K. C. 2001. The CoralReef software suite as a tool for system and network administrators. In Proceedings of the 15th USENIX System Administration Conference (LISA'01). USENIX Association, Berkeley, CA, 133--144. Google ScholarDigital Library
Mu, J., Sezer, S., Douglas, G., Burns, D., Garcia, E., Hutton, M., and Cackovic, K. 2007. Accelerating pattern matching for DPI. In Proceedings of the IEEE International Symposium on System-on-Chip (SOC'07). IEEE, 83--86.Google Scholar
Murray, M. and Claffy, K. C. 2001. Measuring the immeasurable: Global Internet measurement infrastructure. In Proceedings of the Passive and Active Measurement Workshop (PAM'01). 159--167.Google Scholar
Napatech. 2011. Intelligent real-time network analysis. http://www.napatech.com. (Last accessed 7/11).Google Scholar
NetADHICT. 2010. http://www.ccsl.carleton.ca/software/netadhict/. (Last accessed 3/10).Google Scholar
NetBee. 2010. The NetBee library. http://www.nbee.org. (Last accessed 3/10).Google Scholar
NetPDL. 2010. http://www.nbee.org/netpdl. (Last accessed 3/10).Google Scholar
Nguyen, T. T. T. and Armitage, G. 2006. Training on multiple sub-flows to optimise the use of machine learning classifiers in real-world IP networks. In Proceedings of the IEEE Conference on Local Computer Networks (LCN'06). IEEE, 369--376.Google Scholar
Nguyen, T. T. T. and Armitage, G. 2008a. Clustering to assist supervised machine learning for real-time IP traffic classification. In Proceedings of the IEEE International Conference on Communications (ICC'08). IEEE, 5857--5862.Google Scholar
Nguyen, T. T. T. and Armitage, G. 2008b. A survey of techniques for Internet traffic classification using machine learning. IEEE Commun. Surveys Tuts. 10, 4, 56--76. Google ScholarDigital Library
NLANR. 2010. NLANR/MNA home page. http://www.nlanr.net. (Last accessed 3/10).Google Scholar
Nogueira, A., Salvador, P., Couto, A., and Valadas, R. 2009. Towards the on-line identification of peer-to-peer flow patterns. J. Netw. 4, 2, 108--118.Google Scholar
Nogueira, A., Salvador, P., and Valadas, R. 2007. A framework for detecting internet applications. In Proceedings of the International Conference on Information Networking (ICOIN'07). Springer-Verlag, Berlin Heidelberg, 455--464. Google ScholarDigital Library
Ohm, P., Sicker, D. C., and Grunwald, D. 2007. Legal issues surrounding monitoring during network research. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'07). ACM, New York, NY, 141--148. Google ScholarDigital Library
Ohzahata, S., Hagiwara, Y., Terada, M., and Kawashima, K. 2005. A traffic identification method and evaluations for a pure P2P application. In Proceedings of the Passive and Active Measurement Conference (PAM'05). Lecture Notes in Computer Science, vol. 3431, Springer-Verlag, Berlin Heidelberg, 55--68. Google ScholarDigital Library
Olson, D. L. and Delen, D. 2008. Advanced Data Mining Techniques 1st Ed. Springer. Google ScholarDigital Library
OpenDPI. 2010. OpenDPI - the open source deep packet inspection engine. http://www.opendpi.org. (Last accessed 3/10).Google Scholar
Palmieri, F. and Fiore, U. 2009. A nonlinear, recurrence-based approach to traffic classification. Comput. Netw. 53, 6, 761--773. Google ScholarDigital Library
Park, B.-C., Won, Y. J., Kim, M.-S., and Hong, J. W. 2008. Towards automated application signature generation for traffic identification. In Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS'08). IEEE, 160--167.Google Scholar
Paxson, V. 2004. Strategies for sound Internet measurement. In Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC'04). ACM, New York, NY, 263--271. Google ScholarDigital Library
Perényi, M., Dang, T. D., Gefferth, A., and Molnár, S. 2006. Identification and analysis of peer-to-peer traffic. J. Commun. 1, 7, 36--46.Google ScholarCross Ref
Plonka, D. 2000. FlowScan: A network traffic flow reporting and visualization tool. In Proceedings of the 14th USENIX System Administration Conference (LISA'00). USENIX Association, Berkeley, CA, 305--317. Google ScholarDigital Library
Raahemi, B., Kouznetsov, A., Hayajneh, A., and Rabinovitch, P. 2008a. Classification of peer-to-peer traffic using incremental neural networks (fuzzy ARTMAP). In Proceedings of the Canadian Conference on Electrical and Computer Engineering (CCECE'08). IEEE, 719--724.Google Scholar
Raahemi, B., Zhong, W., and Liu, J. 2008b. Peer-to-peer traffic identification by mining IP layer data streams using concept-adapting very fast decision tree. In Proceedings of the 20th IEEE International Conference on Tools with Artificial Intelligence (ICTAI'08), Vol. 1. IEEE, 525--532. Google ScholarDigital Library
Ranjan, S., Shah, S., Nucci, A., Munafò, M., Cruz, R., and Muthukrishnan, S. 2007. DoWitcher: Effective worm detection and containment in the internet core. In Proceedings of the 26th IEEE International Conference on Computer Communications (InfoCom'07). IEEE, 2541--2545.Google Scholar
Risso, F. and Baldi, M. 2006. NetPDL: An extensible XML-based language for packet header description. Comput. Netw. 50, 5, 688--706. Google ScholarDigital Library
Risso, F., Baldi, M., Morandi, O., Baldini, A., and Monclus, P. 2008. Lightweight, payload-based traffic classification: An experimental evaluation. In Proceedings of the IEEE International Conference on Communications (ICC'08). IEEE, 5869--5875.Google Scholar
Romig, S., Fullmer, M., and Luman, R. 2000. The OSU flow-tools package and CISCO NetFlow logs. In Proceedings of the 14th USENIX System Administration Conference (LISA'00). USENIX Association, Berkeley, CA, 291--303. Google ScholarDigital Library
Salgarelli, L., Gringoli, F., and Karagiannis, T. 2007. Comparing traffic classifiers. ACM SIGCOMM Comput. Commun. Rev. 37, 3, 65--68. Google ScholarDigital Library
Saroiu, S., Gummadi, K. P., Dunn, R. J., Gribble, S. D., and Levy, H. M. 2002a. An analysis of Internet content delivery systems. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI'02), Vol. 36. ACM, New York, NY, 315--327. Google ScholarDigital Library
Saroiu, S., Gummadi, P. K., and Gribble, S. D. 2002b. A measurement study of peer-to-peer file sharing systems. In Proceedings of the Multimedia Computing and Networking (MMCN'02). ACM, New York, NY.Google Scholar
Saroiu, S., Gummadi, P. K., and Gribble, S. D. 2003. Measuring and analyzing the characteristics of Napster and Gnutella hosts. Multimedia Syst. J. 9, 2, 170--184. Google ScholarDigital Library
Schmidt, Ş. E. G. and Soysal, M. 2006. An intrusion detection based approach for the scalable detection of P2P traffic in the national academic backbone network. In Proceedings of the International Symposium on Computer Networks (ISCN'06). IEEE, 128--133.Google Scholar
Schulze, H. and Mochalski, K. 2007. Internet study 2007. Tech. rep., ipoque.Google Scholar
Schulze, H. and Mochalski, K. 2009. Internet study 2008/2009. Tech. rep., ipoque.Google Scholar
Seedorf, J. 2006. Security challenges for peer-to-peer SIP. IEEE Netw. 20, 5, 38--45. Google ScholarDigital Library
Sen, S., Spatscheck, O., and Wang, D. 2004. Accurate, scalable in-network identification of P2P traffic using application signatures. In Proceedings of the 13th International Conference on World Wide Web (WWW'04). ACM, New York, NY, 512--521. Google ScholarDigital Library
Sen, S. and Wang, J. 2004. Analyzing peer-to-peer traffic across large networks. IEEE/ACM Trans. Netw. 12, 2, 219--232. Google ScholarDigital Library
Sena, G. G. and Belzarena, P. 2009. Early traffic classification using support vector machines. In Proceedings of the 5th International Latin American Networking Conference (LANC'09). ACM, New York, NY, 60--66. Google ScholarDigital Library
Singh, S., Estan, C., Varghese, G., and Savage, S. 2004. Automated worm fingerprinting. In Proceedings of the 6th Symposium on Operating Systems Design & Implementation (OSDI'04). USENIX Association, Berkeley, CA, USA, 45--60. Google ScholarDigital Library
Smith, F. D., Campos, F. H., Jeffay, K., and Ott, D. 2001. What TCP/IP protocol headers can tell us about the Web. ACM SIGMETRICS Perform. Eval. Rev. 29, 1, 245--256. Google ScholarDigital Library
Smith, R., Estan, C., Jha, S., and Kong, S. 2008. Deflating the big bang: Fast and scalable deep packet inspection with extended finite automata. ACM SIGCOMM Comput. Commun. Rev. 38, 4, 207--218. Google ScholarDigital Library
Snort. 2010. http://www.snort.org. (Last accessed 3/10).Google Scholar
Soewito, B., Mahajan, A., Weng, N., and Wang, H. 2009. High-speed string matching for network intrusion detection. Int. J. Commun. Netw. Distrib. Syst. 3, 4, 319--339. Google ScholarDigital Library
Soysal, M. and Schmidt, E. G. 2007. An accurate evaluation of machine learning algorithms for flow-based P2P traffic detection. In Proceedings of the 22nd International Symposium on Computer and Information Sciences (ISCIS'07). IEEE.Google Scholar
Sperotto, A., Sadre, R., van Vliet, F., and Pras, A. 2009. A labeled data set for flow-based intrusion detection. In Proceedings of the 9th IEEE International Workshop on IP Operations and Management (IPOM'09). Lecture Notes in Computer Science, vol. 5843, Springer-Verlag, Berlin Heidelberg, 39--50. Google ScholarDigital Library
Spognardi, A., Lucarelli, A., and Pietro, R. D. 2005. A methodology for P2P file-sharing traffic detection. In Proceedings of the 2nd International Workshop on Hot Topics in Peer-to-Peer Systems (HOT-P2P'05). IEEE Computer Society, Washington, DC, 52--61. Google ScholarDigital Library
Stefanowski, J. and Wilk, S. 2009. Extending rule-based classifiers to improve recognition of imbalanced classes. In Advances in Data Management, Z. W. Ras and A. Dardzinska, Eds., Studies in Computational Intelligence, vol. 223, Springer-Verlag, Berlin Heidelberg, 131--154.Google Scholar
Strayer, T., Armitage, G., Allman, M., Moore, A. W., Jin, S., and Bellovin, S. 2008. IMRG workshop on application classification and identification report. ACM SIGCOMM Comput. Commun. Rev. 38, 3, 87--90. Google ScholarDigital Library
Szabó, G., Orincsay, D., Malomsoky, S., and Szabó, I. 2008. On the validation of traffic classification algorithms. In Proceedings of the Passive and Active Measurement Conference (PAM'08). Lecture Notes in Computer Science, vol. 4979, Springer-Verlag, Berlin Heidelberg, 72--81. Google ScholarDigital Library
Szabó, G., Szabó, I., and Orincsay, D. 2007. Accurate traffic classification. In Proceedings of the IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM'07). IEEE, 1--8.Google Scholar
tcpdump. 2011. TCPDUMP/LIBPCAP public repository. http://www.tcpdump.org. (Last accessed 7/10).Google Scholar
TIE. 2010. TIE, traffic identification engine. http://tie.comics.unina.it. (Last accessed 7/10).Google Scholar
Turkett, W. H., Karode, A. V., and Fulp, E. W. 2008. In-the-dark network traffic classification using support vector machines. In Proceedings of the 20th National Conference on Innovative Applications of Artificial Intelligence (IAAI'08). AAAI Press, 1745--1750. Google ScholarDigital Library
Valenti, S., Rossi, D., Meo, M., Mellia, M., and Bermolen, P. 2009. Accurate, fine-grained classification of P2P-TV applications by simply counting packets. In Proceedings of the 1st International Workshop on Traffic Monitoring and Analysis (TMA'09), Lecture Notes in Computer Science, vol. 5537, Springer-Verlag, Berlin, Heidelberg, 84--92. Google ScholarDigital Library
Wang, Y. 2008. Statistical Techniques for Network Security: Modern Statistically-Based Intrusion Detection and Protection. Premier Reference Source. Information Science Reference. Google ScholarDigital Library
Wang, Y.-H., Gau, V., Bosaw, T., Hwang, J.-N., Lippman, A., Liebennan, D., and Wu, I.-C. 2008. Generalization performance analysis of flow-based peer-to-peer traffic identification. In Proceedings of the IEEE Workshop on Machine Learning for Signal Processing (MLSP'08). IEEE, 267--272.Google Scholar
Weiss, G. M. 2004. Mining with rarity: A unifying framework. ACM SIGKDD Explor. Newsl. 6, 1, 7--19. Google ScholarDigital Library
WildPackets. 2011. WildPackets: Network analyzer, voip monitoring, protocol analysis. http://www.wildpackets.com. (Last accessed 7/11).Google Scholar
Williams, N., Zander, S., and Armitage, G. 2006. A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification. ACM SIGCOMM Comput. Commun. Rev. 36, 5, 5--16. Google ScholarDigital Library
Williamson, C. 2001. Internet traffic measurement. IEEE Internet Comput. 5, 6, 70--74. Google ScholarDigital Library
WinDump. 2011. tcpdump for Windows using WinPcap. http://www.winpcap.org/windump/. (Last accessed 7/11).Google Scholar
WinPcap. 2011. The industry-standard windows packet capture library. http://www.winpcap.org. (Last accessed 7/11).Google Scholar
Wireshark. 2010. Wireshark, go deep. http://www.wireshark.org. (Last accessed 3/10).Google Scholar
Wright, C. V., Monrose, F., and Masson, G. M. 2006. On inferring application protocol behaviors in encrypted network traffic. J. Mach. Learn. Res. 7, 2745--2769. Google ScholarDigital Library
Xu, K., Liu, J., and Wang, H. 2008. Tod-cache: Peer-to-peer traffic management and optimization using combined caching and redirection. In Proceedings of the IEEE Global Telecommunications Conference (GlobeCom'08). IEEE, 1--5.Google Scholar
Xusheng, Z. and Zhiming, W. 2009. Application of markov chain in IP traffic classification. In Proceedings of the International Conference on Networks Security, Wireless Communications and Trusted Computing (NSWCTC'09), Vol. 2. IEEE Computer Society, 688--691. Google ScholarDigital Library
Yegneswaran, V., Giffin, J. T., Barford, P., and Jha, S. 2005. An architecture for generating semantics-aware signatures. In Proceedings of the 14th USENIX Security Symposium (SSYM'05). USENIX Association, Berkeley, CA, 97--112. Google ScholarDigital Library
Yu, F. 2006. High speed deep packet inspection with hardware support. Ph.D. dissertation, EECS Department, University of California, Berkeley, CA. Google ScholarDigital Library
Zander, S., Nguyen, T., and Armitage, G. 2005a. Automated traffic classification and application identification using machine learning. In Proceedings of the IEEE Conference on Local Computer Networks (LCN'2005). IEEE, 250--257. Google ScholarDigital Library
Zander, S., Nguyen, T., and Armitage, G. 2005b. Self-learning IP traffic classification based on statistical flow characteristics. In Proceedings of the Passive and Active Measurement Conference (PAM'05). Lecture Notes in Computer Science, vol. 3431. Springer-Verlag, Berlin Heidelberg, 325--328. Google ScholarDigital Library
Zhou, L., Zhang, L., McSherry, F., Immorlica, N., Costa, M., and Chien, S. 2005. A first look at peer-to-peer worms: Threats and defenses. In Proceedings of the 4th International Workshop on Peer-to-Peer Systems (IPTPS'05). Lecture Notes in Computer Science, vol. 3640, Springer, Berlin Heidelberg, 24--35. Google ScholarDigital Library
Zuev, D. and Moore, A. W. 2005. Traffic classification using a statistical approach. In Proceedings of the Passive and Active Measurement Conference (PAM'05). Lecture Notes in Computer Science, vol. 3431, Springer-Verlag, Berlin Heidelberg, 321--324. Google ScholarDigital Library

Index Terms

Detection and classification of peer-to-peer traffic: A survey
1. General and reference
  1. Cross-computing tools and techniques
    1. Measurement
    2. Metrics
  2. Document types
    1. Surveys and overviews
2. Networks

Recommendations

Application-Layer Traffic Analysis of a Peer-to-Peer System

Characterizing traffic behavior helps to optimize the network architecture for improved performance. Using a modified LimeWire servent (for both the server and client) and a variance-time plot for traffic characterization, the authors analyze the ...
Read More
Analyzing peer-to-peer traffic across large networks

The use of peer-to-peer (P2P) applications is growing dramatically, particularly for sharing large video/audio files and software. In this paper, we analyze P2P traffic by measuring flow-level information collected at multiple border routers across a ...
Read More
Peer-to-peer multimedia applications
MM '06: Proceedings of the 14th ACM international conference on Multimedia

In both academia and industry, peer-to-peer (P2P) applications have attracted great attention. Peer-to-peer file sharing applications, such as Napster, Gnutella, Kazaa, BitTorrent, Skype and PPLive, have witnessed tremendous success among end users. And ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

ACM Computing Surveys Volume 45, Issue 3
June 2013
575 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/2480741
Issue’s Table of Contents

Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 3 July 2013
- Accepted: 1 January 2012
- Revised: 1 August 2011
- Received: 1 May 2010
Published in csur Volume 45, Issue 3

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Application classification
behavioral analysis
deep packet inspection
peer-to-peer
traffic monitoring
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 33
  Total Citations
  View Citations
- 1,417
  Total Downloads
- Downloads (Last 12 months)16
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Detection and classification of peer-to-peer traffic: A survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Application-Layer Traffic Analysis of a Peer-to-Peer System

Analyzing peer-to-peer traffic across large networks

Peer-to-peer multimedia applications

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Detection and classification of peer-to-peer traffic: A survey

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Application-Layer Traffic Analysis of a Peer-to-Peer System

Analyzing peer-to-peer traffic across large networks

Peer-to-peer multimedia applications

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media