Netflow based P2P detection in UDP traffic

Fifth International Conference on Intelligent Control and Information Processing Pub Date : 2014-08-01 DOI:10.1109/ICICIP.2014.7010349

Qianli Zhang, Yunlong Ma, Pei Zhang, Jilong Wang, Xing Li

引用次数: 4

Abstract

Though it is commonly assumed that Internet traffic is dominated by TCP, there has been an increasing demand for UDP based P2P applications. UDP is widely used in new P2P networks because it can provides better support for NAT traversal. Since many of these applications use private protocols, UDP traffic is often hard to analyze, especially if the available data is only netflow records. In this paper, a component based method is proposed to analyze UDP traffic. Since flows in each component share the same application, P2P traffic can be identified without packet level information.

查看原文本刊更多论文

基于Netflow的UDP流量P2P检测

虽然人们通常认为互联网流量由TCP主导，但对基于UDP的P2P应用程序的需求不断增加。由于UDP能够更好地支持NAT穿越，因此在新型P2P网络中得到了广泛的应用。由于这些应用程序中的许多都使用私有协议，因此UDP流量通常很难分析，特别是当可用数据只有netflow记录时。本文提出了一种基于组件的UDP流量分析方法。由于每个组件中的流共享相同的应用程序，因此可以在没有数据包级别信息的情况下识别P2P流量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Fifth International Conference on Intelligent Control and Information Processing

自引率

0.00%

发文量