Qianli Zhang, Yunlong Ma, Pei Zhang, Jilong Wang, Xing Li
{"title":"Netflow based P2P detection in UDP traffic","authors":"Qianli Zhang, Yunlong Ma, Pei Zhang, Jilong Wang, Xing Li","doi":"10.1109/ICICIP.2014.7010349","DOIUrl":null,"url":null,"abstract":"Though it is commonly assumed that Internet traffic is dominated by TCP, there has been an increasing demand for UDP based P2P applications. UDP is widely used in new P2P networks because it can provides better support for NAT traversal. Since many of these applications use private protocols, UDP traffic is often hard to analyze, especially if the available data is only netflow records. In this paper, a component based method is proposed to analyze UDP traffic. Since flows in each component share the same application, P2P traffic can be identified without packet level information.","PeriodicalId":408041,"journal":{"name":"Fifth International Conference on Intelligent Control and Information Processing","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Fifth International Conference on Intelligent Control and Information Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICIP.2014.7010349","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Though it is commonly assumed that Internet traffic is dominated by TCP, there has been an increasing demand for UDP based P2P applications. UDP is widely used in new P2P networks because it can provides better support for NAT traversal. Since many of these applications use private protocols, UDP traffic is often hard to analyze, especially if the available data is only netflow records. In this paper, a component based method is proposed to analyze UDP traffic. Since flows in each component share the same application, P2P traffic can be identified without packet level information.