Abstract
P2P networks are consuming more and more Internet resources, it is estimated that approximately 70% of all Internet carried traffic is composed by packets from these networks. Moreover, they still represent the main infection vector for various types of malware and can be used as command and control channel for P2P botnets, besides being famous for being notoriously used to distribute a range of pirated files (movies, music, games,...). In this paper we present some typical characteristics of P2P networks and propose a new architecture based on filters to detect hosts running P2P applications. We also provide a methodology on how to prevent the communication of those hosts in order to avoid undesirable impacts in the operation of the network as a whole.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Intrusion detection evaluation (1999), http://www.ll.mit.edu
A community resource for archiving wireless data at dartmouth, (2012), http://crawdad.cs.dartmouth.edu
Open packet (2012), https://www.openpacket.org
Recording industry association of america (2012), http://www.riaa.com , http://www.riaa.com/physicalpiracy.php
Aviv, A.J., Haeberlen, A.: Challenges in experimenting with botnet detection systems. In: Proceedings of the 4th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2011) (2011)
Bo, X., Ming, C., Lan, F.: Distributed p2p traffic identification method. In: Proceedings of the 5th International Conference on Wireless Communications, Networking and Mobile Computing, WiCOM 2009, pp. 4229–4232. IEEE Press, Piscataway (2009), http://dl.acm.org/citation.cfm?id=1738467.1738494
Bush, R.: Fidonet: technology, tools, and history. Commun. ACM 36, 31–35 (1993), http://doi.acm.org/10.1145/163381.163383
Chen, F., Wang, M., Fu, Y., Zeng, J.: New detection of peer-to-peer controlled bots on the host. In: 5th International Conference on Wireless Communications, Networking and Mobile Computing, WiCom 2009, pp. 1–4 (September 2009)
Choi, T., Kim, C., Yoon, S., Park, J., Lee, B., Kim, H., Chung, H., Jeong, T.: Content-aware internet application traffic measurement and analysis. In: IEEE/IFIP Network Operations and Management Symposium, NOMS 2004, vol. 1, pp. 511–524 (April 2004)
Chunzhi, W., Wei, J., Hong, C., Luo, W., Fang, H.: Research on a method of p2p traffic identification based on multi-dimension characteristics. In: 2010 5th International Conference on Computer Science and Education (ICCSE), pp. 1010–1013 (August 2010)
Erman, D., Ilie, D., Popescu, A.: Bittorrent session characteristics and models. In: Procedings of HETNETS 2005, p. 2007 (2005)
Erman, J., Mahanti, A., Arlitt, M., Williamson, C.: Identifying and discriminating between web and peer-to-peer traffic in the network core. In: Proceedings of the 16th International Conference on World Wide Web, WWW 2007, pp. 883–892. ACM, New York (2007), http://doi.acm.org/10.1145/1242572.1242692
Hong, S.H.: Measuring the effect of napster on recorded music sales: Difference-in-differences estimates under compositional changes. Journal of Applied Econometrics, 1–28 (2011), http://dx.doi.org/10.1002/jae.1269
Iliofotou, M., Kim, H.C., Faloutsos, M., Mitzenmacher, M., Pappu, P., Varghese, G.: Graption: A graph-based p2p traffic classification framework for the internet backbone. Computer Networks 55(8), 1909–1920 (2011), http://linkinghub.elsevier.com/retrieve/pii/S1389128611000430
Karagiannis, T., Broido, A., Brownlee, N., Claffy, K., Faloutsos, M.: Is p2p dying or just hiding (p2p traffic measurement). In: IEEE Global Telecommunications Conference, GLOBECOM 2004, November-December 3, vol. 3, pp. 1532–1538 (2004)
Karagiannis, T., Broido, A., Faloutsos, M., Claffy, K.: Transport layer identification of p2p traffic. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement, IMC 2004, pp. 121–134. ACM, New York (2004), http://doi.acm.org/10.1145/1028788.1028804
Kim, J., Shah, K., Bohacek, S.: Detecting p2p traffic from the p2p flow graph. In: IWCMC, pp. 1795–1800. IEEE (2011), http://dblp.uni-trier.de/db/conf/iwcmc/iwcmc2011.html#KimSB11
Lin, H., Ma, R., Guo, L., Zhang, P., Chen, X.: Conducting routing table poisoning attack in dht networks. In: International Conference on Communications, Circuits and Systems (ICCCAS), pp. 254–258 (July 2010)
Liu, F., Li, Z., Nie, Q.: A new method of p2p traffic identification based on support vector machine at the host level. In: International Conference on Information Technology and Computer Science, ITCS 2009, vol. 2, pp. 579–582 (July 2009)
Locher, T., Mysicka, D., Schmid, S., Wattenhofer, R.: A peer activity study in edonkey & kad (1995)
Moore, A.W., Papagiannaki, K.: Toward the Accurate Identification of Network Applications. In: Dovrolis, C. (ed.) PAM 2005. LNCS, vol. 3431, pp. 41–54. Springer, Heidelberg (2005)
Ripeanu, M.: Peer-to-peer architecture case study: Gnutella network. In: Proceedings of First International Conference on Peer-to-Peer Computing, pp. 99–100 (August 2001)
Sit, E., Morris, R., Kaashoek, M.F.: Usenetdht: a low-overhead design for usenet. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2008, pp. 133–146. USENIX Association, Berkeley (2008), http://dl.acm.org/citation.cfm?id=1387589.1387599
Spognardi, A., Lucarelli, A., Di Pietro, R.: A methodology for p2p file-sharing traffic detection. In: Second International Workshop on Hot Topics in Peer-to-Peer Systems, HOT-P2P 2005, pp. 52–61 (July 2005)
Ulliac, A., Ghita, B.V.: Non-intrusive identification of peer-to-peer traffic. In: Proceedings of the 2010 Third International Conference on Communication Theory, Reliability, and Quality of Service, CTRQ 2010, pp. 116–121. IEEE Computer Society, Washington, DC (2010), http://dx.doi.org/10.1109/CTRQ.2010.27
Wang, P., Wu, L., Aslam, B., Zou, C.: A systematic study on Peer-to-Peer botnets. In: Proceedings of 18th Internatonal Conference on Computer Communications and Networks, ICCCN 2009, pp. 1–8 (August 2009)
Zhang, J., Perdisci, R., Lee, W., Sarfraz, U., Luo, X.: Detecting stealthy p2p botnets using statistical traffic fingerprints. In: International Conference on Dependable Systems and Networks, pp. 121–132 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Silva, R.M.P., Salles, R.M. (2012). Methodology for Detection and Restraint of P2P Applications in the Network. In: Murgante, B., et al. Computational Science and Its Applications – ICCSA 2012. ICCSA 2012. Lecture Notes in Computer Science, vol 7336. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31128-4_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-31128-4_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31127-7
Online ISBN: 978-3-642-31128-4
eBook Packages: Computer ScienceComputer Science (R0)