Online hybrid traffic classifier for Peer-to-Peer systems based on network processors

Zhenxiang Chen, Bo Yang, Yuehui Chen, Ajith Abraham, Crina Grosan, Lizhi Peng
2009 Applied Soft Computing  
Introduction Since the emergence of Peer-to-Peer (P2P) applications in the late-1990s, P2P file-sharing has relentlessly grown to represent a formidable component of Internet traffic. Recently, it is very common that P2P applications also reserve a big part of operator's total bandwidth [1] . It is often considered as a threat to the businesses of Internet operators, Internet Service Providers (ISP) and LAN operators. The bandwidth costs to the upstream ISPs and inter exchange carriers are
more » ... ing growing financial pressure. In practice, this means that less bandwidth can be used for other network usage like web browsing, e-mail and other critical applications. Some research studies illustrate that there are many known and unknown potential P2P traffic, which consumes almost 70-80% bandwidth but still cannot be well controlled and managed. The financial benefits and fairly use of network resources are undeniable motives for controlling P2P communications and managing P2P hosts. Despite this discomfiture, reliable profiling of P2P hosts and traffic remains elusive. Some of the currently proposed P2P traffic classification methods, such as mapping of used IP-addresses or monitoring port numbers, are not reliable. Packet payload capture and analysis poses a set of insurmountable methodological land mines, which includes legal, privacy, technical, logistics, security and encryption, financial obstacles and growing number of poorly documented P2P protocols. A transport layer identification method attempts to identify P2P traffic only based on transport layer and other special P2P features but does not make use of the payload information. Recently, some machine learning based methods were used to identify network applications. Almost all the proposed methods, however, are only suitable for offline traffic classification due to the performance reasons. In reality, the offline classification is not helpful for detecting or managing online traffic. In this scenario, in order to achieve flexibility and high performance, the most promising solution is represented by the adoption of network processors (NPs) [2] . NPs are emerging platforms that offer very high packet processing capabilities (e.g. for gigabit networks) and combines the programmability of general-purpose processors with high performance typical of hardware-based solutions. This paper proposes a NPs-based online hybrid traffic classifier to identify active P2P traffic. The NPs-based Applied Soft Computing 9 (2009) 685-694
doi:10.1016/j.asoc.2008.09.010 fatcat:jzy426xgmjhrngnaqz3qy6ogpa