簡易檢索 / 詳目顯示

研究生: 周豐谷
Feng-Ku Chou
論文名稱: P2P資料流偵測
P2P Flow Identification
指導教授: 陳郁堂
Yie-Tarng Chen
口試委員: 呂永和
Yung-Ho Lu
胡能忠
Neng-Chung Hu
林銘波
Ming-Bo Lin
學位類別: 碩士
Master
系所名稱: 電資學院 - 電子工程系
Department of Electronic and Computer Engineering
論文出版年: 2006
畢業學年度: 94
語文別: 英文
論文頁數: 44
中文關鍵詞: P2P資料流偵測倒傳遞類神經網路Naive Bayesian
外文關鍵詞: P2P Flow Identification, Backpropagation Neural Network, Naive Bayesian
相關次數: 點閱:166下載:4
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • P2P應用衝擊網際網路服務品質, 因為P2P應用會使用掉大部分的網路頻寬. 它可以使用任意的port number來避免固定的port number阻擋且可以穿越防火牆藉由偽裝成其他知名的網際網路服務,它可以將封包的內容加密以隱藏P2P協定來躲避封包內容偵測. 我們提供一種樣式辨認的方法應用在P2P的flow辨識, 我們用Network layer的特徵當成我們的輸入參數. 我們會指出如何選擇適當的特徵來得到較好的偵測率, 我們比較兩種不同的分類方法結果顯示Backpropagation Neural Network(BPNN)比Naïve Bayesian classification在P2P flow的辨識上有較好的效果. 我們所提方法較傳統的方法的優點在我們不是用固定的port number也不是用packet的內容來辨認P2P flow而且我們可以即時偵測P2P flow. 我們可以將結果應用在非法的檔案傳輸的議題上.


    P2P traffic has accounted for major fraction of all Internet traffic. Hence, P2P flow identification becomes an important problem for network management. A robust P2P flow identification approach should operate properly without port information and payload information, since new-generation P2P applications can use arbitrary port number to avoid fixed-port block and use payload encryption to avoid P2P signature detection. In this research, we propose a robust and accurate P2P flow identification scheme based on machine learning approach. Previous research that use machine learning for P2P flow identification, suffer from low detection rate and high false positive rate due to lack of proper features. We investigated the phenomenon of small packet and large packet interchange in the P2P flow and identified an important feature, called packet size switching frequency, to address this issue. To evaluation the performance of the proposed schemes, we run intensive computer simulations based on public available network traces. The results show that the proposed P2P flow identification approach can achieve 96% detection rate, which is significantly better than other P2P flow identification schemes based on machine learning approach.

    Table of Contents 1. Introduction 1 1.1 Problem Description 1 1.2 Related work 2 1.3 Motivation 3 1.4 Objective 3 1.5 Organization of this thesis 4 2. Characterization of P2P Traffic 5 2.1 P2P File-sharing Protocols 5 2.2 Characteristic of P2P Protocols 10 2.3 Packet Size Switching Frequency 14 3. P2P Flow Identification 16 3.1 Design of P2P Flow Identification System 16 3.2 Feature Selection and Extraction 16 3.3 P2P Flow Classification Model 24 3.3.1 Backpropagation Neural Network 24 3.3.2 Naïve Bayesian Classifier 28 4. Performance Evaluation of P2P Classification System 30 4.1 Performance Metrics 30 4.2 Workloads 30 4.3 Performance Evaluation and Results 34 5. Implementation of P2P Classification System 37 5.1 Architecture 37 5.2 Performance 40 6. Conclusion 43 References 44

    [1]http://grb.mnsu.edu/grbts/doc/manual/backpropagation_neural_netw.html
    [2]T. Karagiannis, A. Broido, M. Faloutsos, Kc claffy. “Transport Layer Identification of P2P Traffic”. In IMC'04, October 25-27, 2004, Taormina, Sicily, Italy.
    [3]S. Sen, O. Spatscheck, D. Wang.”Accurate, Scalable In-Network Identification of P2P traffic Using Application Signatures”. In WWW2004, May 17-22, 2004, New York, New York, USA.
    [4]A. W. Moore, D. Zuev. “Internet Traffic Classification Using Bayesian Analysis Techniques”. In SIGMETRICS'05, June 6-10, 2005, Banff, Alberta, Canada.
    [5]A. W. Moore, K. Papgiannaki. “Toward the Accurate Identification of Network Applications". In the Proceedings of Sixth Passive and Active Measurement Workshop (PAM 2005), March/April 2005, Boston, MA
    [6]http://btfaq.com/serve/cache/56.html
    [7]http://www.cs.huji.ac.il/labs/danss/presentations/emule.pdf
    [8]http://www.the-gdf.org/wiki/index.php?title=Partial_File_Sharing_Protocol
    [9]S. Saroiu, K. P. Gummadi, R. J. Dunn, S. D. Gribble, H. M. Levy. “An Analysis of Internet Content Delivery Systems”. In Proceedings of the 5th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Boston, MA, December 2002.
    [10]http://www.caspiannetworks.com/files/Apeiro_P2P.pdf
    [11]S. Sen, J. Wang. “Analyzing Peer-To-Peer Traffic Across Large Networks”. ACM/IEEE Transactions on Networking, Vol. 12, No. 2, April 2004, pp. 137--150. [12]I.H. Witten, E. Frank. Data Mining. “Morgan Kaufmann Publishers”, 2000
    [13]R. Jain. “THE ART OF COMPUTER SYSTEMS PERFORMANCE ANALYSIS”. JOHN WILEY & SONS, INC, 1991
    [14] http://pma.nlanr.net/Special/sdsc1.html
    [15] http://www.cs.waikato.ac.nz/ml/weka
    [16] http://www.caida.org/tools/measurement/coralreef/

    QR CODE