Open Universiteit

Please use this identifier to cite or link to this item:
Title: P2P network classification
Authors: Molijn, Patrick
Keywords: P2P traffic
port agnostic
payload agnostic
machine learning
Issue Date: 10-Sep-2014
Publisher: Open Universiteit Nederland
Abstract: The popularity of Peer-to-Peer (P2P) applications, and consequently the P2P traffic on the internet, has increased in the last years. This increase is besides benign P2P applications also due to malicious P2P applications such as P2P botnets. To cope with the increasing threats imposed by malicious P2P botnets, botnets should be combated actively. A first step is to detect which internet traffic originates from P2P botnets. In this research, a start has been made by looking at whether internet traffic can be classified as either P2P traffic or non-P2P traffic, yet regardless of whether it concerns benign or malicious traffic. Classification of P2P traffic is challenging since traditional techniques, that mainly analyze port numbers or payload data, are becoming ineffective against applications that use random ports or encryption. This research proposes, based on literature study, Machine Learning (ML) as a method for P2P traffic classification, using the algorithms J48, REPTree and AdaBoost for analysis of statistical flow features, which are both port and payload agnostic. The results of this quantitative empirical research show that the proposed method can achieve high accuracy, outperforming comparable existing approaches for classification of P2P traffic.
Appears in Collections:MSc Software Engineering

Files in This Item:
File Description SizeFormat 
INF_20140909_Molijn.pdf3.82 MBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.