A paper just appeared in this year's SIGCOMM about techniques to identify Skype traffic, such as a "randomness test" to detect which bits in a packet are encrypted; similar techniques might be applied to identifying other P2P protocols...
http://www.sigcomm.org/ccr/drupal/?q=node/245 Cheers, Bryan On Sep 15, 2007, at 4:37 PM, David Barrett wrote: > You could perhaps reverse DNS the destination IP and see if it either > has no record or falls under an ISP domain. That won't be foolproof, > but neither are the other approaches. > > Perhaps it could be one factor in assigning a "p2p score" to each > packet. Sum up and average the p2p scores of all packets coming > out of > a node and then you could have an overall p2p score for that node. > > It probably depends on your final goal. What are you trying to > accomplish? > > -david > > On Sat, 15 Sep 2007 11:42 am, Steve Almasi wrote: >> Hi, >> now what are the more useful methods to identify the P2P traffic? >> In addition to the methods based on the payload inspection >> (signatures >> methods) and the heuristic methods (based on some general behavior of >> P2P >> traffic) there are some new approach to this issue? >> >> >> regards, >> Steve "tder" Almasi >> >> _______________________________________________ >> p2p-hackers mailing list >> [email protected] >> http://lists.zooko.com/mailman/listinfo/p2p-hackers > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
