your first move would be to decide if you want to work with flow-based or packet-based techniques. For instance, 2005 SIGCOMM's paper called BLINC ( http://www.sigcomm.org/sigcomm2005/paper-KarPap.pdf) is a flow-based technique and has a good level of accuracy for P2P traffic.
-- Stenio Fernandes http://v2.steniofernandes.googlepages.com On 9/15/07, Bryan Ford <[EMAIL PROTECTED]> wrote: > > A paper just appeared in this year's SIGCOMM about techniques to > identify Skype traffic, such as a "randomness test" to detect which > bits in a packet are encrypted; similar techniques might be applied > to identifying other P2P protocols... > > http://www.sigcomm.org/ccr/drupal/?q=node/245 > > Cheers, > Bryan > > On Sep 15, 2007, at 4:37 PM, David Barrett wrote: > > > You could perhaps reverse DNS the destination IP and see if it either > > has no record or falls under an ISP domain. That won't be foolproof, > > but neither are the other approaches. > > > > Perhaps it could be one factor in assigning a "p2p score" to each > > packet. Sum up and average the p2p scores of all packets coming > > out of > > a node and then you could have an overall p2p score for that node. > > > > It probably depends on your final goal. What are you trying to > > accomplish? > > > > -david > > > > On Sat, 15 Sep 2007 11:42 am, Steve Almasi wrote: > >> Hi, > >> now what are the more useful methods to identify the P2P traffic? > >> In addition to the methods based on the payload inspection > >> (signatures > >> methods) and the heuristic methods (based on some general behavior of > >> P2P > >> traffic) there are some new approach to this issue? > >> > >> > >> regards, > >> Steve "tder" Almasi > >> > >> _______________________________________________ > >> p2p-hackers mailing list > >> [email protected] > >> http://lists.zooko.com/mailman/listinfo/p2p-hackers > > _______________________________________________ > > p2p-hackers mailing list > > [email protected] > > http://lists.zooko.com/mailman/listinfo/p2p-hackers > > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers >
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
