Non-Intrusive Identification of Peer-to-Peer Traffic |
This research study a new way of identifying hosts and connections involved in peer to peer
Ulliac A, Ghita BV
traffic without requiring analysing the payload. The P2P use more and more encryption and
port number randomization. Therefore the traditional classification based on signature
identification used by deep packet inspection systems is not longer efficient. This study
provides a new solution to identity connections of a host which are related to a peer to peer
exchange. The final output is to make able to command a firewall able to block only
connections of a host that are classified as using peer to peer without blocking all its traffic.