1 / 13

Project Schedule

Project Schedule. Victor Gau, Yi-Hsien Wang, Trevor Bosaw, and Jenq-Neng Hwang 2007.12.14. Current P2P Identification Products. Many Companies have products to detect P2P traffic – usually to control or limit the amount of bandwidth these applications consume. Products can be: Port Based

kai-clayton
Download Presentation

Project Schedule

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Project Schedule Victor Gau, Yi-Hsien Wang, Trevor Bosaw, and Jenq-Neng Hwang 2007.12.14

  2. Current P2P Identification Products • Many Companies have products to detect P2P traffic – usually to control or limit the amount of bandwidth these applications consume. • Products can be: • Port Based • DPI Based • Flow Based

  3. Project: Build a Streaming Media Detector • To develop a Streaming Media (Both Unicast and P2P) traffic identifier and controller to enable networks to identify which flows contain Streaming Media. • As carriers upgrade networks, the ability to deliver internet video is becoming a key differentiator • Enabling theoretical 20-100mbps connectivity to the home is only important if consumer applications (Joost, Babelgum, Xunlei, ppstream, etc.) can be delivered with High QOS. • State-of-the-art Edge Routers can support flow based QOS • By elevating the QOS of flows needed for streaming media, the consumer experience can be enhanced • Related work • P2P Optimized Traffic Control • Riad Hartani and Joe Neil, Caspian Networks http://www.apricot.net/apricot2005/slides/KT8_2.pdf • Optimizing the Internet Quality of Service and Economics for the Digital Generation • Lawrence Roberts, Anagran Inc. http://www.itu.int/osg/spu/presentations/2006/worldtelecom2006/lroberts-itutelecom2006.pdf • Anagran flow router (FR-1000) http://www.anagran.com/

  4. Tasks • Classify network traffic • Identify Streaming Media traffic on a Flow by Flow Basis, using Port, DPI and Flow information. • Implement a Control Model to update and manage new signatures for both DPI and Flows • Analyze the accuracy of these methods on a real world network that heavily uses streaming media applications http://www.apricot.net/apricot2005/slides/KT8_2.pdf

  5. Consideration 1 • Which one should be used in this project? • Port/Signature-base identification • Accuracy of identifying known protocol • Ability to identify encrypted or new P2P protocol • Flow-based identification • Ability to identify encrypted or new P2P protocol • False positive rate (could annoy users) • We will design our own algorithms.

  6. Consideration 2 • What would be the performance metrics used in this project? • Accuracy of detection on a per flow basis • Further deep dives on accuracy – per byte, per 5-tuple, per packet. • Average delay on a per flow basis before identification is accomplished • Ease of update of Patterns and Flow Behavior • False Negatives – identification of background P2P file delivery as streaming media is very undesireable.

  7. Task 1Classify Network Traffic

  8. 1.1 Capture Packets • Construct a detailed list of current P2P and unicast streaming methods and clients/trackers/servers, as well as methods employed to defeat traffic shaping employed by these methods (for example azereus supports, encryption, proxying control traffic, etc.). • Capture packets generated by popular Internet applications. • P2P file Sharing and Streaming • eMule, FastTrack, BitTorrent, Gnutella, … • Joost, Babelgum, ppstream, Xunlei, • HTTP, FTP, mail, streaming, game, telnet, … • Instant Messaging Services • Skype, MSN, Yahoo! Messenger • Capture real world packets.

  9. Packet Information • Src [IP, port] • Dest [IP, port] • Type (TCP or UDP) • Size • Arrival time • Payload

  10. 1.2 Extract Characteristics • Flow duration • Packet counts of the flow • Average packet rate of the flow • Packet size distribution of the flow • Total bytes of the flow • Average transmission rate of the flow • …

  11. 1.3 Find Particular Flow Behavior • Find the behavior observed by others. • T. Karagiannis et al. • Both TCP and UDP (Ratio) • Ratio of the number of distinct ports versus number of distinct IPs • F. G. Chou • Packet size switching frequency per flow • Packet size standard deviation per flow • … • Observe the behavior by ourselves.

  12. 1.4 Design Program • Packet parser/analyzer • Flower identifier based on neural network • …

  13. 1.5 Test & Improve the Program • Use the identifier on real world data • Optimize its performance • Detection rate • False positive rate • Per Flow • Per Byte

More Related