Using traffic analysis for simultaneous detection of BitTorrent and streaming video traffic sources

2017 9th International Conference on Communication Systems and Networks (COMSNETS) Pub Date : 1900-01-01 DOI:10.1109/COMSNETS.2017.7945361

Yan Shi, S. Biswas

{"title":"Using traffic analysis for simultaneous detection of BitTorrent and streaming video traffic sources","authors":"Yan Shi, S. Biswas","doi":"10.1109/COMSNETS.2017.7945361","DOIUrl":null,"url":null,"abstract":"This paper presents a framework for a firewall to analyze and block BitTorrent file-sharing protocol using Traffic Analysis (TA) methods. BitTorrent traffic can be a concern of network administrators and is a valuable target for TA based investigation. In this work, the ability of a TA based classifier to identify the existence of BitTorrent traffic is tested under the condition that it is not only encrypted by a Virtual Private Network (VPN) tunnel but also mixed with other types of network traffic (including video streaming traffic and web traffic). The TA based classifier is comprised of 2 steps: a pre-filtering step and the actual classification step. The test results show that not only is it possible for the TA based classifier to distinguish BitTorrent traffic from the encrypted mixture, but the classifier can also tell the source of the streaming video in the mixture with high accuracy. The 2-step classifier is also proven to have boosted the accuracy by 15%. The results indicate the possibility of implementing a TA based firewall for monitoring BitTorrent traffic.","PeriodicalId":168357,"journal":{"name":"2017 9th International Conference on Communication Systems and Networks (COMSNETS)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 9th International Conference on Communication Systems and Networks (COMSNETS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMSNETS.2017.7945361","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

This paper presents a framework for a firewall to analyze and block BitTorrent file-sharing protocol using Traffic Analysis (TA) methods. BitTorrent traffic can be a concern of network administrators and is a valuable target for TA based investigation. In this work, the ability of a TA based classifier to identify the existence of BitTorrent traffic is tested under the condition that it is not only encrypted by a Virtual Private Network (VPN) tunnel but also mixed with other types of network traffic (including video streaming traffic and web traffic). The TA based classifier is comprised of 2 steps: a pre-filtering step and the actual classification step. The test results show that not only is it possible for the TA based classifier to distinguish BitTorrent traffic from the encrypted mixture, but the classifier can also tell the source of the streaming video in the mixture with high accuracy. The 2-step classifier is also proven to have boosted the accuracy by 15%. The results indicate the possibility of implementing a TA based firewall for monitoring BitTorrent traffic.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

利用流量分析同时检测bt和流媒体视频的流量源

本文提出了一种基于流量分析方法的防火墙框架，用于分析和阻止BitTorrent文件共享协议。BitTorrent流量是网络管理员关注的问题，也是基于TA的调查的一个有价值的目标。在这项工作中，基于TA的分类器识别BitTorrent流量存在的能力在以下条件下进行了测试:BitTorrent流量不仅由虚拟专用网(VPN)隧道加密，而且与其他类型的网络流量(包括视频流流量和web流量)混合。基于TA的分类器由2个步骤组成:预过滤步骤和实际分类步骤。测试结果表明，基于TA的分类器不仅可以将BitTorrent流量与加密后的混合流区分开来，而且分类器还能以较高的准确率判断混合流中的流视频来源。两步分类器也被证明提高了15%的准确率。结果表明实现基于TA的防火墙监控BitTorrent流量的可能性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2017 9th International Conference on Communication Systems and Networks (COMSNETS)

自引率

0.00%

发文量