èŠ‚ç‚¹æ–‡çŒ®

P2Pæµé‡è¯†åˆ«ä¸Žåˆ†æž

Identification and Analysis of P2P Traffic

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ éŸ©æ¶›ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ å±±ä¸œè½»å·¥ä¸šå¦é™¢ ï¼Œ è®¡ç®—æœºåº”ç”¨æŠ€æœ¯ï¼Œ 2010ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ P2PæŠ€æœ¯æ˜¯ä¸€ç§èµ„æºåˆ†æ•£å˜å‚¨ä¸Žå…±äº«çš„æ–°å…´æŠ€æœ¯ã€‚å…¶ä½“ç³»ç»“æž„ä¸ŽC/Sä½“ç³»æž¶æž„ç›¸å¯¹åº”,èµ„æºå˜å‚¨ä¸ŠåŒ–é›†ä¸ä¸ºåˆ†å¸ƒ,èµ„æºä½¿ç”¨ä¸ŠåŒ–åˆ†å¸ƒä¸ºé›†ä¸ã€‚å› æ¤,å®ƒæ˜¯ä¸€ç§å¾ˆæœ‰åˆ›æ„çš„æŠ€æœ¯ã€‚è¯¥æŠ€æœ¯ä¸€å‡ºçŽ°ä¾¿è¢«å¹¿æ³›çš„åº”ç”¨åˆ°å„ä¸ªé¢†åŸŸã€‚ç„¶è€Œæ£å½“P2Påº”ç”¨è¿›è¡Œçš„å¦‚ç«å¦‚è¼çš„æ—¶å€™,é—®é¢˜ä¹Ÿéšä¹‹è€Œæ¥ã€‚å…¶ä¸æœ€çªå‡ºçš„é—®é¢˜å°±æ˜¯å¸¦å®½å ç”¨é—®é¢˜ã€‚ä¸ºäº†è®©P2PæŠ€æœ¯æ›´å¥½çš„å‘å±•ä¸‹åŽ»,åŒæ—¶ä¸æŸå®³ISPçš„åˆ©ç›Š,ç›®å‰äººä»¬æ™®éé‡‡ç”¨å¯¹P2Pæµé‡è¿›è¡Œé™åˆ¶å’Œç®¡ç†æ¥ç¼“è§£å¸¦å®½åŽ‹åŠ›çš„æ–¹æ³•æ¥è§£å†³è¿™ä¸€çŸ›ç›¾ã€‚è¦å¯¹P2Pæµé‡è¿›è¡Œç®¡ç†,é¦–å…ˆåº”è¯¥å¯¹å…¶è¿›è¡Œæ£ç¡®çš„è¯†åˆ«ã€‚ä¸€å¼€å§‹çš„æ—¶ä¾¯,é’ˆå¯¹P2Pæµçš„æ£€æµ‹æ˜¯å¾ˆç®€å•çš„,åŽŸå› æ˜¯é‚£ä¸ªæ—¶ä¾¯çš„P2Pæ‰€ä½¿ç”¨çš„ç«¯å£æ˜¯ä¸å˜åŒ–çš„ã€‚åŽæ¥,åè®®ç«¯å£çš„éšæœºé€‰å–æŠ€æœ¯è¢«åº”ç”¨äºŽå¤šæ•°å¯¹ç‰ç½‘ç»œåº”ç”¨ä¸,åœ¨æ£€æµ‹ä¸å‘çŽ°æœ‰äº›æµé‡ä¸ç”šè‡³å‡ºçŽ°äº†80ã€25ç‰ä¸“ç”¨ç«¯å£;è¿™äº›ç‰¹å¾çš„å‡ºçŽ°ä½¿å¾—P2Pæµé‡è¯†åˆ«å˜å¾—å¼‚å¸¸å›°éš¾ã€‚å› æ¤,å¦‚ä½•æ›´åŠ æœ‰æ•ˆè¯†åˆ«å‡ºP2Pæµé‡æˆäº†æ‘†åœ¨äººä»¬é¢å‰çš„ä¸€é“éš¾é¢˜ã€‚æœ¬æ–‡æ˜¯åœ¨å±€åŸŸç½‘èŒƒå›´å†…,åœ¨åˆ©ç”¨Etherealç‰æŠ“åŒ…å·¥å…·å¯¹P2Påº”ç”¨æµé‡ç›‘æµ‹çš„èƒŒæ™¯ä¸‹,å¯¹å¸¸è§çš„P2Pè½¯ä»¶çš„æµé‡ç‰¹å¾ã€P2Pæµé‡è¯†åˆ«æ–¹æ³•ç‰æ–¹é¢è¿›è¡Œäº†è¯¦ç»†çš„åˆ†æžä¸Žç ”ç©¶ã€‚æœ¬æ–‡é¦–å…ˆå¯¹P2PæŠ€æœ¯çš„åº”ç”¨ä¸Žå‘å±•åŽ†ç¨‹è¿›è¡Œäº†è¯¦ç»†çš„é˜è¿°ã€‚å…¶æ¬¡,æ·±å…¥è€Œåˆç»†è‡´çš„åˆ†æžäº†ç›®å‰å¸¸ç”¨çš„P2Pæµé‡è¯†åˆ«æŠ€æœ¯:ç«¯å£è¯†åˆ«æŠ€æœ¯ã€åŸºäºŽæµç»Ÿè®¡ç‰¹å¾çš„è¯†åˆ«æŠ€æœ¯å’ŒåŸºäºŽæ·±å±‚æ•°æ®åŒ…æ£€æµ‹çš„è¯†åˆ«æŠ€æœ¯,æ€»ç»“äº†å®ƒä»¬çš„ä¼˜ç¼ºç‚¹åŠé€‚ç”¨èŒƒå›´ã€‚å¹¶åœ¨å±€åŸŸç½‘çŽ¯å¢ƒä¸‹,å€ŸåŠ©äºŽEtherealç‰ç½‘ç»œåè®®åˆ†å±‚å¤„ç†å·¥å…·,é’ˆå¯¹å„ç§æŠ€æœ¯è¿›è¡Œäº†ç›¸åº”çš„å®žé™…éªŒè¯,å¾—å‡ºäº†ä¸€äº›ç‹¬ç«‹çš„ç»“è®ºã€‚æœ€åŽ,ä½œè€…é€šè¿‡å¯¹å„ç§æŠ€æœ¯çš„åˆ†æžä¸Žç»¼åˆæå‡ºäº†ä¸€ç§å¯å‘å¼çš„è¯†åˆ«æ¨¡åž‹ã€‚è™½ç„¶,è¯¥æ¨¡åž‹çš„æœ‰æ•ˆæ€§å’Œå‡†ç¡®æ€§è¿˜æœ‰å¾…è¿›ä¸€æ¥éªŒè¯;ä½†æ˜¯,è¯¥æ¨¡åž‹å¯ä»¥ä¸ºP2Pæµé‡è¯†åˆ«çš„ç ”ç©¶è€…ä¸Žç½‘ç»œç®¡ç†äººå‘˜æä¾›ä¸€ç§ç»¼åˆè¯†åˆ«ä¸Žåˆ†æžP2Pæµé‡çš„æ€è·¯ã€‚å¦å¤–,æœ¬æ–‡å®žéªŒæ•°æ®æ˜¯åœ¨å®žé™…ç½‘ç»œçŽ¯å¢ƒä¸çš„è¿è¡Œç»“æžœ,ä¸ºP2PæŠ€æœ¯ç ”ç©¶è€…æä¾›äº†ä¸°å¯Œå¯é çš„åŽŸå§‹æ•°æ®èµ„æ–™,åŒæ—¶å¯ä»¥å¸®åŠ©ç½‘ç»œç®¡ç†å‘˜è¿›ä¸€æ¥æœ‰æ•ˆåœ°é™åˆ¶ã€ç®¡ç†ç½‘ç»œä¸çš„P2Pæµé‡,ä»Žè€Œæé«˜å…¶ä»–æ£å¸¸ç½‘ç»œåº”ç”¨çš„æœåŠ¡è´¨é‡ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ P2P technology is an emerging technology of resourceâ€™s distributed storage and sharing. Corresponding with the dominant C/S (Client/Server) network architecture. This network architecture changes the way of storage from centralization to distribution, and the way of use from distribution to centralization. Therefore, it is a very innovative technology and has been applied to many areas.When the application in full swing, the problem is followed. One of the most prominent problems is that the bandwidth occupy. A large number of Internet bandwidth have been occupied by P2P applications. In order to enable P2P develop, at the same time not to harm the interests of ISP, people began to restrict and management P2P traffic to ease the bandwidth pressure. The first task is to correctly identify the P2P traffic. At first, because of early P2P protocol use of fixed TCP or UDP port, the identification for P2P is easy. However, with the continuous development of P2P technology, many P2P applications start using dynamic port and pseudo port to conceal there whereabouts. In testing, we found that some P2P traffic is even use 80, 25 ports. The emergence of these new features lead to the traditional methods of identification for P2P traffic is no longer applicable.Therefore, how to propose a more reasonable and effective method has become a difficult problem.This article is based on the use of tools such as Ethereal to monitor traffic of P2P applications with the LAN, and carried out a detailed analysis and research on the traffic features of common P2P software and P2P traffic identification method. First, this article describes in detail the application of P2P technology and the development process. Second, this article gives the depth and detailed analysis of the current popular P2P traffic identification technology: port identification technology, based on traffic statistical features identification technology and the identification technology based on deep packet inspection (DPI), their advantages, disadvantages and application. For a variety of identification technologies, using Ethereal and other protocol analysis tool carried out corresponding experiments in the LAN environment and draw some of own conclusions. Finally, the author proposes a heuristic identification model through analysis and synthesis of various identification techniques. Although the validity and accuracy of the model remains to be verified, however, the model provides an idea about comprehensive identification and analysis of P2P traffic for P2P traffic identification researchers and network managers. In addition, the experimental data in this artical is real data running in real network environment, which is also a rich source of reliable data for the P2P technology researchers. At the same time, these datas can help network administrators to effectively limit and manage P2P network traffic and then enhance the quality of service of other normal network applications.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ P2Pï¼› C/Sï¼› Etherealï¼› ç«¯å£è¯†åˆ«æŠ€æœ¯ï¼› åŸºäºŽæµç‰¹å¾çš„è¯†åˆ«æŠ€æœ¯ï¼› æ·±å±‚æ•°æ®åŒ…æ£€æµ‹æŠ€æœ¯ï¼›
ã€Key wordsã€‘ P2Pï¼› C/Sï¼› Etherealï¼› Port identification technologyï¼› Based on traffic statistical identification technologyï¼› Deep Packet Inspection technologyï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ å±±ä¸œè½»å·¥ä¸šå¦é™¢

ã€åˆ†ç±»å·ã€‘TP393.06
ã€è¢«å¼•é¢‘æ¬¡ã€‘2
ã€ä¸‹è½½é¢‘æ¬¡ã€‘130
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

P2Pæµé‡è¯†åˆ«ä¸Žåˆ†æž

Identification and Analysis of P2P Traffic

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

P2Pæµé‡è¯†åˆ«ä¸Žåˆ†æž