A novel method for the detection of P2P traffic in the network backbone inspired by intrusion detection systems

Download
2006
Soysal, Murat
The share of peer-to-peer (P2P) protocol in the total network traffic grows dayby- day in the Turkish Academic Network (UlakNet) similar to the other networks in the world. This growth is mostly because of the popularity of the shared content and the great enhancement in the P2P protocol since it first came out with Napster. The shared files are generally both large and copyrighted. Motivated by the problems of UlakNet with the P2P traffic, we propose a novel method for P2P traffic detection in the network backbone in this thesis. Observing the similarity between detecting traffic that belongs to a specific protocol and detecting an intrusion in a computer system, we adopt an Intrusion Detection System (IDS) technique to detect P2P traffic. Our method is a passive detection procedure that uses traffic flows gathered from border routers. Hence, it is scalable and does not have the problems of other approaches that rely on packet payload data or transport layer ports.

Suggestions

An intrusion detection based approach for the scalable detection of P2P traffic in the national academic network backbone
Schmidt, Şenan Ece (2006-06-18)
The share of peer-to-peer (P2P) protocol in the total network traffic grows day-by-day in the Turkish Academic Network (UlakNet) similar to the other networks in the world. This growth is mostly because of the popularity of the shared content and the great enhancement in the P2P protocol since it first came out with Napster. The shared files are generally both large and copyrighted. Motivated by the problems of UlakNet with the P2P traffic, we propose a novel method for P2P traffic detection in the network ...
A new approach for the scalable intrusion detection in high-speed networks
Şahin, Ümit Burak; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2007)
As the networks become faster and faster, the emerging requirement is to improve the performance of the Intrusion Detection and Prevention Systems (IDPS) to keep up with the increased network throughput. In high speed networks, it is very difficult for the IDPS to process all the packets. Since the throughput of IDPS is not improved as fast as the throughput of the switches and routers, it is necessary to develop new detection techniques other than traditional techniques. In this thesis we propose a rule-ba...
Software implementations of QoS scheduling algorithms for high speed networks /
Pehlivanlı, Aydın; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2015)
The end to end Quality of Service (QoS) support for the dominating multimedia traffic in the contemporary computer networks is achieved by implementing schedulers in the routers and deploying traffic shapers. To this end, realistic modeling and simulation of these components is essential for network performance evaluation. The first contribution of this thesis is the design and implementation of a C++ simulator QueST (Quality of Service simulaTor) for this task. QueST is a modular cycle accurate simulator w...
Performance evaluation of routing protocols in wireless ad hoc networks with service differentiation
Yılmaz, Semra; Koçyiğit, Altan; Erten, Murat; Department of Information Systems (2003)
An ad hoc network is a collection of wireless mobile nodes dynamically forming a temporary network without the use of any fixed network infrastructure or centralized administration. Due to the limitations in the wireless environment, it may be necessary for one mobile host to enlist the aid of other hosts in forwarding a packet to its destination. In order to enable communication within the network, a routing protocol is needed to discover routes between nodes. The primary goal of ad hoc network routing pro...
Improving performance of network intrusion detection systems through concurrent mechanisms
Atakan, Mustafa; Şener, Cevat; Department of Computer Engineering (2003)
As the bandwidth of present networks gets larger than the past, the demand of Network Intrusion Detection Systems (NIDS) that function in real time becomes the major requirement for high-speed networks. If these systems are not fast enough to process all network traffic passing, some malicious security violations may take role using this drawback. In order to make that kind of applications schedulable, some concurrency mechanism is introduced to the general flowchart of their algorithm. The principal aim is...
Citation Formats
M. Soysal, “A novel method for the detection of P2P traffic in the network backbone inspired by intrusion detection systems,” M.S. - Master of Science, Middle East Technical University, 2006.