A Cooperation Network Model for Secure Management in Dynamic P2P Flow

This paper discusses how to identify Peer-to-Peer (P2P) traffic using a blind technique without observing individual payload in the proposed cooperation network model. Traditionally, the payload inspection based traffic identification methodologies have been studied and developed for static internet...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Yong-Hyuk Moon, Jae-Hoon Nah, Jong-Soo Jang, Chan-Hyun Youn
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper discusses how to identify Peer-to-Peer (P2P) traffic using a blind technique without observing individual payload in the proposed cooperation network model. Traditionally, the payload inspection based traffic identification methodologies have been studied and developed for static internet traffic generated by well-known network applications such as http, ftp, telnet, smtp, etc. However, this approach is inadequate any more to detect and control newly emerging applications using P2P-like or P2P-based communication protocol. Also it strongly depends on the central intrusion detection system or firewall because signature as the prior-knowledge is normally built on that kind of systems. That fact derives three issues: performance overhead, central point of failure, and abnormality handling of traffic. Therefore, we propose the distributed detector strategy using tight cooperation between flow agent and secure gateway for indentifying the dynamic P2P traffic, even encrypted.
ISSN:1738-9445
DOI:10.1109/ICACT.2008.4493975