Browse > Article

Measurement and Analysis of P2P Traffic in Campus Networks Under Firewall  

Lee, Young-Seok (충남대학교 전기정보통신공학부 컴퓨터전공 데이터네트워크 연구실)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.30, no.11B, 2005 , pp. 750-757 More about this Journal
Abstract
This paper reports on the study of P2P traffic behaviors in a high-speed campus network under a simple firewall which drops packets with default port numbers for the well-blown P2P applications. Among several ways of detecting P2P traffic, the easiest method is to filter out packets with the default port number of each P2P application. After deploying the port-based firewall against P2P-traffic, it is expected that the amount of P2P traffic will be decreased. However, during the eight-month measurement period, three new commercial P2P applications have been identified and their traffic usages have reached up to $30/5.6\%$ of the total outbound/inbound traffic volumes at the end of the measurement period. In addition, the most famous P2P application, eDonkey, has adapted and has escaped detection through port hopping. The measurement result shows that the amount of eDonkey traffic is around $6.7/4.0\%$ of the total outbound/inbound traffic volume. From the measurement results, it is observed that the port-based firewall is not effective to limit the usage of P2P applications and that the P2P traffic is steadily growing due to not only the evolution of existing P2P applications such as port hopping but also appearances of new P2P applications.
Keywords
P2P; traffic measurement; eDonkey; flow; firewall;
Citations & Related Records
연도 인용수 순위
  • Reference
1 eDonkey, http://www.edonkey2000.com
2 T. Karagiannis, A. Broido, N. Brownlee, K.C. Claffy, and M. Faloutos, 'Is P2P Dying or just Hiding?,' IEEE Globecom, 2004
3 T. Karagiannis, A. Broido, M.Faloutos, and K.C. Claffy, 'Transport Layer Identification of P2P Traffic,' ACM Internet Measurement Conference, 2004
4 S. Ohzahata, Y. Hagiwara, M. Terada, and K Kawashima, 'A Traffic Identification Method and Evaluations for a Pure P2P Application,' Passive and Active Measure­ment Workshop, 2005
5 nProbe, http://www.ntop.org/nProbe.html
6 Tcpdump, http://www.tcpdump.org
7 Flow-tools, http://www.splintered.net/sw/flow-tools/
8 PeePop, http://www.peepop.net
9 NetFlow, http://www.cisco.com/warp/public/cc/pd/iosw/ioft/netlct/tech/napps_ wp.htm
10 S. Sen and J. Wang, 'Analyzing Peer-to­-Peer Traffic Across Large Networks,' IEEE/ACM Transactions on Networking, vol. 12, no. 2, pp. 219-232, April 2004   DOI   ScienceOn
11 Clubbox, http://www.clubbox.co.kr
12 Enppy, http://enppy.entica.com
13 Packeteer, http://www.packeteer.com
14 S. Sen, O. Spatscheck, and D. Wang, 'Accurate, Scalable In-Network Identification of P2P Traffic Using Application Signa­tures,' ACM WWW, 2004
15 L. Plissonneau, J-L. Costeux, and P. Brown, 'Analysis of Peer-to-Peer Traffic on ADSL,' Passive and Active Measurement Workshop, 2005
16 T. Choi, C.Kim, S. Yoon, J. Park, B. Lee, H. Kim, H. Chung, and T. Jeong, 'Content­aware Internet Application Traffic Measure­ment and Analysis,' NOMS, 2004
17 A. Gerber, J. Houle, H. Nguyen, M. Roughan, and S. Sen, 'P2P, The Gorilla in the Cable,' National Cable & Telecommunica­tions Association (NCTA) 2003 National Show, 2003