Abstract
Peer-to-Peer (P2P) technology is a popular tool for sharing files and multimedia services on networks. While the technology has been serving a good purpose of facilitating sharing of large volumes of data on networks, in other aspects, it has also become a potential source through which attackers could ride on to launch various malicious attacks on the networks. In networks with limited bandwidth resources, uncontrolled P2P activities may also come with problems of congestion in such networks. As P2P continues to evolve on the internet in more complex forms, the need for dynamic mechanisms with the ability to learn the evolving P2P behavior will be essential for accurate monitoring and detection of the P2P traffic to minimize its effects on networks. Supervised machine learning classifiers have been used in recent times, as potential tools for monitoring and detection of the P2P traffic. Incidentally, the capabilities of such classifiers decline over time due to the changing dynamics of the P2P features, making it necessary for the classifiers to undergo continuous retraining in order to maintain their capability of providing effective detection of new P2P traffic features in real-time operations. This paper presents a hybrid machine-learning framework that combines the capabilities of self-organizing map (SOM) model with a multilayer perceptron (MLP) network to achieve real-time detection of P2P traffic in networks. The SOM model generates sets of clustered features contained in the traffic flows and organizes the features into P2P and non-P2P, which are used for training the MLP model for subsequent detection and control of the P2P traffic. The proposed P2P detection framework was tested using real traffic data from the University of Ghana campus network. The test results revealed an average detection rate of 99.89% of the observed instances of P2P traffic in the experimental data. The good detection rate from the detection framework suggests its capability to serve as a potential tool for dynamic monitoring, detection, and control of P2P traffic to manage bandwidth resources and isolation of undesirable P2P-driven traffic in networks.
Similar content being viewed by others
Availability and Requirements
The authors declare that all data, materials, software applications and codes used in the article comply with field standards.
References
Kegel, D., Srisuresh, P., Ford, B.: State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs). Proceedings of USENIX Annual Technical Conference, pp. 179–192, (2005).
Ripeanu, M.: Peer-to-peer architecture case study—Gnutella network. Proceedings of First International Conference on Peer-to-Peer Computing. Linkoping, Sweden. pp. 99–100, (2001).
Zhang, D., Zheng, C., Zhang, H., Yu, H.: Identification and analysis of skype peer-to-peer traffic. International Conference on Internet and Web Applications and Services, IEEE Computer Society, pp. 200–206 (2010).
Silverston, T., Fourmaux, O., Botta, A., Dainotti, A., Pescape, A., Ventre, G., Salamatian, K.: Traffic analysis of peer-to-peer IPTV communities. Comput. Netw. 53, 470–484 (2009)
Bhatia, M., Rai, M.K.: Identifying P2P traffic: a survey. Peer-to-Peer Netw. Appl. 10, 1182–1203 (2017)
Kolbe, H. J., Kettig, O., Golic, E.: Monitoring the impact of P2P users on a broadband operator’s network. 2009 IFIP/IEEE International Sym;osium on Integrated Network Management, Long Island, NY, pp. 351–358 (2009).
Li, J.: On peer-to-peer (P2P) content delivery. Peer-to-Peer Netw. Appl. 1, 45–63 (2008)
Ceptureanu, E.G., Ceptureanu, S.I., Herteliu, C., Cerqueti, R.: Sustainable consumption behaviours in P2P accommodation platforms: an exploratory study. Soft. Comput. 24, 13863–13870 (2020)
Trevisan, M., Giordano, D., Drago, I., Munafo, M.M., Mellia, M.: Five years at the edge: Watching internet from the ISP network. IEEE/ACM Trans. Netw. 28(2), 561–574 (2020)
Garcia-Dorado, J.L., Finamore, A., Mellia, M., Meo, M., Munafo, M.: Characterization of ISP traffic: trends user habits and access technology impact. IEEE Trans. Netw. Serv. Manag. 9(2), 142–155 (2012)
Awasthi, S.K., Singh, Y.N.: Simplified Biased Contribution Index (SBCI): a mechanism to make P2P network fair and efficient for resource sharing. J. Parallel Distrib. Comput. 124, 106–118 (2019)
Lu, H., Wu, C.: Identification of P2P traffic in campus network. 2010 International Conference on Computer Application and Systems Modelling pp. V1–21–V1–23 (2010).
Togo, E.: Optimizing internet bandwidth of campus network through peer-to-peer traffic management. Master of Engineering Dissertation, Department of Computer Engineering, University of Ghana, Legon. (2013).
ITU publications: Measuring Digital developments Facts and Figures 2020. ITU Publications (2020).
Azzouna, N.B., Guillemin, F.: Impact of peer-to-peer applications on wide area network traffic: an experimental approach. IEEE Global Telecommunications Conference, Globecom 04, Dallas, TX, vol. 3, pp. 1544–1548 (2004).
Khattak, S., Ramay, N.R., Riaz Khan, K., Syed Affan, A., Ali Khayam, S.: A Taxonomy of Botnet behaviour, detection, and defense. IEEE Commun. Sur. Tutor. 16(2), 898–924 (2014)
Khan, R.U., Kumar, R., Alazab, M., Zhang, X.: A hybrid technique to detect botnets based on P2P traffic similarity. Cybersecurity and Cyberforensic Conference, Melbourne, pp. 136–142 (2019).
Saad, S., Traore, I., Ghorbani, A., Sayed, B., Zhao, D., Lu, W., Felix, J., Hakimian, P.: Detecting P2P Botnet through network behaviour analysis and machine learning. 2011 Ninth Annual International Conference on Privacy, Security and Trust, Montreal, QC, pp. 174–180 (2011).
Wararkar, P., Kapil, N., Rehani, V., Mehra, Y., Bhatnagar, Y.: Resolving problems based on peer to peer network security issues. Procedia Comput. Sci. Elsevier. 78, 652–659 (2016)
Auld, T., Moore, A.W., Gull, S.F.: Bayesian neural networks for internet traffic classification. Neural Netw. IEEE Trans. 18, 223–239 (2007)
Carela-Espanol, V., Barlet-Ros, P., Mula-Valls, O., Sole-Pareta, J.: An autonomic traffic classification system for network operation and management. J. Netw. Syst. Manag. 23, 401–419 (2015)
Pao, T., Chen, J.: Using UDP packets to detect P2P file sharing. IJCSNS 7(8), 188–192 (2007)
Karagiannis, T., Broido, A., Faloutsos, M., Claffy, K.: Transport layer identification of P2P traffic. Proccedings of 4th ACM Sigcomm Internet Measurement Conference, Italy, pp. 121–134, (2004).
Perenyi, M., Dinh Dang, T., Gefferth, A., Molnar, S.: Identification and analysis of peer-to-peer traffic. J. Commun. 1(7), 36–46 (2006)
Sen, S., Spatscheck, O., Wang, D.: Accurate, Scalable In-Network Identification of P2P Trac Using Application Signatures. In WWW (2004).
Bernaille, L., Teixeira, R., Salamatian, K.: Early application identification. Proceedings of 2006 ACM CoNEXT Conference, ACM, New York, Article 6, pp. 1–12 (2006).
Jun, Z., Chao, C., Yang, X., Wanlei, Z., Athanasios, V.V.: An effective network classification method using unknown flow detection. IEEE Trans. Netw. Serv. Manag. 10, 133–147 (2013)
Alelyani, S., Tang, J., Liu, H.: Feature selection for clustering: A review. In: Data Clustering, algorithms and applications. Chapman and Hall, CRC Press, pp. 30–55 (2018).
Karagiannis, T., Papagiannaki, K., Faloutsos, M.: Blinc: multilevel traffic classification in the dark. SIGCOMM Computer. Commun. Rev. 35, 229–240 (2005)
Sen, S., Wang, J.: Analyzing peer-to-Peer traffic across large networks. IEEE/ACM Trans. Netw. 12(2), 219–232 (2004)
Salman, O., Elhajj, I.H., Kayssi, A., Chehab, A.: A review on machine learning-based approaches for internet traffic classification. Ann. Telecommun. 75, 673–710 (2020)
Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for Internet of Things. IEEE Access 5, 18042–18050 (2017)
Pacheco, F., Expósito, E., Gineste, M., Baudoin, C., Aguilar, J.: Towards the deployment of machine learning solutions in network traffic classification: a systematic survey. Commun. Surv. Tutor. IEEE Commun. Soc. 21(2), 1988–2014 (2018)
Haykin, S.: Artificial Neural Network: A Comprehensive Foundation, 3rd edn. Prentice Hall, Hoboken (2007)
Safari Khatouni, A., Seddigh, N., Nandi, B., Zincir-Heywood, N.: Machine learning based classification accuracy of encrypted service channels: Analysis of various factors. J. Netw. Syst. Manag. 29(8), 5 (2021)
Agrawal, S., Sohi, B.S.: Feature optimization and performance evaluation of machine learning algorithms for identification of P2P traffic. J. Adv. Inf. Technol. 3(2), 107–114 (2012)
Tan, J., Chen, X., Du, M., Zhu, K.: A novel internet traffic identification approach using wavelet packet decomposition and neural network. J. Central South Univ. 19(8), 2218–2230 (2012)
Wang, C., Zhang, H., Ye, Z.: A peer-to-peer traffic identification method based on wavelet and particle swarm optimization algorithm. Int. J. Wavelets Multiresolut. Inf. Process. 13(6), 87–88 (2015)
Zhu, Y., Zheng, Y.: Traffic identification and traffic analysis based on support vector machine. Neural Comput. Appl. 32, 1903–1911 (2020)
Yuan, R., Li, Z., Guan, X., Xu, L.: An SVM based machine learning method for accurate internet traffic classification. Inf. Syst. Front. 12, 149–156 (2010)
Cao, J., Wang, D., Qu, Z., Sun, H., Li, B., Chen, C.-L.: An improved network traffic classification model based on a support vector machine. Symmetry 12(301), 1–21 (2020)
Alauthman, M., Aslam, N., Al-kasassbeh, M., Khan, S., AlQerem, A., Choo, K.-M.R.: An efficient reinforcement learning-based botnet fdetection approach. J. Network Comput. Appl. 150, 102479 (2020)
Tauriainen, A.: A Self-Learning System for P2P Traffic Classification. Helsinki University of Technology, Helsinki (2005)
Le, D.C., Zincir-Heywood, N., Heywood, M.I.: Unsupervised monitoring of network and service behaviour using self organizing maps. J. Cyber Sec. Mobility 8(1), 15–52 (2019)
Keralapura, R., Nucci, A., Chuah, C.-N.: A novel self-learning architecture for P2P traffic classification in high speed networks. Comput. Netw. 54(8), 1055–1068 (2010)
Zarei, R., Monemi, A., Marsono, M.N.: Automated dataset generation for training peer-to-peer machine learning classifiers. J. Netw. Syst. Manag. 23, 89–110 (2015)
NFDUMP Netflow processing tools, Version 1.6.13 (2017).
Hongli, Z., Gang, L., Mahmoud, Q.T., Zhang, Y., Xiangzhan, Y.: Feature selection for optimizing traffic classification. Comput. Commun. 35(12), 1457–1471 (2012)
WEKA machine learning software tool, Version 3–6 (2017).
Witten, I. H., Frank, E., Hall, M. A., Pal C. J.: WEKA Workbench, Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann, 4th Ed. (2016).
Vesanto, J., Alhoniemi, E.: Clustering of the self-organizing map. IEEE Trans. Neural Netw. 11(3), 586–600 (2002)
Erman, J., Arlitt, M., Mahanti, A.: Traffic classification using clustering algorithms. MineNet’06: Proceedings of 2006 SIGCOMM workshop on mining network data, pp. 281–286 (2006).
Takyi, K., Bagga, A., Goopta, P.: Clustering techniques for traffic classification: A comprehensive review. IEEE 7th International conference on reliability, information technologies and optimization (Trends and Future Directions), pp. 224–230 (2018).
Herbert, J.P., Tao Yao, J.: A granular computing framework for self-organizing maps. Neurocomputing 9, 2865–2872 (2009)
Chaudhary, V., Bhatia, R.S., Ahlawat, A.K.: The self-organizing map learning algorithm with inactive and relative winning frequency of active neurons. HKIE Trans. 21(1), 62–67 (2014)
James, G., Witten, D., Hastie, T., Tibshirani, R.: An Introduction to Statistical Learning with Applications. Springer, New York (2017)
Bengio, Y.: Learning deep architectures for AI Found. Trends Mach. Learn. 2(1), 1–127 (2009)
Sowah, R.A., Agebure, M.A., Mills, G.A., Koumadi, K.K., Fiawoo, S.Y.: A new cluster under sampling technique for class imbalance learning. JMLC 6(3), 205–214 (2016)
Nobre, J.C., Melchiors, C., Marquezan, C.C., et al.: A survey on the use of P2P technology for network management. J. Netw. Syst. Manag. 26, 189–221 (2018)
Dos Santos, C.R.P., Famaey, J., Schonwalder, J., Granville, L.Z., Pras, A., De Turck, F.: Taxonomy for the network and service management research field. J. Netw. Syst. Manag. 24(3), 764–787 (2016)
Acknowledgements
The authors would like to thank the University of Ghana Computing Systems (UGCS) for the access to the university network for the traffic data acquisition and also for testing the model on the network. The authors would also like to express their gratitude to the editor-in-chef, and the anonymous reviewers for their valuable comments.
Author information
Authors and Affiliations
Contributions
GAM provided supervision for the design, implementation, testing, and writing the manuscript; PP designed the model, data gathering, algorithm development, and experiment; ET conducted a preliminary investigation, joined PP with the data gathering and analysis and experiment; RAS reviewed the article and editing of the manuscript. All the authors read and approve the final manuscript for submission and publication.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Rights and permissions
About this article
Cite this article
Mills, G.A., Pomary, P., Togo, E. et al. Detection and Management of P2P Traffic in Networks using Artificial Neural Networksa. J Netw Syst Manage 30, 26 (2022). https://doi.org/10.1007/s10922-021-09637-1
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10922-021-09637-1