Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Detection and Management of P2P Traffic in Networks using Artificial Neural Networksa

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

Peer-to-Peer (P2P) technology is a popular tool for sharing files and multimedia services on networks. While the technology has been serving a good purpose of facilitating sharing of large volumes of data on networks, in other aspects, it has also become a potential source through which attackers could ride on to launch various malicious attacks on the networks. In networks with limited bandwidth resources, uncontrolled P2P activities may also come with problems of congestion in such networks. As P2P continues to evolve on the internet in more complex forms, the need for dynamic mechanisms with the ability to learn the evolving P2P behavior will be essential for accurate monitoring and detection of the P2P traffic to minimize its effects on networks. Supervised machine learning classifiers have been used in recent times, as potential tools for monitoring and detection of the P2P traffic. Incidentally, the capabilities of such classifiers decline over time due to the changing dynamics of the P2P features, making it necessary for the classifiers to undergo continuous retraining in order to maintain their capability of providing effective detection of new P2P traffic features in real-time operations. This paper presents a hybrid machine-learning framework that combines the capabilities of self-organizing map (SOM) model with a multilayer perceptron (MLP) network to achieve real-time detection of P2P traffic in networks. The SOM model generates sets of clustered features contained in the traffic flows and organizes the features into P2P and non-P2P, which are used for training the MLP model for subsequent detection and control of the P2P traffic. The proposed P2P detection framework was tested using real traffic data from the University of Ghana campus network. The test results revealed an average detection rate of 99.89% of the observed instances of P2P traffic in the experimental data. The good detection rate from the detection framework suggests its capability to serve as a potential tool for dynamic monitoring, detection, and control of P2P traffic to manage bandwidth resources and isolation of undesirable P2P-driven traffic in networks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

Availability and Requirements

The authors declare that all data, materials, software applications and codes used in the article comply with field standards.

References

  1. Kegel, D., Srisuresh, P., Ford, B.: State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs). Proceedings of USENIX Annual Technical Conference, pp. 179–192, (2005).

  2. Ripeanu, M.: Peer-to-peer architecture case study—Gnutella network. Proceedings of First International Conference on Peer-to-Peer Computing. Linkoping, Sweden. pp. 99–100, (2001).

  3. Zhang, D., Zheng, C., Zhang, H., Yu, H.: Identification and analysis of skype peer-to-peer traffic. International Conference on Internet and Web Applications and Services, IEEE Computer Society, pp. 200–206 (2010).

  4. Silverston, T., Fourmaux, O., Botta, A., Dainotti, A., Pescape, A., Ventre, G., Salamatian, K.: Traffic analysis of peer-to-peer IPTV communities. Comput. Netw. 53, 470–484 (2009)

    Article  Google Scholar 

  5. Bhatia, M., Rai, M.K.: Identifying P2P traffic: a survey. Peer-to-Peer Netw. Appl. 10, 1182–1203 (2017)

    Article  Google Scholar 

  6. Kolbe, H. J., Kettig, O., Golic, E.: Monitoring the impact of P2P users on a broadband operator’s network. 2009 IFIP/IEEE International Sym;osium on Integrated Network Management, Long Island, NY, pp. 351–358 (2009).

  7. Li, J.: On peer-to-peer (P2P) content delivery. Peer-to-Peer Netw. Appl. 1, 45–63 (2008)

    Article  Google Scholar 

  8. Ceptureanu, E.G., Ceptureanu, S.I., Herteliu, C., Cerqueti, R.: Sustainable consumption behaviours in P2P accommodation platforms: an exploratory study. Soft. Comput. 24, 13863–13870 (2020)

    Article  Google Scholar 

  9. Trevisan, M., Giordano, D., Drago, I., Munafo, M.M., Mellia, M.: Five years at the edge: Watching internet from the ISP network. IEEE/ACM Trans. Netw. 28(2), 561–574 (2020)

    Article  Google Scholar 

  10. Garcia-Dorado, J.L., Finamore, A., Mellia, M., Meo, M., Munafo, M.: Characterization of ISP traffic: trends user habits and access technology impact. IEEE Trans. Netw. Serv. Manag. 9(2), 142–155 (2012)

    Article  Google Scholar 

  11. Awasthi, S.K., Singh, Y.N.: Simplified Biased Contribution Index (SBCI): a mechanism to make P2P network fair and efficient for resource sharing. J. Parallel Distrib. Comput. 124, 106–118 (2019)

    Article  Google Scholar 

  12. Lu, H., Wu, C.: Identification of P2P traffic in campus network. 2010 International Conference on Computer Application and Systems Modelling pp. V1–21–V1–23 (2010).

  13. Togo, E.: Optimizing internet bandwidth of campus network through peer-to-peer traffic management. Master of Engineering Dissertation, Department of Computer Engineering, University of Ghana, Legon. (2013).

  14. ITU publications: Measuring Digital developments Facts and Figures 2020. ITU Publications (2020).

  15. Azzouna, N.B., Guillemin, F.: Impact of peer-to-peer applications on wide area network traffic: an experimental approach. IEEE Global Telecommunications Conference, Globecom 04, Dallas, TX, vol. 3, pp. 1544–1548 (2004).

  16. Khattak, S., Ramay, N.R., Riaz Khan, K., Syed Affan, A., Ali Khayam, S.: A Taxonomy of Botnet behaviour, detection, and defense. IEEE Commun. Sur. Tutor. 16(2), 898–924 (2014)

    Article  Google Scholar 

  17. Khan, R.U., Kumar, R., Alazab, M., Zhang, X.: A hybrid technique to detect botnets based on P2P traffic similarity. Cybersecurity and Cyberforensic Conference, Melbourne, pp. 136–142 (2019).

  18. Saad, S., Traore, I., Ghorbani, A., Sayed, B., Zhao, D., Lu, W., Felix, J., Hakimian, P.: Detecting P2P Botnet through network behaviour analysis and machine learning. 2011 Ninth Annual International Conference on Privacy, Security and Trust, Montreal, QC, pp. 174–180 (2011).

  19. Wararkar, P., Kapil, N., Rehani, V., Mehra, Y., Bhatnagar, Y.: Resolving problems based on peer to peer network security issues. Procedia Comput. Sci. Elsevier. 78, 652–659 (2016)

    Article  Google Scholar 

  20. Auld, T., Moore, A.W., Gull, S.F.: Bayesian neural networks for internet traffic classification. Neural Netw. IEEE Trans. 18, 223–239 (2007)

    Article  Google Scholar 

  21. Carela-Espanol, V., Barlet-Ros, P., Mula-Valls, O., Sole-Pareta, J.: An autonomic traffic classification system for network operation and management. J. Netw. Syst. Manag. 23, 401–419 (2015)

    Article  Google Scholar 

  22. Pao, T., Chen, J.: Using UDP packets to detect P2P file sharing. IJCSNS 7(8), 188–192 (2007)

    Google Scholar 

  23. Karagiannis, T., Broido, A., Faloutsos, M., Claffy, K.: Transport layer identification of P2P traffic. Proccedings of 4th ACM Sigcomm Internet Measurement Conference, Italy, pp. 121–134, (2004).

  24. Perenyi, M., Dinh Dang, T., Gefferth, A., Molnar, S.: Identification and analysis of peer-to-peer traffic. J. Commun. 1(7), 36–46 (2006)

    Article  Google Scholar 

  25. Sen, S., Spatscheck, O., Wang, D.: Accurate, Scalable In-Network Identification of P2P Trac Using Application Signatures. In WWW (2004).

  26. Bernaille, L., Teixeira, R., Salamatian, K.: Early application identification. Proceedings of 2006 ACM CoNEXT Conference, ACM, New York, Article 6, pp. 1–12 (2006).

  27. Jun, Z., Chao, C., Yang, X., Wanlei, Z., Athanasios, V.V.: An effective network classification method using unknown flow detection. IEEE Trans. Netw. Serv. Manag. 10, 133–147 (2013)

    Article  Google Scholar 

  28. Alelyani, S., Tang, J., Liu, H.: Feature selection for clustering: A review. In: Data Clustering, algorithms and applications. Chapman and Hall, CRC Press, pp. 30–55 (2018).

  29. Karagiannis, T., Papagiannaki, K., Faloutsos, M.: Blinc: multilevel traffic classification in the dark. SIGCOMM Computer. Commun. Rev. 35, 229–240 (2005)

    Article  Google Scholar 

  30. Sen, S., Wang, J.: Analyzing peer-to-Peer traffic across large networks. IEEE/ACM Trans. Netw. 12(2), 219–232 (2004)

    Article  Google Scholar 

  31. Salman, O., Elhajj, I.H., Kayssi, A., Chehab, A.: A review on machine learning-based approaches for internet traffic classification. Ann. Telecommun. 75, 673–710 (2020)

    Article  Google Scholar 

  32. Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for Internet of Things. IEEE Access 5, 18042–18050 (2017)

    Article  Google Scholar 

  33. Pacheco, F., Expósito, E., Gineste, M., Baudoin, C., Aguilar, J.: Towards the deployment of machine learning solutions in network traffic classification: a systematic survey. Commun. Surv. Tutor. IEEE Commun. Soc. 21(2), 1988–2014 (2018)

    Article  Google Scholar 

  34. Haykin, S.: Artificial Neural Network: A Comprehensive Foundation, 3rd edn. Prentice Hall, Hoboken (2007)

    Google Scholar 

  35. Safari Khatouni, A., Seddigh, N., Nandi, B., Zincir-Heywood, N.: Machine learning based classification accuracy of encrypted service channels: Analysis of various factors. J. Netw. Syst. Manag. 29(8), 5 (2021)

    Google Scholar 

  36. Agrawal, S., Sohi, B.S.: Feature optimization and performance evaluation of machine learning algorithms for identification of P2P traffic. J. Adv. Inf. Technol. 3(2), 107–114 (2012)

    Google Scholar 

  37. Tan, J., Chen, X., Du, M., Zhu, K.: A novel internet traffic identification approach using wavelet packet decomposition and neural network. J. Central South Univ. 19(8), 2218–2230 (2012)

    Article  Google Scholar 

  38. Wang, C., Zhang, H., Ye, Z.: A peer-to-peer traffic identification method based on wavelet and particle swarm optimization algorithm. Int. J. Wavelets Multiresolut. Inf. Process. 13(6), 87–88 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  39. Zhu, Y., Zheng, Y.: Traffic identification and traffic analysis based on support vector machine. Neural Comput. Appl. 32, 1903–1911 (2020)

    Article  Google Scholar 

  40. Yuan, R., Li, Z., Guan, X., Xu, L.: An SVM based machine learning method for accurate internet traffic classification. Inf. Syst. Front. 12, 149–156 (2010)

    Article  Google Scholar 

  41. Cao, J., Wang, D., Qu, Z., Sun, H., Li, B., Chen, C.-L.: An improved network traffic classification model based on a support vector machine. Symmetry 12(301), 1–21 (2020)

    Google Scholar 

  42. Alauthman, M., Aslam, N., Al-kasassbeh, M., Khan, S., AlQerem, A., Choo, K.-M.R.: An efficient reinforcement learning-based botnet fdetection approach. J. Network Comput. Appl. 150, 102479 (2020)

    Article  Google Scholar 

  43. Tauriainen, A.: A Self-Learning System for P2P Traffic Classification. Helsinki University of Technology, Helsinki (2005)

    Google Scholar 

  44. Le, D.C., Zincir-Heywood, N., Heywood, M.I.: Unsupervised monitoring of network and service behaviour using self organizing maps. J. Cyber Sec. Mobility 8(1), 15–52 (2019)

    Article  Google Scholar 

  45. Keralapura, R., Nucci, A., Chuah, C.-N.: A novel self-learning architecture for P2P traffic classification in high speed networks. Comput. Netw. 54(8), 1055–1068 (2010)

    Article  MATH  Google Scholar 

  46. Zarei, R., Monemi, A., Marsono, M.N.: Automated dataset generation for training peer-to-peer machine learning classifiers. J. Netw. Syst. Manag. 23, 89–110 (2015)

    Article  Google Scholar 

  47. NFDUMP Netflow processing tools, Version 1.6.13 (2017).

  48. Hongli, Z., Gang, L., Mahmoud, Q.T., Zhang, Y., Xiangzhan, Y.: Feature selection for optimizing traffic classification. Comput. Commun. 35(12), 1457–1471 (2012)

    Article  Google Scholar 

  49. WEKA machine learning software tool, Version 3–6 (2017).

  50. Witten, I. H., Frank, E., Hall, M. A., Pal C. J.: WEKA Workbench, Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann, 4th Ed. (2016).

  51. Vesanto, J., Alhoniemi, E.: Clustering of the self-organizing map. IEEE Trans. Neural Netw. 11(3), 586–600 (2002)

    Article  Google Scholar 

  52. Erman, J., Arlitt, M., Mahanti, A.: Traffic classification using clustering algorithms. MineNet’06: Proceedings of 2006 SIGCOMM workshop on mining network data, pp. 281–286 (2006).

  53. Takyi, K., Bagga, A., Goopta, P.: Clustering techniques for traffic classification: A comprehensive review. IEEE 7th International conference on reliability, information technologies and optimization (Trends and Future Directions), pp. 224–230 (2018).

  54. Herbert, J.P., Tao Yao, J.: A granular computing framework for self-organizing maps. Neurocomputing 9, 2865–2872 (2009)

    Article  Google Scholar 

  55. Chaudhary, V., Bhatia, R.S., Ahlawat, A.K.: The self-organizing map learning algorithm with inactive and relative winning frequency of active neurons. HKIE Trans. 21(1), 62–67 (2014)

    Article  Google Scholar 

  56. James, G., Witten, D., Hastie, T., Tibshirani, R.: An Introduction to Statistical Learning with Applications. Springer, New York (2017)

    MATH  Google Scholar 

  57. Bengio, Y.: Learning deep architectures for AI Found. Trends Mach. Learn. 2(1), 1–127 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  58. Sowah, R.A., Agebure, M.A., Mills, G.A., Koumadi, K.K., Fiawoo, S.Y.: A new cluster under sampling technique for class imbalance learning. JMLC 6(3), 205–214 (2016)

    Google Scholar 

  59. Nobre, J.C., Melchiors, C., Marquezan, C.C., et al.: A survey on the use of P2P technology for network management. J. Netw. Syst. Manag. 26, 189–221 (2018)

    Article  Google Scholar 

  60. Dos Santos, C.R.P., Famaey, J., Schonwalder, J., Granville, L.Z., Pras, A., De Turck, F.: Taxonomy for the network and service management research field. J. Netw. Syst. Manag. 24(3), 764–787 (2016)

    Article  Google Scholar 

Download references

Acknowledgements

The authors would like to thank the University of Ghana Computing Systems (UGCS) for the access to the university network for the traffic data acquisition and also for testing the model on the network. The authors would also like to express their gratitude to the editor-in-chef, and the anonymous reviewers for their valuable comments.

Author information

Authors and Affiliations

  1. Department of Computer Engineering, University of Ghana, Legon, Accra, Ghana

    Godfrey A. Mills & Robert A. Sowah

  2. University of Ghana Computing Systems, University of Ghana, Legon, Accra, Ghana

    Pamela Pomary & Emmanuel Togo

Authors
  1. Godfrey A. Mills
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pamela Pomary
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Emmanuel Togo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Robert A. Sowah
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

GAM provided supervision for the design, implementation, testing, and writing the manuscript; PP designed the model, data gathering, algorithm development, and experiment; ET conducted a preliminary investigation, joined PP with the data gathering and analysis and experiment; RAS reviewed the article and editing of the manuscript. All the authors read and approve the final manuscript for submission and publication.

Corresponding author

Correspondence to Godfrey A. Mills.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mills, G.A., Pomary, P., Togo, E. et al. Detection and Management of P2P Traffic in Networks using Artificial Neural Networksa. J Netw Syst Manage 30, 26 (2022). https://doi.org/10.1007/s10922-021-09637-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10922-021-09637-1

Keywords

Search

Navigation