Abstract
In this paper we present PeerRush, a novel system for the identification of unwanted P2P traffic. Unlike most previous work, PeerRush goes beyond P2P traffic detection, and can accurately categorize the detected P2P traffic and attribute it to specific P2P applications, including malicious applications such as P2P botnets. PeerRush achieves these results without the need of deep packet inspection, and can accurately identify applications that use encrypted P2P traffic. We implemented a prototype version of PeerRush and performed an extensive evaluation of the system over a variety of P2P traffic datasets. Our results show that we can detect all the considered types of P2P traffic with up to 99.5% true positives and 0.1% false positives. Furthermore, PeerRush can attribute the P2P traffic to a specific P2P application with a misclassification rate of 0.68% or less. © 2013 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Rahbarinia, B., Perdisci, R., Lanzi, A., & Li, K. (2013). PeerRush: Mining for unwanted P2P traffic. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7967 LNCS, pp. 62–82). https://doi.org/10.1007/978-3-642-39235-1_4
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
