• DocumentCode
    2748187
  • Title

    Detection of Encrypted Traffic in eDonkey Network through Application Signatures

  • Author

    Freire, Mário M. ; Carvalho, David A. ; Pereira, Manuela

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Beira Interior, Covilha, Portugal
  • fYear
    2009
  • fDate
    11-16 Oct. 2009
  • Firstpage
    174
  • Lastpage
    179
  • Abstract
    Peer-to-peer file sharing applications became very popular, being responsible for a large percentage of the network traffic. However, peer-to-peer traffic may compromise the performance of enterprise critical networked applications or network-based tasks or may overload the network infrastructure of Internet service providers, being desirable that this traffic be blocked in some situations. However, this task may be difficult to achieve, namely for networks operating at very high-speed bit rates and low latency and/or when the traffic is encrypted. This paper addresses the problem of detecting and blocking encrypted traffic generated by eMule, which is one of the most difficult to detect among popular peer-to-peer file sharing applications. The proposed method is based on eMule signatures, which are coded as SNORT rules, this system being used to detect and block eMule traffic. Experiments have been carried out to evaluate the proposed method. The contribution of the paper falls within peer-to-peer security or within legal and regulatory issues.
  • Keywords
    Internet; cryptography; digital signatures; peer-to-peer computing; telecommunication traffic; Internet service providers; SNORT rules; application signatures; eDonkey network; eMule signatures; eMule traffic; encrypted traffic detection; network-based tasks; peer-to-peer file sharing applications; peer-to-peer traffic; Application software; Cryptography; Inspection; Law; Legal factors; Multimedia systems; Payloads; Peer to peer computing; Protocols; Telecommunication traffic; deep packet inspection; eDonkey Network; legal and regulatory issues; peer-to-peer file sharing applications; peer-to-peer security; traffic identification and classification;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advances in P2P Systems, 2009. AP2PS '09. First International Conference on
  • Conference_Location
    Sliema
  • Print_ISBN
    978-1-4244-5084-8
  • Electronic_ISBN
    978-0-7695-3831-0
  • Type

    conf

  • DOI
    10.1109/AP2PS.2009.35
  • Filename
    5358988