Utilize este identificador para referenciar este registo: http://hdl.handle.net/10400.6/3870
Título: Towards the detection of encrypted peer-to-peer file sharing traffic and peer-to-peer TV traffic using deep packet inspection methods
Autor: Carvalho, David Alexandre Milheiro de
Orientador: Freire, Mário Marques
Palavras-chave: Sistemas distribuídos
Sistema peer-to-peer
Data de Defesa: 2009
Resumo: This dissertation is devoted to the study of Peer-to-Peer (P2P) network traffic identification, using Deep Packet Inspection (DPI) methods. The approach followed in this work is based on the analysis of the content of a packet payload, being paid particular attention to the cases where encryption or obfuscation is used. The protocols and applications under study along this dissertation are organized into two main categories: P2P file sharing (BitTorrent, Gnutella and eDonkey) and P2P TV (Lvestation, TVU Player and Goalbit). The history of P2P and its major milestones are briefly presented, along with their classification according to the functionalities they provide and the network protocol architectures being used by them. Studies on the evolution and current state in the detection of P2P traffic are particularly detailed, as they were the main motivation towards the detection of both encrypted P2P file sharing and P2P TV traffic. The detection of Peer-to-Peer traffic is accomplished by using a set of open source tools, emphasizing Snort, Wireshark and Tcpdump. Snort is used for triggering the alerts concerning this kind of traffic, by using a specified set of rules. These are manually created, based on the observed P2P traffic protocol signatures and patterns, by usingWireshark and Tcpdump. For the storage and visualization of the triggered alerts in a user friendly manner, two open source tools were used, respectively, MySQL and BASE. Finally, the main conclusions achieved in this work are briefly exposed. A section dedicated to future work contains possible directions that may be followed in order to improve this work.
URI: http://hdl.handle.net/10400.6/3870
Designação: Mestrado em Tecnologias e Sistemas de Informação
Aparece nas colecções:FE - DI | Dissertações de Mestrado e Teses de Doutoramento

Ficheiros deste registo:
Ficheiro Descrição TamanhoFormato 
Dissertacao_David_Carvalho_2274.pdf8,93 MBAdobe PDFVer/Abrir


FacebookTwitterDeliciousLinkedInDiggGoogle BookmarksMySpace
Formato BibTex MendeleyEndnote Degois 

Todos os registos no repositório estão protegidos por leis de copyright, com todos os direitos reservados.