Repository logo
 
Project Logo
Research Project

TRAMANET: Traffic and Trust Management in Peer-to-Peer Networks

Metadata only

Funder

Organizational Unit

Authors

Publications

Towards the detection of encrypted peer-to-peer file sharing traffic and peer-to-peer TV traffic using deep packet inspection methods
Publication . Carvalho, David Alexandre Milheiro de; Freire, Mário Marques
This dissertation is devoted to the study of Peer-to-Peer (P2P) network traffic identification, using Deep Packet Inspection (DPI) methods. The approach followed in this work is based on the analysis of the content of a packet payload, being paid particular attention to the cases where encryption or obfuscation is used. The protocols and applications under study along this dissertation are organized into two main categories: P2P file sharing (BitTorrent, Gnutella and eDonkey) and P2P TV (Lvestation, TVU Player and Goalbit). The history of P2P and its major milestones are briefly presented, along with their classification according to the functionalities they provide and the network protocol architectures being used by them. Studies on the evolution and current state in the detection of P2P traffic are particularly detailed, as they were the main motivation towards the detection of both encrypted P2P file sharing and P2P TV traffic. The detection of Peer-to-Peer traffic is accomplished by using a set of open source tools, emphasizing Snort, Wireshark and Tcpdump. Snort is used for triggering the alerts concerning this kind of traffic, by using a specified set of rules. These are manually created, based on the observed P2P traffic protocol signatures and patterns, by usingWireshark and Tcpdump. For the storage and visualization of the triggered alerts in a user friendly manner, two open source tools were used, respectively, MySQL and BASE. Finally, the main conclusions achieved in this work are briefly exposed. A section dedicated to future work contains possible directions that may be followed in order to improve this work.
2009Master thesis Open access Show more
Multiple description image and video coding for P2P transmissions
Publication . Quaresma, Marisa Raposo; Sousa, Maria Manuela Areias da Costa Pereira de; Freire, Mário Marques
Peer-to-Peer (P2P) media streaming is, nowadays, a very attractive topic due to the bandwidth available to serve demanding content scales. A key challenge, however, is making content distribution robust to peer transience. Multiple description coding (MDC) has, indeed, proven to be very effective with problems concerning the packets’ losses, since it generates several descriptions and may reconstruct the original information with any number of descriptions that may reach the decoder. Therefore multiple descriptions may be effective for robust peer-to-peer media streaming. In this dissertation, it will not only be showed that, but also that varying the redundancy level of description on the fly may lead to a better performance than the one obtained without varying this parameter. Besides that, it is shown, as well, that varying the Bitrate on the fly outperforms the redundancy on it. Furthermore, the redundancy and the Bitrate were varied simultaneously. Thus, it is shown that this variation is more efficient when the packet loss is high. The experiments reported above were done using an experimental test bed developed for this purpose at the NMCG lab of the University of Beira Interior. It was also used the REGPROT, a video encoder developed by our research team, to splitted the video into multiple descriptions, which were, later, distributed among the peers in the test bed. After the request of the client, the referred encoder decoded the descriptions as they were being received.
2009Master thesis Open access Show more
Netodyssey: a framework for real-time windowed analysis of network traffic
Publication . Beirão, Fábio Duarte; Freire, Mário Marques
Traffic monitoring and analysis is of critical importance for managing and designing modern computer networks, and constitutes nowadays a very active research field. In most of their studies, researchers use techniques and tools that follow a statistical approach to obtain a deeper knowledge about the traffic behaviour. Network administrators also find great value in statistical analysis tools. Many of those tools return similar metrics calculated for common properties of network packets. This dissertation presents NetOdyssey, a framework for the statistical analysis of network traffic. One of the crucial points of differentiation of NetOdyssey from other analysis frameworks is the windowed analysis philosophy behind NetOdyssey. This windowed analysis philosophy allows researchers who seek for a deeper knowledge about networks, to look at traffic as if looking through a window. This approach is crucial in order to avoid the biasing effects of statistically looking at the traffic as a whole. Small fluctuations and irregularities in the network can now be analyzed, because one is always looking through window which has a fixed size: either in number of observations or in the temporal duration of those observations. NetOdyssey is able to capture live traffic from a network card or from a pre-collected trace, thus allowing for real-time analysis or delayed and repetitive analysis. NetOdyssey has a modular architecture making it possible for researchers with reduced programming capabilities to create analysis modules which can be tweaked and easily shared among those who utilize this framework. These modules were thought so that their implementation is optimized according to the windowed analysis philosophy behind NetOdyssey. This optimization makes the analysis process independent from the size of the analysis window, because it only contemplates the observations coming in and going out of this window. Besides presenting this framework, its architecture and validation, the present Dissertation also presents four different analysis modules: Average and Standard deviation, Entropy, Auto-Correlation and Hurst Parameter estimators. Each of this modules is presented and validated throughout the present dissertation.
2010Master thesis Open access Show more
An object-oriented architecture for transmission simulation of image and video with multiple description coding over high-speed optical fibre channels
Publication . Braz, Rui Pedro Quaresma; Freire, Mário Marques; Sousa, Maria Manuela Areias da Costa Pereira de
This dissertation addresses the problem of providing a tool with an object-oriented architecture in order to allow the possibility of simulate the transmission of images and/or videos coded with Multiple Description over high-speed optical fibre channels. In order to solve the problem proposed the choice was a simulator, once the advantage of this solution when compared to a real experiment as several advantages. The solution presented on this dissertation presents several advantages when compared with the solutions already analysed that only allows to analyse some physical phenomena that occur on optical fibre, not filling the requirements pretended to simulate. The proposed solution was developed using an object-oriented architecture, providing the possibility of increment the number of scenarios possible to simulate. On this dissertation all of the development process is described, since the structure of the proposed solution, to the classes developed as long as the Graphical User Interface implemented. The simulation results presented were obtained using a Multiple Description Coding algorithm.
2010Master thesis Open access Show more
Detection of encrypted traffic generated by peer-to-peer live streaming applications using deep packet inspection
Publication . Esteves, André Filipe Ferreira; Freire, Mário Marques
The number of applications using the peer-to-peer (P2P) networking paradigm and their popularity has substantially grown over the last decade. They evolved from the le-sharing applications to media streaming ones. Nowadays these applications commonly encrypt the communication contents or employ protocol obfuscation techniques. In this dissertation, it was conducted an investigation to identify encrypted traf c ows generated by three of the most popular P2P live streaming applications: TVUPlayer, Livestation and GoalBit. For this work, a test-bed that could simulate a near real scenario was created, and traf c was captured from a great variety of applications. The method proposed resort to Deep Packet Inspection (DPI), so we needed to analyse the payload of the packets in order to nd repeated patterns, that later were used to create a set of SNORT rules that can be used to detect key network packets generated by these applications. The method was evaluated experimentally on the test-bed created for that purpose, being shown that its accuracy is of 97% for GoalBit.
2011Master thesis Open access Show more

Organizational Units

Description

Keywords

Contributors

Funders

Funding agency

Fundação para a Ciência e a Tecnologia

Funding programme

5876-PPCDTI

Funding Award Number

PTDC/EIA/73072/2006

ID