Early Identification of Peer-To-Peer Traffic
To manage and monitor their networks in a proper way, network operators are often interested in identifying the applications generating the traffic traveling through their networks, and doing it as fast (i.e., from as few packets) as possible. State-of-the-art packet-based traffic classification methods are either based on the costly inspection of the payload of several packets of each flow or on basic flow statistics that do not take into account the packet content. In this paper we consider the intermediate approach of analyzing only the first few bytes of the first (or first few) packets of each flow. We propose automatic, machine-learning-based methods achieving remarkably good early classification performance on real traffic traces generated from a diverse set of applications (including several versions of P2P TV and file sharing), while requiring only limited computational and memory resources.