p2p whitepaper
TRANSCRIPT
-
7/30/2019 P2P Whitepaper
1/6
P2PDPI DFI P2P
P2P ,,
,,,
P2P
, P2P , P2P
, P2P , DPI DFI P2P
, :
P2P , ,
,TCAM P2P
, ,
P2P , P2P
TCAM P2P
, P2P ,
TCP/UDP {IP,Port} ,
, P2P
, DFI P2P
, P2P
, , P2P
, P2P , ,
P2P ,
-
7/30/2019 P2P Whitepaper
2/6
,
, GE P2P ,
,
Various applications based on P2P
technology have been widely adopted, which brings us
many conveniences. Meanwhile, it gradually evolves into
anassassinto the wide-band network, constantly brings
on network jams, severely affects the quality of network
services, brings out lots of potential safety hazards. Thus,
high efficient P2P flow management measures to the
relevant network level exit becomes one of the key factors
to the maintaining development of the internet.Based on
the project of the enterprise-level border gateway, this
paper shoots the two problems, Hi-Speed and applying
diversification, in current development of the P2P
detection technology, and discusses the development
course of P2P technology and its detecting technology. By
a deeply research and analysis of P2P protocol, it brings
forward a P2P flow detection solution based on DPI & DFI,
achieves engineering implementation.The paper mainly
discusses as follow:It deeply and meticulously analyzed
current main-stream P2P protocols, extracted
-
7/30/2019 P2P Whitepaper
3/6
characteristic strings from them. Then aiming at the
problem that the current software implementing detection
methods cannot be applied in hi-speed wide-band network
environment, the paper put forward a detecting algorithm
of the P2P flow based on TCAM, and achieved line-rate
detection of P2P flow based on in-depth packet detection
technology in enterprise-level network environment, by
hardware acceleration. The results demonstrated that this
algorithm could precisely detect the forgone P2P flows.As
to the problem that the in-depth packet detection
technology base on TCAM cannot effectively detect new or
transmission-encrypted P2P protocols, the paper put
forward a weighted P2P flow detecting algorithm base on
in-depth flow detection technology, which applies TCP/UDP
method , {IP,Port} method, co-current connection number
method to separately detect flows, and comprehensively
analyzes the results to identify P2P flows. It turns out that
the DFI weighted P2P flow detection technology has a
better performance in detection rate, false rate and
missing rate than every single technology alone, and is
capable of detecting the transmission-encrypted P2P
flows. As to the problem that there is deficiency when
-
7/30/2019 P2P Whitepaper
4/6
detection technology based on in-depth packet or
detection technology based on in-depth flow is applied
alone, the paper based on the R&D environment of the
project put forward a relatively advanced P2P flow
detection solution and achieved engineering
implementation, combined two P2P detection algorithms
to make up for each others deficiencies, had been
capable of detecting most know, unknown or transmission-
encrypted P2P flows, during which a strategy of known
flows processed with priority was adopted to guarantee
the best quality of the communications. Theoretical
analyses and tests reveal that this solution could
accomplish line-rate P2P flow detection in GE interface,
which completely meets the projects demands. At
present, this solution has been successfully applied in the
enterprise-level border gateway system.
P2P TCAM DPI DFI
P2P TCAM DPI DFI Flow
Detection
DPI DFI P2P 4-5Abstract5-6
9-131.1 9-101.2 10-111.3
111.4 11-13 P2P
-
7/30/2019 P2P Whitepaper
5/6
13-252.1 P2P 13-142.2 P2P 14-
182.2.1 P2P 15-162.2.2
P2P 16-172.2.3 P2P 172.2.4
P2P17-182.3 P2P 18-212.3.1
Gnutella 18-192.3.2 eDonkey 192.3.3 BitTorrent
192.3.4 Kazaa 19-202.3.5 Skype 20-212.4 P2P
21-242.4.1 21-222.4.2 222.4.3
22-232.4.4 232.4.5 23-242.5
24-25 DPI P2P 25-353.1 P2P
25-263.2 DPI P2P 263.3
TCAM 26-283.4 TCAM P2P
28-313.4.1 28-293.4.2 29-313.5 31-333.6
33-35 DFI P2P 35-464.1 P2P
35-364.1.1 TCP / UDP 354.1.2 {IPPort}
35-364.1.3 364.2 DFI P2P
36-434.2.1 38-394.2.2 39-
434.3 43-454.4 45-46
DPI DFI P2P 46-545.1 46-475.2
P2P 47-515.2.1 47-485.2.2
48-505.2.3 50-515.3 51-535.4
53-54 54-566.1 54-556.2 55-56
56-59 59-60 60
-
7/30/2019 P2P Whitepaper
6/6