基于贝叶斯网络的Peer-to-Peer识别方法

网络业务分类与识别是网络管理、网络规划和安全的必要途径，而Peer-to-Peer (P2P)流量由于采用伪装端口、动态端口以及应用层加密，已成为业务分类与识别的主要难点. 该文提出了P2P业务的精确识别方法，通过对流统计特性的分析，提取相关特征属性，应用遗传算法选取最优特征属性子集，并采用贝叶斯网络机器学习方法识别P2P流量. 实验表明Ｋ2，TAN和BAN能有效快速地识别P2P业务，分类精度高达95%以上，很大程度上优于朴素贝叶斯分类和BP神经网络方法. 同时该系统具有可扩展性，能够识别未知的P2P流量，并适用于实时分类识别环境.

Peer-to-Peer Traffic Identification Using Bayesian Networks

Accurate traffic classification is vital to numerous network activities, such as security monitoring, quality of service provisioning and network planning. However, current P2P applications, which generate a substantial volume of Internet traffic, use dynamic port numbers, HTTP masquerading and payload encryption to avoid detection. In this paper, we present an accurate P2P identification method using Bayesian networks. Based on the abstracted attributes of flow statistics, the optimal attribute subset is selected using genetic algorithms and P2P traffic is identified using Bayesian networks. We evaluate the algorithms and compare them to the previously used Naive Bayesian model and BP perceptron. Experimental results show that the proposed algorithms achieve better overall accuracy up to 95% with less cost. Further, our result indicates that the approaches are capable of identifying unknown P2P traffic and applicable to the real-time applications.