The focus of the paper are on three main traffic classes:
- P2P file-sharing protocols
- Web traffic
- Malicious and attack traffic
- P2P and HTTP traffic exhibit different peak times
- HTTP traffic has its main activities during office hours
- P2P traffic during the night, up to 90% of transfer volumes
- SACK option has been deployed mostly on clients, but
- Web servers neglect its usage
- Most P2P hosts use it
- Malicious attacks continue all day without rest
- Remains constant, even when the traffic volume has increased
- Basis for choosing the three main classes
- What about real time applications? or have they been lumped together with HTTP and/or P2P categories?
From what I can gather from the paper I read, there is much interest in classifying(analysing?) P2P traffic because of the conflicting goals of the users. At one end, business people want to identify it for legal reasons. On the other end, users don't want it identified because of possible repercussion.
ReplyDeleteMalicious attacks is interesting for security reasons. Maybe they added web traffic for comparison for the other two (kasi sya na pinaka normal..)?