Design of P2P Traffic Identification Based on DPI and DFI

Author ZhouZuo
Tutor WangChunZhi;ChenHongWei
School Hubei University of Technology
Course Applied Computer Technology
Keywords DPI DFI P2P Traffic Identification Coordinate
CLC TP393.06
Type Master's thesis
Year 2010
Downloads 116
Quotes 0
Download Dissertation

Throughing the meticulous comparative analysis between DPI (Deep Packet Inspection) technology and DFI(Deep Flow Inspection)technology, this paper put forwards a new theory which combines the DPI with the DFI working collaboratively to identify P2P data stream jointly. This theory can be customized through the strategies.To use this theory as a guide, this paper designes and implementes a system-"new P2P traffic identification system based on a combination of DPI with the DFI".(1)This article studys the DPI technology and DFI technology comparatively and makes a number of detailed analysis for the two technologies performance indicators including the running speed, degree of accuracy, scope, scalability, maintenance costs and other important indicators. Combining domestic with foreign research status of DPI and DFI, this paper obtained a table of analysis results about comparison of DPI and DFI. In order to achieve more accurate recognition results, a broader scope and better quality scalability, this paper proposes an innovative to collecting DPI with the DFI into a system through careful comparative analysis.In this system, DPI and DFI could run together and complement each other to identify the data stream.(2) This paper complies with the above objectives as a guide. From the structural model and logical model as the point of view, the system is introduced particularly, including the module’s functionality, the module location, relationships between modules, and the operation of the module sequence and so on.(3)This paper gives possible coordinate protocol and makes a detailed introduction. The coordinate protocol that bases on DPI and DFI is core idea and value of P2P traffic identification system; it is the key technology for combination of DPI and DFI. At the same time, this paper has combined the practical application of network bandwidth controling; innovative recommendations are made to identify the IP data flow and data flow IP-Port separately in order to achieve more targeted identification purposes.(4) The paper sets out technical problems which encounters in the development phase in the system. An analysis of the causes of these problems and solutions to solve the problem is described. Core technology used and programming ideas are given in detail.On the development process, a number of special problems are briefly described. At the same time, the system performance differences between the the use of core technology before and after proves the validity of the core technology.(5)The paper gives a brief introduce on the system testing and test results which fully prove that the system can not only use DPI technology to identify the intercept data packets correctly but also use DFI technology to analyse IP data streams and IP-Port data stream effectively at the same time.DPI technology and DFI technology is indeed able to achieve complementarity through a coordinated strategy.This paper achieves effects as follows:(1)a detailed comparative study between the DPI technology and DFI in this paper; (2) innovative recommendation as combining DPI with DFI technology are made which based on research; (3)this paper designs and implements P2P identification system based on the idea above and fully proves the feasibility of this idea; (4) in the development process, this paper proposes to identify the IP data flow and data flow IP-Port separately; (5)this article discusses a viable collaborative strategy in detail;(6) this system uses a number of self-developed core technology; (7) DPI technology and DFI technology in this system can use a variety of analytical methods.

