Graption: Automated Detection of P2P Applications Using Traffic Dispersion Graphs (TDGs)

Monitoring network traffic and detecting emerging P2P applications is an increasingly challenging problem since new applications obfuscate their traffic. Despite recent efforts, the problem is not yet solved and network administrators are still looking for effective and deployable tools. In this paper, the authors address this problem using Traffic Dispersion Graphs (TDGs), a novel way to analyze traffic. Given a set of flows, a TDG is a graph with an edge between any two IP addresses that communicate. Thus TDGs capture network-wide interactions.