P2P Traffic Classification for Intrusion Detection Systems
Multiple approaches have been taken to study the classification of Peer-To-Peer (P2P) traffic and to study the impact of P2P on IDS/IPS systems. Majority of these approaches have used rule based or a mix of rule based and anomaly based detection algorithms. The physical setup is generally a firewall and SNORT or similar IDS/IPS solution on the WAN/ISP interface from the organization. In this paper, the authors mainly focused on anomaly based detection for traffic classification using C4.5 machine learning algorithm to improve the performance of IDS/IPS.