'Tunnel Hunter' - Detects Encrypted P2P Traffic With 90% Accuracy torrent downloads
'Tunnel Hunter' - Detects Encrypted P2P Traffic With 90% Accuracy is avaiable on usenext.It is network of P2P files, which will give you new HIGH SPEED DOWNNLOADS! Give them a try with free 3GB of downloads. Sign up here
Italian researchers say they can detect SSH tunnels with 99% accuracy and actual protocol (P2P, POP3, SMTP, HTTP) with 90% accuracy.
Italian Researchers at the Universita degli Studidi Brescia (University of Brescia Studies?) have developed a statistical method called "Tunnel Hunter" for detecting encrypted tunneling activities with 99% accuracy.
Using a naive Bayes approach to previously classify different protocols such as P2P, POP3, SMTP, and HTTP, they have used the same basic classification algorithm to detect SSH tunnels. Instead of using Deep Packet Inspection (DPI) they analyze three simple properties of IP packets: their size, inter-arrival time and arrival order.
The main theory they argue is that that a fingerprint can be derived by training the system on legitimate, non-tunneling SSH usage, and then later be used to detect application-layer tunnels that are run on top of a Secure Shell.