Welcome to my thesis: p2pdetect !
This is the Bachelor Thesis project I developed with Simone and explained with honours on October 2006. The tutor was Professor Fabrizio Baiardi. It is a network traffic analyzer written in C language. Its objective is to detect hosts that are using peer to peer applications. So the name, P2pDetect ! It is scalable to big networks: it has been tested on the Metropolitan Area Network of Pisa ( see Centro Serra ) .
In order to search for p2p hosts, we implemented a research by well-known pattern in IP, TCP/UDP packets and a second one by heuristics. It is possible to see the output of P2pDetect through the command line or via a webserver ( P2pDetect has been provided of an output in php files).
P2pDetect identifies these protocols : AppleJuice, Ares, BitTorrent, DirectConnect, EarthStation, eDonkey, Gnutella, Kademlia, FastTrack (KaZaa), Mp2p, OpenNap and SoulSeek.
To install P2pDetect you need just compile sorces with ./configure, make, make install commands. You need also have libpcap libraries installed and root privileges.
The paper shows some case studies, explaining merits and imperfections in the protocols' identification. You can see the P2pDetect website clicking here.