Internet providers who selectively slow certain kinds of traffic on their networks, such as file-sharing, could soon have a new tool at their disposal to prevent savvy users from evading the speed controls.

Research by Italian engineers shows how providers like Bell and Rogers can use statistical methods to curb internet traffic even when the content is encrypted.

Bell, Rogers and some other Canadian internet service providers, or ISPs, currently limit the speeds of certain peer-to-peer file-sharing programs like Limewire and BitTorrent during peak internet hours. The companies say the practice, called "throttling," is necessary to keep their networks from congesting.

But the speed limits can be circumvented in many cases by users who encrypt the messages their file-sharing program sends to the outside world.

Now, however, the team of Italian researchers, from the University of Brescia, has demonstrated a method that can catch this kind of "hidden" file-sharing with up to 90 per cent accuracy.

The scientists' method involves measuring the size and frequency of the discrete "packets" of data that a file-sharing program sends out over, and receives back from, the internet. Even when the content of these packets is disguised, they still appear to leave a characteristic signature that can be used to distinguish them from other kinds of traffic, the researchers told a conference last month of the international Institute of Electrical and Electronics Engineers.

The technique, called statistical fingerprinting, can determine with 99 per cent accuracy when an internet user is trying to hide their use of any of several controlled computer programs within an encrypted channel, and it is 89 per cent accurate at predicting whether the controlled program is a peer-to-peer file-sharing application.

"The experimental results we obtained are very promising. First and foremost, virtually no legitimate traffic is blocked by our mechanism," the Brescia engineers report. "Second, and equally important, the vast majority of [illegitimate] traffic is blocked by the mechanism."

The work is still at a preliminary stage, and likely couldn't be commercially employed until further fine-tuning enables the throttling method to function on the wide variety of encryption protocols used on the internet.

But once honed, the researchers' technique would provide ISPs with another tool in their arsenal of methods to control how the internet is used.

Bell blasted

Internet companies' throttling practices have become ground zero in the debate over net neutrality — or how much control ISPs are able to exert over internet access — in Canada.

Bell Canada's internet throttling practices have prompted a class-action lawsuit in Quebec, a CRTC investigation, a protest on Parliament Hill, a private member's bill in the House of Commons and a complaint with the federal privacy commissioner. Bell Canada's internet throttling practices have prompted a class-action lawsuit in Quebec, a CRTC investigation, a protest on Parliament Hill, a private member's bill in the House of Commons and a complaint with the federal privacy commissioner. (Ryan Remiorz/Canadian Press)

The throttling practices of Bell, Rogers and other Canadian ISPs have prompted outrage from internet users, as well as two private member's bills in the House of Commons, a complaint with the federal privacy commissioner and a Parliament Hill rally attended by hundreds of protesters.

Rogers has acknowledged throttling internet traffic since 2005, but Bell only began curbing its users' file-sharing in November and expanded the practice to other ISPs who rent portions of its network in March. The Canadian Association of Internet Providers, a group of 55 small ISPs affected by the move, filed a complaint in April with the Canadian Radio-television and Communications Commission charging that Bell's actions were anti-competitive.

The CRTC rejected CAIP's call for an immediate cease-and-desist order but has launched a public probe of Bell's throttling.