Quality in Measurement: Beyond the deployment barrier

Network measurement stands at an intersection in the development of the science. We explore possible futures for the area and propose some guidelines for the development of stronger measurement techniques. The paper concludes with a discussion of the work of the NLANR and WAND network measurement groups including the NLANR Network Analysis Infrastructure, AMP, PMA, analysis of Voice over IP traffic and separation of HTTP delays into queuing delay, network latency and server delay

Systemization of Pluggable Transports for Censorship Resistance

An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. In particular, the link between the censored client and entry point to the uncensored network is a frequent target of censorship due to the ease with which a nation-state censor can control it. A number of censorship resistance systems have been developed thus far to help circumvent blocking on this link, which we refer to as link circumvention systems (LCs). The variety and profusion of attack vectors available to a censor has led to an arms race, leading to a dramatic speed of evolution of LCs. Despite their inherent complexity and the breadth of work in this area, there is no systematic way to evaluate link circumvention systems and compare them against each other. In this paper, we (i) sketch an attack model to comprehensively explore a censor's capabilities, (ii) present an abstract model of a LC, a system that helps a censored client communicate with a server over the Internet while resisting censorship, (iii) describe an evaluation stack that underscores a layered approach to evaluate LCs, and (iv) systemize and evaluate existing censorship resistance systems that provide link circumvention. We highlight open challenges in the evaluation and development of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK: Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg (DOI 10.1515/popets-2016-0028

Measuring TCP Congestion Control Behaviour in the Internet

The Internet is constantly changing and evolving. In this thesis the behaviour of various aspects of the implementation of TCP underlying the Internet are measured. These include measures of Initial Congestion Window (ICW), type of reaction to loss, Selective Acknowledgment (SACK) support, Explicit Congestion Notification (ECN) support. We develop a new method to measure congestion window reduction due to three duplicate ACK inferred loss. In a previous study 94% of classified servers showed window halving, whereas we found that 50% of classified servers exhibited Binary Increase Congestion control (BIC) or Cubic style behaviour, which is a departure from a Request For Comments (RFC) requirement to reduce the congestion window by at least 50%. ECN is predicted to improve Internet performance, but previous studies have revealed a low support for it 0.5%, and ECN connections failed at a high rate due to middlebox interference 9%; in this thesis we show a steady increase over time of ECN being implemented and supported 7.2%-10.3%. ECN testing of webservers with globally routable IPv6 adderesses showed a higher success rate 21.9%. Analysis of congestion control behaviour such as Tahoe, Reno and New Reno showed New Reno dominating more strongly than before, increasing from 35% to 70% of popular webservers. SACK sending analysis revealed that 45% of popular webservers implement it properly, as compared to 18% in earlier studies. SACK receiving analysis showed higher results to the earlier studies, with success increasing from 64.7% to 81.1%. For both of these SACK studies results for webservers with globally routable IPv6 addresses showed a higher success rate when errors remained low. Analysis of ICW indicates that 75% of popular webservers implement the older ICW regime of an initial congestion window of two or less packets, as compared to 96% in previous studies. The new regime of an ICW of three or four packets depending on segment size was implemented at 20%. We see from these results that RFCs do affect TCP implementation, but change can be slow. However we see that implementation and support for modern TCP features is increasing

Exploring DSCP modification pathologies in the internet

This work is funded by the European Unions Horizon 2020 research and innovation programme under grant agreement no. 644399 (MONROE) through the Open Call and grant agreement no. 644334 (NEAT). The views expressed are solely those of the author(s). The European Commission is not responsible for any use that may be made of that information.Peer reviewedPublisher PD

Transport congestion events detection (TCED): towards decorrelating congestion detection from TCP

TCP (Transmission Control Protocol) uses a loss-based algorithm to estimate whether the network is congested or not. The main difficulty for this algorithm is to distinguish spurious from real network congestion events. Other research studies have proposed to enhance the reliability of this congestion estimation by modifying the internal TCP algorithm. In this paper, we propose an original congestion event algorithm implemented independently of the TCP source code. Basically, we propose a modular architecture to implement a congestion event detection algorithm to cope with the increasing complexity of the TCP code and we use it to understand why some spurious congestion events might not be detected in some complex cases. We show that our proposal is able to increase the reliability of TCP NewReno congestion detection algorithm that might help to the design of detection criterion independent of the TCP code. We find out that solutions based only on RTT (Round-Trip Time) estimation are not accurate enough to cover all existing cases. Furthermore, we evaluate our algorithm with and without network reordering where other inaccuracies, not previously identified, occur

Proactive TCP mechanism to improve Handover performance in Mobile Satellite and Terrestrial Networks

Emerging standardization of Geo Mobile Radio (GMR-1) for satellite system is having strong resemblance to terrestrial GSM (Global System for Mobile communications) at the upper protocol layers and TCP (Transmission Control Protocol) is one of them. This space segment technology as well as terrestrial technology, is characterized by periodic variations in communication properties and coverage causing the termination of ongoing call as connections of Mobile Nodes (MN) alter stochastically. Although provisions are made to provide efficient communication infrastructure this hybrid space and terrestrial networks must ensure the end-to-end network performance so that MN can move seamlessly among these networks. However from connectivity point of view current TCP performance has not been engineered for mobility events in multi-radio MN. Traditionally, TCP has applied a set of congestion control algorithms (slow-start, congestion avoidance, fast retransmit, fast recovery) to probe the currently available bandwidth on the connection path. These algorithms need several round-trip times to find the correct transmission rate (i.e. congestion window), and adapt to sudden changes connectivity due to handover. While there are protocols to maintain the connection continuity on mobility events, such as Mobile IP (MIP) and Host Identity Protocol (HIP), TCP performance engineering has had less attention. TCP is implemented as a separate component in an operating system, and is therefore often unaware of the mobility events or the nature of multi-radios' communication. This paper aims to improve TCP communication performance in Mobile satellite and terrestrial networks.Comment: 5 pages, 2 figure