Can a Wi-Fi WLAN support a first person shooter?

In corporate and commercial environments, the deployment of a set of coordinated Wi-Fi APs is becoming a common solution to provide Internet coverage to moving users. In these scenarios, real-time services as online games can also be present. This paper presents a set of experiments developed in a test scenario where an end device moves between different APs while generating game traffic. A WLAN solution based on virtual APs is used, in order to make the handoffs transparent for Layer 3. The results show that it is possible to maintain an acceptable level of subjective quality during the handoff. At the same time, it is set clear that the fact of having a gamer in an AP could be taken into account by radio resource management algorithms, in order to provide a better quality

Machine Learning based Traffic Classification using Statistical Analysis

In this paper, Automated system is built which contains processing of captured packets from the network. Machine learning algorithms are used to build a traffic classifier which will classify the packets as malicious or non-malicious. Previously, many traditional ways were used to classify the network packets using tools, but this approach contains machine learning approach, which is an open field to explore and has provided outstanding results till now. The main aim is to perform traffic monitoring, analyze it and govern the intruders. The CTU-13 is a dataset of botnet traffic which is used to develop traffic classification system based on the features of the captured packets on the network. This type of classification will assist the IT administrators to determine the unknown attacks which are broadening in the IT industry

Optimization of low-efficiency traffic in OpenFlow Software Defined Networks

Abstract — This paper proposes a method for optimizing bandwidth usage in Software Defined Networks (SDNs) based on OpenFlow. Flows of small packets presenting a high overhead, as the ones generated by emerging services, can be identified by the SDN controller, in order to remove header fields that are common to any packet in the flow, only during their way through the SDN. At the same time, several packets can be multiplexed together in the same frame, thus reducing the number of sent frames. Four kinds of small-packet traffic flows are considered (VoIP, UDP and TCP-based online games, and ACKs from TCP flows). Both IPv4 and IPv6 are tested, and significant bandwidth savings (up to 68 % for IPv4 and 78 % for IPv6) can be obtained for the considered kinds of traffic

A Centralized Framework for Smart Access Point Selection based on the Fittingness Factor

Abstract: This paper focuses on addressing the Access Point (AP) selection problem by relying on a centralized controller that provides a global view of the network. This approach follows the Software-Defined Networking (SDN) concept, which has long been considered in the literature as an innovative method to control management functionalities for wired networks and that is also now becoming a hot topic in the context of Wi-Fi networks. The proposed AP selection approach is based on a novel algorithm which relies on the Fittingness Factor (FF) concept, to maximize a function that reflects the suitability of the available spectrum resources to the application requirements. Specifically, this paper describes the development of a framework that implements the FF-based algorithm for smart AP selection in a centralized controller. The simulated performance comparison of this algorithm against a strategy that maximizes the achievable data rate considered in many papers in the literature, illustrates the important achievements that have been obtained in terms of saved bandwidth and users' satisfaction

No NAT'd User left Behind: Fingerprinting Users behind NAT from NetFlow Records alone

It is generally recognized that the traffic generated by an individual connected to a network acts as his biometric signature. Several tools exploit this fact to fingerprint and monitor users. Often, though, these tools assume to access the entire traffic, including IP addresses and payloads. This is not feasible on the grounds that both performance and privacy would be negatively affected. In reality, most ISPs convert user traffic into NetFlow records for a concise representation that does not include, for instance, any payloads. More importantly, large and distributed networks are usually NAT'd, thus a few IP addresses may be associated to thousands of users. We devised a new fingerprinting framework that overcomes these hurdles. Our system is able to analyze a huge amount of network traffic represented as NetFlows, with the intent to track people. It does so by accurately inferring when users are connected to the network and which IP addresses they are using, even though thousands of users are hidden behind NAT. Our prototype implementation was deployed and tested within an existing large metropolitan WiFi network serving about 200,000 users, with an average load of more than 1,000 users simultaneously connected behind 2 NAT'd IP addresses only. Our solution turned out to be very effective, with an accuracy greater than 90%. We also devised new tools and refined existing ones that may be applied to other contexts related to NetFlow analysis

A Centralised Wi-Fi Management Framework for D2D Communications in Dense Wi-Fi Networks

In Wi-Fi networks, Device-to-Device (D2D) communications aim to improve the efficiency of the network by supporting direct communication between users in close proximity. However, in a congested Wi-Fi network, establishing D2D connections through a locally managed self-organising approach will intensify the congestion and reduce the scalability of the solution. Therefore, a centralised management approach must be involved in orchestrating those actions to guarantee the sufficiency of D2D communications. In this paper, we propose a novel management framework for D2D communications in dense Wi-Fi networks. The proposed framework employs a Software-Defined Networking (SDN) based centralised controller in synergy with a novel Access Point (AP) channel assignment process. This framework is designed to proactively establish and manage D2D connections in Wi-Fi networks considering the available radio resources and the effect of the subsequent interference. Thus, improving the overall performance of the network and providing users with higher data rate. Through simulation, we validate the effectiveness of the proposed framework and demonstrate how D2D deployment considerably improves the Wi-Fi network efficiency especially when the data rate requirements are high. Furthermore, we show that our proposed framework achieves better performance than the widely deployed Least Congested Channel selection strategy (LCC)

A centralised Wi-Fi management framework for D2D communications in dense Wi-Fi networks

In Wi-Fi networks, Device-to-Device (D2D) communications aim to improve the efficiency of the network by supporting direct communication between users in close proximity. However, in a congested Wi-Fi network, establishing D2D connections through a locally managed self-organising approach will intensify the congestion and reduce the scalability of the solution. Therefore, a centralised management approach must be involved in orchestrating those actions to guarantee the sufficiency of D2D communications. In this paper, we propose a novel management framework for D2D communications in dense Wi-Fi networks. The proposed framework employs a Software-Defined Networking (SDN) based centralised controller in synergy with a novel Access Point (AP) channel assignment process. This framework is designed to proactively establish and manage D2D connections in Wi-Fi networks considering the available radio resources and the effect of the subsequent interference. Thus, improving the overall performance of the network and providing users with higher data rate. Through simulation, we validate the effectiveness of the proposed framework and demonstrate how D2D deployment considerably improves the Wi-Fi network efficiency especially when the data rate requirements are high. Furthermore, we show that our proposed framework achieves better performance than the widely deployed Least Congested Channel selection strategy (LCC)

Small-Packet Flows in Software Defined Networks: Traffic Profile Optimization

This paper proposes a method for optimizing bandwidth usage in Software Defined Networks (SDNs) based on OpenFlow. Flows of small packets presenting a high overhead, as the ones generated by emerging services, can be identified by the SDN controller, in order to remove header fields that are common to any packet in the flow, only during their way through the SDN. At the same time, several packets can be multiplexed together in the same frame, thus reducing the overall number of frames. The method can be useful for providing QoS while the packets are traversing the SDN. Four kinds of small-packet traffic flows are considered (VoIP, UDP and TCP-based online games, and ACKs from TCP flows). Both IPv4 and IPv6 are studied, and significant bandwidth savings (up to 68 % for IPv4 and 78 % for IPv6) can be obtained for the considered kinds of traffic. The optimization method is also applied to different public Internet traffic traces, and significant reductions in terms of packets per second are achieved. Results show that bandwidth consumption is also reduced, especially in those traces where the percentage of small packets is high. Regarding the effect on QoS, the additional delay can be kept very low (below 1 millisecond) when the throughput is high, but it may become significant for low- throughput scenarios. Thus, a trade-off between bandwidth saving and additional delay appears in those cases

Radio frequency traffic classification over WLAN

Network traffic classification is the process of analyzing traffic flows and associating them to different categories of network applications. Network traffic classification represents an essential task in the whole chain of network security. Some of the most important and widely spread applications of traffic classification are the ability to classify encrypted traffic, the identification of malicious traffic flows, and the enforcement of security policies on the use of different applications. Passively monitoring a network utilizing low-cost and low-complexity wireless local area network (WLAN) devices is desirable. Mobile devices can be used or existing office desktops can be temporarily utilized when their computational load is low. This reduces the burden on existing network hardware. The aim of this paper is to investigate traffic classification techniques for wireless communications. To aid with intrusion detection, the key goal is to passively monitor and classify different traffic types over WLAN to ensure that network security policies are adhered to. The classification of encrypted WLAN data poses some unique challenges not normally encountered in wired traffic. WLAN traffic is analyzed for features that are then used as an input to six different machine learning (ML) algorithms for traffic classification. One of these algorithms (a Gaussian mixture model incorporating a universal background model) has not been applied to wired or wireless network classification before. The authors also propose a ML algorithm that makes use of the well-known vector quantization algorithm in conjunction with a decision tree—referred to as a TRee Adaptive Parallel Vector Quantiser. This algorithm has a number of advantages over the other ML algorithms tested and is suited to wireless traffic classification. An average F-score (harmonic mean of precision and recall) > 0.84 was achieved when training and testing on the same day across six distinct traffic types