15,565 research outputs found
Social network behaviour inferred from O-D Pair traffic
Because traffic is predominantly formed by communication between users or between users and servers which communicate with users, network traffic inherently exhibits social networking behaviour; the extent of interaction between entities â as identified by their IP addresses â can be extracted from the data and analysed in a multiplicity of ways. In this paper, Anonymized Internet Trace Datasets obtained from the Center for Applied Internet Data Analysis (CAIDA) have been used to identify and estimate characteristics of the underlying social network from the overall traffic. The analysis methods used here fall into two groups, the first being based on frequency analysis and second method being based on the use of traffic matrices, with the latter analysis method being further sub-divided into groups based on the traffic mean, variance and co-variance. The frequency analysis of origin, destination and O-D Pair statistics exhibit heavy tailed behaviour. Because the large number of IP addresses contained in the CAIDA Datasets, only the most predominate IP Addresses are used when estimating all three sub-divided groups of traffic matrices. Principal Component Analysis and related methods are applied to identify key features of each type of traffic matrix. A new system called Antraff has been developed by the authors to carry out all the analysis procedures
A Design Strategy for Deadlock-Free Concurrent Systems
When building concurrent systems, it would be useful to have a collection of reusable processes
to perform standard tasks. However, without knowing certain details of the inner workings of
these components, one can never be sure that they will not cause deadlock when connected to
some particular network.
Here we describe a hierarchical method for designing complex networks of communicating
processeswhich are deadlock-free.We use this to define a safe and simple method for specifying
the communication interface to third party software components. This work is presented using
the CSP model of concurrency and the occam2.1 programming language
Quality in Measurement: Beyond the deployment barrier
Network measurement stands at an intersection in the development of the science. We explore possible futures for the area and propose some guidelines for the development of stronger measurement techniques. The paper concludes with a discussion of the work of the NLANR and WAND network measurement groups including the NLANR Network Analysis Infrastructure, AMP, PMA, analysis of Voice over IP traffic and separation of HTTP delays into queuing delay, network latency and server delay
Traffic measurement and analysis
Measurement and analysis of real traffic is important to gain knowledge
about the characteristics of the traffic. Without measurement, it is
impossible to build realistic traffic models. It is recent that data
traffic was found to have self-similar properties. In this thesis work
traffic captured on the network at SICS and on the Supernet, is shown to
have this fractal-like behaviour. The traffic is also examined with
respect to which protocols and packet sizes are present and in what
proportions. In the SICS trace most packets are small, TCP is shown to be
the predominant transport protocol and NNTP the most common application.
In contrast to this, large UDP packets sent between not well-known ports
dominates the Supernet traffic. Finally, characteristics of the client
side of the WWW traffic are examined more closely. In order to extract
useful information from the packet trace, web browsers use of TCP and HTTP
is investigated including new features in HTTP/1.1 such as persistent
connections and pipelining. Empirical probability distributions are
derived describing session lengths, time between user clicks and the
amount of data transferred due to a single user click. These probability
distributions make up a simple model of WWW-sessions
Recommended from our members
User behaviour modelling for resource management in a hybrid UMTS/DVB-T network
Third generation mobile networks such as UMTS are designed to enhance the deployment of multimedia services providing high data rates and new flexible communication capabilities. However, these systems are interference limited and as such their performance is lowered in the case of a large number of users generating heavy traffic. A solution to this problem is to interconnect the UMTS network to a Digital Video Broadcasting-Terrestrial (DVB-T) network, so that the lack of capacity of UMTS during busy periods can be offset by the high bit rate available on the broadcast network. In order to justify this choice a prediction of the number of subscribers requesting the new multimedia applications designed for this scenario is needed. This paper focuses on the user behaviour modelling for multimedia services in a hybrid UMTS/DVB-T platform. The aim of the paper is to provide operators with a forecast of the demand for new multimedia services showing how they can be subject to a very high number of subscriptions, which UMTS would hardly be able to handle
Observing the Evolution of QUIC Implementations
The QUIC protocol combines features that were initially found inside the TCP,
TLS and HTTP/2 protocols. The IETF is currently finalising a complete
specification of this protocol. More than a dozen of independent
implementations have been developed in parallel with these standardisation
activities.
We propose and implement a QUIC test suite that interacts with public QUIC
servers to verify their conformance with key features of the IETF
specification. Our measurements, gathered over a semester, provide a unique
viewpoint on the evolution of a protocol and of its implementations. They
highlight the arrival of new features and some regressions among the different
implementations.Comment: 6 pages, 8 figure
Analyzing Network Traffic for Malicious Hacker Activity
Since the Internet came into life in the 1970s, it has been growing more than 100% every year. On the other hand, the solutions to detecting network intrusion are far outpaced. The economic impact of malicious attacks in lost revenue to a single e-commerce company can vary from 66 thousand up to 53 million US dollars. At the same time, there is no effective mathematical model widely available to distinguish anomaly network behaviours such as port scanning, system exploring, virus and worm propagation from normal traffic.
PDS proposed by Random Knowledge Inc., detects and localizes traffic patterns consistent with attacks hidden within large amounts of legitimate traffic. With the networkâs packet traffic stream being its input, PDS relies on high fidelity models for normal traffic from which it can critically judge the legitimacy of any substream of packet traffic. Because of the reliability on an accurate baseline model for normal network traffic, in this workshop, we concentrate on modelling normal network traffic with a Poisson process
Is Explicit Congestion Notification usable with UDP?
We present initial measurements to determine if ECN is usable with
UDP traffic in the public Internet. This is interesting because ECN
is part of current IETF proposals for congestion control of UDPbased
interactive multimedia, and due to the increasing use of UDP
as a substrate on which new transport protocols can be deployed.
Using measurements from the authorâs homes, their workplace,
and cloud servers in each of the nine EC2 regions worldwide, we
test reachability of 2500 servers from the public NTP server pool,
using ECT(0) and not-ECT marked UDP packets. We show that
an average of 98.97% of the NTP servers that are reachable using
not-ECT marked packets are also reachable using ECT(0) marked
UDP packets, and that ~98% of network hops pass ECT(0) marked
packets without clearing the ECT bits. We compare reachability of
the same hosts using ECN with TCP, finding that 82.0% of those
reachable with TCP can successfully negotiate and use ECN. Our
findings suggest that ECN is broadly usable with UDP traffic, and
that support for use of ECN with TCP has increased
- âŠ