839 research outputs found
Stochastic Packet Loss Model to Evaluate QoE Impairments
Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.The estimation of quality for real-time services over telecommunication netb4works requires realistic models for impairments and failures during transmission. We focus on the classical Gilbert-Elliott model whose second-order statistics is derived over arbitrary time-scales. The model is used to fit packet loss processes of backbone and DVB-H traffic traces. The results show that simple Markov models are appropriate to capture the observed loss pattern and to discuss how such models can be used to examine the quality degradations caused by packet losses
A First Look at QUIC in the Wild
For the first time since the establishment of TCP and UDP, the Internet
transport layer is subject to a major change by the introduction of QUIC.
Initiated by Google in 2012, QUIC provides a reliable, connection-oriented
low-latency and fully encrypted transport. In this paper, we provide the first
broad assessment of QUIC usage in the wild. We monitor the entire IPv4 address
space since August 2016 and about 46% of the DNS namespace to detected
QUIC-capable infrastructures. Our scans show that the number of QUIC-capable
IPs has more than tripled since then to over 617.59 K. We find around 161K
domains hosted on QUIC-enabled infrastructure, but only 15K of them present
valid certificates over QUIC. Second, we analyze one year of traffic traces
provided by MAWI, one day of a major European tier-1 ISP and from a large IXP
to understand the dominance of QUIC in the Internet traffic mix. We find QUIC
to account for 2.6% to 9.1% of the current Internet traffic, depending on the
vantage point. This share is dominated by Google pushing up to 42.1% of its
traffic via QUIC
Characterizing a Meta-CDN
CDNs have reshaped the Internet architecture at large. They operate
(globally) distributed networks of servers to reduce latencies as well as to
increase availability for content and to handle large traffic bursts.
Traditionally, content providers were mostly limited to a single CDN operator.
However, in recent years, more and more content providers employ multiple CDNs
to serve the same content and provide the same services. Thus, switching
between CDNs, which can be beneficial to reduce costs or to select CDNs by
optimal performance in different geographic regions or to overcome CDN-specific
outages, becomes an important task. Services that tackle this task emerged,
also known as CDN broker, Multi-CDN selectors, or Meta-CDNs. Despite their
existence, little is known about Meta-CDN operation in the wild. In this paper,
we thus shed light on this topic by dissecting a major Meta-CDN. Our analysis
provides insights into its infrastructure, its operation in practice, and its
usage by Internet sites. We leverage PlanetLab and Ripe Atlas as distributed
infrastructures to study how a Meta-CDN impacts the web latency
DDoS Never Dies? An IXP Perspective on DDoS Amplification Attacks
DDoS attacks remain a major security threat to the continuous operation of
Internet edge infrastructures, web services, and cloud platforms. While a large
body of research focuses on DDoS detection and protection, to date we
ultimately failed to eradicate DDoS altogether. Yet, the landscape of DDoS
attack mechanisms is even evolving, demanding an updated perspective on DDoS
attacks in the wild. In this paper, we identify up to 2608 DDoS amplification
attacks at a single day by analyzing multiple Tbps of traffic flows at a major
IXP with a rich ecosystem of different networks. We observe the prevalence of
well-known amplification attack protocols (e.g., NTP, CLDAP), which should no
longer exist given the established mitigation strategies. Nevertheless, they
pose the largest fraction on DDoS amplification attacks within our observation
and we witness the emergence of DDoS attacks using recently discovered
amplification protocols (e.g., OpenVPN, ARMS, Ubiquity Discovery Protocol). By
analyzing the impact of DDoS on core Internet infrastructure, we show that DDoS
can overload backbone-capacity and that filtering approaches in prior work omit
97% of the attack traffic.Comment: To appear at PAM 202
- …