1 / 18

Treatment-Based Traffic Signatures

Treatment-Based Traffic Signatures. Mark Claypool Robert Kinicki Craig Wills. Computer Science Department Worcester Polytechnic Institute. http://www.cs.wpi.edu/~claypool/papers/cube/. P2P File Sharing. Web Browsing. Jitter Insensitive. Jitter Sensitive. Loss Insensitive.

derron
Télécharger la présentation

Treatment-Based Traffic Signatures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Treatment-Based Traffic Signatures Mark Claypool Robert Kinicki Craig Wills Computer Science Department Worcester Polytechnic Institute http://www.cs.wpi.edu/~claypool/papers/cube/

  2. P2P File Sharing Web Browsing Jitter Insensitive Jitter Sensitive Loss Insensitive Loss Sensitive Video Streaming Email Sensors Delay Insensitive Delay Sensitive Instant Messaging Network Games Voice over IP Remote Login Diversity of Internet Applications in the Home IMRG WACI, Cambridge, MA, USA

  3. IP Phone Game Consoles Personal Computers Streaming Video Servers Printers and Faxes Wireless Access Point Hand Held Game Devices Mobile Phones (to Internet) Proliferation of Network Devices in the Home Opportunity…  “Smart” AP • Automatically improves performance • Interoperable, easy-to-use But first…  Need to classify applications • Then can apply treatment to improve QoS IMRG WACI, Cambridge, MA, USA

  4. Outline • Introduction (done) • Goals + (next) • Classification • Preliminary Results • Ongoing Work IMRG WACI, Cambridge, MA, USA

  5. Goals • Classification for purpose of QoS treatments (versus DoS prevention or billing or measurement or …) • Want match between signatures and potential treatments • Not classifying applications  instead concentrate on nature of traffic for specific applications and devices • Different applications with same QoS requirements should get equal network treatments • e.g.VoIP and network game • Not all instances of a particular application yield the same signature, nor is that needed • e.g.Web for browsing, Web for download IMRG WACI, Cambridge, MA, USA

  6. Related Approaches • Port classification alone does not work • Applications can share ports • e.g.Non Web apps use port 80 around firewalls • e.g.scp and ssh both over port 22 • Users run applications on non-standard ports • e.g.Web server on different port since 80 restricted • New applications not officially defined for ports • Payload examination alone does not work • Increased encryption at application layer • Can be computationally expensive • New applications cannot be identified this way • Machine learning alone does not work • Takes too long in real-time, so must be done offline first • Needs external validation, so does not work with new apps IMRG WACI, Cambridge, MA, USA

  7. Domain • Provide classification in wireless Access Point (AP), the same point that provides QoS treatment • Home environment • Both directions of a flow travel through AP • Users are not trying to avoid classification • Can be customized and flexible per-flow treatments • Home APs carry few flows compared to core router • Needs to be real-time • Quick, so as to apply treatment to improve QoS IMRG WACI, Cambridge, MA, USA

  8. Outline • Introduction (done) • Goals + (done) • Classification (next) • Preliminary Results • Ongoing Work IMRG WACI, Cambridge, MA, USA

  9. Drop Packets Transmission Spacing Paced Space Packets As available Delay Packets Full Packet Size Tendency Push Packets Non-full Response-based Non-response-based Nature of Reverse Traffic Treatment-Based Classification streaming ftp p2p sensors web voip games telnet ssh IMRG WACI, Cambridge, MA, USA

  10. Outline • Introduction (done) • Goals + (done) • Classification (done) • Preliminary Results (next) • Ongoing Work IMRG WACI, Cambridge, MA, USA

  11. Preliminary Results • Captured 20-second traces from some representative applications • Nature of reverse traffic • Response based or Non-response based • Packet size tendency • Full or Non-full • Transmission spacing • Paced or As-available IMRG WACI, Cambridge, MA, USA

  12. Nature of Reverse Traffic • TCP automatically makes it response-based • UDP is trickier - is a downstream packet sent in response to one upstream (or vice versa)? • First, try simple up/down count: ApplicationDownUp Streaming video1172521 Network game3931231 VoIP934935 • More work needed … IMRG WACI, Cambridge, MA, USA

  13. ftp – large file wsm – video http – browsing cnn ssh – reading email Packet Size Tendency IMRG WACI, Cambridge, MA, USA

  14. ftp – large file http – browsing cnn ssh – reading email wsm – video Transmission Spacing (1 of 2) IMRG WACI, Cambridge, MA, USA

  15. Transmission Spacing (2 of 2) http – browsing http – download http – streaming IMRG WACI, Cambridge, MA, USA

  16. voip – packet size game – packet size voip – transmission spacing game – transmission spacing Data for Some Other Applications IMRG WACI, Cambridge, MA, USA

  17. Ongoing Work • Differentiation of “paced” and “as available” • Identification of “responsed-based” UDP • e.g.DNS or VoIP over DCCP • Definition of “full” packets • e.g.Streaming video packets of 1400 bytes • “Memory” of classification • e.g. in Second Life, interact on estate then teleport • Statistics: continuous, weighted, or windowed • Across flows for the same device • e.g. Game console (Xbox) versus PC • Need for more traces of applications in the home IMRG WACI, Cambridge, MA, USA

  18. Treatment-Based Traffic Signatures Mark Claypool Robert Kinicki Craig Wills Computer Science Department Worcester Polytechnic Institute http://www.cs.wpi.edu/~claypool/papers/cube/

More Related