The Experts below are selected from a list of 99 Experts worldwide ranked by ideXlab platform
Mark Allman - One of the best experts on this subject based on the ideXlab platform.
-
modern application Layer transmission patterns from a Transport perspective
Passive and Active Network Measurement, 2014Co-Authors: Matthew Sargent, Ethan Blanton, Mark AllmanAbstract:We aim to broadly study the ways that modern applications use the underlying protocols and networks. Such an understanding is necessary when designing and optimizing lower-Layer protocols. Traditionallyas prior work showsapplications have been well represented as bulk transfers, often preceded by application-Layer handshaking. Recent suggestions posit that application evolution has eclipsed this simple model, and a typical pattern is now a series of transactions over a single Transport Layer Connection. In this initial study we examine application transmission patterns via packet traces from two networks to better understand the ways that modern applications use TCP.
-
PAM - Modern Application Layer Transmission Patterns from a Transport Perspective
Passive and Active Measurement, 2014Co-Authors: Matthew Sargent, Ethan Blanton, Mark AllmanAbstract:We aim to broadly study the ways that modern applications use the underlying protocols and networks. Such an understanding is necessary when designing and optimizing lower-Layer protocols. Traditionallyas prior work showsapplications have been well represented as bulk transfers, often preceded by application-Layer handshaking. Recent suggestions posit that application evolution has eclipsed this simple model, and a typical pattern is now a series of transactions over a single Transport Layer Connection. In this initial study we examine application transmission patterns via packet traces from two networks to better understand the ways that modern applications use TCP.
Matthew Sargent - One of the best experts on this subject based on the ideXlab platform.
-
modern application Layer transmission patterns from a Transport perspective
Passive and Active Network Measurement, 2014Co-Authors: Matthew Sargent, Ethan Blanton, Mark AllmanAbstract:We aim to broadly study the ways that modern applications use the underlying protocols and networks. Such an understanding is necessary when designing and optimizing lower-Layer protocols. Traditionallyas prior work showsapplications have been well represented as bulk transfers, often preceded by application-Layer handshaking. Recent suggestions posit that application evolution has eclipsed this simple model, and a typical pattern is now a series of transactions over a single Transport Layer Connection. In this initial study we examine application transmission patterns via packet traces from two networks to better understand the ways that modern applications use TCP.
-
PAM - Modern Application Layer Transmission Patterns from a Transport Perspective
Passive and Active Measurement, 2014Co-Authors: Matthew Sargent, Ethan Blanton, Mark AllmanAbstract:We aim to broadly study the ways that modern applications use the underlying protocols and networks. Such an understanding is necessary when designing and optimizing lower-Layer protocols. Traditionallyas prior work showsapplications have been well represented as bulk transfers, often preceded by application-Layer handshaking. Recent suggestions posit that application evolution has eclipsed this simple model, and a typical pattern is now a series of transactions over a single Transport Layer Connection. In this initial study we examine application transmission patterns via packet traces from two networks to better understand the ways that modern applications use TCP.
Andreas Weber - One of the best experts on this subject based on the ideXlab platform.
-
Performance of TCP and HTTP Proxies in UMTS Networks
2005Co-Authors: Marc C. Necker, Michael Scharf, Andreas WeberAbstract:It is well known that the large round trip time and the highly variable delay in a cellular network may degrade the performance of TCP. Many concepts have been proposed to improve this situation, including performance enhancing proxies (PEP). One important class of PEPs are split Connection proxies, which terminate a Connection from a server in the Internet in a host close to the Radio Access Network (RAN) and establish a second Connection towards the mobile User Equipment (UE). This Connection splitting can be done either purely on the Transport Layer (TCP proxy) or on the application Layer (HTTP proxy). While it is clear that an application Layer proxy also infers the splitting of an underlying Transport Layer Connection, the performance of web applications may be essentially different for both approaches. This paper first investigates the TCP Connection behavior of the Mozilla web browser. Subsequently, the performance of TCP and HTTP proxies in UMTS networks is studied under different scenarios and for different HTTP configurations by means of emulation.
-
Performance of different proxy concepts in UMTS networks
Lecture Notes in Computer Science, 2005Co-Authors: Marc C. Necker, Michael Scharf, Andreas WeberAbstract:It is well known that the large round trip time and the highly variable delay in a cellular network may degrade the performance of TCP. Many concepts have been proposed to improve this situation, including performance enhancing proxies (PEPs). One important class of PEPs are split Connection proxies, which terminate a Connection from a server in the Internet in a host close to the Radio Access Network (RAN) and establish a second Connection towards the mobile User Equipment (UE). This Connection splitting can be done either purely on the Transport Layer (TCP proxy) or on the application Layer (HTTP proxy in the case of web traffic). While it is clear that an application Layer proxy also infers the splitting of an underlying Transport Layer Connection, the performance of applications may be essentially different for both approaches. In this paper, we first study the general impact of a split Connection proxy on TCP bulk data transfer. We then focus on the case of web traffic and investigate the TCP Connection behavior of the Mozilla web browser. Based on this, we study the performance of TCP and HTTP proxies in UMTS networks under different scenarios and for different HTTP configurations.
-
EuroNGI Workshop - Performance of different proxy concepts in UMTS networks
Wireless Systems and Mobility in Next Generation Internet, 2005Co-Authors: Marc C. Necker, Michael Scharf, Andreas WeberAbstract:It is well known that the large round trip time and the highly variable delay in a cellular network may degrade the performance of TCP. Many concepts have been proposed to improve this situation, including performance enhancing proxies (PEPs). One important class of PEPs are split Connection proxies, which terminate a Connection from a server in the Internet in a host close to the Radio Access Network (RAN) and establish a second Connection towards the mobile User Equipment (UE). This Connection splitting can be done either purely on the Transport Layer (TCP proxy) or on the application Layer (HTTP proxy in the case of web traffic). While it is clear that an application Layer proxy also infers the splitting of an underlying Transport Layer Connection, the performance of applications may be essentially different for both approaches. In this paper, we first study the general impact of a split Connection proxy on TCP bulk data transfer. We then focus on the case of web traffic and investigate the TCP Connection behavior of the Mozilla web browser. Based on this, we study the performance of TCP and HTTP proxies in UMTS networks under different scenarios and for different HTTP configurations.
Ethan Blanton - One of the best experts on this subject based on the ideXlab platform.
-
modern application Layer transmission patterns from a Transport perspective
Passive and Active Network Measurement, 2014Co-Authors: Matthew Sargent, Ethan Blanton, Mark AllmanAbstract:We aim to broadly study the ways that modern applications use the underlying protocols and networks. Such an understanding is necessary when designing and optimizing lower-Layer protocols. Traditionallyas prior work showsapplications have been well represented as bulk transfers, often preceded by application-Layer handshaking. Recent suggestions posit that application evolution has eclipsed this simple model, and a typical pattern is now a series of transactions over a single Transport Layer Connection. In this initial study we examine application transmission patterns via packet traces from two networks to better understand the ways that modern applications use TCP.
-
PAM - Modern Application Layer Transmission Patterns from a Transport Perspective
Passive and Active Measurement, 2014Co-Authors: Matthew Sargent, Ethan Blanton, Mark AllmanAbstract:We aim to broadly study the ways that modern applications use the underlying protocols and networks. Such an understanding is necessary when designing and optimizing lower-Layer protocols. Traditionallyas prior work showsapplications have been well represented as bulk transfers, often preceded by application-Layer handshaking. Recent suggestions posit that application evolution has eclipsed this simple model, and a typical pattern is now a series of transactions over a single Transport Layer Connection. In this initial study we examine application transmission patterns via packet traces from two networks to better understand the ways that modern applications use TCP.
Liu Pin - One of the best experts on this subject based on the ideXlab platform.
-
ISPEC - A Spark-Based DDoS Attack Detection Model in Cloud Services
Information Security Practice and Experience, 2016Co-Authors: Jian Zhang, Yawei Zhang, Liu PinAbstract:As more and more cloud services are exposed to DDoS attacks, DDoS attack detection has become a new challenging task because large packet traces captured on fast links could not be easily handled on a single server with limited computing and memory resources. In this paper, we propose a Spark based analysis model to identify abnormal packets and compute statistics for the detection model on the number of abnormal packets. The novelties of the model are that: (1) by harnessing HBase, an efficient bloom filter based mapping mechanism of TCP2HC/UDP2HC are implemented; (2) with the characteristics of IP spoofing and temporal correlation of the Transport Layer Connection state, an extensible set of rules and a reliable Spark streaming based check mechanism for abnormal packets are designed; (3) by using statistic features such as the growth of abnormal packets and the growth of anomalous TCP/UDP flow, non-parameter CUSUM algorithm is used to detect DDoS attack efficiently. The model can detect attacks in the early stage, which is beneficial to mitigate attack by converting a check rule to the filtering rule. Experiments show no matter how large the scale of attack traffic and what kind of DDoS attack behavior, the detection model can soon detect DDoS attack accurately.
-
Trustcom/BigDataSE/ISPA - A Hadoop Based Analysis and Detection Model for IP Spoofing Typed DDoS Attack
2016 IEEE Trustcom BigDataSE ISPA, 2016Co-Authors: Jian Zhang, Liu Pin, Yawei ZhangAbstract:As more and more cloud services are exposed to DDoS attacks, DDoS attack detect has become a new challenging task because large packet traces captured on fast links could not be easily handled on a single server with limited computing and memory resources. In this paper, we propose a Hadoop based model to identify abnormal packets and compute the statistics according to the number of abnormal packets. The novelties of the model are that:(1) by harnessing HBASE, an improved bloom filter based mapping mechanism named TCP2HC/UDP2HC are implemented, (2)with the characteristics of IP spoofing and the temporal correlation of Transport Layer Connection state, an extensible set of rules and a reliable MapReduce based checking mechanism for abnormal packets are designed, (3) using statistic features extracted from the increased abnormal packets and TCP/UDP flow, a non-parameter CUSUM algorithm is used to detect most DDoS attacks accurately and efficiently. The model can detect the attack behavior in the early stage, which is beneficial to mitigate attack with the help of flow cleaning by converting a check rule to the filtering rule. Experiments show no matter how large the attack scale and what kind of DDoS attack, the detection model can soon detect DDoS attack accurately.
