Low-rate TCP-targeted Denial of Service Attack Defense

Size: px
Start display at page:

Download "Low-rate TCP-targeted Denial of Service Attack Defense"

Transcription

1 Low-rate TCP-targeted Denial of Service Attack Defense Johnny Tsao Petros Efstathopoulos University of California, Los Angeles, Computer Science Department Los Angeles, CA {johnny5t, ABSTRACT Low-rate TCP targeted denial of service attacks are a subset of DoS attacks that exploit the retransmission timeout (RTO) mechanism of TCP. In doing so, such an attack can drastically reduce throughput while producing little traffic relative to traditional DoS attacks. Since it produces only periodic traffic, a low-rate attack is difficult to detect and prevent. Another property of the periodic traffic, however, is that a low-rate attack s success depends on synchronization with the victim s RTO. A proposed defense to this attack is to randomize the RTO. In doing so, information can still be transmitted while the attacker is waiting and a connection will be able to avoid timing out successively. In this paper, we evaluate the effectiveness of randomizing the retransmission timeout in defending against low-rate TCP targeted denial of service attacks. Through experiments we show that such a defense can prevent a TCP flow from being throttled by a low-rate attack and still achieve respectable throughput. In addition, we will analyze the effectiveness of a low-rate DoS attack on the implementation of TCP.. INTRODUCTION As the prevalence and use of networks grow, so too will the number of people attempting to exploit them, whether for personal gain or simply malicious intent. Therefore, the issue of network security and protection will only gain importance in today s society and the future. A Denial-of-Service (DoS) attack is one such exploit/attack present in networks today. A DoS generally floods a network or link with traffic with the goal of denying other users access to specific nodes, resources, or services. Such resources include memory, bandwidth, or CPU cycles. The problem with traditional DoS attacks is that their network behavior of flooding links does not correspond with regular network traffic. Therefore, one can often detect a DoS attacker by analyzing the network traffic. In addition to detection, mechanisms can be added to routers to prevent DoS attacks from affecting a network by blocking such traffic. A different type of DoS attack was introduced in []. A low-rate TCP targeted DoS attack produces the negative effects of a typical DoS attack, except it targets TCP flows and can often elude detection since it sends traffic at a relatively low average rate. It does so by exploiting TCP s retransmission timeout mechanism. TCP s retransmission timeout mechanism is intended to deal with cases of severe congestion and multiple losses. If a sender fails to receive an ACK after the timeout period, it reduces its congestion window to one and retransmits the packet. In correspondence with the recommendation made by [3], many systems implement a minimum RTO of second. It is this implementation that puts these systems at risk since a low-rate DoS attack can exploit it. A low-rate DoS attack will flood the network with an initial burst of packets. This burst fills up the queues and results in packet loss for legitimate TCP connections. These connections, after waiting the timeout for an ACK, reduce their windows and retransmit. While the TCP connections wait for ACKs that aren t coming, the low-rate attacker does not need to attack. It can simply wait the RTO (one second) and start flooding the network again, exactly when the TCP connections try to retransmit their packets. In doing so, a low-rate attack can throttle a TCP connection s throughput to nearly zero.

2 In this paper, we will study the effectiveness of randomizing the RTO in defending against a low-rate TCP targeted DoS attack. We will first give an overview of related work on this topic. In section 3, we shall take a closer look at TCP s timeout mechanism. We will analyze the timeout mechanism to find out why it exists and how it works. This will give us insight as to how it is exploited. Section 4 will go over the low-rate DoS attack. We will study the properties of such an attack and see how it takes advantage of the timeout mechanism. We will present the proposed solution of randomizing the RTO in section 5. We will then look at the changes we had to make to the kernel in section 6. After, section 7 will present and analyze our experimental results showing the effectiveness of the randomized RTO defense. Section 8 will present our conclusion and a summary of our results. Lastly, section 9 will discuss future work. 2. RELATED WORKS Our work is mostly based on two papers. The first one is Low-Rate TCP-Targeted Denial of Service Attacks by Kuzmanovic and Knightly. This paper introduced the low rate attack and proposed randomizing the RTO as a solution. The second paper is Randomization: Defense against Low-Rate TCP-Targeted Denial-of-Service Attacks by Yang, Gerla, and Sanadidi. In this paper, they researched both randomization of RTO and probing as defenses against a low rate attack. Both papers do simulations to back up their work. For our paper, we have implemented the randomized RTO defense in. We then run experiments to confirm the results seen in these other works. In addition, we see how the regular kernel behaves under a low rate attack. 3. TCP TIMEOUT MECHANISM 3. TCP Congestion control: Timeout Mechanism Congestion control is essential for TCP. TCP congestion control operates in two timescales depending on the degree of the link s congestion. On smaller timescales of round trip times (RTT) TCP performs additive-increase multiplicative-decrease (AIMD) control with the objective of having each floe transmit at the fair rate of its bottleneck link. At times of severe congestion in which multiple losses occur, TCP operates on longer timescales of Retransmission Time Out (RTO). In this study we are interested in the timeout mechanism of TCP which what the Low-Rate DoS attack tries to exploit. The TCP congestion control mechanism uses the notion of congestion window (cwnd). Each TCP sender uses the congestion window to regulate the rate of transmission based on the feedback it gets from the network. The congestion window is the TCP sender s estimate of how much data can be outstanding in the network without packets being lost. Each receiver can advertise a window size. The sender takes into account this advertised window size and chooses as window size the minimum of the two: advertised window and congestion window. This mechanism helps avoid congestion since both the receiver s capabilities and the networks characteristics are taken into account. After a period of congestion TCP enters the slow-start phase: it shrinks its congestion window to segment and increases it by one every time an acknowledgement is received. If on the other had less than three duplicate ACKs are received before RTO expires, TCP shrinks its congestion window to segment (slo start), doubles the value of the RTO (exponential backoff) and retransmits the lost packet. Under heavy congestion, TCP reduces its congestion window size to segment and sets the RTO to its minimum value. The recommended minimum value for the RTO is sec, as proposed by the study presented in [3]. This mechanism was chosen for dealing with cases of heavy congestion since it is the most conservative sender behavior. If the RTO expires and the packet is lost again the exponential backoff continues and the sender doubles the value of RTO (RTO=2) and retransmits the packet. The sender then waits for the 2sec RTO to expire and if the packet still hasn t been transmitted successfully the exponential backoff continues (RTO is set to 4sec and so on). 3.2 Vulnerability Although this mechanism is well suited for dealing with high congestion, it has a

3 fundamental flaw. The values of RTO are predefined constants. The minimum value is sec and the possible RTO values during exponential backoff are multiples of sec. This property of the algorithm makes the system vulnerable to attacks that use a short high rate burst of packets to fill the bottleneck buffers, right before the RTO expires. An attacker that knows the timing of the sender can use a square wave attack (high rate, short duration bursts) and force the sender to repeatedly enter the retransmission timeout state, while the throughput achieved by the sender will be nearzero. 4. THE LOW-RATE ATTACK A low-rate TCP-Targeted denial of service attack has three properties: a send rate, a burst length, and an inter-burst period. The send rate is obviously the rate at which the attacker sends packets into the network. This rate must be higher than the bandwidth of the bottleneck link in order to produce packet loss and cause TCP flows to timeout. The burst length is how long the attacker floods packets for each burst. This depends on the send rate, RTT of the flows, and bandwidth of the bottleneck. If the burst length is too long, then the attacker risks being detected. It was suggested in [] that a burst length less than 3ms would allow the low-rate attacker to go relatively undetected. Our own experiments show that a burst length of 2ms is sufficient to produce zero throughput with the proper interburst period, so we do not have to worry about going over this threshold. The inter-burst period dictates the frequency at which the attacker floods packets. An attacker would want to pick an inter-burst period that corresponds exactly to the RTO. In this way, the attacker can throttle the throughput while transmitting the least amount of data possible to reduce the chances of detection. The low-rate DoS attack can be viewed as a square wave like in Figure. It bursts packets at a set rate for a set time and then waits out the inter-burst period before bursting again. It does so in the hopes that subsequent bursts will occur just as victim flows begin retransmission. rate burst length inter-burst period Figure : a low-rate attack can be approximated as a square wave 5. RANDOMIZED RTO DEFENSE One possible defense against low-rate TCP-targeted DoS attacks is proposed by []. If the minimum value of the RTO is not set to sec, but instead it is randomized around sec, we could expect the effect of the attack on the throughput to be less severe. Simulation results by [2] show that randomization of the RTO is indeed a possible solution. When the value of RTOmin is randomized around sec, it is more difficult for the attacker to synchronize its square wave attack with the RTO expiration intervals. Thus the attacker can no longer predict the time the new packets will arrive and flood the buffers with a properly timed burst. Although TCP uses predefined backoff values for the RTO (,2,4,8,,64), randomized backoff intervals are used in other protocols, especially link layer protocols that use similar exponential backoff schemes (e.g. Ethernet). Such protocols use a random timeout value within a certain range. There are three different ways one could choose to randomize RTOmin. Each one uses a different range of possible values. The most conservative approach would be to pick a number in the range [t, t+). This will overestimate the RTO. Alternatively, we could choose a value within the ranges [t-, t+) and [ t,.5 t). Simulations and analysis done by [2] show that the range of randomization does not affect the results significantly. For the rest of this paper we assume that any randomization of the timeout is done using a value within the [t-, t+) range.

4 6. THE LINUX KERNEL 6. TCP congestion control The kernel currently implements TCP New Reno. Although many optimizations have been incorporated in the TCP stack, the congestion control mechanism is essentially as defined by TCP New Reno. One issue of great interest to our study is the fact that allows a minimum value of 2ms for the RTO. This deviates from the standard approach of sec RTOmin and makes it harder for potential Low-Rate attacks to succeed. This is because in order to attack effectively using the Low-Rate attack model, one would have to generate an attack square wave with inter-burst period of 2ms. In order to fill the bottleneck buffers using such a short IBP, the attacker would have to use a very high rate. Such an attack is difficult to achieve and the average attack rate would be high enough for DoS defense mechanisms to detect. 6.2 kernel changes Although is less vulnerable because of its 2ms RTOmin, the vulnerability in the design of the TCP timeout mechanisms is existent and other systems may be susceptible to this attack. We wanted to test the effectiveness of the attack on real systems and try to reproduce the results of the simulations. In order to do this we had to do a series of modifications to the kernel. We used two versions of the kernel. The first version was modified so that the minimum value of RTO was bounded to sec. Bounding RTOmin to sec was necessary to test the effectiveness of the attack. RTOmin is defined in the kernel as 2ms. Changing this definition triggers a series of unwanted changes, the most important of which being the improper initialization of rttvar (round trip time variance). In order to bound the minimum value of RTO we had to make sure that it adjusted every time RTO is calculated from the values of srtt (smoothened RTT) and rttvar. Also the function that is used by to check the upper bound of the RTO (tcp_bound_rto()) had to be modified so as to included lower bound checking as well. The second version of the kernel is based on the sec RTO kernel with the addition of randomization. We modified the previous version so that the value of RTO is randomized within the range [t-, t+). The minimum value of the RTO is first adjusted so that it is not below sec. Afterwards a random number is generated using the kernel s random number generator. This number is then combined with the value of RTO to produce the effective timeout that is randomly selected from the desired range. We must note that the values of RTO, RTT, rttvar etc are measured in jiffies. One jiffy is the resolution of the software timer and for the x86 architecture it is ms. The minimum value of RTO was bounded to jiffies (sec) and it was randomized in the range of [5,5) jiffies. The randomized kernel was used to measure the effectiveness of the attack and compare it with the results from the measurements taken with the sec RTO kernel. 7. EXPERIMENTAL RESULTS 7. Experimental Setup We conducted our experiments on a TCP test-bed. We had a sender, receiver, and attacker. We connected the sender and attacker to the receiver through an intermediate node running DummyNet. We used DummyNet to simulate the internet. The setup looks like Figure 2. Figure 2: Test-bed setup

5 The sender and receiver are implemented by running Iperf as a client and server in order to generate TCP traffic. The pipes connecting the sender, attacker, and receiver have a bandwidth of.5mbits/s and a queue of 5 slots. In addition, the RTT was 4ms. We programmed a custom attacker to produce a low-rate attack. It generates 3Mbits/s of traffic in periodic bursts of specified lengths and inter-burst periods. We ran a set of tests for each kernel variation: regular, second RTO, and second randomized RTO. We ran each test for 2 seconds. We allowed the sender to transmit for 2 seconds before starting the attacker. The attacker transmitted at 3 Mbits/s for 2ms while we varied the inter-burst periods. The important inter-burst period values are at and second. This is because they coincide with the RTO of second that was proposed in [3]. 7.2 Results The first test we ran tested how the regular kernel reacted to a low-rate attack. We expect the attack to be less effective since the attacker is specifically aimed at systems with an RTO of second while has an RTO of 2ms. It is interesting to see how it will react under an attack. The throughput graph is presented in Figure Figure 3: Kernel Attack No Attack We see that the throughput is similar to what we would expect to see for a regular DoS attack. As the burst frequency gets higher (lower inter-burst period), the throughput drops. The reason that the throughput never drops to zero is because our attacker is geared toward a system with a minimum RTO of second. We could produce an attacker that attacks with an interburst period of 2ms, but it would have to have a much shorter burst length and much higher burst rate. With such a short inter-burst period, such an attacker may not be stealthy. The next test we ran was on our modified kernel with a second RTO. Figure 4 shows the results of this test Figure 4: s RTO Kernel Attack No Attack With this kernel, we see that there is a major drop in throughput for inter-burst periods of and second. These results agree with the simulation results reported by [] and [2]. Since the retransmission timeout is set to second, each retransmission encounters packet loss because the attacker is transmitting at the same time. If the inter-burst period is not synchronized with the RTO, however, we see that throughput can be achieved. This is evident in the throughput values for inter-burst periods that are not even divisors of second. One thing we must clarify is the fact that we did see a very small throughput at the and s inter-burst periods. This is simply due to the fact that we allowed the sender to transmit for 2 seconds before engaging the attacker. Once the attack began, throughput was throttled to zero for both of these cases. After, we tested our modified kernel which randomizes the RTO between t- and t+ seconds. This produces RTOs that average to t seconds, yet do not allow a low-rate attack to know when it will try retransmitting. The results are shown in figure 5.

6 Attack No Attack Figure 5: Randomized RTO Kernel As you can see, the throughput for the randomized RTO kernel is dramatically better than the s RTO kernel for attacker inter-burst periods of and second. In fact, at the second inter-burst period, we see that the randomized RTO kernel produced a throughput of nearly 4%. This is very good considering that the attacker is flooding the network 2% of the time. In addition, it is a significant improvement from the s RTO kernel which had zero throughput at this point. Figure 6 shows how the different RTO implementations stack up against each other s RTO Random RTO Figure 6: Comparison Again we see that by using a randomized RTO, we do not suffer throughput throttling. In order to throttle the throughput of our modified kernel, an attacker would simply have to resort to a standard DoS attack that constantly transmits. This would not be stealthy since it could be detected relatively easily. Therefore, we see that randomization is a very effective defense against a low-rate DoS attack. burst rate at 3Mbits/s for each test run. The results can be seen in figures 7 through Burst Length (ms) s Kernel Randomized Figure 7: s Inter-burst Period s Kernel Randomized Burst Length (ms) Figure 8: s Inter-burst Period s Kernel Randomized Burst Length (ms) Figure 9: Averaged of s and s From these tests we see that using a burst length of 2ms is just about right to throttle throughput in the s RTO kernel. In addition, we see that the randomized RTO performs better than a s RTO in these zero throughput cases. We conducted one last test. We looked at inter-burst periods of and s and varied the burst lengths from 5 to 2ms. We kept the

7 8. CONCLUSION The design of TCP congestion control mechanism incorporates a statically defined timeout mechanism. Although other protocols use randomization techniques when choosing the value of the retransmission timeout, TCP uses multiples of sec. during its exponential backoff stage. This design makes TCP vulnerable to a Low-Rate attack. Current DoS attack defense mechanisms can not detect this kind of attack since the average attack rate is very low. Using our implementation we were able to test the effectiveness of this attack for three different platforms: the standard kernel, the modified sec RTOmin kernel and the randomized RTO kernel. Our experimental results confirm the simulation results. Systems using a minimum value of sec for the RTO can be heavily affected by a Low-Rate attack. When the attacker is synchronized with the sender (Inter-burst periods of s and s), the throughput is throttled. Experiments using the randomized RTO kernel show that the proposed defense against this type of attack can greatly improve performance. Randomizing the value of RTO eliminates the throughput throttling problem for IBPs of s and s. In the s IBP case in particular we achieve 4% of the link s maximum throughout, while under attack. 9. FUTURE WORK Our first experiments showed that randomizing the value of RTO provides defense against the Low-Rate attack. For our experiments we had to modify the kernel so that the lower bound for the value of RTO is s, instead of 2ms. We would like to test our approach with other operating systems and verify whether any of the popular TCP stack implementations uses RTOmin of s and thus is vulnerable to the attack. Experiments with BSD, Solaris and Microsoft Windows would show to what extend this attack is a threat for real systems. Our next set of experiments will focus on the fairness of the randomized kernel. Changing the value of RTO may affect the fairness of the system when multiple connections are present. We should also test the effectiveness of the randomized kernel defense against the attack with multiple long-term TCP flows as well as dynamic highly variable flows such as HTTP traffic. Finally, we would like to implement an alternative solution to this attack, using probing. A comparison between the effectiveness of the two defense mechanisms would be of great interest.. REFERENCES [] A. Kuzmanovic and E. Knightly. Low-Rate TCP-Targeted Denial of Service Attacks. In Proceedings of ACM SIGCOMM 3, Karlsruhe, Germany, August 23. [2] G. Yang, M. Gerla, and M.Y. Sanadidi. Randomization: Defense Against Low-Rate TCP-Targeted Denial of Service Attacks. Internal draft, 23. [3] M. Allman and V. Paxson. On Estimating End-to-End Network Path Properties. In Proceedings of ACM SIGCOMM 99, Vancouver, British Columbia, September 999. [4] P. Sarolathi and A. Kuznetsov. Congestion Control in TCP. [5] D. Bovet and M. Cesati. Understanding the kernel, O Reilly Press, 23. One issue that we need to look into, is to whom exactly is this attack targeted to. We need to consider what are the real-life scenarios where the Low-Rate attack can actually be launched, what is the target going to be and to what extent will it affect network performance.

Denial-of-Service Shrew Attacks

Denial-of-Service Shrew Attacks Denial-of-Service Shrew Attacks Bhuvana Mahalingam mbhuvana@cs.bu.edu 1. Introduction A Denial of Service Attack is defined as An incident in which a user or organization is deprived of the services of

More information

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP)

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP) TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) *Slides adapted from a talk given by Nitin Vaidya. Wireless Computing and Network Systems Page

More information

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation R.Navaneethakrishnan Assistant Professor (SG) Bharathiyar College of Engineering and Technology, Karaikal, India.

More information

TCP in Wireless Mobile Networks

TCP in Wireless Mobile Networks TCP in Wireless Mobile Networks 1 Outline Introduction to transport layer Introduction to TCP (Internet) congestion control Congestion control in wireless networks 2 Transport Layer v.s. Network Layer

More information

TCP III - Error Control

TCP III - Error Control TCP III - Error Control TCP Error Control 1 ARQ Error Control Two types of errors: Lost packets Damaged packets Most Error Control techniques are based on: 1. Error Detection Scheme (Parity checks, CRC).

More information

Application Level Congestion Control Enhancements in High BDP Networks. Anupama Sundaresan

Application Level Congestion Control Enhancements in High BDP Networks. Anupama Sundaresan Application Level Congestion Control Enhancements in High BDP Networks Anupama Sundaresan Organization Introduction Motivation Implementation Experiments and Results Conclusions 2 Developing a Grid service

More information

Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants) Ý

Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants) Ý Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants) Ý Aleksandar Kuzmanovic and Edward W. Knightly ECE/CS Departments Rice University Houston, TX 775, USA akuzma,knightly@rice.edu

More information

A Comparative Analysis of TCP Tahoe, Reno, New-Reno, SACK and Vegas

A Comparative Analysis of TCP Tahoe, Reno, New-Reno, SACK and Vegas A Comparative Analysis of TCP Tahoe, Reno, New-Reno, SACK and Vegas Abstract: The purpose of this paper is to analyze and compare the different congestion control and avoidance mechanisms which have been

More information

A Survey on Congestion Control Mechanisms for Performance Improvement of TCP

A Survey on Congestion Control Mechanisms for Performance Improvement of TCP A Survey on Congestion Control Mechanisms for Performance Improvement of TCP Shital N. Karande Department of Computer Science Engineering, VIT, Pune, Maharashtra, India Sanjesh S. Pawale Department of

More information

TCP based Denial-of-Service Attacks to Edge Network: Analysis and Detection

TCP based Denial-of-Service Attacks to Edge Network: Analysis and Detection TCP based Denial-of-Service Attacks to Edge Network: Analysis and Detection V. Anil Kumar 1 and Dorgham Sisalem 2 1 CSIR Centre for Mathematical Modelling and Computer Simulation, Bangalore, India 2 Fraunhofer

More information

Transport Layer Protocols

Transport Layer Protocols Transport Layer Protocols Version. Transport layer performs two main tasks for the application layer by using the network layer. It provides end to end communication between two applications, and implements

More information

Re- transmission Timer 2. TCP S TIMEOUT MECHANISM

Re- transmission Timer 2. TCP S TIMEOUT MECHANISM Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants) Aleksandar Kuzmanovic and Edward W. Knightly ECE/CS Departments Rice University Houston, TX 775, USA akuzma,knightly

More information

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1) Lecture Objectives Wireless and Mobile Systems Design Lecture 07 Mobile Networks: TCP in Wireless Networks Describe TCP s flow control mechanism Describe operation of TCP Reno and TCP Vegas, including

More information

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage Lecture 15: Congestion Control CSE 123: Computer Networks Stefan Savage Overview Yesterday: TCP & UDP overview Connection setup Flow control: resource exhaustion at end node Today: Congestion control Resource

More information

TCP Adaptation for MPI on Long-and-Fat Networks

TCP Adaptation for MPI on Long-and-Fat Networks TCP Adaptation for MPI on Long-and-Fat Networks Motohiko Matsuda, Tomohiro Kudoh Yuetsu Kodama, Ryousei Takano Grid Technology Research Center Yutaka Ishikawa The University of Tokyo Outline Background

More information

The following reference answers are based on the trace files provided with the text book, which can be downloaded from the textbook website.

The following reference answers are based on the trace files provided with the text book, which can be downloaded from the textbook website. Wireshark Lab 3 TCP The following reference answers are based on the trace files provided with the text book, which can be downloaded from the textbook website. TCP Basics Answer the following questions

More information

High-Speed TCP Performance Characterization under Various Operating Systems

High-Speed TCP Performance Characterization under Various Operating Systems High-Speed TCP Performance Characterization under Various Operating Systems Y. Iwanaga, K. Kumazoe, D. Cavendish, M.Tsuru and Y. Oie Kyushu Institute of Technology 68-4, Kawazu, Iizuka-shi, Fukuoka, 82-852,

More information

An Improved TCP Congestion Control Algorithm for Wireless Networks

An Improved TCP Congestion Control Algorithm for Wireless Networks An Improved TCP Congestion Control Algorithm for Wireless Networks Ahmed Khurshid Department of Computer Science University of Illinois at Urbana-Champaign Illinois, USA khurshi1@illinois.edu Md. Humayun

More information

Linux 2.4 Implementation of Westwood+ TCP with rate-halving: A Performance Evaluation over the Internet

Linux 2.4 Implementation of Westwood+ TCP with rate-halving: A Performance Evaluation over the Internet Linux. Implementation of TCP with rate-halving: A Performance Evaluation over the Internet A. Dell Aera, L. A. Grieco, S. Mascolo Dipartimento di Elettrotecnica ed Elettronica Politecnico di Bari Via Orabona,

More information

APPENDIX 1 USER LEVEL IMPLEMENTATION OF PPATPAN IN LINUX SYSTEM

APPENDIX 1 USER LEVEL IMPLEMENTATION OF PPATPAN IN LINUX SYSTEM 152 APPENDIX 1 USER LEVEL IMPLEMENTATION OF PPATPAN IN LINUX SYSTEM A1.1 INTRODUCTION PPATPAN is implemented in a test bed with five Linux system arranged in a multihop topology. The system is implemented

More information

TCP PERFORMANCE IN MOBILE-IP

TCP PERFORMANCE IN MOBILE-IP TCP PERFORMANCE IN MOBILE-IP Foo Chun Choong Department of Electrical Engineering, National University of Singapore ABSTRACT The throughput performance of TCP in Mobile-IP [1] was investigated. Compared

More information

Good Ideas So Far Computer Networking. Outline. Sequence Number Space. Lecture 18 More TCP & Congestion Control. The devilish details of TCP

Good Ideas So Far Computer Networking. Outline. Sequence Number Space. Lecture 18 More TCP & Congestion Control. The devilish details of TCP Good Ideas So Far 15-441 Computer Networking Lecture 18 More TCP & Congestion Control Flow control Stop & wait Parallel stop & wait Sliding window (e.g., advertised windows) Loss recovery outs Acknowledgement-driven

More information

A Survey: High Speed TCP Variants in Wireless Networks

A Survey: High Speed TCP Variants in Wireless Networks ISSN: 2321-7782 (Online) Volume 1, Issue 7, December 2013 International Journal of Advance Research in Computer Science and Management Studies Research Paper Available online at: www.ijarcsms.com A Survey:

More information

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi 1. Introduction Ad hoc wireless networks pose a big challenge for transport layer protocol and transport layer protocols

More information

Analysis and Detection of a Denial-of-Service Attack Scenario generated by TCP Receivers to Edge Network

Analysis and Detection of a Denial-of-Service Attack Scenario generated by TCP Receivers to Edge Network Analysis and Detection of a Denial-of-Service Attack Scenario generated by TCP Receivers to Edge Network V. Anil Kumar 1 and Dorgham Sisalem 2 (anil@cmmacs.ernet.in, sisalem@fokus.fhg.de) 1 CSIR Centre

More information

TCP over Wireless Networks

TCP over Wireless Networks TCP over Wireless Networks Raj Jain Professor of Computer Science and Engineering Washington University in Saint Louis Saint Louis, MO 63130 Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse574-10/

More information

A Passive Method for Estimating End-to-End TCP Packet Loss

A Passive Method for Estimating End-to-End TCP Packet Loss A Passive Method for Estimating End-to-End TCP Packet Loss Peter Benko and Andras Veres Traffic Analysis and Network Performance Laboratory, Ericsson Research, Budapest, Hungary {Peter.Benko, Andras.Veres}@eth.ericsson.se

More information

Defending Against Low-rate TCP Attacks: Dynamic Detection and Protection

Defending Against Low-rate TCP Attacks: Dynamic Detection and Protection Defending Against Low-rate TCP Attacks: Dynamic Detection and Protection Haibin Sun John C.S. Lui Department of Computer Science & Engineering The Chinese University of Hong Kong Email: hbsun,cslui @cse.cuhk.edu.hk

More information

Data Networks Summer 2007 Homework #3

Data Networks Summer 2007 Homework #3 Data Networks Summer Homework # Assigned June 8, Due June in class Name: Email: Student ID: Problem Total Points Problem ( points) Host A is transferring a file of size L to host B using a TCP connection.

More information

Murari Sridharan Windows TCP/IP Networking, Microsoft Corp. (Collaborators: Kun Tan, Jingmin Song, MSRA & Qian Zhang, HKUST)

Murari Sridharan Windows TCP/IP Networking, Microsoft Corp. (Collaborators: Kun Tan, Jingmin Song, MSRA & Qian Zhang, HKUST) Murari Sridharan Windows TCP/IP Networking, Microsoft Corp. (Collaborators: Kun Tan, Jingmin Song, MSRA & Qian Zhang, HKUST) Design goals Efficiency Improve throughput by efficiently using the spare capacity

More information

Outline. TCP connection setup/data transfer. 15-441 Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics

Outline. TCP connection setup/data transfer. 15-441 Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics Outline 15-441 Computer Networking Lecture 8 TCP & Congestion Control TCP connection setup/data transfer TCP Reliability Congestion sources and collapse Congestion control basics Lecture 8: 09-23-2002

More information

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN Kanika 1, Renuka Goyal 2, Gurmeet Kaur 3 1 M.Tech Scholar, Computer Science and Technology, Central University of Punjab, Punjab, India

More information

Network Friendliness of Mobility Management Protocols

Network Friendliness of Mobility Management Protocols Network Friendliness of Mobility Management Protocols Md Sazzadur Rahman, Mohammed Atiquzzaman Telecommunications and Networks Research Lab School of Computer Science, University of Oklahoma, Norman, OK

More information

Improving the Performance of Reliable Transport Protocols in Mobile Computing Environments

Improving the Performance of Reliable Transport Protocols in Mobile Computing Environments Improving the Performance of Reliable Transport Protocols in Mobile Computing Environments Ramon Caceres (AT &T Bell Labs) Liviu Iftode (Priceton University) Presented by: Yuvraj Agarwal Introduction Context

More information

Evaluating the Effectiveness of a BitTorrent-driven DDoS Attack

Evaluating the Effectiveness of a BitTorrent-driven DDoS Attack Evaluating the Effectiveness of a BitTorrent-driven DDoS Attack Jurand Nogiec University of Illinois Fausto Paredes University of Illinois Joana Trindade University of Illinois 1. Introduction BitTorrent

More information

IMPROVE PERFORMANCE OF TCP NEW RENO OVER MOBILE AD-HOC NETWORK USING ABRA

IMPROVE PERFORMANCE OF TCP NEW RENO OVER MOBILE AD-HOC NETWORK USING ABRA IMPROVE PERFORMANCE OF TCP NEW RENO OVER MOBILE AD-HOC NETWORK USING ABRA Dhananjay Bisen 1 and Sanjeev Sharma 2 1 M.Tech, School Of Information Technology, RGPV, BHOPAL, INDIA 1 bisen.it2007@gmail.com

More information

An Efficient Detection Algorithm for TCP/IP DDoS Attacks

An Efficient Detection Algorithm for TCP/IP DDoS Attacks An Efficient Detection Algorithm for TCP/IP DDoS Attacks Heshem A. El Zouka Department of Computer Engineering, College of Engineering and Technology Arab Academy for Science & Technology and Maritime

More information

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Wireless Networks 6 (2000) 375 379 375 An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Jian Ma a, Jussi Ruutu b and Jing Wu c a Nokia China R&D Center, No. 10, He Ping Li Dong Jie,

More information

15-441: Computer Networks Homework 2 Solution

15-441: Computer Networks Homework 2 Solution 5-44: omputer Networks Homework 2 Solution Assigned: September 25, 2002. Due: October 7, 2002 in class. In this homework you will test your understanding of the TP concepts taught in class including flow

More information

Chapter 3 Transport Layer

Chapter 3 Transport Layer Chapter 3 Transport Layer All material copyright 1996-2009 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April

More information

Secure SCTP against DoS Attacks in Wireless Internet

Secure SCTP against DoS Attacks in Wireless Internet Secure SCTP against DoS Attacks in Wireless Internet Inwhee Joe College of Information and Communications Hanyang University Seoul, Korea iwjoe@hanyang.ac.kr Abstract. The Stream Control Transport Protocol

More information

Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network

Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network Simulation-Based Comparisons of Solutions for TCP Packet Reordering in Wireless Network 作 者 :Daiqin Yang, Ka-Cheong Leung, and Victor O. K. Li 出 處 :Wireless Communications and Networking Conference, 2007.WCNC

More information

Research of TCP ssthresh Dynamical Adjustment Algorithm Based on Available Bandwidth in Mixed Networks

Research of TCP ssthresh Dynamical Adjustment Algorithm Based on Available Bandwidth in Mixed Networks Research of TCP ssthresh Dynamical Adjustment Algorithm Based on Available Bandwidth in Mixed Networks 1 Wang Zhanjie, 2 Zhang Yunyang 1, First Author Department of Computer Science,Dalian University of

More information

Overview. Lecture 4: Congestion Control TCP. Transport. A Bit of History TCP. Internet is a network of networks

Overview. Lecture 4: Congestion Control TCP. Transport. A Bit of History TCP. Internet is a network of networks Overview Internet is a network of networks Lecture 4: Congestion Control Narrow waist of IP: unreliable, best-effort datagram delivery Packet forwarding: input port to output port Routing protocols: computing

More information

Per-Flow Queuing Allot's Approach to Bandwidth Management

Per-Flow Queuing Allot's Approach to Bandwidth Management White Paper Per-Flow Queuing Allot's Approach to Bandwidth Management Allot Communications, July 2006. All Rights Reserved. Table of Contents Executive Overview... 3 Understanding TCP/IP... 4 What is Bandwidth

More information

Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks

Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks Hoang Lan Nguyen and Uyen Trang Nguyen Department of Computer Science and Engineering, York University 47 Keele Street, Toronto,

More information

Student, Haryana Engineering College, Haryana, India 2 H.O.D (CSE), Haryana Engineering College, Haryana, India

Student, Haryana Engineering College, Haryana, India 2 H.O.D (CSE), Haryana Engineering College, Haryana, India Volume 5, Issue 6, June 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A New Protocol

More information

TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581

TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581 TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581 socket door point-to-point: one sender, one receiver reliable, in-order byte steam: no message boundaries pipelined: TCP congestion and flow control set

More information

TCP transmission control protocol

TCP transmission control protocol TCP transmission control protocol Suguru Yamaguchi 2014 Information Network 1 Functions that transport layer provides! Model: inter-process communication Identification of process Communication pair of

More information

TCP - Introduction. Features of TCP

TCP - Introduction. Features of TCP TCP - Introduction The Internet Protocol (IP) provides unreliable datagram service between hosts The Transmission Control Protocol (TCP) provides reliable data delivery It uses IP for datagram delivery

More information

The Problem with TCP. Overcoming TCP s Drawbacks

The Problem with TCP. Overcoming TCP s Drawbacks White Paper on managed file transfers How to Optimize File Transfers Increase file transfer speeds in poor performing networks FileCatalyst Page 1 of 6 Introduction With the proliferation of the Internet,

More information

Congestions and Control Mechanisms n Wired and Wireless Networks

Congestions and Control Mechanisms n Wired and Wireless Networks International OPEN ACCESS Journal ISSN: 2249-6645 Of Modern Engineering Research (IJMER) Congestions and Control Mechanisms n Wired and Wireless Networks MD Gulzar 1, B Mahender 2, Mr.B.Buchibabu 3 1 (Asst

More information

TCP Service Model. Announcements. TCP: Reliable, In-Order Delivery. Today s Lecture. TCP Header. TCP Support for Reliable Delivery

TCP Service Model. Announcements. TCP: Reliable, In-Order Delivery. Today s Lecture. TCP Header. TCP Support for Reliable Delivery Announcements Sukun is away this week. Dilip will cover his section and office hours. TCP: Reliable, In-Order Delivery EE 122: Intro to Communication Networks Fall 2006 (MW 4-5:30 in Donner 155) Vern Paxson

More information

Final for ECE374 05/06/13 Solution!!

Final for ECE374 05/06/13 Solution!! 1 Final for ECE374 05/06/13 Solution!! Instructions: Put your name and student number on each sheet of paper! The exam is closed book. You have 90 minutes to complete the exam. Be a smart exam taker -

More information

TCP PACKET CONTROL FOR WIRELESS NETWORKS

TCP PACKET CONTROL FOR WIRELESS NETWORKS TCP PACKET CONTROL FOR WIRELESS NETWORKS by Wan Gang Zeng B. Sc. in Computer Science, University of Ottawa, 2000 THESIS SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE

More information

SJBIT, Bangalore, KARNATAKA

SJBIT, Bangalore, KARNATAKA A Comparison of the TCP Variants Performance over different Routing Protocols on Mobile Ad Hoc Networks S. R. Biradar 1, Subir Kumar Sarkar 2, Puttamadappa C 3 1 Sikkim Manipal Institute of Technology,

More information

TCP/IP over the Bluetooth Wireless Ad-hoc Network

TCP/IP over the Bluetooth Wireless Ad-hoc Network TCP/IP over the Bluetooth Wireless Ad-hoc Network Niklas Johansson, Maria Kihl and Ulf Körner Department of Communication Systems, Lund University, Sweden (niklasj, maria, ulfk)@telecom.lth.se Abstract.

More information

TCP: Reliable, In-Order Delivery

TCP: Reliable, In-Order Delivery TCP: Reliable, In-Order Delivery EE 122: Intro to Communication Networks Fall 2006 (MW 4-5:30 in Donner 155) Vern Paxson TAs: Dilip Antony Joseph and Sukun Kim http://inst.eecs.berkeley.edu/~ee122/ Materials

More information

L41: Lab 5 - TCP Latency and Bandwidth

L41: Lab 5 - TCP Latency and Bandwidth L41: Lab 5 - TCP Latency and Bandwidth Lent Term 2015 The goals of this lab are to: Learn to draw TCP time-bandwidth and time sequence-number diagrams Evaluate the effects of latency on TCP Evaluate the

More information

First Midterm for ECE374 02/25/15 Solution!!

First Midterm for ECE374 02/25/15 Solution!! 1 First Midterm for ECE374 02/25/15 Solution!! Instructions: Put your name and student number on each sheet of paper! The exam is closed book. You have 90 minutes to complete the exam. Be a smart exam

More information

TCP Behavior across Multihop Wireless Networks and the Wired Internet

TCP Behavior across Multihop Wireless Networks and the Wired Internet TCP Behavior across Multihop Wireless Networks and the Wired Internet Kaixin Xu, Sang Bae, Mario Gerla, Sungwook Lee Computer Science Department University of California, Los Angeles, CA 90095 (xkx, sbae,

More information

TCP Westwood for Wireless

TCP Westwood for Wireless TCP Westwood for Wireless מבוא רקע טכני בקרת עומס ב- TCP TCP על קשר אלחוטי שיפור תפוקה עם פרוטוקול TCP Westwood סיכום.1.2.3.4.5 Seminar in Computer Networks and Distributed Systems Hadassah College Spring

More information

Chapter 9: Transport Layer and Security Protocols for Ad Hoc Wireless Networks

Chapter 9: Transport Layer and Security Protocols for Ad Hoc Wireless Networks Chapter 9: Transport Layer and Security Protocols for Ad Hoc Wireless Networks Introduction Issues Design Goals Classifications TCP Over Ad Hoc Wireless Networks Other Transport Layer Protocols Security

More information

AN IMPROVED SNOOP FOR TCP RENO AND TCP SACK IN WIRED-CUM- WIRELESS NETWORKS

AN IMPROVED SNOOP FOR TCP RENO AND TCP SACK IN WIRED-CUM- WIRELESS NETWORKS AN IMPROVED SNOOP FOR TCP RENO AND TCP SACK IN WIRED-CUM- WIRELESS NETWORKS Srikanth Tiyyagura Department of Computer Science and Engineering JNTUA College of Engg., pulivendula, Andhra Pradesh, India.

More information

FEW would argue that one of TCP s strengths lies in its

FEW would argue that one of TCP s strengths lies in its IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 13, NO. 8, OCTOBER 1995 1465 TCP Vegas: End to End Congestion Avoidance on a Global Internet Lawrence S. Brakmo, Student Member, IEEE, and Larry L.

More information

Configuring TCP Intercept (Preventing Denial-of-Service Attacks)

Configuring TCP Intercept (Preventing Denial-of-Service Attacks) Configuring TCP Intercept (Preventing Denial-of-Service Attacks) This chapter describes how to configure your router to protect TCP servers from TCP SYN-flooding attacks, a type of denial-of-service attack.

More information

Tutorial 1 (Week 6) Introduction

Tutorial 1 (Week 6) Introduction COMP 333/933 Computer Networks and Applications Tutorial (Week 6) Introduction Problem Set, Question 7 Suppose two hosts, A and B are separated by, kms and are connected by a direct link of R = Mbps. Suppose

More information

Distributed Denial of Service Attacks & Defenses

Distributed Denial of Service Attacks & Defenses Distributed Denial of Service Attacks & Defenses Guest Lecture by: Vamsi Kambhampati Fall 2011 Distributed Denial of Service (DDoS) Exhaust resources of a target, or the resources it depends on Resources:

More information

Analyzing Interaction Between Distributed Denial of Service Attacks And Mitigation Technologies

Analyzing Interaction Between Distributed Denial of Service Attacks And Mitigation Technologies Analyzing Interaction Between Distributed Denial of Service Attacks And Mitigation Technologies W. J. Blackert, D. M. Gregg, A. K. Castner, E. M. Kyle, R. L. Hom, R. M. Jokerst The Johns Hopkins University

More information

An Overview and Comparison of Analytical TCP Models

An Overview and Comparison of Analytical TCP Models An Overview and Comparison of Analytical TCP Models Inas Khalifa and Ljiljana Trajkovic Communication Networks Laboratory http://www.ensc.sfu.ca/research/cnl School of Engineering Science Simon Fraser

More information

ALTHOUGH it is one of the first protocols

ALTHOUGH it is one of the first protocols TCP Performance - CUBIC, Vegas & Reno Ing. Luis Marrone lmarrone@linti.unlp.edu.ar Lic. Andrés Barbieri barbieri@cespi.unlp.edu.ar Mg. Matías Robles mrobles@info.unlp.edu.ar LINTI - Facultad de Informática

More information

Parallel TCP Data Transfers: A Practical Model and its Application

Parallel TCP Data Transfers: A Practical Model and its Application D r a g a n a D a m j a n o v i ć Parallel TCP Data Transfers: A Practical Model and its Application s u b m i t t e d t o the Faculty of Mathematics, Computer Science and Physics, the University of Innsbruck

More information

High Speed Internet Access Using Satellite-Based DVB Networks

High Speed Internet Access Using Satellite-Based DVB Networks High Speed Internet Access Using Satellite-Based DVB Networks Nihal K. G. Samaraweera and Godred Fairhurst Electronics Research Group, Department of Engineering University of Aberdeen, Aberdeen, AB24 3UE,

More information

Outline. Lecture 4: TCP TCP TCP. TCP Segment. How TCP Provides Reliability. Internetworking. TCP Transmission Control Protocol.

Outline. Lecture 4: TCP TCP TCP. TCP Segment. How TCP Provides Reliability. Internetworking. TCP Transmission Control Protocol. Internetworking Outline TCP Transmission Control Protocol RFC 793 (and several follow-ups) Literature: Lecture 4: TCP Forouzan, TCP/IP Protocol Suite: Ch 12 Connection Management Reliability Flow control

More information

CS551 End-to-End Internet Packet Dynamics [Paxson99b]

CS551 End-to-End Internet Packet Dynamics [Paxson99b] CS551 End-to-End Internet Packet Dynamics [Paxson99b] Bill Cheng http://merlot.usc.edu/cs551-f12 1 End-to-end Packet Dynamics How do you measure Internet performance? Why do people want to know? Are ISPs

More information

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding? Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against

More information

Chapter 15. Transmission Control Protocol (TCP) TCP/IP Protocol Suite 1

Chapter 15. Transmission Control Protocol (TCP) TCP/IP Protocol Suite 1 Chapter 15 Transmission Control Protocol (TCP) TCP/IP Protocol Suite 1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter Outline TCP/IP Protocol Suite 2

More information

Part1: Lecture 2 TCP congestion control

Part1: Lecture 2 TCP congestion control Part1: Lecture 2 TCP congestion control Summary of last time TCP headers and details of the flags Flow control TCP sequence numbers TCP connection establishment and termination End to end principle, layering

More information

Sliding Window Protocol and TCP Congestion Control

Sliding Window Protocol and TCP Congestion Control Sliding Window Protocol and TCP Congestion Control Simon S. Lam Department of Computer Science The University it of Texas at Austin 2/25/2014 1 1 2 Sliding Window Protocol Consider an infinite array, Source,

More information

Dynamic Source Routing in Ad Hoc Wireless Networks

Dynamic Source Routing in Ad Hoc Wireless Networks Dynamic Source Routing in Ad Hoc Wireless Networks David B. Johnson David A. Maltz Computer Science Department Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA 15213-3891 dbj@cs.cmu.edu Abstract

More information

Upgrading Mice to Elephants: Effects and End-Point Solutions

Upgrading Mice to Elephants: Effects and End-Point Solutions Upgrading Mice to Elephants: Effects and End-Point Solutions Amit Mondal and Aleksandar Kuzmanovic Department of Electrical Engineering and Computer Science Northwestern University Evanston, IL, 628, USA

More information

TCP/IP Over Lossy Links - TCP SACK without Congestion Control

TCP/IP Over Lossy Links - TCP SACK without Congestion Control Wireless Random Packet Networking, Part II: TCP/IP Over Lossy Links - TCP SACK without Congestion Control Roland Kempter The University of Alberta, June 17 th, 2004 Department of Electrical And Computer

More information

SeVen: A Selective Defense for Low-Rate Application Layer DDoS Attacks. Vivek Nigam Networking Laboratory Federal University of Paraíba - UFPB

SeVen: A Selective Defense for Low-Rate Application Layer DDoS Attacks. Vivek Nigam Networking Laboratory Federal University of Paraíba - UFPB SeVen: A Selective Defense for Low-Rate Application Layer DDoS Attacks Vivek Nigam Networking Laboratory Federal University of Paraíba - UFPB 1 Application-Layer DDoS Attacks Application. Transport Network.

More information

Comparative Analysis of Congestion Control Algorithms Using ns-2

Comparative Analysis of Congestion Control Algorithms Using ns-2 www.ijcsi.org 89 Comparative Analysis of Congestion Control Algorithms Using ns-2 Sanjeev Patel 1, P. K. Gupta 2, Arjun Garg 3, Prateek Mehrotra 4 and Manish Chhabra 5 1 Deptt. of Computer Sc. & Engg,

More information

International Journal of Scientific & Engineering Research, Volume 6, Issue 7, July-2015 1169 ISSN 2229-5518

International Journal of Scientific & Engineering Research, Volume 6, Issue 7, July-2015 1169 ISSN 2229-5518 International Journal of Scientific & Engineering Research, Volume 6, Issue 7, July-2015 1169 Comparison of TCP I-Vegas with TCP Vegas in Wired-cum-Wireless Network Nitin Jain & Dr. Neelam Srivastava Abstract

More information

The Effect of Packet Reordering in a Backbone Link on Application Throughput Michael Laor and Lior Gendel, Cisco Systems, Inc.

The Effect of Packet Reordering in a Backbone Link on Application Throughput Michael Laor and Lior Gendel, Cisco Systems, Inc. The Effect of Packet Reordering in a Backbone Link on Application Throughput Michael Laor and Lior Gendel, Cisco Systems, Inc. Abstract Packet reordering in the Internet is a well-known phenomenon. As

More information

Congestion Control Review. 15-441 Computer Networking. Resource Management Approaches. Traffic and Resource Management. What is congestion control?

Congestion Control Review. 15-441 Computer Networking. Resource Management Approaches. Traffic and Resource Management. What is congestion control? Congestion Control Review What is congestion control? 15-441 Computer Networking What is the principle of TCP? Lecture 22 Queue Management and QoS 2 Traffic and Resource Management Resource Management

More information

The Taming of The Shrew: Mitigating Low-Rate TCP-Targeted Attack

The Taming of The Shrew: Mitigating Low-Rate TCP-Targeted Attack IEEE TRANSACTIONS ON NETWORK SERVICE MANAGEMENT, VOL. 7, NO., MARCH The Taming of The Shrew: Mitigating Low-Rate TCP-Targeted Attack Chia-Wei Chang, Seungjoon Lee, Bill Lin, Jia Wang Abstract A Shrew attack,

More information

Performance Analysis of AQM Schemes in Wired and Wireless Networks based on TCP flow

Performance Analysis of AQM Schemes in Wired and Wireless Networks based on TCP flow International Journal of Soft Computing and Engineering (IJSCE) Performance Analysis of AQM Schemes in Wired and Wireless Networks based on TCP flow Abdullah Al Masud, Hossain Md. Shamim, Amina Akhter

More information

Enhancing TCP to support Rate-Limited Traffic

Enhancing TCP to support Rate-Limited Traffic Enhancing TCP to support Rate-Limited Traffic /TCPM draft-fairhurst-tcpm-newcwv-05.txt G. Fairhurst, A. Sathiaseelan University of Aberdeen Scotland, UK http://trac.tools.ietf.org/group/irtf/trac/wiki/_newcwv

More information

EFFECT OF TRANSFER FILE SIZE ON TCP-ADaLR PERFORMANCE: A SIMULATION STUDY

EFFECT OF TRANSFER FILE SIZE ON TCP-ADaLR PERFORMANCE: A SIMULATION STUDY EFFECT OF TRANSFER FILE SIZE ON PERFORMANCE: A SIMULATION STUDY Modupe Omueti and Ljiljana Trajković Simon Fraser University Vancouver British Columbia Canada {momueti, ljilja}@cs.sfu.ca ABSTRACT Large

More information

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment TrueSpeed VNF provides network operators and enterprise users with repeatable, standards-based testing to resolve complaints about

More information

End-to-end Throughput-related Performance Metrics

End-to-end Throughput-related Performance Metrics Constantinos Dovrolis, Mark Allman, k claffy Oct. 2001 CAIDA Request for Comments: CAIDA-E2E-001 Obsoletes: none Category: DRAFT End-to-end Throughput-related Performance Metrics 1 Goals of this draft

More information

Comparisons of SDN OpenFlow Controllers over EstiNet: Ryu vs. NOX

Comparisons of SDN OpenFlow Controllers over EstiNet: Ryu vs. NOX Comparisons of SDN OpenFlow Controllers over EstiNet: Ryu vs. NOX Shie-Yuan Wang Hung-Wei Chiu and Chih-Liang Chou Department of Computer Science, National Chiao Tung University, Taiwan Email: shieyuan@cs.nctu.edu.tw

More information

Defending DDoS Attacks Using Traffic Differentiation and Distributed Deployment

Defending DDoS Attacks Using Traffic Differentiation and Distributed Deployment Defending DDoS Attacks Using Traffic Differentiation and Distributed Deployment Rohan Patil, Aditya Kumat, Karan Bulbule, Maitreya Natu Student author, College of Engineering, Pune, India Tata Research

More information

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24 Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key

More information

Applying Router-Assisted Congestion Control to Wireless Networks: Challenges and Solutions 1

Applying Router-Assisted Congestion Control to Wireless Networks: Challenges and Solutions 1 Applying Router-Assisted Congestion Control to Wireless Networks: Challenges and Solutions Jian Pu and Mounir Hamdi Department of Computer Science and Engineering, HKUST, Hong Kong {pujian, hamdi}@cse.ust.hk

More information

Energy Efficient Congestion Control Operation in WSNs Adel Gaafar A. Elrahim Electrical Engineering Dept. Red Sea University, Port Sudan, Sudan

Energy Efficient Congestion Control Operation in WSNs Adel Gaafar A. Elrahim Electrical Engineering Dept. Red Sea University, Port Sudan, Sudan Energy Efficient Congestion Control Operation in WSNs Adel Gaafar A. Elrahim Electrical Engineering Dept. Red Sea University, Port Sudan, Sudan Abstract: The development of wireless technologies makes

More information

SELECTIVE-TCP FOR WIRED/WIRELESS NETWORKS

SELECTIVE-TCP FOR WIRED/WIRELESS NETWORKS SELECTIVE-TCP FOR WIRED/WIRELESS NETWORKS by Rajashree Paul Bachelor of Technology, University of Kalyani, 2002 PROJECT SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF

More information

Livello di trasporto TCP

Livello di trasporto TCP Livello di trasporto TCP TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581 point-to-point: one sender, one receiver reliable, in-order byte stream: pipelined: no message boundaries TCP congestion and flow

More information