Towards real-time performance monitoring for encrypted traffic

  • Authors:

  • Mehdi Kharrazi;Subhabrata Sen;Oliver Spatscheck

  • Affiliations:

  • AT&T Labs-Research, Florham Park, NJ;AT&T Labs-Research, Florham Park, NJ;AT&T Labs-Research, Florham Park, NJ

  • Venue:
  • Proceedings of the 2007 SIGCOMM workshop on Internet network management
  • Year:
  • 2007

Quantified Score

Hi-index 0.00

Visualization

Abstract

IP networks are increasingly carrying mission-critical applications with robust end-to-end network performance and reliability requirements. Network performance monitoring forms an essential component of critical IP network management functions such as troubleshooting, anomaly detection, and Service-Level-Agreement (SLA) compliance monitoring. However, privacy and security considerations are fueling the use of IP-level encryption techniques such as IPsec, which obscure important transport layer features that existing performance measurement techniques need. New techniques are therefore needed for monitoring performance of encrypted traffic. Towards this goal, in this paper we present a new technique for monitoring round-trip times (RTT) for IP-level encrypted communications. Our approach involves using network-level features like packet size and inter-packet timing to infer specific timing events, and aggregating measurements across short time intervals and related connections to derive final RTT estimates for network paths of interest. Extensive evaluations using traces from an énterprise and a broadband access network, demonstrate that the resulting RTT estimates are quite accurate.