Improving the start-up behavior of a congestion control scheme for TCP
Conference proceedings on Applications, technologies, architectures, and protocols for computer communications
Packet reordering is not pathological network behavior
IEEE/ACM Transactions on Networking (TON)
Monitoring very high speed links
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Detecting shared congestion of flows via end-to-end measurement
IEEE/ACM Transactions on Networking (TON)
On the autocorrelation structure of TCP traffic
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Advances in modeling and engineering of Longe-Range dependent traffic
On the autocorrelation structure of TCP traffic
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Advances in modeling and engineering of Longe-Range dependent traffic
Estimating loss rates with TCP
ACM SIGMETRICS Performance Evaluation Review
Measuring IP and TCP behavior on edge nodes with Tstat
Computer Networks: The International Journal of Computer and Telecommunications Networking
Why is the internet traffic bursty in short time scales?
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
TCP smart framing: a segmentation algorithm to reduce TCP latency
IEEE/ACM Transactions on Networking (TON)
A passive state-machine approach for accurate analysis of TCP out-of-sequence segments
ACM SIGCOMM Computer Communication Review
Measurement and classification of out-of-sequence packets in a tier-1 IP backbone
IEEE/ACM Transactions on Networking (TON)
A statistical test for the time constancy of scaling exponents
IEEE Transactions on Signal Processing
Wavelet analysis of long-range-dependent traffic
IEEE Transactions on Information Theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Live traffic monitoring with tstat: capabilities and experiences
WWIC'10 Proceedings of the 8th international conference on Wired/Wireless Internet Communications
Exploiting packet-sampling measurements for traffic characterization and classification
International Journal of Network Management
Inside dropbox: understanding personal cloud storage services
Proceedings of the 2012 ACM conference on Internet measurement conference
On the state of ECN and TCP options on the internet
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
NetCluster: A clustering-based framework to analyze internet passive measurements data
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.01 |
In this paper, we focus on passive measurements of TCP traffic. We propose a heuristic technique to classify TCP anomalies, i.e., segments that have a sequence number different from the expected one, such as out-of-sequence and duplicate segments. Since TCP is a closed-loop protocol that infers network conditions from packet losses and reacts accordingly, the possibility of carefully distinguishing the causes of anomalies in TCP traffic is very appealing and may be instrumental to understand TCP behavior in real environments. We apply the proposed heuristic to traffic traces collected at both network edges and backbone links. By comparing results obtained from traces collected over several years, we observe some phenomena such as the impact of the introduction of TCP SACK which reduces the unnecessary retransmissions, the large percentage of network reordering, etc. By further studying the statistical properties of TCP anomalies, we find that, while their aggregate exhibits long-range dependence, anomalies suffered by individual long-lived flows are on the contrary uncorrelated. Interestingly, no dependence on the actual link load is observed.