On interactive internet traffic replay

Authors:
Seung-Sun Hong;S. Felix Wu
Affiliations:
University of California, Davis, CA;University of California, Davis, CA
Venue:
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Year:
2005

Citing 10
Cited 6

Congestion avoidance and control

SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
TCP/IP illustrated (vol. 2): the implementation

TCP/IP illustrated (vol. 2): the implementation
Dummynet: a simple approach to the evaluation of network protocols

ACM SIGCOMM Computer Communication Review
A blueprint for introducing disruptive technology into the Internet

ACM SIGCOMM Computer Communication Review
Scalability and accuracy in a large-scale network emulator

ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Dynamic Internet overlay deployment and management using the X-Bone

ICNP '00 Proceedings of the 2000 International Conference on Network Protocols
TCPivo: a high-performance packet replay engine

MoMeTools '03 Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research
Cyber defense technology networking and evaluation

Communications of the ACM - Homeland security
An integrated experimental environment for distributed systems and networks

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Monkey see, monkey do: a tool for TCP tracing and replaying

ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference

On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits

Proceedings of the 12th ACM conference on Computer and communications security
Optimal Cost, Collaborative, and Distributed Response to Zero-Day Worms - A Control Theoretic Approach

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Online Network Forensics for Automatic Repair Validation

IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Effective high speed traffic replay based on IP space

ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 1
Generating client workloads and high-fidelity network traffic for controllable, repeatable experiments in computer security

RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Real-time volume control for interactive network traffic replay

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we introduce an interactive Internet traffic replay tool, TCPopera. TCPopera tries to accomplish two primary goals: (1) replaying TCP connections in a stateful manner, and (2) supporting traffic models for trace manipulation. To achieve these goals, TCPopera emulates a TCP protocol stack and replays trace records interactively in terms of TCP connection-level and IP flow-level parameters. Due to the stateful emulation of TCP connections, it ensures no ghost packet generation which is a critical feature for live test environments where the accuracy of protocol semantics are of fundamental importance. In our validation tests, we showed that TCPopera successfully reproduces trace records in terms of a set of traffic parameters. Also we demonstrated how TCPopera can be deployed in test environments for intrusion detection and prevention systems.