2018 27th International Conference on Computer Communication and Networks (ICCCN) 2018
DOI: 10.1109/icccn.2018.8487396
|View full text |Cite
|
Sign up to set email alerts
|

Towards a Robust and Scalable TCP Flavors Prediction Model from Passive Traffic

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
13
0

Year Published

2018
2018
2023
2023

Publication Types

Select...
5
2

Relationship

4
3

Authors

Journals

citations
Cited by 7 publications
(14 citation statements)
references
References 27 publications
1
13
0
Order By: Relevance
“…For the underlying TCP variant prediction task, we consider only loss-based TCP congestion control algorithms (e.g., CUBIC [9] BIC [32], and Reno [15]) [11] that consider packet loss as an implicit indication of congestion by the network for a proof of concept. Congestion control in any IP stack doesn't have much information available to drive its algorithm.…”
Section: Prediction Of Tcp Variantsmentioning
confidence: 99%
“…For the underlying TCP variant prediction task, we consider only loss-based TCP congestion control algorithms (e.g., CUBIC [9] BIC [32], and Reno [15]) [11] that consider packet loss as an implicit indication of congestion by the network for a proof of concept. Congestion control in any IP stack doesn't have much information available to drive its algorithm.…”
Section: Prediction Of Tcp Variantsmentioning
confidence: 99%
“…Detecting the implementation of a TCP variant passively is a challenging task and this, we believe, is the reason why no previous works use it to passively fingerprint remote and local OSes. However, in our case, we already have a general solution for this difficulty presented in our previous works [17,18,19]. The reason why we focus on the implementations of the underlying TCP variant as a feature in our OS classifier model is due to the fact that different OSes are doing slightly different implementations of TCP.…”
Section: Contributionsmentioning
confidence: 99%
“…Furthermore, we were only allowed to collect TCP headers of the traffic flows, while we could not collect complete traffic captures, due to privacy protection and legal reasons. In the next step, the cwnd behavior is used to predict the underlying TCP variant as explained in further detail in our previous works [17,18,19]. As we can see in the bottom right part of Figure 2, The predicted TCP variant is finally used as an input feature to the OS fingerprinting process.…”
Section: B Realistic Trafficmentioning
confidence: 99%
“…However, our work in this paper relies on a passive measurement technique. In a closely related previous work [15], we presented a machine learning-based approach to identify the underlying traditional loss-based TCP variants which yield accuracies of 93.51% and 95% on emulated and realistic scenarios respectively. The cwnd prediction performance result of the loss-based variants across different scenario settings is presented in Table I.…”
Section: Related Workmentioning
confidence: 99%
“…Hence, in this paper, we want to substantially address this problem by building a two-dimensional space model and see if the β is dependent on queueing delay or not. This helps us to expand our previous method [15] to address bigger cases covering both loss-based and delay-based TCP congestion control algorithms.…”
Section: Related Workmentioning
confidence: 99%