A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis
| Main Author: | |
|---|---|
| Language: | English |
| Published: |
Ohio University / OhioLINK
2015
|
| Subjects: | |
| Online Access: | http://rave.ohiolink.edu/etdc/view?acc_num=ohiou1448030769 |
| id |
ndltd-OhioLink-oai-etd.ohiolink.edu-ohiou1448030769 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-OhioLink-oai-etd.ohiolink.edu-ohiou14480307692021-08-03T06:33:56Z A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis Swaro, James E. Computer Science TCP bulk trace analysis traffic analysis tcprs retransmission analysis network reordering analysis congestion state detection fine-grained retransmission detection This study focuses on understanding how to classify out-of-order network traffic sent using the Transport Control Protocol(TCP). Packets that arrive out of order are the result of network reordering or loss recovery. TCP initiates loss recovery in response to the perceived loss of data, decreasing the congestion window and throughput of the connection. When TCP reacts poorly to loss, throughput may drop, latency may increase, and congestion collapse may occur.This thesis analyzes TCP traffic from an arbitrary observation point in a network, rather than at the TCP endpoint. Observing traffic at a TCP endpoint inhibits the inference of loss and detection of network reordering in one direction of the connection. Alternatively, observing traffic at an arbitrary point between two TCP endpoints allows inference of loss and detection of network reordering in both directions. Positioning the observation point at an arbitrary point can increase the diversity of observed connections, increasing the likelihood of detecting rare forms of aberrant behavior.In this paper, several algorithms and heuristics for classification of out-of-order TCP traffic are analyzed and implemented in a new TCP traffic analyzer called tcprs. An in-depth analysis of each algorithm and heuristic is given and compared with the results from tcptrace and tcpcsm. It was found that tcprs achieves an improvement in classification accuracy as compared with tcptrace and tcpcsm. 2015 English text Ohio University / OhioLINK http://rave.ohiolink.edu/etdc/view?acc_num=ohiou1448030769 http://rave.ohiolink.edu/etdc/view?acc_num=ohiou1448030769 unrestricted This thesis or dissertation is protected by copyright: all rights reserved. It may not be copied or redistributed beyond the terms of applicable copyright laws. |
| collection |
NDLTD |
| language |
English |
| sources |
NDLTD |
| topic |
Computer Science TCP bulk trace analysis traffic analysis tcprs retransmission analysis network reordering analysis congestion state detection fine-grained retransmission detection |
| spellingShingle |
Computer Science TCP bulk trace analysis traffic analysis tcprs retransmission analysis network reordering analysis congestion state detection fine-grained retransmission detection Swaro, James E. A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis |
| author |
Swaro, James E. |
| author_facet |
Swaro, James E. |
| author_sort |
Swaro, James E. |
| title |
A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis |
| title_short |
A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis |
| title_full |
A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis |
| title_fullStr |
A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis |
| title_full_unstemmed |
A Heuristic-Based Approach to Real-Time TCP State and Retransmission Analysis |
| title_sort |
heuristic-based approach to real-time tcp state and retransmission analysis |
| publisher |
Ohio University / OhioLINK |
| publishDate |
2015 |
| url |
http://rave.ohiolink.edu/etdc/view?acc_num=ohiou1448030769 |
| work_keys_str_mv |
AT swarojamese aheuristicbasedapproachtorealtimetcpstateandretransmissionanalysis AT swarojamese heuristicbasedapproachtorealtimetcpstateandretransmissionanalysis |
| _version_ |
1719439032183685120 |