SlideShare a Scribd company logo

Rapid Detection of Constant-Packet-Rate Flows

Academia Sinica
Academia Sinica

The demand for effective VoIP and online gaming traffic management methods continues to increase for purposes such as QoS provisioning, usage accounting, and blocking VoIP calls or game connections. However, identifying such flows has become a significant administrative burden because many of the applications use proprietary signaling and transport protocols. The question of how to identify proprietary VoIP traffic has yet to be solved. In this paper, we propose using a deviation-based classifier to identify VoIP and gaming traffic, given that such real-time interactive services normally send out constant-packet-rate (CPR) traffic with a fixed interval, in order to maintain real-timeliness and interactivity. Our contribution is two-fold: 1) We show that scale-free variability measures are more appropriate than scaledependent ones for quantifying the network variability injected into CPR traffic. 2) Our proposed classifier is particularly lightweight in that it only requires a few inter-packet times to make a decision. The evaluation results show that by only analyzing 10 successive inter-packet times, we can distinguishbetween CPR and non-CPR traffic with approximately 90% accuracy.

TechnologyBusiness
1 of 28
Download to read offline
Rapid Detection of Constant-Packet-Rate Flows Jing-Kai Lou, Kuan-Ta Chen Institute of Information Science, Academia Sinica ARES 2008, 03/05 1
Talk Outline Motivation Investigation Performance Evaluation Summary ARES 2008, 03/05 2
Motivation Popular real-time and interactive applications: VoIP, Real-time network games Traffic management Need of flow identification A distinct characteristic of such traffic: Constant Packet Rate VoIP: Encoded continuous human voice Real-time network game: game state updates Key to identify VoIP and online gaming traffic: CPR flow identification ARES 2008, 03/05 3
Key Contribution A CPR traffic classifier Lightweight 10 successive inter-packet times High Accuracy 90% identification rate Client Client Traffic stream ARES 2008, 03/05 4
A Naive Method Coefficient of Variation (CoV) of Inter-Packet Times (IPT) IPT CoV small CPR IPT CoV large non-CPR CPR Traffic IPT1= IPT1=…= IPTi IPT1 IPT2 … IPTi ARES 2008, 03/05 5
Ideal IPT Distribution 1 Density 0 0 200 400 600 800 1000 Inter-packet time (ms) ARES 2008, 03/05 6
Collected Traces Trace Flow IPT CoV Path Diversity VoIP (Skype) 1739 0.37 1106 hosts / 1641 paths Counter-Strike 1016 0.32 271 hosts / 270 paths TELNET 276 1.53 140 hosts / 93 paths HTTP 409 1.54 474 hosts / 325 paths P2P 1303 1.63 645 hosts / 644 paths World of Warcraft 1611 0.71 52 hosts / 39 paths ARES 2008, 03/05 7
Real IPT Distributions Why the IPT distributions of VoIP and Counter-Strike are not as we expect? ARES 2008, 03/05 8
Difficulties: Network Impairment Host delay Channel delay Network queueing delay Network packet loss packet loss delay traffic CPR after network impairment Sender ARES 2008, 03/05 9
More Difficulties To do a decision with a few samples short time few storage space In short scale, non-CPR traffic could look like CPR Non-CPR Flow ARES 2008, 03/05 10
Refreshment Our goal To search a good metric of IPT deviations for CPR detection Challenges Network impairment Need of small sample size ARES 2008, 03/05 11
Deviation Metric Design Design factors for measuring variation Function (FUN) Sample Size (W) Smoother Size (S) ARES 2008, 03/05 12
Deviation Metric: Function (1/3) Standard Deviation (SD) ∑iN 1 ( IPTi − IPT ) 2 SD = = N Coefficient of variation (CoV) SD CoV = MEAN ARES 2008, 03/05 13
Deviation Metric: Function (2/3) Mean absolute deviation (MD) ∑iN 1 | ( IPTi − IPT ) | MAD = = N Median absolute deviation (MAD) ∑iN 1 | ( IPTi − median( IPT )) | MAD = = N ARES 2008, 03/05 14
Deviation Metric: Function (2/3) Inter-quantile range (IQR) IQR = Upper Quartile (75%) − Lower Quartile (25%) Range Range = max(IPT) − min(IPT) ARES 2008, 03/05 15
Deviation Metric: Sample Size Sample size (W): Number of IPT samples W increases Accuracy increases Time/space complexity increases Sample Time/Space Accuracy Size complexity ARES 2008, 03/05 16
Deviation Metric: Smoother Size Smoother size (S): Window size to smooth (mean) W increases Impairment effect decreases False negative increases Impairment Window effect False Size Negative ARES 2008, 03/05 17
FUN=CoV, W=10, S=1 Does this estimator setting achieve the best discriminative power?? ARES 2008, 03/05 18
Performance Metric ROC (Receiver Operating Characteristic): TPR: ratio of true positive FPR: ratio of false positive AUC (Area Under Curve): Area under the ROC curve AUC = 1, perfect classification AUC > 0.8, generally good AUC = 0.5 random guess ARES 2008, 03/05 20
Effect of Deviation Metric Dimensionless metric CoV performs the best! ARES 2008, 03/05 21
Effect of Sample Size Sample size increases ROC Curve shifts left AUC increases ARES 2008, 03/05 22
Effect of Smoother Size Improvement only for large samples ARES 2008, 03/05 23
Discrimination Performance ARES 2008, 03/05 24
Summary Proposed using IPT constancy to identify CPR flows VoIP Real-time gaming Studied various design issues of IPT deviation estimators Our classifier (CoV-based) yields an accuracy rate 90% with only 10 IPT samples ARES 2008, 03/05 25
ARES 2008, 03/05 26
packet loss delay after network impairment Receiver ARES 2008, 03/05 28

Recommended

Essential principles of jitter part 2 the components of jitter
Essential principles of jitter part 2 the components of jitterEssential principles of jitter part 2 the components of jitter
Essential principles of jitter part 2 the components of jitterteledynelecroy
 
Dpf 2011 V2
Dpf 2011 V2Dpf 2011 V2
Dpf 2011 V2warunaf
 
量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值
量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值
量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值Academia Sinica
 
Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...
Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...
Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...Academia Sinica
 
Computational Social Science:The Collaborative Futures of Big Data, Computer ...
Computational Social Science:The Collaborative Futures of Big Data, Computer ...Computational Social Science:The Collaborative Futures of Big Data, Computer ...
Computational Social Science:The Collaborative Futures of Big Data, Computer ...Academia Sinica
 
Cloud Gaming Onward: Research Opportunities and Outlook
Cloud Gaming Onward: Research Opportunities and OutlookCloud Gaming Onward: Research Opportunities and Outlook
Cloud Gaming Onward: Research Opportunities and OutlookAcademia Sinica
 
Games on Demand: Are We There Yet?
Games on Demand: Are We There Yet?Games on Demand: Are We There Yet?
Games on Demand: Are We There Yet?Academia Sinica
 
smart ms voip for lte networks
smart ms voip for lte networkssmart ms voip for lte networks
smart ms voip for lte networksStreamWIDE
 

Recommended

Essential principles of jitter part 2 the components of jitter
Essential principles of jitter part 2 the components of jitterEssential principles of jitter part 2 the components of jitter
Essential principles of jitter part 2 the components of jitterteledynelecroy
 
Dpf 2011 V2
Dpf 2011 V2Dpf 2011 V2
Dpf 2011 V2warunaf
 
量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值
量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值
量化「樂趣」-以心理生理量測探究數位娛樂商品之市場價值Academia Sinica
 
Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...
Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...
Detecting In-Situ Identity Fraud on Social Network Services: A Case Study on ...Academia Sinica
 
Computational Social Science:The Collaborative Futures of Big Data, Computer ...
Computational Social Science:The Collaborative Futures of Big Data, Computer ...Computational Social Science:The Collaborative Futures of Big Data, Computer ...
Computational Social Science:The Collaborative Futures of Big Data, Computer ...Academia Sinica
 
Cloud Gaming Onward: Research Opportunities and Outlook
Cloud Gaming Onward: Research Opportunities and OutlookCloud Gaming Onward: Research Opportunities and Outlook
Cloud Gaming Onward: Research Opportunities and OutlookAcademia Sinica
 
Games on Demand: Are We There Yet?
Games on Demand: Are We There Yet?Games on Demand: Are We There Yet?
Games on Demand: Are We There Yet?Academia Sinica
 
smart ms voip for lte networks
smart ms voip for lte networkssmart ms voip for lte networks
smart ms voip for lte networksStreamWIDE
 
860 dspi ber_user_guide_appnote
860 dspi ber_user_guide_appnote860 dspi ber_user_guide_appnote
860 dspi ber_user_guide_appnotetrilithicweb
 
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-successCao Xuân Trình
 
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-successCao Xuân Trình
 
Quantifying Skype User Satisfaction
Quantifying Skype User SatisfactionQuantifying Skype User Satisfaction
Quantifying Skype User SatisfactionAcademia Sinica
 
20320140501004 2-3-4-5-6
20320140501004 2-3-4-5-620320140501004 2-3-4-5-6
20320140501004 2-3-4-5-6IAEME Publication
 
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...IJECEIAES
 
P9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalP9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalAamir Habib
 
X04408122125
X04408122125X04408122125
X04408122125IJERA Editor
 
The application wavelet transform algorithm in testing adc effective number o...
The application wavelet transform algorithm in testing adc effective number o...The application wavelet transform algorithm in testing adc effective number o...
The application wavelet transform algorithm in testing adc effective number o...ijcsit
 
Error detection in Data Communication System
Error detection in Data Communication SystemError detection in Data Communication System
Error detection in Data Communication SystemIshan Sharma
 
Db31706711
Db31706711Db31706711
Db31706711Usman Ali
 
Improvement in Error Resilience in BIST using hamming code
Improvement in Error Resilience in BIST using hamming codeImprovement in Error Resilience in BIST using hamming code
Improvement in Error Resilience in BIST using hamming codeIJMTST Journal
 
Bad API Observability - KCD Austria 2023
Bad API Observability - KCD Austria 2023Bad API Observability - KCD Austria 2023
Bad API Observability - KCD Austria 2023SonjaChevre
 
Determination of optimum fft for wi max under different fading
Determination of optimum fft for wi max under different fadingDetermination of optimum fft for wi max under different fading
Determination of optimum fft for wi max under different fadingIAEME Publication
 
Inferring Speech Activity from Encrypted Skype Traffic
Inferring Speech Activity from Encrypted Skype TrafficInferring Speech Activity from Encrypted Skype Traffic
Inferring Speech Activity from Encrypted Skype TrafficAcademia Sinica
 
Db31706711
Db31706711Db31706711
Db31706711IJERA Editor
 
Essentials of jitter part 1 The Time Interval Error: TIE
Essentials of jitter part 1 The Time Interval Error: TIEEssentials of jitter part 1 The Time Interval Error: TIE
Essentials of jitter part 1 The Time Interval Error: TIEteledynelecroy
 
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptxChannel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptxAkinapelliHarshithee
 
ITK Tutorial Presentation Slides-950
ITK Tutorial Presentation Slides-950ITK Tutorial Presentation Slides-950
ITK Tutorial Presentation Slides-950Kitware Kitware
 
Optimal+ GSA 2014
Optimal+ GSA 2014Optimal+ GSA 2014
Optimal+ GSA 2014OptimalPlus
 
Quantifying User Satisfaction in Mobile Cloud Games
Quantifying User Satisfaction in Mobile Cloud GamesQuantifying User Satisfaction in Mobile Cloud Games
Quantifying User Satisfaction in Mobile Cloud GamesAcademia Sinica
 
On The Battle between Online Gamers and Lags
On The Battle between Online Gamers and LagsOn The Battle between Online Gamers and Lags
On The Battle between Online Gamers and LagsAcademia Sinica
 

More Related Content

Similar to Rapid Detection of Constant-Packet-Rate Flows

860 dspi ber_user_guide_appnote
860 dspi ber_user_guide_appnote860 dspi ber_user_guide_appnote
860 dspi ber_user_guide_appnotetrilithicweb
 
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-successCao Xuân Trình
 
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-successCao Xuân Trình
 
Quantifying Skype User Satisfaction
Quantifying Skype User SatisfactionQuantifying Skype User Satisfaction
Quantifying Skype User SatisfactionAcademia Sinica
 
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...IJECEIAES
 
P9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalP9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalAamir Habib
 
The application wavelet transform algorithm in testing adc effective number o...
The application wavelet transform algorithm in testing adc effective number o...The application wavelet transform algorithm in testing adc effective number o...
The application wavelet transform algorithm in testing adc effective number o...ijcsit
 
Error detection in Data Communication System
Error detection in Data Communication SystemError detection in Data Communication System
Error detection in Data Communication SystemIshan Sharma
 
Improvement in Error Resilience in BIST using hamming code
Improvement in Error Resilience in BIST using hamming codeImprovement in Error Resilience in BIST using hamming code
Improvement in Error Resilience in BIST using hamming codeIJMTST Journal
 
Bad API Observability - KCD Austria 2023
Bad API Observability - KCD Austria 2023Bad API Observability - KCD Austria 2023
Bad API Observability - KCD Austria 2023SonjaChevre
 
Determination of optimum fft for wi max under different fading
Determination of optimum fft for wi max under different fadingDetermination of optimum fft for wi max under different fading
Determination of optimum fft for wi max under different fadingIAEME Publication
 
Inferring Speech Activity from Encrypted Skype Traffic
Inferring Speech Activity from Encrypted Skype TrafficInferring Speech Activity from Encrypted Skype Traffic
Inferring Speech Activity from Encrypted Skype TrafficAcademia Sinica
 
Essentials of jitter part 1 The Time Interval Error: TIE
Essentials of jitter part 1 The Time Interval Error: TIEEssentials of jitter part 1 The Time Interval Error: TIE
Essentials of jitter part 1 The Time Interval Error: TIEteledynelecroy
 
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptxChannel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptxAkinapelliHarshithee
 
ITK Tutorial Presentation Slides-950
ITK Tutorial Presentation Slides-950ITK Tutorial Presentation Slides-950
ITK Tutorial Presentation Slides-950Kitware Kitware
 
Optimal+ GSA 2014
Optimal+ GSA 2014Optimal+ GSA 2014
Optimal+ GSA 2014OptimalPlus
 

Similar to Rapid Detection of Constant-Packet-Rate Flows (20)

860 dspi ber_user_guide_appnote
860 dspi ber_user_guide_appnote860 dspi ber_user_guide_appnote
860 dspi ber_user_guide_appnote
 
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
 
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success55 w 60126-0-tech-brief_keys-to-coherent-acq-success
55 w 60126-0-tech-brief_keys-to-coherent-acq-success
 
Quantifying Skype User Satisfaction
Quantifying Skype User SatisfactionQuantifying Skype User Satisfaction
Quantifying Skype User Satisfaction
 
20320140501004 2-3-4-5-6
20320140501004 2-3-4-5-620320140501004 2-3-4-5-6
20320140501004 2-3-4-5-6
 
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
Enhanced Transmission and Receiver Diversity in Orthogonal Frequency Division...
 
P9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalP9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_final
 
X04408122125
X04408122125X04408122125
X04408122125
 
The application wavelet transform algorithm in testing adc effective number o...
The application wavelet transform algorithm in testing adc effective number o...The application wavelet transform algorithm in testing adc effective number o...
The application wavelet transform algorithm in testing adc effective number o...
 
Error detection in Data Communication System
Error detection in Data Communication SystemError detection in Data Communication System
Error detection in Data Communication System
 
Db31706711
Db31706711Db31706711
Db31706711
 
Improvement in Error Resilience in BIST using hamming code
Improvement in Error Resilience in BIST using hamming codeImprovement in Error Resilience in BIST using hamming code
Improvement in Error Resilience in BIST using hamming code
 
Bad API Observability - KCD Austria 2023
Bad API Observability - KCD Austria 2023Bad API Observability - KCD Austria 2023
Bad API Observability - KCD Austria 2023
 
Determination of optimum fft for wi max under different fading
Determination of optimum fft for wi max under different fadingDetermination of optimum fft for wi max under different fading
Determination of optimum fft for wi max under different fading
 
Inferring Speech Activity from Encrypted Skype Traffic
Inferring Speech Activity from Encrypted Skype TrafficInferring Speech Activity from Encrypted Skype Traffic
Inferring Speech Activity from Encrypted Skype Traffic
 
Db31706711
Db31706711Db31706711
Db31706711
 
Essentials of jitter part 1 The Time Interval Error: TIE
Essentials of jitter part 1 The Time Interval Error: TIEEssentials of jitter part 1 The Time Interval Error: TIE
Essentials of jitter part 1 The Time Interval Error: TIE
 
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptxChannel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
Channel estimation for orthogonal time frequency space (OTFS) massive MIMO.pptx
 
ITK Tutorial Presentation Slides-950
ITK Tutorial Presentation Slides-950ITK Tutorial Presentation Slides-950
ITK Tutorial Presentation Slides-950
 
Optimal+ GSA 2014
Optimal+ GSA 2014Optimal+ GSA 2014
Optimal+ GSA 2014
 

More from Academia Sinica

Quantifying User Satisfaction in Mobile Cloud Games
Quantifying User Satisfaction in Mobile Cloud GamesQuantifying User Satisfaction in Mobile Cloud Games
Quantifying User Satisfaction in Mobile Cloud GamesAcademia Sinica
 
On The Battle between Online Gamers and Lags
On The Battle between Online Gamers and LagsOn The Battle between Online Gamers and Lags
On The Battle between Online Gamers and LagsAcademia Sinica
 
Understanding The Performance of Thin-Client Gaming
Understanding The Performance of Thin-Client GamingUnderstanding The Performance of Thin-Client Gaming
Understanding The Performance of Thin-Client GamingAcademia Sinica
 
Quantifying QoS Requirements of Network Services: A Cheat-Proof Framework
Quantifying QoS Requirements of Network Services: A Cheat-Proof FrameworkQuantifying QoS Requirements of Network Services: A Cheat-Proof Framework
Quantifying QoS Requirements of Network Services: A Cheat-Proof FrameworkAcademia Sinica
 
Online Game QoE Evaluation using Paired Comparisons
Online Game QoE Evaluation using Paired ComparisonsOnline Game QoE Evaluation using Paired Comparisons
Online Game QoE Evaluation using Paired ComparisonsAcademia Sinica
 
GamingAnywhere: An Open Cloud Gaming System
GamingAnywhere: An Open Cloud Gaming SystemGamingAnywhere: An Open Cloud Gaming System
GamingAnywhere: An Open Cloud Gaming SystemAcademia Sinica
 
Are All Games Equally Cloud-Gaming-Friendly? An Electromyographic Approach
Are All Games Equally Cloud-Gaming-Friendly? An Electromyographic ApproachAre All Games Equally Cloud-Gaming-Friendly? An Electromyographic Approach
Are All Games Equally Cloud-Gaming-Friendly? An Electromyographic ApproachAcademia Sinica
 
Forecasting Online Game Addictiveness
Forecasting Online Game AddictivenessForecasting Online Game Addictiveness
Forecasting Online Game AddictivenessAcademia Sinica
 
Identifying MMORPG Bots: A Traffic Analysis Approach
Identifying MMORPG Bots: A Traffic Analysis ApproachIdentifying MMORPG Bots: A Traffic Analysis Approach
Identifying MMORPG Bots: A Traffic Analysis ApproachAcademia Sinica
 
Toward an Understanding of the Processing Delay of Peer-to-Peer Relay Nodes
Toward an Understanding of the Processing Delay of Peer-to-Peer Relay NodesToward an Understanding of the Processing Delay of Peer-to-Peer Relay Nodes
Toward an Understanding of the Processing Delay of Peer-to-Peer Relay NodesAcademia Sinica
 
Game Bot Detection Based on Avatar Trajectory
Game Bot Detection Based on Avatar TrajectoryGame Bot Detection Based on Avatar Trajectory
Game Bot Detection Based on Avatar TrajectoryAcademia Sinica
 
Improving Reliability of Web 2.0-based Rating Systems Using Per-user Trustiness
Improving Reliability of Web 2.0-based Rating Systems Using Per-user TrustinessImproving Reliability of Web 2.0-based Rating Systems Using Per-user Trustiness
Improving Reliability of Web 2.0-based Rating Systems Using Per-user TrustinessAcademia Sinica
 
A Collusion-Resistant Automation Scheme for Social Moderation Systems
A Collusion-Resistant Automation Scheme for Social Moderation SystemsA Collusion-Resistant Automation Scheme for Social Moderation Systems
A Collusion-Resistant Automation Scheme for Social Moderation SystemsAcademia Sinica
 
Tuning Skype’s Redundancy Control Algorithm for User Satisfaction
Tuning Skype’s Redundancy Control Algorithm for User SatisfactionTuning Skype’s Redundancy Control Algorithm for User Satisfaction
Tuning Skype’s Redundancy Control Algorithm for User SatisfactionAcademia Sinica
 
Network Game Design: Hints and Implications of Player Interaction
Network Game Design: Hints and Implications of Player InteractionNetwork Game Design: Hints and Implications of Player Interaction
Network Game Design: Hints and Implications of Player InteractionAcademia Sinica
 
Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter
Mitigating Active Attacks Towards Client Networks Using the Bitmap FilterMitigating Active Attacks Towards Client Networks Using the Bitmap Filter
Mitigating Active Attacks Towards Client Networks Using the Bitmap FilterAcademia Sinica
 
An Analysis of WoW Players’ Game Hours
An Analysis of WoW Players’ Game HoursAn Analysis of WoW Players’ Game Hours
An Analysis of WoW Players’ Game HoursAcademia Sinica
 
Game Traffic Analysis: An MMORPG Perspective
Game Traffic Analysis: An MMORPG PerspectiveGame Traffic Analysis: An MMORPG Perspective
Game Traffic Analysis: An MMORPG PerspectiveAcademia Sinica
 
An Analytical Approach to Optimizing The Utility of ESP Games
An Analytical Approach to Optimizing The Utility of ESP GamesAn Analytical Approach to Optimizing The Utility of ESP Games
An Analytical Approach to Optimizing The Utility of ESP GamesAcademia Sinica
 
The Impact of Network Variabilities on TCP Clocking Schemes
The Impact of Network Variabilities on TCP Clocking SchemesThe Impact of Network Variabilities on TCP Clocking Schemes
The Impact of Network Variabilities on TCP Clocking SchemesAcademia Sinica
 

More from Academia Sinica (20)

Quantifying User Satisfaction in Mobile Cloud Games
Quantifying User Satisfaction in Mobile Cloud GamesQuantifying User Satisfaction in Mobile Cloud Games
Quantifying User Satisfaction in Mobile Cloud Games
 
On The Battle between Online Gamers and Lags
On The Battle between Online Gamers and LagsOn The Battle between Online Gamers and Lags
On The Battle between Online Gamers and Lags
 
Understanding The Performance of Thin-Client Gaming
Understanding The Performance of Thin-Client GamingUnderstanding The Performance of Thin-Client Gaming
Understanding The Performance of Thin-Client Gaming
 
Quantifying QoS Requirements of Network Services: A Cheat-Proof Framework
Quantifying QoS Requirements of Network Services: A Cheat-Proof FrameworkQuantifying QoS Requirements of Network Services: A Cheat-Proof Framework
Quantifying QoS Requirements of Network Services: A Cheat-Proof Framework
 
Online Game QoE Evaluation using Paired Comparisons
Online Game QoE Evaluation using Paired ComparisonsOnline Game QoE Evaluation using Paired Comparisons
Online Game QoE Evaluation using Paired Comparisons
 
GamingAnywhere: An Open Cloud Gaming System
GamingAnywhere: An Open Cloud Gaming SystemGamingAnywhere: An Open Cloud Gaming System
GamingAnywhere: An Open Cloud Gaming System
 
Are All Games Equally Cloud-Gaming-Friendly? An Electromyographic Approach
Are All Games Equally Cloud-Gaming-Friendly? An Electromyographic ApproachAre All Games Equally Cloud-Gaming-Friendly? An Electromyographic Approach
Are All Games Equally Cloud-Gaming-Friendly? An Electromyographic Approach
 
Forecasting Online Game Addictiveness
Forecasting Online Game AddictivenessForecasting Online Game Addictiveness
Forecasting Online Game Addictiveness
 
Identifying MMORPG Bots: A Traffic Analysis Approach
Identifying MMORPG Bots: A Traffic Analysis ApproachIdentifying MMORPG Bots: A Traffic Analysis Approach
Identifying MMORPG Bots: A Traffic Analysis Approach
 
Toward an Understanding of the Processing Delay of Peer-to-Peer Relay Nodes
Toward an Understanding of the Processing Delay of Peer-to-Peer Relay NodesToward an Understanding of the Processing Delay of Peer-to-Peer Relay Nodes
Toward an Understanding of the Processing Delay of Peer-to-Peer Relay Nodes
 
Game Bot Detection Based on Avatar Trajectory
Game Bot Detection Based on Avatar TrajectoryGame Bot Detection Based on Avatar Trajectory
Game Bot Detection Based on Avatar Trajectory
 
Improving Reliability of Web 2.0-based Rating Systems Using Per-user Trustiness
Improving Reliability of Web 2.0-based Rating Systems Using Per-user TrustinessImproving Reliability of Web 2.0-based Rating Systems Using Per-user Trustiness
Improving Reliability of Web 2.0-based Rating Systems Using Per-user Trustiness
 
A Collusion-Resistant Automation Scheme for Social Moderation Systems
A Collusion-Resistant Automation Scheme for Social Moderation SystemsA Collusion-Resistant Automation Scheme for Social Moderation Systems
A Collusion-Resistant Automation Scheme for Social Moderation Systems
 
Tuning Skype’s Redundancy Control Algorithm for User Satisfaction
Tuning Skype’s Redundancy Control Algorithm for User SatisfactionTuning Skype’s Redundancy Control Algorithm for User Satisfaction
Tuning Skype’s Redundancy Control Algorithm for User Satisfaction
 
Network Game Design: Hints and Implications of Player Interaction
Network Game Design: Hints and Implications of Player InteractionNetwork Game Design: Hints and Implications of Player Interaction
Network Game Design: Hints and Implications of Player Interaction
 
Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter
Mitigating Active Attacks Towards Client Networks Using the Bitmap FilterMitigating Active Attacks Towards Client Networks Using the Bitmap Filter
Mitigating Active Attacks Towards Client Networks Using the Bitmap Filter
 
An Analysis of WoW Players’ Game Hours
An Analysis of WoW Players’ Game HoursAn Analysis of WoW Players’ Game Hours
An Analysis of WoW Players’ Game Hours
 
Game Traffic Analysis: An MMORPG Perspective
Game Traffic Analysis: An MMORPG PerspectiveGame Traffic Analysis: An MMORPG Perspective
Game Traffic Analysis: An MMORPG Perspective
 
An Analytical Approach to Optimizing The Utility of ESP Games
An Analytical Approach to Optimizing The Utility of ESP GamesAn Analytical Approach to Optimizing The Utility of ESP Games
An Analytical Approach to Optimizing The Utility of ESP Games
 
The Impact of Network Variabilities on TCP Clocking Schemes
The Impact of Network Variabilities on TCP Clocking SchemesThe Impact of Network Variabilities on TCP Clocking Schemes
The Impact of Network Variabilities on TCP Clocking Schemes
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Rapid Detection of Constant-Packet-Rate Flows

  • 1. Rapid Detection of Constant-Packet-Rate Flows Jing-Kai Lou, Kuan-Ta Chen Institute of Information Science, Academia Sinica ARES 2008, 03/05 1
  • 2. Talk Outline Motivation Investigation Performance Evaluation Summary ARES 2008, 03/05 2
  • 3. Motivation Popular real-time and interactive applications: VoIP, Real-time network games Traffic management Need of flow identification A distinct characteristic of such traffic: Constant Packet Rate VoIP: Encoded continuous human voice Real-time network game: game state updates Key to identify VoIP and online gaming traffic: CPR flow identification ARES 2008, 03/05 3
  • 4. Key Contribution A CPR traffic classifier Lightweight 10 successive inter-packet times High Accuracy 90% identification rate Client Client Traffic stream ARES 2008, 03/05 4
  • 5. A Naive Method Coefficient of Variation (CoV) of Inter-Packet Times (IPT) IPT CoV small CPR IPT CoV large non-CPR CPR Traffic IPT1= IPT1=…= IPTi IPT1 IPT2 … IPTi ARES 2008, 03/05 5
  • 6. Ideal IPT Distribution 1 Density 0 0 200 400 600 800 1000 Inter-packet time (ms) ARES 2008, 03/05 6
  • 7. Collected Traces Trace Flow IPT CoV Path Diversity VoIP (Skype) 1739 0.37 1106 hosts / 1641 paths Counter-Strike 1016 0.32 271 hosts / 270 paths TELNET 276 1.53 140 hosts / 93 paths HTTP 409 1.54 474 hosts / 325 paths P2P 1303 1.63 645 hosts / 644 paths World of Warcraft 1611 0.71 52 hosts / 39 paths ARES 2008, 03/05 7
  • 8. Real IPT Distributions Why the IPT distributions of VoIP and Counter-Strike are not as we expect? ARES 2008, 03/05 8
  • 9. Difficulties: Network Impairment Host delay Channel delay Network queueing delay Network packet loss packet loss delay traffic CPR after network impairment Sender ARES 2008, 03/05 9
  • 10. More Difficulties To do a decision with a few samples short time few storage space In short scale, non-CPR traffic could look like CPR Non-CPR Flow ARES 2008, 03/05 10
  • 11. Refreshment Our goal To search a good metric of IPT deviations for CPR detection Challenges Network impairment Need of small sample size ARES 2008, 03/05 11
  • 12. Deviation Metric Design Design factors for measuring variation Function (FUN) Sample Size (W) Smoother Size (S) ARES 2008, 03/05 12
  • 13. Deviation Metric: Function (1/3) Standard Deviation (SD) ∑iN 1 ( IPTi − IPT ) 2 SD = = N Coefficient of variation (CoV) SD CoV = MEAN ARES 2008, 03/05 13
  • 14. Deviation Metric: Function (2/3) Mean absolute deviation (MD) ∑iN 1 | ( IPTi − IPT ) | MAD = = N Median absolute deviation (MAD) ∑iN 1 | ( IPTi − median( IPT )) | MAD = = N ARES 2008, 03/05 14
  • 15. Deviation Metric: Function (2/3) Inter-quantile range (IQR) IQR = Upper Quartile (75%) − Lower Quartile (25%) Range Range = max(IPT) − min(IPT) ARES 2008, 03/05 15
  • 16. Deviation Metric: Sample Size Sample size (W): Number of IPT samples W increases Accuracy increases Time/space complexity increases Sample Time/Space Accuracy Size complexity ARES 2008, 03/05 16
  • 17. Deviation Metric: Smoother Size Smoother size (S): Window size to smooth (mean) W increases Impairment effect decreases False negative increases Impairment Window effect False Size Negative ARES 2008, 03/05 17
  • 18. FUN=CoV, W=10, S=1 Does this estimator setting achieve the best discriminative power?? ARES 2008, 03/05 18
  • 19.
  • 20. Performance Metric ROC (Receiver Operating Characteristic): TPR: ratio of true positive FPR: ratio of false positive AUC (Area Under Curve): Area under the ROC curve AUC = 1, perfect classification AUC > 0.8, generally good AUC = 0.5 random guess ARES 2008, 03/05 20
  • 21. Effect of Deviation Metric Dimensionless metric CoV performs the best! ARES 2008, 03/05 21
  • 22. Effect of Sample Size Sample size increases ROC Curve shifts left AUC increases ARES 2008, 03/05 22
  • 23. Effect of Smoother Size Improvement only for large samples ARES 2008, 03/05 23
  • 25. Summary Proposed using IPT constancy to identify CPR flows VoIP Real-time gaming Studied various design issues of IPT deviation estimators Our classifier (CoV-based) yields an accuracy rate 90% with only 10 IPT samples ARES 2008, 03/05 25
  • 27.
  • 28. packet loss delay after network impairment Receiver ARES 2008, 03/05 28