• Title/Summary/Keyword: Timeout Pattern

Search Result 2, Processing Time 0.013 seconds

TCP Congestion Control Based on Timeout Patterns (타임아웃 패턴에 기반한 TCP 혼잡 제어)

  • Lim Gabjoo;Youn Changhwan;Nam Sang-Won;Lee Inhwan
    • The Transactions of the Korean Institute of Electrical Engineers D
    • /
    • v.53 no.12
    • /
    • pp.813-819
    • /
    • 2004

  • This paper infers two patterns of timeout from the characteristics of TCP Reno and confirms the existence of the patterns by conducting actual experiments. All timeouts can be classified into either of these patterns by using the history of RTT value. Based on the observed patterns, the paper proposes two algorithms to improve the performance of TCP Reno. Experimental results show that, when compared with TCP Reno, the proposed algorithms improve the bandwidth utilization by 3 to 12 percent. The paper provides good examples of how timeout-based and delay-based congestion control can efficiently work together.

  • PDF KSCI

Performance Evaluation of Scaling based Dynamic Time Warping Algorithms for the Detection of Low-rate TCP Attacks (Low-rate TCP 공격 탐지를 위한 스케일링 기반 DTW 알고리즘의 성능 분석)

  • So, Won-Ho;Shim, Sang-Heon;Yoo, Kyoung-Min;Kim, Young-Chon
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.44 no.3 s.357
    • /
    • pp.33-40
    • /
    • 2007

  • In this paper, low-rate TCP attack as one of shrew attacks is considered and the scaling based dynamic time warping (S-DTW) algorithm is introduced. The low-rate TCP attack can not be detected by the detection method for the previous flooding DoS/DDoS (Denial of Service/Distirbuted Denial of Service) attacks due to its low average traffic rate. It, however, is a periodic short burst that exploits the homogeneity of the minimum retransmission timeout (RTO) of TCP flows and then some pattern matching mechanisms have been proposed to detect it among legitimate input flows. A DTW mechanism as one of detection approaches has proposed to detect attack input stream consisting of many legitimate or attack flows, and shown a depending method as well. This approach, however, has a problem that legitimate input stream may be caught as an attack one. In addition, it is difficult to decide a threshold for separation between the legitimate and the malicious. Thus, the causes of this problem are analyzed through simulation and the scaling by maximum auto-correlation value is executed before computing the DTW. We also discuss the results on applying various scaling approaches and using standard deviation of input streams monitored.

  • PDF KSCI