Providing Enhanced Differentiated Services for Real-Time Traffic in the Internet

In the research area of network security, we often need to analyze the Internet traffic in real time. But the Internet traffic is usually very heavy, so it is very hard for us to analysis each packet one by one. Alternatively, analyzing the Internet traffic on flow level is often employed. Before analyzing the traffic flows, how we can fast construct and update these flows is a key issue. To solve this issue, in this paper, we propose a fast connection construction and update algorithm. Firstly, we define bidirectional flows as connection. Then, we use hash table to store the connection records and use this connection construction and update algorithm to ensure that these connection records can to be stored in memory in heavy traffic environment to achieve real-time traffic analysis. At last, the experiments show that the algorithm we proposed is efficient and can meet the traffic analysis need.

Download Full-text

Real-Time Traffic Transmission over the Internet

Networking 2000 Broadband Communications, High Performance Networking, and Performance of Communication Networks - Lecture Notes in Computer Science ◽

10.1007/3-540-45551-5_41 ◽

2000 ◽

pp. 483-494

Author(s):

Marco Furini ◽

Don Towsley

Keyword(s):

Real Time ◽

The Internet ◽

Real Time Traffic

Download Full-text

Performance comparison between virtual MPLS IP network and real IP network without MPLS

International journal of electrical and computer engineering systems ◽

10.32985/ijeces.12.2.3 ◽

2021 ◽

Vol 12 (2) ◽

pp. 83-90

Author(s):

Ivan Nedyalkov

Keyword(s):

Real Time ◽

Ip Networks ◽

Performance Comparison ◽

Virtual Network ◽

The Internet ◽

Real Time Traffic ◽

Ip Network ◽

Different Types

In this paper an IP based network consisting of two separate IP networks - a virtual one, running MPLS and an experimental IP network, connected to the virtual one, have been studied. VoIP traffic is exchanged between the two networks. Both networks are connected to the Internet and exchange traffic with it. The virtual network is created by using GNS3. The purpose of this paper is to show a comparison in the performance between the two IP networks. In addition, mathematical distributions and approximations have been made to be used to further evaluate the performance of the two networks. The used methodology in the present work can be applied in the study of different IP networks through which different types of real-time traffic passes.

Download Full-text

Distributed Data Aggregation Technology for Real-Time DDoS Attacks Detection

Encyclopedia of Data Warehousing and Mining, Second Edition ◽

10.4018/978-1-60566-010-3.ch109 ◽

2011 ◽

pp. 701-708

Author(s):

Yu Chen ◽

Wei-Shinn Ku

Keyword(s):

Real Time ◽

Private Information ◽

Data Aggregation ◽

Early Stage ◽

Hierarchical Architecture ◽

The Internet ◽

Ddos Attacks ◽

Real Time Traffic ◽

Day To Day Operations ◽

Aggregation Technique

The information technology has revolutionized almost every facet of our lives. Government, commercial, and educational organizations depend on computers and Internet to such an extent that day-to-day operations are significantly hindered when the networks are “down” (Gordon, Loeb, Lucyshyn & Richardson, 2005). The prosperity of the Internet also attracted abusers and attackers motivated for personal, financial, or even political reasons. What attackers aim at currently is beyond obtaining unauthorized network accesses or stealing private information, there have been attacks on Internet infrastructures (Chakrabarti & Manimaran, 2002; Moore, Voelker & Savage, 2001; Naoumov & Ross, 2006). Distributed Denial of Services (DDoS) attacks is one of such attacks that can lead to enormous destruction, as different infrastructure components of the Internet have implicit trust relationship with each other (Mirkovic & Reiher, 2004; Specht & Lee, 2004). The DDoS attacker often exploits the huge resource asymmetry between the Internet and the victim systems (Chen, Hwang & Ku, 2007; Douligeris & Mitrokosta, 2003). A comprehensive solution to DDoS attacks requires covering global effects over a wide area of autonomous system (AS) domains on the Internet (Mirkovic & Reiher, 2005). Timely detection of the ongoing attacks is the prerequisite of any effective defense scheme (Carl, Kesidis, Brooks & Rai, 2006). It is highly desirable to detect DDoS attacks at very early stage, instead of waiting for the flood to become widespread. It is mandatory for the detection systems to collect real time traffic data from widely deployed traffic monitors and construct the spatiotemporal pattern of anomaly propagation inside the network. This chapter will introduce a novel distributed real time data aggregation technique named Change Aggregation Tree (CAT). The CAT system adopts a hierarchical architecture to simplify the alert correlation and global detection procedures. At intra-domain level, each individual router, which plays the role of traffic monitor, periodically report the local traffic status to the CAT server in the AS. At the inter-domain layer, CAT servers share local detected anomaly patterns with peers located in other ASes, where the potential attack victim is located.

Download Full-text