Retroactive Packet Sampling for Traffic Receipts

Is it possible to design a packet-sampling algorithm that prevents the network node that performs the sampling from treating the sampled packets preferentially? We study this problem in the context of designing a "network transparency'' system. In this system, networks emit receipts for a small sample of the packets they observe, and a monitor collects these receipts to estimate each network's loss and delay performance. Sampling is a good building block for this system, because it enables a solution that is flexible and combines low resource cost with quantifiable accuracy. The challenge is cheating resistance: when a network's performance is assessed based on the conditions experienced by a small traffic sample, the network has a strong incentive to treat the sampled packets better than the rest. We contribute a sampling algorithm that is provably robust to such prioritization attacks, enables network performance estimation with quantifiable accuracy, and requires minimal resources. We confirm our analysis using real traffic traces.

[1]  David R. Cox,et al.  The statistical analysis of series of events , 1966 .

[2]  Xin Zhang,et al.  ShortMAC: Efficient Data-Plane Fault Localization , 2012, NDSS.

[3]  Paul Barford,et al.  Accurate and efficient SLA compliance monitoring , 2007, SIGCOMM '07.

[4]  Scott Shenker,et al.  Providing Packet Obituaries , 2004 .

[5]  Nick G. Duffield,et al.  Trajectory sampling for direct traffic observation , 2001, TNET.

[6]  Katerina J. Argyraki,et al.  Verifiable network-performance measurements , 2010, CoNEXT.

[7]  Katerina J. Argyraki,et al.  Transparency Instead of Neutrality , 2015, HotNets.

[8]  Myungjin Lee,et al.  Two Samples are Enough: Opportunistic Flow-level Latency Estimation using NetFlow , 2010, 2010 Proceedings IEEE INFOCOM.

[9]  Xin Zhang,et al.  Secure and Scalable Fault Localization under Dynamic Traffic Patterns , 2012, 2012 IEEE Symposium on Security and Privacy.

[10]  Gerhard Haßlinger,et al.  The Gilbert-Elliott Model for Packet Loss in Real Time Services on the Internet , 2011, MMB.

[11]  Manish Joshi,et al.  A Review of Network Traffic Analysis and Prediction Techniques , 2015, ArXiv.

[12]  Steven Bauer,et al.  The Road to an Open Internet is Paved with Pragmatic Disclosure & Transparency Policies , 2015 .

[13]  Katerina J. Argyraki,et al.  Loss and Delay Accountability for the Internet , 2007, 2007 IEEE International Conference on Network Protocols.

[14]  Sharon Goldberg,et al.  Protocols and Lower Bounds for Failure Localization in the Internet , 2008, EUROCRYPT.

[15]  Jean-Yves Le Boudec Performance Evaluation of Computer and Communication Systems , 2010, Computer and communication sciences.

[16]  Xin Zhang,et al.  Packet-dropping adversary identification for data plane security , 2008, CoNEXT '08.