论文信息 - An analysis of changing enterprise network traffic characteristics

An analysis of changing enterprise network traffic characteristics

Studies on the composition and nature of Internet protocols are crucial for continued research and innovation. This study used three different methods to investigate the presence and level of support for various Internet protocols. Internet traffic entering and exiting a university network was passively captured, anonymised and analysed to test protocol usage. Active tests probed the Internet's most popular websites and experiments on the default behaviour of popular client, server and mobile operating systems were performed to reconcile the findings of the passive data collection. These results are valuable to research areas, such as those using emulations and simulations, where realism is dependent on the accuracy of the underlying assumptions about Internet traffic. Prior work is leveraged to explore changes and protocol adoption trends. This study shows that the majority of Internet traffic is now encrypted. There has also been an increase in large UDP frames, which we attribute to the Google QUIC protocol. Support for TCP options such as Selective Acknowledgements (SACK) and Maximum Segment Size (MSS) can now be assumed. Explicit Congestion Notification (ECN) usage is still marginal, yet active measurement shows that many servers will support the protocol if requested. Recent IETF standards such as Multipath TCP and TCP Fast Open have small but measurable levels of adoption.

[1] Robert Beverly,et al. Measuring the state of ECN readiness in servers, clients,and routers , 2011, IMC '11.

[2] Yuchung Cheng,et al. TCP fast open , 2011, CoNEXT '11.

[3] Wolfgang John,et al. Analysis of internet backbone traffic and header anomalies observed , 2007, IMC '07.

[4] Mark Handley,et al. An Overview of Multipath TCP , 2012, login Usenix Mag..

[5] Chase Cotton,et al. Packet-level traffic measurements from the Sprint IP backbone , 2003, IEEE Netw..

[6] Tomas Olovsson,et al. Passive internet measurement: Overview and guidelines based on experiences , 2010, Comput. Commun..

[7] Sally Floyd,et al. Measuring the evolution of transport protocols in the internet , 2005, CCRV.

[8] Costin Raiciu,et al. Rekindling network protocol innovation with user-level stacks , 2014, CCRV.

[9] T. Kohno,et al. Remote physical device fingerprinting , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[10] Sally Floyd,et al. TCP and explicit congestion notification , 1994, CCRV.

[11] Mark Handley,et al. Is it still possible to extend TCP? , 2011, IMC '11.

[12] Eddie Kohler,et al. Internet research needs better models , 2003, CCRV.

[13] David Murray,et al. The state of enterprise network traffic in 2012 , 2012, 2012 18th Asia-Pacific Conference on Communications (APCC).

[14] Kostas Pentikousis,et al. Quantifying the deployment of TCP options - a comparative study , 2004, IEEE Communications Letters.