Sciweavers

CCR
2006

A passive state-machine approach for accurate analysis of TCP out-of-sequence segments

13 years 11 months ago
A passive state-machine approach for accurate analysis of TCP out-of-sequence segments
In this paper we describe a new tool being made available to the networking research community for passive analysis of TCP segment traces. The purpose of the tool is to provide more complete and accurate classification of out-of-sequence segments than those provided by prior tools. One of the crucial factors that limits the accuracy of prior tools is that these do not incorporate variations across TCP implementations (for different operating systems) that have different parameters (e.g., timer granularity, minimum RTO, duplicate ACK thresholds, etc.) or algorithms that influence what can be inferred about out-of-sequence segments. Our tool explicitly accounts for implementation-specific details in four prominent TCP stacks (Windows, Linux, FreeBSD/Mac OS-X, and Solaris). We validate our tool through several controlled experiments with instances of all four OS-specific implementations used in the analysis. We then run this tool on packet traces of
Sushant Rewaskar, Jasleen Kaur, F. Donelson Smith
Added 11 Dec 2010
Updated 11 Dec 2010
Type Journal
Year 2006
Where CCR
Authors Sushant Rewaskar, Jasleen Kaur, F. Donelson Smith
Comments (0)