tracking down traffic
play

Tracking down Traffic Dario Bonfiglio Marco Mellia Michela Meo - PowerPoint PPT Presentation

Feb 11, 2023 •549 likes •885 views

Tracking down Traffic Dario Bonfiglio Marco Mellia Michela Meo Nicolo Ritacca Dario Rossi Agenda A few words about Skype Known facts Preliminary definitions Investigate Skype Traffic Voice traffic Reaction to

  1. Tracking down Traffic Dario Bonfiglio Marco Mellia Michela Meo Nicolo’ Ritacca Dario Rossi

  2. Agenda • A few words about Skype – Known facts – Preliminary definitions • Investigate Skype “Traffic” – Voice traffic • Reaction to network performance degradation – Signaling traffic • Signaling patterns & peer selection – Users’ behavior • Please, see the paper

  3. Why Skype ? • Skype is very popular – More than 100M users, 5% of all VoIP traffic – Easy to use, many free services • voice / video / chat / data transfer over IP • Understanding Skype is a challenging task – Closed design, proprietary solutions – Almost everything is encrypted – Uses a P2P architecture – Lot of different flavors

  4. Skype for Dummies • Architecture – P2P design

  5. Skype for Dummies • Architecture – P2P design • Service traffic – Voice calls – Video calls – Chat – Data transmission

  6. Skype for Dummies • Architecture – P2P design • Service traffic – Voice calls – Video calls – Chat – Data transmission – Skypeout/Skypein

  7. Skype for Dummies • Architecture – P2P design • Service traffic – Voice calls – Video calls – Chat – Data transmission – Skypeout/Skypein • Signaling traffic – Login & auth. – Look for buddies – … .

  8. Methodolody • Service traffic – Small scale active testbed – Controlled bandwidth, packet loss – voice service, many Codecs, TCP/UDP traffic • Signaling traffic – Passive measurement technique – Adopt a black-box approach – Inspect and quantify UDP signaling – Classification framework: 300 . 10 3 7000 hosts external D.Bonfiglio, M.Mellia, M.Meo, D.Rossi, P.Tofanelli, peers 1700 peers Revealing Skype Traffic: When Randomness Plays with You , SIGCOMM'07

  9. Preliminary Definition • Useful information Skype flow – At installation, Skype chooses – A sequence of packets a port at random originated from a Skype peer (and destined to – The port is never changed another skype peer) (unless forced by the user) – All traffic multiplexed over the – Flow starts when the first same socket (UDP preferably) packet is observed Skype peer – Flow ends when no packet is observed for a given – A Skype peer can be identified inactivity timeout (200s) by its endpoint – Consider only peers that were ever observed making a call (IP addr, UDP port)

  10. Skype Source Model Sk Skyp ype Mess ssage ge TC TCP/ P/UD UDP IP IP

  11. Service traffic Codec Impact

  12. Service Traffic: Normal Condition 250 ISAC Smooth iLBC iPCM-WB Transient PCM 200 G729 Bitrate Normal [kbps] 150 Behavior Aggressive 100 Startup 50 0 0 10 20 30 40 50 60 Time [s]

  13. Service Traffic: Normal Condition 300 ISAC 200 100 G729 100 50 Message 300 iLBC Payload 200 [Bytes] 100 iPCM-WB 900 600 300 PCM 600 400 200 0 10 20 30 40 50 60 Time [s]

  14. Service Traffic: Normal Condition 70 ISAC iLBC 60 iPCM-WB PCM E2O G729 50 IPG [ms] 40 30 20 10 0 0 10 20 30 40 50 60 Time [s]

  15. Service traffic Transport Layer Impact

  16. Service Traffic: TCP vs UDP B - UDP 80 B - TCP 60 40 20 0 90 IPG - UDP IPG - TCP Time [s] TCP/UDP have no impact 60 30 0 L - UDP 250 L -TCP Time [s] 200 150 100 50 0 0 10 20 30 40 50 60 Time [s]

  17. Service traffic Network Impact

  18. Service Traffic: Bandwidth Limit 100 Average Throughput 80 Bandwidth limit 60 40 20 0 100 Framing 80 Time [s] 60 Skype performs congestion control 40 20 0 300 Skype Message Size 250 Time [s] 200 150 100 50 0 0 30 60 90 120 150 180 210 240 270 300 Time [s]

  19. Service Traffic: Packet Loss Loss % 60 10 50 8 Inter-Pkt 40 6 Gap [ms] 30 4 Aggressively tries 20 to deal with losses… 2 10 0 0 Skype performs loss recovery 0 100 200 300 400 500 500 10 Loss profile 400 8 Payload 300 6 [Bytes] 200 4 ...by multiplexing old 100 2 and new voice blocks 0 0 0 100 200 300 400 500 Time [s]

  20. Service traffic Video Traffic

  21. Service Traffic: Video Source 800 B 600 400 200 0 IPG 80 Time [s] Video messages 60 Skype multiplexes different sources 40 are Bigger Voice messages 20 are the same 0 L Usual IPG for 900 Time [s] Back-to-back video pure audio messages 600 Massages => frame 300 0 0 10 20 30 40 50 60 Time [s]

  22. Signaling traffic

  23. Signaling Traffic: Activity Pattern 1500 • Legend Out – Consider a single client 1000 – Each dot is a packet – Top: outgoing, 500 Bottom: incoming – For every new peer, 0 increment the ID -500 – For every old peer, use the previous ID -1000 In Rather different patterns -1500 emerge from the plot 0 6 12 18 24 Time [Hr]

  24. Signaling Traffic: Activity Pattern 1500 • Probes Out – Single packet 1000 – Sent toward unknown peers – Reply possibly follows 500 – No further traffic between the same peers pair 0 – Majority of the flows -500 -1000 Peer discovery is a In continuous task -1500 0 6 12 18 24 Time [Hr]

  25. Signaling Traffic: Activity Pattern 1500 • Non-Probes Out – Flows longer than one packet 1000 – Series of single-packet flows – Sent toward the same peer 500 – Carry most signaling bytes 0 -500 -1000 Talk to super peers, notify In buddies of status change, -1500 … 0 6 12 18 24 Time [Hr]

  26. Signaling Traffic: All Peers 1500 • Probes Out – Majority of the flows 1000 • Non-probes 500 – Carry most signaling bytes • Signaling bandwidth 0 – 95% generate <100 bps – Only 1% exceeds 1 Kbps -500 • Signaling spread -1000 – 95% of peers contact In <40 peers (in 5 min) -1500 – 1% exceeds >75 (in 5 min) 0 6 12 18 24 Time [Hr]

  27. Conclusions • Service traffic • User Characterization – Active testbed – Number of calls per unit of time – Skype implements a congestion control – Call duration for different services • Aggressive with losses – Peer Lifetime • Conservative with bottlenecks Details are in the paper, not in this talk  • Signaling traffic – Passive measurement • Future Work – Two different threads – Extensive measurement in shapes the overlay different networks • Probes • Campus LAN • Non-Probes • ADSL installation – Signaling rate and spread • Cellular Network • Very limited bitrate • Large number contacted peers

  28. Signaling Traffic: Peer Selection • RTT distance pdf Non-Probe 0.012 Probe – RTT between first 0.008 request-reply packets – Probe RTT smaller w.r.t. 0.004 non-probe traffic 0 10 100 1000 Round Trip Time [ms] • Geolocation breakdown Non-Probe 60% Probe – Probes favor discovery 40% of nearby hosts – Non-probes driven by 20% social network 0% Europe North Asia South Africa Oceania America America

  31. Signaling Traffic: Peer Selection 80 70 60 50 Latitude 40 30 20 10 0 -150 -100 -50 0 50 100 150 Longitude

  32. Signaling Traffic: Inferring Churn 0.08 Peer Lifetime PDF Peer Deathtime 0.07 0.06 0.05 0.04 0.03 0.02 0.01 0 6 12 18 24 Time [h]

Recommend

Tracking in City Traffic Scenarios Hamma Tadjine, Daniel Goehring Hamma Tadjine IAV GmbH, 08.

Tracking in City Traffic Scenarios Hamma Tadjine, Daniel Goehring Hamma Tadjine IAV GmbH, 08.

Acoustic/Lidar Sensor Fusion for Car Acoustic/Lidar Sensor Fusion for Car Tracking Tracking in City Traffic Scenarios Hamma Tadjine, Daniel Goehring Hamma Tadjine IAV GmbH, 08. September 2015 Freie Universitt Berlin 1 Acoustic/Lidar Sensor

300 views • 29 slides
Tracking the Evolution of Tracking the Evolution of Tracking the Evolution of Based on

Tracking the Evolution of Tracking the Evolution of Tracking the Evolution of Based on

Web Traffic Measurement and Web Traffic Measurement and The University of North Carolina at Chapel Hill The University of North Carolina at Chapel Hill The University of North Carolina at Chapel Hill Department of Computer Science Department

296 views • 7 slides
Traffic Measurement Activities of the WIDE project Kenjiro Cho IIJ Research Lab traffic

Traffic Measurement Activities of the WIDE project Kenjiro Cho IIJ Research Lab traffic

Traffic Measurement Activities of the WIDE project Kenjiro Cho IIJ Research Lab traffic measurement and analysis in WIDE measurement activities across research groups broad perspectives - tracking long-term trends - analysis (with wide

415 views • 12 slides
Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location

Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location

Tracking by learning Arnold W.M. Smeulders Tracking Online tracking is to determine the location of one target in video starting from a bounding box in the first frame. When conceived as an instant learning problem, the task is to discriminate

651 views • 39 slides
Traffic signal optimization and traffic assignment Traffic signals Traffic signal optimization

Traffic signal optimization and traffic assignment Traffic signals Traffic signal optimization

Dagstuhl, October 2015 Traffic Signals and User Equilibria Martin Strehler , Ekkehard K ohler BTU Cottbus-Senftenberg { martin.strehler,ekkehard.koehler } @b-tu.de Traffic signal optimization and traffic assignment Traffic signals Traffic

577 views • 55 slides
Traffic Shaping, Traffic Policing Peter Puschner, Institut fr Technische Informatik Traffic

Traffic Shaping, Traffic Policing Peter Puschner, Institut fr Technische Informatik Traffic

Traffic Shaping, Traffic Policing Peter Puschner, Institut fr Technische Informatik Traffic Shaping, Traffic Policing Enforce compliance of traffic to a given traffic profile (e.g., rate limiting) By delaying or dropping certain

389 views • 11 slides
Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth

Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth

Tracking Articulated Objects Alexander (Sasha) Lambert CS7495 Fall 2014 Tracking From Depth Infra-red point-clouds (structured light) Affordable sensors (Primesense) Large body of work on people-tracking Complex tracking

409 views • 23 slides
Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn

Introduction Tracking catalog Tracking mechanisms Open questions Tracking Catalog: Uncovering and analyzing user tracking on the Internet Tomasz Bujlow Valentn Carela-Espaol Pere Barlet-Ros Computer Architecture Dept. (DAC) UPC

581 views • 10 slides
Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker

Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker

Eye Tracking and Topics EMA in Computer Eye tracking definition Science Eye tracker history Eye tracking theory Computer Literacy 1 Lecture 23 Different kinds of eye trackers 11/11/2008 Electromagnetic Articulography (EMA)

459 views • 6 slides
using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis

using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis

Website Fingerprinting using Traffic Analysis Attacks Salini S K What is Traffic Analysis What is Traffic Analysis Wiki says What is Traffic Analysis Wiki says Process of intercepting and examining messages in order to deduce

1.15k views • 41 slides
Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device

Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device

Tracking - VSO Framework Tracking Status Controlling Actions 100% Configuring Actions Device List 0% Device handling View drawing 100% Federico Tessmann Test-Tracking - Orchestra VSO- VSOUI Tracking VSO- Orchestra VSOAudio

76 views • 7 slides
Video Object Tracking Real-time tracking of objects in video is an important problem in various

Video Object Tracking Real-time tracking of objects in video is an important problem in various

Tracking Objects Better, Faster, Longer Assoc. Prof. Dr. Alptekin Temizel atemizel@metu.edu.tr Graduate School of Informatics, METU 18 March 2015 GPU Technology Conference Video Object Tracking Real-time tracking of objects in video is an

472 views • 19 slides
Detection vs. tracking Lecture 21: Motion and tracking Thursday, Nov 29 Prof. Kristen

Detection vs. tracking Lecture 21: Motion and tracking Thursday, Nov 29 Prof. Kristen

11/30/2007 Detection vs. tracking Lecture 21: Motion and tracking Thursday, Nov 29 Prof. Kristen Grauman Tracking with dynamics : We use image measurements to estimate position of object, but also incorporate position predicted by

486 views • 12 slides
People-Tracking-by-Detection and People-Detection-by-Tracking Mykhaylo Andriluka Stefan Roth

People-Tracking-by-Detection and People-Detection-by-Tracking Mykhaylo Andriluka Stefan Roth

People-Tracking-by-Detection and People-Detection-by-Tracking Mykhaylo Andriluka Stefan Roth Bernt Schiele Department of Computer Science TU Darmstadt People-Tracking-by-Detection and People-Detection-by-Tracking - CVPR 2008 Motivation

899 views • 89 slides
The Traffic Conflicts Methodology revisited Richard van der Horst Traffic Safety Assessment

The Traffic Conflicts Methodology revisited Richard van der Horst Traffic Safety Assessment

The Traffic Conflicts Methodology revisited Richard van der Horst Traffic Safety Assessment Traffic (un)safety Traffic Accidents limited reflection of traffic (un)safety Traffic Police reports Accident limited sample of

282 views • 26 slides
Overview Introduction Object Tracking Vehicle Tracking Theory &amp; Implementation

Overview Introduction Object Tracking Vehicle Tracking Theory &amp; Implementation

Overview Introduction Object Tracking Vehicle Tracking Theory &amp; Implementation Segmentation Tracking Results Q &amp; A Introduction Object Tracking Object Tracking Object representation Feature

500 views • 28 slides
Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Computer Vision Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D. Wagner, V Lepetit, M. Breitenstein, P. Sabzmeydani, Z. Kalal from whom I borrowed many slides and videos. We all know what

1.62k views • 138 slides
Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D.

Computer Vision Tracking Tracking Many thanks to: H. Bischof, B. Leibe, V. Ferrari, K. Graumann, Y. Ukrainitz, D. Wagner, V Lepetit, M. Breitenstein, P. Sabzmeydani, Z. Kalal from whom I borrowed many slides and videos. We all know what

1.5k views • 137 slides
RFID KEG TRACKING SOLUTION Proteus Tracking is a class leading innovative Internet of Things

RFID KEG TRACKING SOLUTION Proteus Tracking is a class leading innovative Internet of Things

RFID KEG TRACKING SOLUTION Proteus Tracking is a class leading innovative Internet of Things company. Proteus Tracking prides itself in identifying the clients problem areas and delivering breakthrough industry technology solutions in both

150 views • 4 slides
ITU-T Activities on Traffic Engineering of IP VPNs Wai Sum Lai AT&amp;T Labs WP3/2 (Traffic

ITU-T Activities on Traffic Engineering of IP VPNs Wai Sum Lai AT&amp;T Labs WP3/2 (Traffic

ITU-T Activities on Traffic Engineering of IP VPNs Wai Sum Lai AT&amp;T Labs WP3/2 (Traffic Engineering) E.ipvpn ITU-T Study Group 2, Working Party 3 (Traffic Engineering) http://www.itu.int/ITU-T/com2/index.html 3 Questions (in

631 views • 5 slides
Eye-tracking for capturing human visual attention Eye-tracking for capturing human visual

Eye-tracking for capturing human visual attention Eye-tracking for capturing human visual

BubbleView : an interface for crowdsourcing image importance maps and tracking visual attention Nam Wook Zoya Michelle Krzysztof Aude Fredo Hanspeter Kim* Bylinskii* Borkin Gajos Oliva Durand Pfister Eye-tracking for capturing human

830 views • 69 slides
Traffic Engineering with Traffic Engineering with Estimated Traffic Matrices Estimated Traffic

Traffic Engineering with Traffic Engineering with Estimated Traffic Matrices Estimated Traffic

Traffic Engineering with Traffic Engineering with Estimated Traffic Matrices Estimated Traffic Matrices Matthew Roughan www.research.att.com/~roughan Mikkel Thorup www.research.att.com/~mthorup Yin Zhang www.research.att.com/~yzhang

476 views • 19 slides
Inter Internet monitoring net monitoring and web tracking and web tracking Engineering &amp;

Inter Internet monitoring net monitoring and web tracking and web tracking Engineering &amp;

CyLab Inter Internet monitoring net monitoring and web tracking and web tracking Engineering &amp; Public Policy Lorrie Faith Cranor September 30, 2014 y &amp; c S a e v c i u r P r i t e y l b L a a s b U o 8-533

440 views • 42 slides
Traffic Classification in the Fog Scott E. Coull February 23, 2006 Overview What is traffic

Traffic Classification in the Fog Scott E. Coull February 23, 2006 Overview What is traffic

Traffic Classification in the Fog Scott E. Coull February 23, 2006 Overview What is traffic classification? Communities of Interest for classification BLINC Profiling Internet Backbone Traffic What is missing here? Traffic

965 views • 81 slides

More recommend