Passive Detection of TCP Congestion Events
Detailed passive analysis of TCP sender behaviour requires accurate
identification of congestion events. Previous tools that attempt to
provide such information do not incorporate the behaviour of recent operating
systems and TCP features and are therefore of little use to researchers
analysing contemporary TCP traffic. In this paper, we present a new tool for
identifying and classifying TCP congestion events from a passive packet trace,
called tcpcsm, which understands modern operating system TCP behaviour.
We discuss the major problems that occur when passively identifying TCP
congestion events and describe how tcpcsm solves them. We also show that
tcpcsm is more accurate than previous tools using a series of controlled
experiments involving a variety of operating systems.
Published at ICT 2011, Ayia Napa, Cyprus.