Visible to the public Biblio

Filters: Keyword is transport protocols  [Clear All Filters]
2021-04-09
Fadhilah, D., Marzuki, M. I..  2020.  Performance Analysis of IDS Snort and IDS Suricata with Many-Core Processor in Virtual Machines Against Dos/DDoS Attacks. 2020 2nd International Conference on Broadband Communications, Wireless Sensors and Powering (BCWSP). :157—162.
The rapid development of technology makes it possible for a physical machine to be converted into a virtual machine, which can operate multiple operating systems that are running simultaneously and connected to the internet. DoS/DDoS attacks are cyber-attacks that can threaten the telecommunications sector because these attacks cause services to be disrupted and be difficult to access. There are several software tools for monitoring abnormal activities on the network, such as IDS Snort and IDS Suricata. From previous studies, IDS Suricata is superior to IDS Snort version 2 because IDS Suricata already supports multi-threading, while IDS Snort version 2 still only supports single-threading. This paper aims to conduct tests on IDS Snort version 3.0 which already supports multi-threading and IDS Suricata. This research was carried out on a virtual machine with 1 core, 2 core, and 4 core processor settings for CPU, memory, and capture packet attacks on IDS Snort version 3.0 and IDS Suricata. The attack scenario is divided into 2 parts: DoS attack scenario using 1 physical computer, and DDoS attack scenario using 5 physical computers. Based on overall testing, the results are: In general, IDS Snort version 3.0 is better than IDS Suricata. This is based on the results when using a maximum of 4 core processor, in which IDS Snort version 3.0 CPU usage is stable at 55% - 58%, a maximum memory of 3,000 MB, can detect DoS attacks with 27,034,751 packets, and DDoS attacks with 36,919,395 packets. Meanwhile, different results were obtained by IDS Suricata, in which CPU usage is better compared to IDS Snort version 3.0 with only 10% - 40% usage, and a maximum memory of 1,800 MB. However, the capabilities of detecting DoS attacks are smaller with 3,671,305 packets, and DDoS attacks with a total of 7,619,317 packets on a TCP Flood attack test.
2021-03-29
Grochol, D., Sekanina, L..  2020.  Evolutionary Design of Hash Functions for IPv6 Network Flow Hashing. 2020 IEEE Congress on Evolutionary Computation (CEC). :1–8.
Fast and high-quality network flow hashing is an essential operation in many high-speed network systems such as network monitoring probes. We propose a multi-objective evolutionary design method capable of evolving hash functions for IPv4 and IPv6 flow hashing. Our approach combines Cartesian genetic programming (CGP) with Non-dominated sorting genetic algorithm II (NSGA-II) and aims to optimize not only the quality of hashing, but also the execution time of the hash function. The evolved hash functions are evaluated on real data sets collected in computer network and compared against other evolved and conventionally created hash functions.
Liu, W., Niu, H., Luo, W., Deng, W., Wu, H., Dai, S., Qiao, Z., Feng, W..  2020.  Research on Technology of Embedded System Security Protection Component. 2020 IEEE International Conference on Advances in Electrical Engineering and Computer Applications( AEECA). :21—27.

With the development of the Internet of Things (IoT), it has been widely deployed. As many embedded devices are connected to the network and massive amounts of security-sensitive data are stored in these devices, embedded devices in IoT have become the target of attackers. The trusted computing is a key technology to guarantee the security and trustworthiness of devices' execution environment. This paper focuses on security problems on IoT devices, and proposes a security architecture for IoT devices based on the trusted computing technology. This paper implements a security management system for IoT devices, which can perform integrity measurement, real-time monitoring and security management for embedded applications, providing a safe and reliable execution environment and whitelist-based security protection for IoT devices. This paper also designs and implements an embedded security protection system based on trusted computing technology, containing a measurement and control component in the kernel and a remote graphical management interface for administrators. The kernel layer enforces the integrity measurement and control of the embedded application on the device. The graphical management interface communicates with the remote embedded device through the TCP/IP protocol, and provides a feature-rich and user-friendly interaction interface. It implements functions such as knowledge base scanning, whitelist management, log management, security policy management, and cryptographic algorithm performance testing.

Nikolov, N..  2020.  Research of MQTT, CoAP, HTTP and XMPP IoT Communication protocols for Embedded Systems. 2020 XXIX International Scientific Conference Electronics (ET). :1—4.

This paper describe most popular IoT protocols used for IoT embedded systems and research their advantage and disadvantage. Hardware stage used in this experiment is described in this article - it is used Esp32 and programming language C. It is very important to use corrected IoT protocol that is determines of purpose, hardware and software of system. There are so different IoT protocols, because they are cover vary requirements for vary cases.

2021-03-16
Freitas, M. Silva, Oliveira, R., Molinos, D., Melo, J., Rosa, P. Frosi, Silva, F. de Oliveira.  2020.  ConForm: In-band Control Plane Formation Protocol to SDN-Based Networks. 2020 International Conference on Information Networking (ICOIN). :574—579.

Although OpenFlow-based SDN networks make it easier to design and test new protocols, when you think of clean slate architectures, their use is quite limited because the parameterization of its flows resides primarily in TCP/IP protocols. Besides, despite the many benefits that SDN offers, some aspects have not yet been adequately addressed, such as management plane activities, network startup, and options for connecting the data plane to the control plane. Based on these issues and limitations, this work presents a bootstrap protocol for SDN-based networks, which allows, beyond the network topology discovery, automatic configuration of an inband control plane. The protocol is designed to act only on layer two, in an autonomous, distributed and deterministic way, with low overhead and has the intent to be the basement for the implementation of other management plane related activities. A formal specification of the protocol is provided. In addition, an analytical model was created to preview the number of required messages to establish the control plane. According to this model, the proposed protocol presents less overhead than similar de-facto protocols used to topology discovery in SDN networks.

2021-02-23
Hartpence, B., Kwasinski, A..  2020.  Combating TCP Port Scan Attacks Using Sequential Neural Networks. 2020 International Conference on Computing, Networking and Communications (ICNC). :256—260.

Port scans are a persistent problem on contemporary communication networks. Typically used as an attack reconnaissance tool, they can also create problems with application performance and throughput. This paper describes an architecture that deploys sequential neural networks (NNs) to classify packets, separate TCP datagrams, determine the type of TCP packet and detect port scans. Sequential networks allow this lengthy task to learn from the current environment and to be broken up into component parts. Following classification, analysis is performed in order to discover scan attempts. We show that neural networks can be used to successfully classify general packetized traffic at recognition rates above 99% and more complex TCP classes at rates that are also above 99%. We demonstrate that this specific communications task can successfully be broken up into smaller work loads. When tested against actual NMAP scan pcap files, this model successfully discovers open ports and the scan attempts with the same high percentage and low false positives.

Shah, A., Clachar, S., Minimair, M., Cook, D..  2020.  Building Multiclass Classification Baselines for Anomaly-based Network Intrusion Detection Systems. 2020 IEEE 7th International Conference on Data Science and Advanced Analytics (DSAA). :759—760.
This paper showcases multiclass classification baselines using different machine learning algorithms and neural networks for distinguishing legitimate network traffic from direct and obfuscated network intrusions. This research derives its baselines from Advanced Security Network Metrics & Tunneling Obfuscations dataset. The dataset captured legitimate and obfuscated malicious TCP communications on selected vulnerable network services. The multiclass classification NIDS is able to distinguish obfuscated and direct network intrusion with up to 95% accuracy.
2021-02-22
Gündoğan, C., Amsüss, C., Schmidt, T. C., Wählisch, M..  2020.  IoT Content Object Security with OSCORE and NDN: A First Experimental Comparison. 2020 IFIP Networking Conference (Networking). :19–27.
The emerging Internet of Things (IoT) challenges the end-to-end transport of the Internet by low power lossy links and gateways that perform protocol translations. Protocols such as CoAP or MQTT-SN are degraded by the overhead of DTLS sessions, which in common deployment protect content transfer only up to the gateway. To preserve content security end-to-end via gateways and proxies, the IETF recently developed Object Security for Constrained RESTful Environments (OSCORE), which extends CoAP with content object security features commonly known from Information Centric Networks (ICN). This paper presents a comparative analysis of protocol stacks that protect request-response transactions. We measure protocol performances of CoAP over DTLS, OSCORE, and the information-centric Named Data Networking (NDN) protocol on a large-scale IoT testbed in single- and multi-hop scenarios. Our findings indicate that (a) OSCORE improves on CoAP over DTLS in error-prone wireless regimes due to omitting the overhead of maintaining security sessions at endpoints, and (b) NDN attains superior robustness and reliability due to its intrinsic network caches and hop-wise retransmissions.
Yan, Z., Park, Y., Leau, Y., Ren-Ting, L., Hassan, R..  2020.  Hybrid Network Mobility Support in Named Data Networking. 2020 International Conference on Information Networking (ICOIN). :16–19.
Named Data Networking (NDN) is a promising Internet architecture which is expected to solve some problems (e.g., security, mobility) of the current TCP/IP architecture. The basic concept of NDN is to use named data for routing instead of using location addresses like IP address. NDN natively supports consumer mobility, but producer mobility is still a challenge and there have been quite a few researches. Considering the Internet connection such as public transport vehicles, network mobility support in NDN is important, but it is still a challenge. That is the reason that this paper proposes an efficient network mobility support scheme in NDN in terms of signaling protocols and data retrieval.
2021-02-16
Sumantra, I., Gandhi, S. Indira.  2020.  DDoS attack Detection and Mitigation in Software Defined Networks. 2020 International Conference on System, Computation, Automation and Networking (ICSCAN). :1—5.
This work aims to formulate an effective scheme which can detect and mitigate of Distributed Denial of Service (DDoS) attack in Software Defined Networks. Distributed Denial of Service attacks are one of the most destructive attacks in the internet. Whenever you heard of a website being hacked, it would have probably been a victim of a DDoS attack. A DDoS attack is aimed at disrupting the normal operation of a system by making service and resources unavailable to legitimate users by overloading the system with excessive superfluous traffic from distributed source. These distributed set of compromised hosts that performs the attack are referred as Botnet. Software Defined Networking being an emerging technology, offers a solution to reduce network management complexity. It separates the Control plane and the data plane. This decoupling provides centralized control of the network with programmability and flexibility. This work harness this programming ability and centralized control of SDN to obtain the randomness of the network flow data. This statistical approach utilizes the source IP in the network and various attributes of TCP flags and calculates entropy from them. The proposed technique can detect volume based and application based DDoS attacks like TCP SYN flood, Ping flood and Slow HTTP attacks. The methodology is evaluated through emulation using Mininet and Detection and mitigation strategies are implemented in POX controller. The experimental results show the proposed method have improved performance evaluation parameters including the Attack detection time, Delay to serve a legitimate request in the presence of attacker and overall CPU utilization.
Grashöfer, J., Titze, C., Hartenstein, H..  2020.  Attacks on Dynamic Protocol Detection of Open Source Network Security Monitoring Tools. 2020 IEEE Conference on Communications and Network Security (CNS). :1—9.
Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has proven to be complex, as isolated characteristics, like port numbers, are not sufficient to reliably determine the application layer protocol. In this paper, we analyze the Dynamic Protocol Detection mechanisms employed by popular and widespread open-source network monitoring tools. On the example of HTTP, we show that all analyzed detection mechanisms are vulnerable to evasion attacks. This poses a serious threat to real-world monitoring operations. We find that the underlying fundamental problem of protocol disambiguation is not adequately addressed in two of three monitoring systems that we analyzed. To enable adequate operational decisions, this paper highlights the inherent trade-offs within Dynamic Protocol Detection.
2021-02-08
Fauzan, A., Sukarno, P., Wardana, A. A..  2020.  Overhead Analysis of the Use of Digital Signature in MQTT Protocol for Constrained Device in the Internet of Things System. 2020 3rd International Conference on Computer and Informatics Engineering (IC2IE). :415–420.
This paper presents an overhead analysis of the use of digital signature mechanisms in the Message Queue Telemetry Transport (MQTT) protocol for three classes of constrained-device. Because the resources provided by constrained-devices are very limited, the purpose of this overhead analysis is to help find out the advantages and disadvantages of each class of constrained-devices after a security mechanism has been applied, namely by applying a digital signature mechanism. The objective of using this digital signature mechanism is for providing integrity, that if the payload sent and received in its destination is still original and not changed during the transmission process. The overhead analysis aspects performed are including analyzing decryption time, signature verification performance, message delivery time, memory and flash usage in the three classes of constrained-device. Based on the overhead analysis result, it can be seen that for decryption time and signature verification performance, the Class-2 device is the fastest one. For message delivery time, the smallest time needed for receiving the payload is Class-l device. For memory usage, the Class-2 device is providing the biggest available memory and flash.
2021-01-11
Nyasore, O. N., Zavarsky, P., Swar, B., Naiyeju, R., Dabra, S..  2020.  Deep Packet Inspection in Industrial Automation Control System to Mitigate Attacks Exploiting Modbus/TCP Vulnerabilities. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :241–245.

Modbus TCP/IP protocol is a commonly used protocol in industrial automation control systems, systems responsible for sensitive operations such as gas turbine operation and refinery control. The protocol was designed decades ago with no security features in mind. Denial of service attack and malicious parameter command injection are examples of attacks that can exploit vulnerabilities in industrial control systems that use Modbus/TCP protocol. This paper discusses and explores the use of intrusion detection and prevention systems (IDPS) with deep packet inspection (DPI) capabilities and DPI industrial firewalls that have capability to detect and stop highly specialized attacks hidden deep in the communication flow. The paper has the following objectives: (i) to develop signatures for IDPS for common attacks on Modbus/TCP based network architectures; (ii) to evaluate performance of three IDPS - Snort, Suricata and Bro - in detecting and preventing common attacks on Modbus/TCP based control systems; and (iii) to illustrate and emphasize that the IDPS and industrial firewalls with DPI capabilities are not preventing but only mitigating likelihood of exploitation of Modbus/TCP vulnerabilities in the industrial and automation control systems. The results presented in the paper illustrate that it might be challenging task to achieve requirements on real-time communication in some industrial and automation control systems in case the DPI is implemented because of the latency and jitter introduced by these IDPS and DPI industrial firewall.

2020-12-28
Sharma, V., Renu, Shree, T..  2020.  An adaptive approach for Detecting Blackhole using TCP Analysis in MANETs. 2nd International Conference on Data, Engineering and Applications (IDEA). :1—5.

From recent few years, need of information security is realized by society amd researchers specially in multi-path, unstructured networks as Mobile Ad-hoc Network. Devices connected in such network are self-configuring and small in size and can communicate in infra less environment. Architecture is very much dynamic and absence of central controlling authority puts challenges to the network by making more vulnerable for various threats and attacks in order to exploit the function of the network. The paper proposes, TCP analysis against very popular attack i.e. blackhole attack. Under different circumstance, reliable transport layer protocol TCP is analyzed for the effects of the attack on adhoc network. Performance has been measured using metrics of average throughput, normalized routing load and end to end delay and conclusions have been drawn based on that.

Kumar, R., Mishra, A. K., Singh, D. K..  2020.  Packet Loss Avoidance in Mobile Adhoc Network by using Trusted LDoS Techniques. 2nd International Conference on Data, Engineering and Applications (IDEA). :1—5.
Packet loss detection and prevention is full-size module of MANET protection systems. In trust based approach routing choices are managed with the aid of an unbiased have faith table. Traditional trust-based techniques unsuccessful to notice the essential underlying reasons of a malicious events. AODV is an approachable routing set of guidelines i.e.it finds a supply to an endpoint only on request. LDoS cyber-attacks ship assault statistics packets after period to time in a brief time period. The community multifractal ought to be episodic when LDoS cyber-attacks are hurled unpredictably. Real time programs in MANET necessitate certain QoS advantages, such as marginal end-to-end facts packet interval and unobjectionable records forfeiture. Identification of malevolent machine, information security and impenetrable direction advent in a cell system is a key tasks in any wi-fi network. However, gaining the trust of a node is very challenging, and by what capability it be able to get performed is quiet ambiguous. This paper propose a modern methodology to detect and stop the LDoS attack and preserve innocent from wicked nodes. In this paper an approach which will improve the safety in community by identifying the malicious nodes using improved quality grained packet evaluation method. The approach also multiplied the routing protection using proposed algorithm The structure also accomplish covered direction-finding to defend Adhoc community against malicious node. Experimentally conclusion factor out that device is fine fabulous for confident and more advantageous facts communication.
2020-12-17
Mukhandi, M., Portugal, D., Pereira, S., Couceiro, M. S..  2019.  A novel solution for securing robot communications based on the MQTT protocol and ROS. 2019 IEEE/SICE International Symposium on System Integration (SII). :608—613.

With the growing use of the Robot Operating System (ROS), it can be argued that it has become a de-facto framework for developing robotic solutions. ROS is used to build robotic applications for industrial automation, home automation, medical and even automatic robotic surveillance. However, whenever ROS is utilized, security is one of the main concerns that needs to be addressed in order to ensure a secure network communication of robots. Cyber-attacks may hinder evolution and adaptation of most ROS-enabled robotic systems for real-world use over the Internet. Thus, it is important to address and prevent security threats associated with the use of ROS-enabled applications. In this paper, we propose a novel approach for securing ROS-enabled robotic system by integrating ROS with the Message Queuing Telemetry Transport (MQTT) protocol. We manage to secure robots' network communications by providing authentication and data encryption, therefore preventing man-in-the-middle and hijacking attacks. We also perform real-world experiments to assess how the performance of a ROS-enabled robotic surveillance system is affected by the proposed approach.

2020-12-15
Nasser, B., Rabani, A., Freiling, D., Gan, C..  2018.  An Adaptive Telerobotics Control for Advanced Manufacturing. 2018 NASA/ESA Conference on Adaptive Hardware and Systems (AHS). :82—89.
This paper explores an innovative approach to the telerobotics reasoning architecture and networking, which offer a reliable and adaptable operational process for complex tasks. There are many operational challenges in the remote control for manufacturing that can be introduced by the network communications and Iatency. A new protocol, named compact Reliable UDP (compact-RUDP), has been developed to combine both data channelling and media streaming for robot teleoperation. The original approach ensures connection reliability by implementing a TCP-like sliding window with UDP packets. The protocol provides multiple features including data security, link status monitoring, bandwidth control, asynchronous file transfer and prioritizing transfer of data packets. Experiments were conducted on a 5DOF robotic arm where a cutting tool was mounted at its distal end. A light sensor was used to guide the robot movements, and a camera device to provide a video stream of the operation. The data communication reliability is evaluated using Round-Trip Time (RTT), and advanced robot path planning for distributed decision making between endpoints. The results show 88% correlation between the remotely and locally operated robots. The file transfers and video streaming were performed with no data loss or corruption on the control commands and data feedback packets.
2020-12-02
Ye, J., Liu, R., Xie, Z., Feng, L., Liu, S..  2019.  EMPTCP: An ECN Based Approach to Detect Shared Bottleneck in MPTCP. 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1—10.

The major challenge of Real Time Protocol is to balance efficiency and fairness over limited bandwidth. MPTCP has proved to be effective for multimedia and real time networks. Ideally, an MPTCP sender should couple the subflows sharing the bottleneck link to provide TCP friendliness. However, existing shared bottleneck detection scheme either utilize end-to-end delay without consideration of multiple bottleneck scenario, or identify subflows on switch at the expense of operation overhead. In this paper, we propose a lightweight yet accurate approach, EMPTCP, to detect shared bottleneck. EMPTCP uses the widely deployed ECN scheme to capture the real congestion state of shared bottleneck, while at the same time can be transparently utilized by various enhanced MPTCP protocols. Through theory analysis, simulation test and real network experiment, we show that EMPTCP achieves higher than 90% accuracy in shared bottleneck detection, thus improving the network efficiency and fairness.

Islam, S., Welzl, M., Gjessing, S..  2019.  How to Control a TCP: Minimally-Invasive Congestion Management for Datacenters. 2019 International Conference on Computing, Networking and Communications (ICNC). :121—125.

In multi-tenant datacenters, the hardware may be homogeneous but the traffic often is not. For instance, customers who pay an equal amount of money can get an unequal share of the bottleneck capacity when they do not open the same number of TCP connections. To address this problem, several recent proposals try to manipulate the traffic that TCP sends from the VMs. VCC and AC/DC are two new mechanisms that let the hypervisor control traffic by influencing the TCP receiver window (rwnd). This avoids changing the guest OS, but has limitations (it is not possible to make TCP increase its rate faster than it normally would). Seawall, on the other hand, completely rewrites TCP's congestion control, achieving fairness but requiring significant changes to both the hypervisor and the guest OS. There seems to be a need for a middle ground: a method to control TCP's sending rate without requiring a complete redesign of its congestion control. We introduce a minimally-invasive solution that is flexible enough to cater for needs ranging from weighted fairness in multi-tenant datacenters to potentially offering Internet-wide benefits from reduced interflow competition.

Lübben, R., Morgenroth, J..  2019.  An Odd Couple: Loss-Based Congestion Control and Minimum RTT Scheduling in MPTCP. 2019 IEEE 44th Conference on Local Computer Networks (LCN). :300—307.

Selecting the best path in multi-path heterogeneous networks is challenging. Multi-path TCP uses by default a scheduler that selects the path with the minimum round trip time (minRTT). A well-known problem is head-of-line blocking at the receiver when packets arrive out of order on different paths. We shed light on another issue that occurs if scheduling have to deal with deep queues in the network. First, we highlight the relevance by a real-world experiment in cellular networks that often deploy deep queues. Second, we elaborate on the issues with minRTT scheduling and deep queues in a simplified network to illustrate the root causes; namely the interaction of the minRTT scheduler and loss-based congestion control that causes extensive bufferbloat at network elements and distorts RTT measurement. This results in extraordinary large buffer sizes for full utilization. Finally, we discuss mitigation techniques and show how alternative congestion control algorithms mitigate the effect.

Yu, C., Quan, W., Cheng, N., Chen, S., Zhang, H..  2019.  Coupled or Uncoupled? Multi-path TCP Congestion Control for High-Speed Railway Networks 2019 IEEE/CIC International Conference on Communications in China (ICCC). :612—617.

With the development of modern High-Speed Railway (HSR) and mobile communication systems, network operators have a strong demand to provide high-quality on-board Internet services for HSR passengers. Multi-path TCP (MPTCP) provides a potential solution to aggregate available network bandwidth, greatly overcoming throughout degradation and severe jitter using single transmission path during the high-speed train moving. However, the choose of MPTCP algorithms, i.e., Coupled or Uncoupled, has a great impact on the performance. In this paper, we investigate this interesting issue in the practical datasets along multiple HSR lines. Particularly, we collect the first-hand network datasets and analyze the characteristics and category of traffic flows. Based on this statistics, we measure and analyze the transmission performance for both mice flows and elephant ones with different MPTCP congestion control algorithms in HSR scenarios. The simulation results show that, by comparing with the coupled MPTCP algorithms, i.e., Fully Coupled and LIA, the uncoupled EWTCP algorithm provides more stable throughput and balances congestion window distribution, more suitable for the HSR scenario for elephant flows. This work provides significant reference for the development of on-board devices in HSR network systems.

Zhao, Q., Du, P., Gerla, M., Brown, A. J., Kim, J. H..  2018.  Software Defined Multi-Path TCP Solution for Mobile Wireless Tactical Networks. MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM). :1—9.
Naval Battlefield Network communications rely on wireless network technologies to transmit data between different naval entities, such as ships and shore nodes. Existing naval battle networks heavily depend on the satellite communication system using single-path TCP for reliable, non-interactive data. While satisfactory for traditional use cases, this communication model may be inadequate for outlier cases, such as those arising from satellite failure and wireless signal outage. To promote network stability and assurance in such scenarios, the addition of unmanned aerial vehicles to function as relay points can complement network connectivity and alleviate potential strains in adverse conditions. The inherent mobility of aerial vehicles coupled with existing source node movements, however, leads to frequent network handovers with non-negligible overhead and communication interruption, particularly in the present single-path model. In this paper, we propose a solution based on multi-path TCP and software-defined networking, which, when applied to mobile wireless heterogeneous networks, reduces the network handover delay and improves the total throughput for transmissions among various naval entities at sea and littoral. In case of single link failure, the presence of a connectable relay point maintains TCP connectivity and reduces the risk of service interruption. To validate feasibility and to evaluate performance of our solution, we constructed a Mininet- WiFi emulation testbed. Compared against single-path TCP communication methods, execution of the testbed when configured to use multi-path TCP and UAV relays yields demonstrably more stable network handovers with relatively low overhead, greater reliability of network connectivity, and higher overall end-to-end throughput. Because the SDN global controller dynamically adjusts allocations per user, the solution effectively eliminates link congestion and promotes more efficient bandwidth utilization.
Ayar, T., Budzisz, Ł, Rathke, B..  2018.  A Transparent Reordering Robust TCP Proxy To Allow Per-Packet Load Balancing in Core Networks. 2018 9th International Conference on the Network of the Future (NOF). :1—8.

The idea to use multiple paths to transport TCP traffic seems very attractive due to its potential benefits it may offer for both redundancy and better utilization of available resources by load balancing. Fixed and mobile network providers employ frequently load-balancers that use multiple paths on either per-flow or per-destination level, but very seldom on per-packet level. Despite of the benefits of packet-level load balancing mechanisms (e.g., low computational complexity and high bandwidth utilization) network providers can't use them mainly because of TCP packet reorderings that harm TCP performance. Emerging network architectures also support multiple paths, but they face with the same obstacle in balancing their load to multiple paths. Indeed, packet level load balancing research is paralyzed by the reordering vulnerability of TCP.A couple of TCP variants exist that deal with TCP packet reordering problem, but due to lack of end-to-end transparency they were not widely deployed and adopted. In this paper, we revisit TCP's packet reorderings problem and present a transparent and light-weight algorithm, Out-of-Order Robustness for TCP with Transparent Acknowledgment (ACK) Intervention (ORTA), to deal with out-of-order deliveries.ORTA works as a transparent thin layer below TCP and hides harmful side-effects of packet-level load balancing. ORTA monitors all TCP flow packets and uses ACK traffic shaping, without any modifications to either TCP sender or receiver sides. Since it is transparent to TCP end-points, it can be easily deployed on TCP sender end-hosts (EHs), gateway (GW) routers, or access points (APs). ORTA opens a door for network providers to use per-packet load balancing.The proposed ORTA algorithm is implemented and tested in NS-2. The results show that ORTA can prevent TCP performance decrease when per-packet load balancing is used.

Tsurumi, R., Morita, M., Obata, H., Takano, C., Ishida, K..  2018.  Throughput Control Method Between Different TCP Variants Based on SP-MAC Over WLAN. 2018 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW). :1—2.

We have proposed the Media Access Control method based on the Synchronization Phenomena of coupled oscillators (SP-MAC) to improve a total throughput of wireless terminals connected to a Access Point. SP-MAC can avoid the collision of data frames that occur by applying Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) based on IEEE 802.11 in Wireless local area networks (WLAN). Furthermore, a new throughput guarantee control method based on SP-MAC has been proposed. This method enable each terminal not only to avoid the collision of frames but also to obtain the requested throughput by adjusting the parameters of SP-MAC. In this paper, we propose a new throughput control method that realizes the fairness among groups of terminals that use the different TCP versions, by taking the advantage of our method that is able to change acquired throughput by adjusting parameters. Moreover, we confirm the effectiveness of the proposed method by the simulation evaluation.

Islam, S., Welzl, M., Hiorth, K., Hayes, D., Armitage, G., Gjessing, S..  2018.  ctrlTCP: Reducing latency through coupled, heterogeneous multi-flow TCP congestion control. IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :214—219.

We present ctrlTCP, a method to combine the congestion controls of multiple TCP connections. In contrast to the previous methods such as the Congestion Manager, ctrlTCP can couple all TCP flows that leave one sender, traverse a common bottleneck (e.g., a home user's thin uplink) and arrive at different destinations. Using ns-2 simulations and an implementation in the FreeBSD kernel, we show that our mechanism reduces queuing delay, packet loss, and short flow completion times while enabling precise allocation of the share of the available bandwidth between the connections according to the needs of the applications.