The International Arab Journal of Information Technology (IAJIT)


The Delay Measurement and Analysis of Unreachable Hosts of Internet

Ali Gezer,
Delay related metrics are significant quality of service criteria for the performance evaluation of networks. Almost all delay related measurement and analysis studies take into consideration the reachable sources of Internet. However, unreachable sources might also shed light upon some problems such as worm propagation. In this study, we carry out a delay measurement study of unreachable destinations and analyse the delay dynamics of unreachable nodes. 2. Internet Control Message Protocol (ICMP) destination unreachable Internet Control Message Protocol-Destination Unreachable (ICMP T3) packets are considered for the delay measurement according to their code types which shows network un reach ability, host un reach ability, port un reach ability, etc., Measurement results show that unreachable sources exhibit totally different delay behaviour compared to reachable IP hosts. A significant part of the unreachable hosts experiences extra 3 seconds Round Trip Time (RTT) delay compared to accessible hosts mostly due to host un reach ability. It is also seen that, approximately 79% of destination un reach ability causes from host un reach ability. Obtained Hurst parameter estimation results reveal that unreachable host RTTs show lower Hurst degree compared to reachable hosts which is approximately a random behaviour. Unreachable sources exhibit totally different distributional characteristic compared to accessible ones which is best fitted with Phased Bi-Exponential distribution.

[1] Abdou A., Matrawy A., and Oorschot P., “Accurate One-Way Delay Estimation with Reduced Client Trustworthiness,” IEEE Communications Letters, vol. 19, no. 5, pp. 735- 738, 2015.

[2] Abdou A., Matrawy A., and Oorschot P., “CPV: Delay-based Location Verification for the Internet,” IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 2, pp. 130-144, 2015.

[3] Adhari H., Dreibholz T., Werner S., and Rathgeb E., “Eclipse: A New Dynamic Delay- based Congestion Control Algorithm for Background Traffic,” in Proceedings of 18th International Conference on Network-Based Information Systems, Taipei, pp. 115-123, 2015.

[4] Allman M., Paxson V., and Blanton E., “TCP &RQJHVWLRQ&RQWURO´5)&

[5] Almes G., Kalidindi S., and Zekauskas M., “A One-Way Delay Metric for IPPM,” RFC 2679, 1999.

[6] Almes G., Kalidindi S., and Zekauskas M., “A Round-Trip Time Delay Metric fo IPPM Round Trip Delay,” RFC 2681, 1999.

[7] Anderson T. and Darling D., “Asymptotic Theory of Certain ‘Goodness-of-Fit’ Criteria Based on Stochastic Processes,” The Annals of Mathematical Statistics, vol. 23, pp. 193-212, 1952.

[8] Beran J., Sherman R., Taqqu M., and Willinger W., “Long-Range Dependence in Variable-Bit- Rate Video Traffic,” IEEE Transactions Communications, vol. 43, no. 234, pp. 1566- 1579, 1995.

[9] Berk V., Bakos G., and Morris R., “Designing a Framework for Active Worm Detection on Global Networks,” in Proceeding of the 1st IEEE International Workshop on Information Assurance, Darmstadt Germany, pp. 13-23, 2003.

[10] Blenn N., Ghiette V., and Doerr C., “Quantifying the Spectrum of Denial of-Service Attacks Through Internet Backscatter,” in Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria Italy, pp. 1-10, 2017.

[11] Chen S. and Tangi Y., “Slowing Down Internet Worms,” in Proceedings of the 24th International Conference on Distributed Computing Systems, Tokyo, pp. 312-319, 2014.

[12] Cho K., Mitsuya K., and Kata A., “Traffic Data Repository at the WIDE Project,” in Proceedings USENIX 2000 Annual Technical Conference: FREENIX Track, USENIX Association, San Dieog, pp. 263-270, 2000.

[13] Choi B., Moon S., Cruz R., Zhang Z., and Diot C., “Quantile Sampling for Practical Delay 0RQLWRULQJ LQ ,QWHUQHW %DFNERQH 1HWZRUNV´ Computer Networks, vol. 51, no. 10, pp. 2701- 2716, 2007.

[14] Crovella M. Bestavros A., “Self-Similarity in World Wide Web Traffic: Evidence and Possible Causes,” IEEE/ACM Transactions on Networking, vol. 5, no. 6, pp. 835-846, 1997.

[15] Csoma A., Toka L., and Gulyas A., “On Lower (VWLPDWLQJ ,QWHUQHW 4XHXLQJ 'HOD\´in Proceedings 38th International Conference on Telecommunications and Signal Processing, Prague, pp. 299-303, 2015.

[16] Gezer A. and Warner G., “Exploitation of ICMP Time Exceeded Packets for A Large-Scale Router Delay Analysis,” The International Arab Journal of Information Technology, vol. 16, no. 6, pp. 1090-1097, 2019.

[17] Gezer A., “Large-Scale Round-Trip Delay Analysis of Ipv4 Hosts Around the Globe,” Turkish Journal of Electrical Engineering and Computer Science, vol. 27, no. 3, pp. 1998-2009, 2019.

[18] Heidemann J., Pradkin Y., Govindan R., Papadopoulos C., Bartlett G., and Bannister J., “Census and Survey of the Visible Internet,” in The Delay Measurement and Analysis of Unreachable Hosts of Internet 71 Proceedings of the 8th ACM SIGCOMM Conference on Internet Measurement, New York, pp. 169-182, 2008.

[19] Jacobson V., “Congestion Avoidance and Control,” in Proceedings of ACM SIGCOMM’88, Stanford, pp. 314-329, 1988.

[20] Karn P. and Partridge C., “Improving Round-Trip Time Estimates in Reliable Transport Protocols,” ACM SIGCOMM Computer communication Review, vol. 17, no. 5, pp. 2-7, 1987.

[21] Leland W., Taqqu M., Willinger W., and Wilson D., “On the Self-Similar Nature of Ethernet Traffic (Extended Version),” IEEE/ACM Transactions on Networking, vol. 2, no. 1, pp. 1- 15, 1994.

[22] Nagata T., Su W., and Lee J., “Using Hybrid Method to Detect Internet Worms by Analyzing ICMP Type 3 Messages and Worm Characteristic Matching,” International Information Institute (Tokyo) Information, vol. 23, no.1, pp. 21-28, 2021.

[23] Paxon V., Allman M., Chu J., Sargent M., “Computing TCP’s Retransmission Timer,” RFC 6298, 2011.

[24] Paxson V. and Floyd S., “Wide Area Traffic: the Failure of Poisson Modeling,” IEEE/ACM Transactions on Networking, vol. 3, no. 3, pp. 226-244, 1995.

[25] Postel J., “Internet Control Message Protocol,” RFC 792, 1981.

[26] Roy A., Pachuau J., and Saha A., “An Overview of Queuing Delay and Various Delay Based Algorithms in Networks,” Computing, pp. 1-39, 2021.

[27] Salehin K., Cessa R., Lin C., Dong Z., and Kijkanjanarat T., “Scheme to Measure Packet Processing Time of a Remote Host through Estimation of End-Link Capacity,” IEEE Transactions on Computers, vol. 64, no. 1, pp. 205-218, 2015.

[28] Salehin K., Rojas-Cessa R., and Ziavras S., “A Method to Measure Packet Processing Time of Hosts Using High-Speed Transmission Lines,” IEEE Systems Journal, vol. 9, no. 4, 2015.

[29] Sebopetse N., Burger C., Mofolo M., and Lysko A., “Measuring with JPerf and PsPing: Throughput and Estimated Packet Delivery Delay vs TCP Window Size and Parallel Streams,” in Proceedings 7th International Conference on Advanced Computing and Communication Systems, Coimbatore, pp. 838-832, 2021.

[30] Smirnov N., “Table for Estimating the Goodness of Fit of Empirical Distributions,” The Annals of Mathematical Statistics, vol. 19, no. 2, pp. 279- 281, 1948.

[31] Veitch D. and Abry P., “A Wavelet-Based Joint Estimator for the Parameters of LRD,” Special Issue on Multiscale Statistical Signal Analysis and its Applications IEEE Transactions on Informatics Theory, vol. 45, no. 3, pp. 878-897, 1999.

[32] Wang J., Dong W., Cao Z., and Liu Y., “On the Delay Performance in a Large-Scale Wireless Sensor Network: Measurement, Analysis, and Implications,” IEEE/ACM Transactions on Networking, vol. 23, no. 1, pp. 186-197, 2015. Ali Gezer was born in Kayseri City, Turkey, in 1976. He received the B.S. degree in Electronic and Computer Education from Marmara University in 1999 and M.S. degree in computer engineering from Erciyes University in 2004, and the Ph.D. degree in electronic engineering from Erciyes University, Kayseri, TURKEY, in 2011. He is an Associated Professor with the Electronic and Communication Technology in Kayseri University. His research interests include internet traffic measurement, self-similarity, traffic modelling, network security and cyber-attack detection.