Portal de Periódicos da CAPES

Monitoring and controlling QoS network domains

2004; Wiley; Volume: 15; Issue: 1 Linguagem: Inglês

10.1002/nem.541

1099-1190

Ahsan Habib, Sonia Fahmy, Bharat Bhargava,

Network Security and Intrusion Detection

Increased performance, fairness, and security remain important goals for service providers. In this work, we design an integrated distributed monitoring, traffic conditioning, and flow control system for higher performance and security of network domains. Edge routers monitor (using tomography techniques) a network domain to detect quality of service (QoS) violations—possibly caused by underprovisioning—as well as bandwidth theft attacks. To bound the monitoring overhead, a router only verifies service level agreement (SLA) parameters such as delay, loss, and throughput when anomalies are detected. The marking component of the edge router uses TCP flow characteristics to protect ‘fragile’ flows. Edge routers may also regulate unresponsive flows, and may propagate congestion information to upstream domains. Simulation results indicate that this design increases application-level throughput of data applications such as large FTP transfers; achieves low packet delays and response times for Telnet and WWW traffic; and detects bandwidth theft attacks and service violations. Copyright © 2004 John Wiley & Sons, Ltd.