• DocumentCode
    2128270
  • Title

    Analyzing the accuracy of CHOKe hits, CHOKe misses and CHOKe-RED drops

  • Author

    Govindaswamy, Visvasuresh Victor ; Zaruba, Gergely ; Balasekaran, G.

  • Author_Institution
    Texas A & M-Texarkana, Texarkana, AR
  • fYear
    2008
  • fDate
    4-7 May 2008
  • Abstract
    CHOKe, xCHOKe and RECHOKe are preferential dropping schemes that have been proposed for detection, control and punishment of malicious flows at routers in IP networks. They use CHOKe hits, CHOKe misses and/or CHOKe-RED drops to carry out these tasks. In this paper we investigate the accuracy of malicious flow detection by using these hits, misses and drops (using ns-2). We also point out the unreliability of CHOKe hits and misses, when compared to CHOKe-RED drops, as they affect TCP-friendly flows adversely. By doing so, we present two variations of CHOKe called Half1 and Half2 to improve CHOKe and compare them with CHOKe. Half1 and Half2 outperform CHOKe when the combined rates of malicious flows are less or greater than the link capacity respectively.
  • Keywords
    IP networks; telecommunication security; transport protocols; CHOKe hits; CHOKe misses; CHOKe-RED drops; IP networks; TCP-friendly flows; malicious flows; preferential dropping schemes; Bandwidth; Counting circuits; Feedback; History; IP networks; Inductors; Internet; Protection; Transport protocols; Active Queue Management (AQM); Buffer Management; Congestion Avoidance; Random Early Detection (RED); TCP Congestion Control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Electrical and Computer Engineering, 2008. CCECE 2008. Canadian Conference on
  • Conference_Location
    Niagara Falls, ON
  • ISSN
    0840-7789
  • Print_ISBN
    978-1-4244-1642-4
  • Electronic_ISBN
    0840-7789
  • Type

    conf

  • DOI
    10.1109/CCECE.2008.4564501
  • Filename
    4564501
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2128270