Presentation is loading. Please wait.

Presentation is loading. Please wait.

Who is the King of the Hill? Traffic Analysis over a 4G Network

Published byDouglas Short Modified over 5 years ago

Similar presentations

Presentation on theme: "Who is the King of the Hill? Traffic Analysis over a 4G Network"— Presentation transcript:

1 Who is the King of the Hill? Traffic Analysis over a 4G Network
Feng Li, Xiaoxiao Jiang, Jae Chung, and Mark Claypool Verizon Labs and Worcester Polytechnic Institute (WPI)

2 Introduction -- Low latency and high link capacity of LTE
-- Significant growth in number and variety of mobile applications -- Performance-enhancing proxies (PEPs) are introduced by many carriers -- TLS/SSL make it hard to identify content type and choose traffic shaping strategies -- To provide enhanced QoS services, carriers need better understanding of breakdown of application traffic

3 Outline -- Introduction -- Methodology -- Network Protocol Breakdown
-- Flow Statistics Analysis -- Mobile Applications -- Conclusions

4 Methodology -- Tier-1 wireless carrier in south-central U.S.
-- Mirror traffic from UE pool with over 5000 users -- 2 consecutive days, November 7-8, 2016 -- 7 hours, 9am-4pm -- Total 85 GB data, 2.5 million flows Note: no subscribers’ IDs, geographic locations, device types nor mobile numbers

5 Network Protocol Breakdown
-- 64% flows IPv4 compared to 36% IPv6 -- IPv6 volume slightly larger than IPv4 -- Mean IPv6 TCP flows is 81 KB, while Mean TCP IPv4 is 11 KB -- HTTP-family still dominates mobile: 70% of traffic volume -- Only 30% traffic unencrypted HTTP

6 Flow Statistics -- Characteristics important for LTE network: duration, volume, rate (throughput), RTT -- Most flows less than 2s -- 11% TCP flows and 0.5% UDP flows longer than 1 minute -- Most flows small -- High volume UDP flows contributed by QUIC

7 Flow Statistics -- Applications with req/resp may never send enough data to fill pipe -- Focus on elephant flow instead of numerous small flows -- Median TCP initial RTT is 79ms -- Large TCP initial RTTs may be from retransmission of SYN/SYN-ACK or backward compatible 2G/3G devices -- Time efficiency of DNS caching is confirmed -- 90% of TCP flows have rates less than 285 Kbps down and 60 Kbps up, while 90% of UDP flows have rates less than 815 Kbps down and 379 Kbps up TCP, 3-way handshank UDP from DNS request-response pairs

8 Mobile Applications -- Analyze applications through SNI, Hostname, reverse DNS -- Able to classify 88% of the traffic (by volume) -- Focus on well-know content providers -- Goal: recognize video flows

9 Top Content Providers -- Top 5 Content Providers
-- Google include YouTube is largest content provider -- QUIC constitute 25% of YouTube’s overall traffic -- Instagram constitutes about half of all FaceBook traffic -- Apple traffic consist of variety of different services Most of goolge’s traffic is protected by TSL/SSL, and mainly over IPv6 Instagram is mainly over HTTP, similar to Google, FB has migrate much of its traffic to IPv6 Most of Apple traffic is over IPv4

10 Top Mobile Applications
-- Top 10 mobile apps/servers -- These top 10 applications account for 46% of total traffic -- Video and Social apps most popular -- Snapchat only application using QUIC besides Google

11 YouTube Traffic -- 22% of total observed traffic
-- HTTPS and QUIC, hard to infer application types even with DPI -- Classify HTTPS based YouTube flow through SNI -- Classify QUIC based YouTube flow through reverse DNS -- QUIC YouTube and QUIC misc

12 YouTube Flows Analysis
-- Flow duration not good differentiator for video flows -- Ytimg flow even longer duration -- Googlevideo.com and QUIC (YouTube) larger than others -- Duration and volume come too late for detecting video

13 YouTube Flows Analysis
-- Throughput of googlevideo.com and QUIC (YouTube) highest -- Throughput may be good for identifying video -- 60% googlevideo.com and 25% QUIC (youtube) have payload of bytes -- Packet length may good for identifying video

14 Conclusions Approach:
-- Detailed snapshot of current commercial mobile network -- Cross-layer traffic analysis from tier-1 wireless network Findings: -- High volumes of IPv6 and HTTPs suggest renewed focus on traffic classification -- QUIC comprises 60% of UDP traffic and warrants special attention -- Google, Facebook and Apple top 3 content providers -- YouTube alone accounts for over 20% of total traffic

15 Thanks! Questions?

Download ppt "Who is the King of the Hill? Traffic Analysis over a 4G Network"

Similar presentations

A Measurement Study of Peer-to-Peer File Sharing Systems Presented by Cristina Abad.

A Measurement Study of Peer-to-Peer File Sharing Systems Presented by Cristina Abad.
A First Look at Modern Enterprise Traffic

A First Look at Modern Enterprise Traffic
1 Measurements of the Congestion Responsiveness of Windows Streaming Media James Nichols, Mark Claypool, Robert Kinicki and Mingzhe Li Computer Science.

1 Measurements of the Congestion Responsiveness of Windows Streaming Media James Nichols, Mark Claypool, Robert Kinicki and Mingzhe Li Computer Science.
Streaming Video Traffic: Characterization and Network Impact Kobus van der Merwe Shubho Sen Chuck Kalmanek

Streaming Video Traffic: Characterization and Network Impact Kobus van der Merwe Shubho Sen Chuck Kalmanek
An Empirical Study of Real Audio Traffic A. Mena and J. Heidemann USC/Information Sciences Institute In Proceedings of IEEE Infocom Tel-Aviv, Israel March.

An Empirical Study of Real Audio Traffic A. Mena and J. Heidemann USC/Information Sciences Institute In Proceedings of IEEE Infocom Tel-Aviv, Israel March.
Application, Network and Link Layer Measurements of Streaming Video over a Wireless Campus Network Passive & Active Measurement Workshop 05 Boston, MA,

Application, Network and Link Layer Measurements of Streaming Video over a Wireless Campus Network Passive & Active Measurement Workshop 05 Boston, MA,
Fresh Analysis of Streaming Media Stored on the Web Rabin Karki M.S. Thesis Presentation Advisor: Mark Claypool Reader: Emmanuel Agu 10 Jan, 2011.

Fresh Analysis of Streaming Media Stored on the Web Rabin Karki M.S. Thesis Presentation Advisor: Mark Claypool Reader: Emmanuel Agu 10 Jan, 2011.
The War Between Mice and Elephants Presented By Eric Wang Liang Guo and Ibrahim Matta Boston University ICNP 2001 1.

The War Between Mice and Elephants Presented By Eric Wang Liang Guo and Ibrahim Matta Boston University ICNP
Copyright © 2005 Department of Computer Science CPSC 641 Winter 20111 WAN Traffic Measurements There have been several studies of wide area network traffic.

Copyright © 2005 Department of Computer Science CPSC 641 Winter WAN Traffic Measurements There have been several studies of wide area network traffic.
Characterization by Measurement of a CDMA 1x EVDO Network Presenter: Mingzhe Li Wireless Internet Conference (WICON’06) Boston, Massachusetts,

Characterization by Measurement of a CDMA 1x EVDO Network Presenter: Mingzhe Li Wireless Internet Conference (WICON’06) Boston, Massachusetts,
The 4th IEEE International Conference on Broadband Communications, Networks and Systems (BROADNETS) Raleigh, NC, USA September 10-13, 2007 Measuring Queue.

The 4th IEEE International Conference on Broadband Communications, Networks and Systems (BROADNETS) Raleigh, NC, USA September 10-13, 2007 Measuring Queue.
Traffic Sensitive Active Queue Management - Mark Claypool, Robert Kinicki, Abhishek Kumar Dept. of Computer Science Worcester Polytechnic Institute Presenter.

Traffic Sensitive Active Queue Management - Mark Claypool, Robert Kinicki, Abhishek Kumar Dept. of Computer Science Worcester Polytechnic Institute Presenter.
WBest: a Bandwidth Estimation Tool for IEEE 802.11 Wireless Networks Presented by Feng Li Mingzhe Li, Mark Claypool, and.

WBest: a Bandwidth Estimation Tool for IEEE Wireless Networks Presented by Feng Li Mingzhe Li, Mark Claypool, and.
Tracking the Evolution of Web Traffic: 1999-2003 Felix Hernandez-Campos, Kevin Jeffay F. Donelson Smith IEEE/ACM International Symposium on Modeling, Analysis.

Tracking the Evolution of Web Traffic: Felix Hernandez-Campos, Kevin Jeffay F. Donelson Smith IEEE/ACM International Symposium on Modeling, Analysis.
Performance Enhancement of TFRC in Wireless Ad Hoc Networks Travis Grant – Mingzhe Li, Choong-Soo Lee, Emmanuel.

Performance Enhancement of TFRC in Wireless Ad Hoc Networks Travis Grant – Mingzhe Li, Choong-Soo Lee, Emmanuel.
Performance Enhancement of TFRC in Wireless Ad Hoc Networks Mingzhe Li, Choong-Soo Lee, Emmanuel Agu, Mark Claypool and Bob Kinicki Computer Science Department.

Performance Enhancement of TFRC in Wireless Ad Hoc Networks Mingzhe Li, Choong-Soo Lee, Emmanuel Agu, Mark Claypool and Bob Kinicki Computer Science Department.
Better-Behaved Better- Performing Multimedia Networking Jae Chung and Mark Claypool (Avanish Tripathi) Computer Science Department Worcester Polytechnic.

Better-Behaved Better- Performing Multimedia Networking Jae Chung and Mark Claypool (Avanish Tripathi) Computer Science Department Worcester Polytechnic.
1 TCP Traffic Analysis in cooperation with Motorola Todd DeSantis and David Loose Advisor: Professor Mark Claypool Co-Advisor: Professor Robert Kinicki.

1 TCP Traffic Analysis in cooperation with Motorola Todd DeSantis and David Loose Advisor: Professor Mark Claypool Co-Advisor: Professor Robert Kinicki.
Treatment-Based Traffic Signatures Mark Claypool Robert Kinicki Craig Wills Computer Science Department Worcester Polytechnic Institute

Treatment-Based Traffic Signatures Mark Claypool Robert Kinicki Craig Wills Computer Science Department Worcester Polytechnic Institute
1 YouTube Traffic Characterization: A View From the Edge Phillipa Gill¹, Martin Arlitt²¹, Zongpeng Li¹, Anirban Mahanti³ ¹ Dept. of Computer Science, University.

1 YouTube Traffic Characterization: A View From the Edge Phillipa Gill¹, Martin Arlitt²¹, Zongpeng Li¹, Anirban Mahanti³ ¹ Dept. of Computer Science, University.

Similar presentations

Ads by Google