User login

Search Publications

Extracting Application Objects from TCP Packet Traces




Network packet traces can be used to derive traffic models suitable for simulation or emulation of networks. These traces are shaped by the conditions on the original network the trace was taken from such as latency, loss, congestion and path MTU. Using a trace to derive a model can give plausible results, but the model will strongly reflect where the trace was collected. A different approach is to extract application objects and use them to derive traffic models free of network artefacts for simulation and emulation tasks.

We propose a new algorithm for extracting application objects from a TCP packet trace by using non-MSS sized packets to demarcate the boundaries of objects. Unlike other object extraction methods, our approach does not require full packet capture; the TCP/IP headers are sufficient. We discuss the implementation of this algorithm and validate our algorithm against an existing object extractor that requires full payload capture.



Shane Alcock
Daniel Lawson
Richard Nelson