Grenville Armitage

Swinburne University of Technology, Melbourne, Victoria, Australia

Are you Grenville Armitage?

Claim your profile

Publications (142)67.73 Total impact

  • Source
    Mark Claypool, Grenville Armitage, M.Brian Blake
    [Show abstract] [Hide abstract]
    ABSTRACT: Networked games in the context of the emerging technologies of cloud and mobile computing facilitate an enhanced gaming experience for consumers. Software engineers will be continually challenged to offer more realistic games in the context of ever more distributed systems, complexity in new game-delivery platforms, and the uncertainty in performance considering uneven computational environments.
    IEEE Internet Computing 05/2014; 18(3):8-11. DOI:10.1109/MIC.2014.56 · 2.00 Impact Factor
  • Sebastian Zander, Grenville Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: Accurate and frequent round trip time (RTT) measurements are important in testbeds and operational networks. Active measurement techniques inject probe packets that may modify the behaviour of the observed network and may produce misleading RTT estimates if the network handles probe packets differently to regular packets. Previous passive measurement techniques address these issues, but require precise time synchronisation or are limited to certain traffic types. We introduce Synthetic Packet-Pairs (SPP), a novel passive technique for RTT measurement. SPP provides frequently updated RTT measurements using any network traffic already present in the network without the need for time synchronisation. SPP accurately measures the RTT experienced by any application's traffic, even applications that do not exhibit symmetric client-server packet exchanges. We experimentally demonstrate the advantages of SPP.
    The 38th IEEE Conference on Local Computer Networks (LCN 2013); 10/2013
  • Grenville Armitage, Naeem Khademi
    [Show abstract] [Hide abstract]
    ABSTRACT: Home networks are seeing increased deployment of Wireless LAN (WiFi) links between conventional, gigabit/second wired Ethernet segments. This means an increasing number of internal bottlenecks, even as home networks are also expected to support latency-sensitive applications, regular TCP flows and an emerging class of low-priority, time-insensitive 'background' TCP flows. This paper explores the novel use of CDG v0.1 (a delay-gradient TCP) for such background TCP connections in home networks. We show a CDG flow induces latencies of only tens of milliseconds regardless of the bottleneck's internal buffer size (useful when coexisting with latency-sensitive traffic) while achieving a significant fraction of spare link capacity. We also show CDG does not gratuitously steal capacity from commonly deployed “foreground” TCPs such as CUBIC and NewReno.
    2013 IEEE 38th Conference on Local Computer Networks (LCN 2013); 10/2013
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: As of April 2013 almost 95% of the IPv4 address space has been allocated. Yet, the transition to IPv6 is still relatively slow. One reason could be existing “IPv4 reserves” - allocated but unused IPv4 addresses. Knowing how many addresses are actively used is important to predict a potential IPv4 address market, predict the IPv6 deployment time frame, and measure progressive exhaustion after the IPv4 space is fully allocated. Unfortunately, only a fraction of hosts respond to active probes, such as “ping”. We propose a capture-recapture method to estimate the actively used IPv4 addresses from multiple incomplete data sources, including “ping” censuses, network traces and server logs. We estimate that at least 950-1090 million IPv4 addresses are used, which is 36-41% of the publicly routed space. We analyse how the utilisation depends on various factors, such as region, country and allocation prefix length.
    The 7th IEEE Workshop on Network Measurements (WNM); 10/2013
  • Source
    Sebastian Zander, Lachlan L H Andrew, Grenville Armitage
    poster at IEEE INFOCOM; 04/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: Machine Learning (ML) for classifying IP traffic has relied on the analysis of statistics of full flows or their first few packets only. However, automated QoS management for interactive traffic flows requires quick and timely classification well before the flows finish. Also, interactive flows are often long-lived and should be continuously monitored during their lifetime. We propose to achieve this by using statistics derived from sub-flows—a small number of most recent packets taken at any point in a flow's lifetime. Then, the ML classifier must be trained on a set of sub-flows, and we investigate different sub-flow selection strategies. We also propose to augment training datasets so that classification accuracy is maintained even when a classifier mixes up client-to-server and server-to-client directions for applications exhibiting asymmetric traffic characteristics. We demonstrate the effectiveness of our approach with the Naive Bayes and C4.5 Decision Tree ML algorithms, for the identification of first-person-shooter online game and VoIP traffic. Our results show that we can classify both applications with up to 99% Precision and 95% Recall within less than 1 s. Stable results are achieved regardless of where within a flow the classifier captures the packets and the traffic direction.
    IEEE/ACM Transactions on Networking 12/2012; 20(6):1880-1894. DOI:10.1109/TNET.2012.2187305 · 1.99 Impact Factor
  • Sebastian Zander, Thuy Nguyen, Grenville Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: Machine Learning (ML) classifiers have been shown to provide accurate, timely and continuous IP flow classification when evaluating sub-flows (short moving windows of packets within flows). They can be used to provide automated QoS management for interactive traffic, such as fast-paced multiplayer games or VoIP. As with other ML classification approaches, previous sub-flow techniques have assumed all packets in all flows are being observed and evaluated. This limits scalability and poses a problem for practical deployment in network core or edge routers. In this paper we propose and evaluate subflow packet sampling (SPS) to reduce an ML sub-flow classifier's resource requirements with minimal compromise of accuracy. While random packet sampling increases classification time from
    The 37th IEEE Conference on Local Computer Networks (LCN12); 10/2012
  • ACM SIGCOMM Computer Communication Review 10/2012; DOI:10.1145/2378956.2378959 · 1.10 Impact Factor
  • Source
    Shervin Shirmohammadi, Carsten Griwodz, Grenville Armitage
    Multimedia Systems 06/2012; 19(3). DOI:10.1007/s00530-012-0279-8 · 0.44 Impact Factor
  • Source
    Grenville Armitage, Amiel Heyde
    [Show abstract] [Hide abstract]
    ABSTRACT: Online First Person Shooter (FPS) games typically use a client-server communication model, with thousands of enthusiast-hosted game servers active at any time. Traditional FPS server discovery may take minutes, as clients create thousands of short-lived packet flows while probing all available servers to find a selection of game servers with tolerable round trip time (RTT). REED reduces a client's probing time and network traffic to 1% of traditional server discovery. REED game servers participate in a centralized, incremental calculation of their network coordinates, and clients use these coordinates to expedite the discovery of servers with low RTTs.
    ACM Transactions on Multimedia Computing Communications and Applications 05/2012; 8(2):1-21. DOI:10.1145/2168996.2169000 · 0.90 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Despite the predicted exhaustion of unallocated IPv4 addresses between 2012 and 2014, it remains unclear how many current clients can use its successor, IPv6, to access the Internet. We propose a refinement of previous measurement studies that mitigates intrinsic measurement biases, and demonstrate a novel web-based technique using Google ads to perform IPv6 capability testing on a wider range of clients. After applying our sampling error reduction, we find that 6% of world-wide connections are from IPv6-capable clients, but only 1--2% of connections preferred IPv6 in dual-stack (dual-stack failure rates less than 1%). Except for an uptick around IPv6-day 2011 these proportions were relatively constant, while the percentage of connections with IPv6-capable DNS resolvers has increased to nearly 60%. The percentage of connections from clients with native IPv6 using happy eyeballs has risen to over 20%.
    Internet Measurement Conference 2012; 01/2012
  • Source
    Grant James Devilly, Patch Callahan, Grenville Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: Studies have found evidence that, after playing violent videogames for 20 min, people experience a mean short-term increase in aggression, hostility, and anger. The current research investigated whether or not players habituate during longer, more realistic lengths of play. Participants (N = 98) were randomly assigned to play the game Quake III Arena for either 20 or 60 min. Participants in the long condition showed a smaller change in state anger (CSA) from pre- to post-gameplay than those in the short condition, although this did not reach significance. Change in scores for gamers (not novice players) showed that short gaming led to a larger increase in anger ratings than long gaming. When the results for violent videogame players were analysed separately, there was no significant increase in anger post-gameplay—irrespective of length of time playing. Results also supported the hypotheses that females would show a significantly larger CSA than males and that participants previously unexposed to violent videogames would show a significantly larger CSA than exposed participants.
    Australian Psychologist 04/2011; 47(2):98 - 107. DOI:10.1111/j.1742-9544.2010.00008.x · 0.61 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Consumer broadband services are increasingly a mix of TCP-based and UDP-based applications, often with quite distinct requirements for interactivity and network performance. Consumers can experience degraded service when application traffic collides at a congestion point between home LANs, service provider edge networks and fractional-Mbit/sec `broadband' links. We illustrate two key issues that arise from the impact of TCP-based data transfers on real-time traffic (such as VoIP or online games) sharing a broadband link. First, well-intentioned modifications to traditional TCP congestion control can noticeably increase the latencies experienced by VoIP or online games. Second, superficially-similar packet dropping rules in broadband gateways can induce distinctly different packet loss rates in VoIP and online game traffic. Our observations provide cautionary guidance to researchers who model such traffic mixes, and to vendors implementing equipment at either end of consumer links.
    ACM Multimedia Systems Conference (MMSys 2011); 01/2011
  • Mattia Rossi, Philip Branch, Grenville J. Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: Geolocation of IP addresses is used for determining authenticity of webpages, delivering specific country or location related content and advertisements, or to add security for online transactions. Although IP geolocation databases exist, it is sometimes useful to validate their entries or create new, independent databases using independent sources of information. We propose and demonstrate a method whereby collecting and analyzing online game server discovery traffic over short periods of time can allow us to detect in which timezone a certain prefix or AS is located. Our method provides very good estimates of various AS timezones which we verify using publicly available IP geolocation databases.
    Network and Operating System Support for Digital Audio and Video, 21st International Workshop, NOSSDAV 2011, Vancouver, BC, Canada, June 1-3, 2011, Proceedings; 01/2011
  • Source
    Geoff Huston, Mattia Rossi, Grenville J. Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: The Border Gateway Protocol (BGP) is the Internet's inter-domain routing protocol. One of the major concerns related to BGP is its lack of effective security measures, and as a result the routing infrastructure of the Internet is vulnerable to various forms of attack. This paper examines the Internet's routing architecture and the design of BGP in particular, and surveys the work to date on securing BGP. To date no proposal has been seen as offering a combination of adequate security functions, suitable performance overheads and deployable support infrastructure. Some open questions on the next steps in the study of BGP security are posed.
    IEEE Communications Surveys &amp Tutorials 01/2011; DOI:10.1109/SURV.2011.041010.00041 · 6.49 Impact Factor
  • Source
    Sebastian Zander, Philip Branch, Grenville Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: Covert channels aim to hide the exis-tence of communication. Recently, Murdoch proposed a temperature-based covert channel where information is transmitted by remotely inducing and measuring changes of temperature of an unwitting intermediate host. The channel was invented for the purpose of attacking anony-mous servers, but could also be used for general-purpose covert communications. We propose an empirical method for estimating realistic (and previously unknown) capaci-ties for this channel. In example scenarios with different intermediate hosts and different levels of temperature induction and noise we find the channel capacity is up to 20.5 bits per hour, but it almost halves to 10.3 bits per hour with higher noise or more effective cooling at the intermediate host.
    IEEE Communications Letters 01/2011; 15(1). DOI:10.1109/LCOMM.2010.110310.101334 · 1.46 Impact Factor
  • Source
    David A. Hayes, Grenville J. Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: Traditional loss-based TCP congestion control (CC) tends to induce high queuing delays and perform badly across paths containing links that exhibit packet losses unrelated to congestion. Delay-based TCP CC algorithms infer congestion from delay measurements and tend to keep queue lengths low. To date most delay-based CC algorithms do not coexist well with loss-based TCP, and require knowledge of a network path’s RTT characteristics to establish delay thresholds indicative of congestion. We propose and implement a delay-gradient CC algorithm (CDG) that no longer requires knowledge of path-specific minimum RTT or delay thresholds. Our FreeBSD implementation is shown to coexist reasonably with loss-based TCP (NewReno) in lightly multiplexed environments, share capacity fairly between instances of itself and NewReno, and exhibits improved tolerance of non-congestion related losses (86% better goodput than NewReno in the presence of 1% packet losses).
    NETWORKING 2011 - 10th International IFIP TC 6 Networking Conference, Valencia, Spain, May 9-13, 2011, Proceedings, Part II; 01/2011
  • Source
    David A. Hayes, Michael Welzl, Grenville J. Armitage, Mattia Rossi
    [Show abstract] [Hide abstract]
    ABSTRACT: TCP is quite a heavyweight protocol when serving very small web pages. We introduce a server-side kernel modification which enables a web server to perform HTTP over a UDP socket while the kernel provides a regular TCP interface 'on the wire' to remote clients. We show that our "stateless" TCP modification can greatly reduce a server's CPU usage (>20%) and TCP related memory requirements(>90%), potentially enabling it to serve small web pages even under extreme overload conditions.
    Network and Operating System Support for Digital Audio and Video, 21st International Workshop, NOSSDAV 2011, Vancouver, BC, Canada, June 1-3, 2011, Proceedings; 01/2011
  • Sebastian Zander, Grenville J. Armitage, Philip Branch
    [Show abstract] [Hide abstract]
    ABSTRACT: Covert channels aim to hide the existence of communication. Recently proposed packet-timing channels encode covert data in inter-packet times, based on models of inter-packet times of normal traffic. These channels are detectable if normal inter-packet times are not independent identically-distributed, which we demonstrate is the case for several network applications. We show that ~80% of channels are detected with a false positive rate of 0.5%. We then propose an improved channel that is much harder to detect. Only ~9% of our new channels are detected at a false positive rate of 0.5%. Our new channel uses packet content for synchronisation and works with UDP and TCP traffic. The channel capacity reaches over hundred bits per second depending on overt traffic and network jitter.
    NETWORKING 2011 - 10th International IFIP TC 6 Networking Conference, Valencia, Spain, May 9-13, 2011, Proceedings, Part I; 01/2011
  • Source
    Sebastian Zander, Grenville J. Armitage
    [Show abstract] [Hide abstract]
    ABSTRACT: A multi-service Internet requires routers to recognise and prioritise IP flows carrying interactive or multimedia traffic. It is increasingly problematic for legal or administrative reasons to recognise such flows using unique port numbers or deep packet inspection. New work in recent years shows that Machine Learning (ML) techniques can use externally observable statistical characteristics to usefully differentiate such IP traffic. However, most previous work has not addressed the practicality of ML-based traffic classification in terms of CPU and memory usage. Here we describe our design, implementation and performance evaluation of a distributed, ML-based traffic classification and control system for FreeBSD's IP Firewall (IPFW). On an Intel Core i7 2.8 GHz PC our system can classify up to 400 000 packets per second using only one core and our system scales well to up to 100 000 simultaneous flows. Also our implementation allows one classifier PC to control subsequent traffic shaping or blocking at multiple (potentially lower performance) routers or gateways distributed around the network.
    IEEE 36th Conference on Local Computer Networks, LCN 2011, Bonn, Germany, October 4-7, 2011; 01/2011