$35
1 CSc 361: Computer Communications and Networks 2 Assignment 2: TCP Traffic Analysis 4
5 1
Goal
6 The purpose of this project is to understand the details of state management in Transmission 7 Control Protocol (TCP). You are required to write a python program to analyze the TCP protocol 8 behavior.
9 2 Requirements
10 You will be given a sample TCP trace file (sample-capture-file.cap). During the period traced, a 11 single web client accesses different web sites on the Internet. This trace is to be used for your own 12 test. TA might use a different trace file to test your code.
13 You need to write a python program for parsing and processing the trace file, and tracking TCP 14 state information. In this assignment, your code will be tested on the server linux.csc.uvic.ca. As 15 such, you are allowed to use only the Python packages of python3 currently installed on 16 linux.csc.uvic.ca. You are not allowed to install/use other third-party python packages.
17 Your program should process the trace file and compute summary information about TCP 18 connections. Note that a TCP connection is identified by a 4-tuple (IP source address, source port, 19 IP destination address, destination port), and packets can flow in both directions on a connection 20 (i.e., duplex). Also note that the packets from different connections can be arbitrarily interleaved 21 with each other in time, so your program will need to extract packets and associate them with the 22 correct connection.
23 The summary information to be computed for each TCP connection includes:
25
26
27
28
29
30
31
32
33
34 •
24 • the state of the connection. Possible states are: S0F0 (no SYN and no FIN), S1F0 (one SYN and no FIN), S2F0 (two SYN and no FIN), S1F1 (one SYN and one FIN), S2F1 (two SYN and one FIN), S2F2 (two SYN and two FIN), S0F1 (no SYN and one FIN), S0F2 (no SYN and two FIN), and so on, as well as R (connection reset due to protocol error). For consistence, we count a SYN+ACK segment (i.e., a segment with both SYN bit and ACK bit set to 1) as a SYN message. (Of course, a SYN segment is also counted as a SYN segment). Getting this state information correct is the most important part of your program. We are especially interested in the complete TCP connections for which we see at least one SYN and at least one FIN. For these complete connections, you can report additional information, as indicated in the following. the starting time, ending time, and duration of each complete connection
1
35 • the number of packets sent in each direction on each complete connection, as well as the total
36 packets
37 • the number of data bytes sent in each direction on each complete connection, as well as 38 the total bytes. This byte count is for data bytes (i.e., excluding the TCP and IP protocol 39 headers).
40 Besides the above information for each TCP connection, your program needs to provide the 41 following statistical results for the whole trace data:
42 • the number of reset TCP connections observed in the trace
43 • the number of TCP connections that were still open when the trace capture ended
44 • the number of complete TCP connections observed in the trace
45 • Regarding the complete TCP connections you observed:
46 – the minimum, mean, and maximum time durations of the complete TCP connections
47 – the minimum, mean, and maximum RTT (Round Trip Time) values of the complete 48 TCP connections
49 – the minimum, mean, and maximum number of packets (both directions) sent on the 50 complete TCP connections
51 – the minimum, mean, and maximum receive window sizes (both sides) of the complete 52 TCP connections.
53 As a guideline for output format, please follow the output format of this project shown in 54 outputformat.pdf.
55 3 Deliverables and Marking Scheme
56 For your final submission of your assignment, you are required to submit your source code. You 57 should include a readme file to tell TA how to run your code.
58 Zip your assignments (code) as one tar file using %tar -czvf on linux.csc.uvic.ca.
59 The marking scheme is as follows (refer to outputformat.pdf as well):
Components
Weight
Total number of connections
25
Connections’ details
30
General Statistics
20
Complete TCP connections:
20
Readme.txt, code style
5
60
Total Weight
100
61 4 Plagiarism
62 This assignment is to be done individually. You are encouraged to discuss the design of your solution 63 with your classmates, but each person must implement their own assignment.