Can SDN controller based NSCs help improve user experience of
Can SDN controller based NSCs help improve user experience of online games? Capstone Research Paper April 30, 2015 Faculty Advisor: Mark Dehus Professor University of Colorado Boulder Shrinidhi Bhat Gauri Kanitkar Pavithra Kannan Sandeep Nair Interdisciplinary Telecom Program University of Colorado Boulder Industry Advisor: Scott Hogg CTO Global Technology Resource Inc. week. Out of these respondents, 68% of online gamers play every day [Fig1][2]. Abstract - Latency is an important aspect that affects online gaming traffic. According to a survey that we conducted, 71% of gamers claimed that their gaming experience is affected by latency issues. One way of mitigating latency is by changing the way traffic is prioritized in data centers. In our research, we have implemented Software Defined Networking (SDN) based network service chaining (NSC) on VMware platform. We have built a virtualized service chain that can be deployed in any data center architecture in order to improve the latency issues faced by online gamers. This NSC improves uptime of gaming servers by securing them against SYN flood Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks using a Python code. Our innovation lies in successfully implementing an OpenDayLight (ODL) SDN controller to manage an Open vSwitch (OVS) installed on a Virtual Machine (VM) and dynamically adding flows to allow and deny traffic. We have also proposed two Peer-to-Peer (P2P) architectures that would help reduce latency and enhance user gaming experience. Thus, through our research we have innovatively implemented an SDN based secured NSC on a VMware platform and proposed new P2P gaming architectures as a solution to improvise how gaming traffic is served in data centers. Fig. 1. Frequency at which online games are played [Survey Result] [2] Keywords - SDN; ODL; OVS; latency I. INTRODUCTION 77% of respondents invest more than an hour in a gaming session [Fig2][2]. These statistics reiterate the fact that the online gaming industry has a very high demand. This makes it essential that user experience for online games is should be improved in order that this industry keeps at par with its increasing requirement for high quality. A. Statement of the Problem Online gaming is a popular form of entertainment. The online gaming industry has grown steadily over the past decade [1]. According to an online survey that we conducted, 52% of respondents play online games multiple times a 1 concentrated on prioritizing the service of gaming traffic entering into a data center over any other type of traffic. We have built a Network Service Chain by chaining different network elements. The service chain that we have built is fully virtualized and is implemented on a VMware ESXi 5.5 hypervisor [3] [Fig5]. We have separated management and data traffic flowing through the inherent VMware vDistributed Switch (vDS). We have configured our virtual network such that the OVS switches the data traffic flowing through the VMware hypervisor while vDS switches the management traffic. The service chain consists of different network components like a data center entry point router, a data scrubber that sniffs traffic, an Open vSwitch 2.3.1, an SDN controller (OpenDayLight – Helium), and content distribution servers. These network functions are implemented on separate virtual machines that are configured to form a network service chain. The traffic from the entry point router is port mirrored into the data scrubber and the OVS. The scrubber then sniffs packets to identify latency sensitive traffic and provides XML input to ODL which is used to create flows. ODL pushes flows tagged as high priority into the OVS. OVS plays the most important role in switching the traffic such that latency sensitive traffic gets the highest priority. Thus, through our research we have innovatively implemented an SDN based network service chain on a VMware platform as a solution to improve the way latency sensitive traffic is serviced in a data center. We have stated the results of the same in section IV. Fig. 2. Length of online gaming sessions [Survey Result] [2] User experience of online games depends upon a number of factors. Some of the major factors are latency, blurry graphics, session loss, and bandwidth congestion. Our survey revealed that 71% of respondents believed that their user experience suffered due to latency issues [Fig3][2]. Online gaming traffic is extremely sensitive to latency. For example, in a First Person Shooter [FPS] game, if there is lag between a gamer shooting a bullet at his/her target, the bullet might reach its target after the target has moved. This would drastically affect user gaming experience. Another critical problem that can mar user gaming experience is downtime of gaming servers. A data center hosting gaming servers can face downtime caused due to DoS or DDoS attacks. Through our NSC, we have also built a mechanism to block SYN flood DoS and DDoS attempts directed to internal servers thereby guaranteeing a prolonged uptime and enhanced user experience. SYN flood DoS attack affects hosts that are running TCP server processes [4]. The SYN flood method exploits the state retention feature of TCP after a SYN packet has been received on a port that has been put into LISTEN state [4]. In our research, we have also conducted a qualitative analysis to propose a peer-to-peer (P2P) gaming architecture. As per our survey results, 56% respondents prefer to play online games with friends [Fig4][2]. Therefore, in this research paper, we propose a P2P gaming architecture for gamers who wish to play with known contenders within vicinity and a cloud based P2P server model for known contenders who are located in remote locations. This gaming model aims at improving the gaming experience of its participants by building a P2P tunnel between two or more known gamers. Fig. 3. Issues faced by gamers while playing online games [Survey Result] [2] B. Research Question It is necessary to mitigate the latency observed for gaming traffic in order to enhance user gaming experience. In our research, we have defined our scope to mitigate latency for gaming traffic once it enters a data center environment where gaming servers are located. Different types of traffic enter into data centers depending on the content that is hosted on the servers. In our research, we have 2 used) and created flows on ODL controller to allocate priority for gaming traffic. Many companies are providing virtual services like Amazon’s EC2 [8], S3 [9], Route 53 [10] and Microsoft’s Azure [11]. These services can be expanded or reduced as per the user’s requirement. This ensures optimum usage of network resources. Microsoft Azure’s white paper explains the implementation of network security by customer infrastructure isolation [11]. Network security is accomplished in Azure using a distributed virtual firewall [11]. Our research aims at achieving network security by mitigating SYN flood based DoS and DDoS attacks. A python code on the scrubber checks the packets for SYN flood based DoS and DDoS attacks and mitigates it by creating a flow with implicit deny for such packets in the controller. Fig. 4. User choice for who they like to play online games with [Survey Result] [2] In this research paper, section II summarizes the literature review that we conducted for this research. In section III, we define the research methodology that was adopted during this research; section IV and V states the results and conclusions drawn from performance analysis tests of the NSC that we built. Section VI concludes and describes ideas for future research. II. Massive networks are often adversely affected by DoS and DDoS attacks. Security issues associated with SDN networks is identified in [12]. SDN networks are more flexible but with flexibility comes vulnerability. Some of the vulnerabilities for SDN controllers include intrusion and Distributed Denial of Service (DDoS) attacks [12]. This paper also suggests various techniques to identify and mitigate these attacks. The mitigation measures suggested include machine learning techniques such as Neural Networks, Bayesian Network, Support Vector Machine, Genetic Algorithm and Fuzzy Logic. In our research, we have implemented SYN flood based DoS and DDoS mitigation using a python code. The code is used for detection of TCP SYN packets received above a certain threshold value within a particular time interval. These packets are dropped by the OVS via a deny flow. Thus, DoS and DDoS attacks are detected and no traffic is allowed to flow through the network. LITERATURE REVIEW Packet prioritization is an important parameter which needs to be considered for gaming networks. Delay in gaming traffic affects the user’s gaming experience. A relation between game-playing time and network QoS is explained in [5]. The existing state of the art for addressing this problem is explained briefly in [6]. It uses a combination of statistical multiplexing and QoS is used to aggregate multiple flows and prioritize the bundle [6]. Resource reservation is performed for this aggregate [6]. In our research, we have prioritized the packets depending upon flow priority. We have created a single flow on the ODL for similar type of packets. A single flow for the aggregate makes prioritization easier and less time consuming. Latency issues are of high concern in online games which use client-server architecture. It can be reduced using peer-to-peer communication. A process known as UDP hole punching is explained in [13]. Using UDP hole punching, a peer-to-peer tunnel is set up between multiple users avoiding further communication with centralized server [13]. The process of UDP hole punching is related to section 5.1 of RFC 3027 [14]. In this process, the users register to a centralized server using connect messages. The server then shares the IP address and port number of a user to all the other peers. Thus, users can form a peer-to-peer tunnel based on this information thus eliminating the need of centralized server for further communication. In our research, we propose using a SDN controller which gathers this information and helps in the formation of a peer-to-peer tunnel. Virtualization of network devices has changed the perception of network design and implementation. The current state of art is explained briefly in [7]. The paper introduces the concept of “Hypernet gaming” which is a term coined for games that run on dynamically deployed SDN game servers [7]. These game servers are optimally deployed depending on the requirement of gaming servers. The requirements mentioned are the number of gamers simultaneously connected to the gaming server and also, the graphics of the game being played [7]. Dynamically deploying game servers reduces latency. In our research, we are reducing delay in online gaming by using an SDN-based network architecture. We have sniffed gaming traffic from online multiplayer games to analyze their packets (ports All client-server architectures involve high latency as compared to direct client-client communication. The paper, “Peer-to-peer support for low-latency Massively 3 Multiplayer Online Games in the cloud”, proposes the use of cloud server in order to distribute the functionality of the gaming servers and avoid the client-server model [15]. The cloud center can act as a distributed gaming server and serve the gaming requests. This can reduce the RTT for the gaming traffic. To achieve peer-to-peer based Massively Multiplayer online games, the list of factors to be taken care of is discussed in [16]. It explains the need to distribute the gaming data on multiple gamer’s devices keeping the game consistent. In our qualitative analysis, we also propose the importance of these requirements for setting up a P2P tunnel for online gaming. III. OVS and the Server [Fig6][2]. On ‘Clients’ portgroup of the same, we have Client and Router; and on ‘InternalPortgroup1’ portgroup we have Router, OVS and Data Scrubber [Fig6][2]. RESEARCH METHODOLOGY A. Reducing latency through QoS In order that online gaming traffic suffers minimal latency, we have implemented an NSC on a VMware based platform. We have used VMware ESXi 5.5 as the hypervisor and VMware vSphere 5 for management purposes. The service chain consists of the following components [Fig5] – i. Client VM (Windows 8.1) ii. Server VM (Windows 8.1) iii. VM acting as router (running CentOS minimal) iv. Open vSwitch 2.3.1 on VM running CentOS minimal v. OpenDayLight Helium vi. VM acting as data scrubber (running CentOS minimal) Fig. 6. Virtualized Network Diagram The router is the entry point of the virtualized data center. We have implemented routing capability on the router by enabling IP forwarding. A Windows 8.1 machine acting as client is connected to the router. For our research, we have implemented the client VM on the virtual environment. In the real world, these clients would lie in the publicly routable world and will be routed to the data center via the internet. In order to emulate real world in our proof of concept, we have implemented NAT on the router VM. The client, therefore, has a private IP that can reach the data center by first getting a new (publically routable) IP with the help of the NAT functionality on the router. In order to play online games, users need to connect to a gaming server in their vicinity. Thus, they need to form a TCP connection with that gaming server. Different games use different ports for this purpose [17]. Thus, when a client (user) tries to connect to a gaming server in the data center, it is actually forming a TCP session with the gaming server. In our research, we analyzed the packets for the online game World of Warcraft (WOW) [18]. WOW uses port 1119 for TCP connections with its users [17]. Thus, gaming traffic can be identified by the destination port specified in the traffic frame. Similarly, a user might be accessing other data in the data center; for example, a social networking site. As the data center serves traffic in a random manner, latency sensitive traffic like gaming traffic is not given priority. In our research, we have deduced that if traffic destined towards the gaming server is prioritized over other types of traffic, like the HTTP traffic, then the latency experienced by gamers can be reduced. Fig. 5. VMware based NSC As shown in figure 6, we have implemented our architecture on the vDS of VMware vSphere. We constructed two vDS – the first one, vDS1, has uplinks connected to the actual physical Network Interface Card [NIC] and the other vDS, vDSInternal, has no uplinks specified [Fig6]. Thus, the second vDS is an ‘internal’ switch. We used an SDN controller – ODL and an OVS to give priority to gaming traffic entering a data center. In our implementation, we installed the OVS on a VM on the VMware ESXi hypervisor. In order to achieve traffic chaining, we separated data traffic and management traffic such that the data traffic was switched via the OVS while the management traffic was switched through the vDs. We built The vDS1 has the following VMs connected to its ‘Production’ portgroup – Router, ODL Helium, OVS, and Data Scrubber [Fig6][2]. The vDSInternal has the following VMs connected to the ‘InternalPortgroup2’ portgroup – 4 two bridges on the OVS and attached one Ethernet interface of the OVS VM to each bridge. After establishing the virtual network, we inserted flows into the OVS that gives priority to gaming traffic. These flows are inserted by the ODL after being inspected by the Python code on the data scrubber VM. The flows inserted on OVS are present on Github [19]. Data scrubber receives all the packets that are coming into the network. We have also connected the data scrubber to the ODL controller. Two python programs run in the background on Data Scrubber: We gave a higher priority to TCP traffic destined towards gaming port 1119 (WOW traffic) over the TCP traffic destined towards port 80 (HTTP traffic). We conducted experiments to test this setup and noted the results in section IV. 1. Code to install (Program1) flows into ODL controller 2. Code to detect SYN Flood based DoS and DDoS attacks. Delete the respective flows from ODL controller which would have allowed the packets belonging to DDoS attacks to the concerned server. Create a deny flow on OVS by ODL (Program2). B. Mitigating SYN Flood DoS and DDoS protection We ran program 1 continuously in the background on Data Scrubber to match the incoming packets to unique combination of [destination IP, destination port] so as to create flows on the ODL for the servers that are located within the Datacenter. These unique combinations are created based on a file received from OVS which has server to open port mappings. We have an HTTP server [X.X.X.X IP, 80 port] and Gaming server in the Datacenter [Y.Y.Y.Y IP, 1119 port]. Therefore, we have checked for these two combinations in the Python code using the sniff function provided by SCAPY module and two flows were created for these two combinations. We have not considered source IP and Source port when we create flows on ODL because it decreases the number of flows required to allow traffic through to the server. We have used SCAPY module of Python to capture incoming packets with these two combinations. SCAPY is an Open Source network programming language and is based on Python [20]. Other packet capture tools that could have been used are TCPDUMP and Wireshark. We used SCAPY, because it provided us objects with which we can work to make “if else” decisions in lesser lines of code. For example “a=sniff (function)” stored the packets that were caught within the object “a”. “a.sprintf” function was then used to make “if else” decisions. Here “sniff” and “sprint” are functions within the SCAPY module. Servers hosted inside data centers are vulnerable to DoS and DDoS attacks. This reduces the uptime for the services hosted on these servers. To mitigate this issue, we have implemented an ODL SDN Controller in our Data Center which allows legitimate traffic through the OVS and detects SYN flood based DoS and DDoS attacks. We have installed flows on ODL with respect to OVS in order to allow traffic through to servers within the data center. Flows are installed from Data Scrubber VM on Helium ODL using the REST API provided by Helium ODL. We have created flows which are uniquely identified using a combination of destination IP and destination port. A Python code is run in the form of a cron job, every ten minutes, on the OVS VM which detects the open ports on different internal servers using the nmap utility in linux. It creates a file which contains mapping of the server to its open ports and compares it to the file created ten minutes ago. If there was a change in the file it means that new ports have been opened or closed on servers or servers have been added or removed from the internal network. According to this information, the filter for sniffing traffic is adjusted, so that if a packet is received for any open port on any of the internal servers, a flow can be created by ODL on OVS for this packet to be allowed through to the server. Hence, the flow creation is dynamic in nature. The code for sniffing traffic and creating flows is explained in a later section. For http and gaming packets, we created XML files with hard coded values, which were: URN, flow-id, table-id, priority, Hard-timeout, idle-timeout, and ipv4-destination. These XML files denote flows that have been created on the ODL controller. The code passes the XML files as input to the CURL command which inserts flows into ODL controller [Fig7]. This was done only for the first packet that we received for a unique combination of destination port and destination IP. The subsequent packets for this combination does not create a flow on the ODL controller. This was achieved by doing a wget to the ODL controller to obtain the existing flows and compare the incoming packets to check if a flow already exists or needs to be created. We have also monitored incoming traffic to servers for preventing any SYN Flood based DoS and DDoS attacks on servers. We have done this by removing the existing flow on ODL controller to the server which would be under SYN Flood based DDoS attack. If a SYN flood based DoS attack is detected then a deny flow is installed on the OVS by ODL. Since the flows allowing traffic to the servers are identified by a unique combination of destination port and destination IP, the servers can be protected from SYN Flood based DDoS by removing the flow which allows traffic to the server. The servers can be protected from SYN flood based DoS attack by creating a deny policy with source IP as the IP address of the client which is detected to have performed the SYN flood based DoS attack. 5 C. Reducing latency through P2P architecture In order to improve online gaming user experience, we performed qualitative analysis of different network architectures that can reduce latency. Identifying which type of gaming architecture is useful to a user depends upon several parameters such as which type of online game does the user play, whom does the user like to play it with, and how geographically apart are the users located. Moreover, modification to the gaming architecture requires compatibility with user’s gaming device’s hardware specifications and the availability of internet resources. Hence, it is important to know the device’s CPU and memory specifications, the user’s internet speed and the availability of a graphics card. In order to identify the current trend of games played and the existing hardware possessed with the users, we conducted an online survey targeted towards online gamers. We used “SurveyMonkey” for creating the survey. The survey was published on social media websites such as Facebook (Gaming groups) and Twitter (Gaming league pages). After analyzing the survey results and based on the research on P2P architectures, we proposed two types of gaming architectures for decreasing latency. They are hole punching and peer-to-peer in cloud. Fig. 7. DoS and DDoS SYN flood mitigation SYN flood based DoS and DDoS attacks can cause loss of income and damage of reputation for companies hosting services on servers. We have used Ostinato tool to generate a SYN flood based DoS and DDoS attack. It is an open source packet generator tool. We generated a SYN flood DoS attack pattern, by generating 500 SYN packets from a client VM destined for server VM on port 80. We generated a SYN flood DDoS attack pattern, by generating 1000 SYN packets simultaneously from two client VMs destined for the same server on port 80. We have used a separate Python program (program 2) running in the background to catch any SYN Flood based DoS and DDoS attacks. The program catches these attacks for all (IP, port) combinations that exist within our internal server network. The sniff function of SCAPY module had a count of 500 packets for the unique combination of destination IP and destination port coming from a unique source IP for detecting SYN flood based DoS attack. For detecting a SYN flood based DDoS attack, SCAPY module had a count of 2000 packets for the unique combination of destination IP and destination port. We used an arbitrary count for triggering a situation which suggested a SYN flood DoS and DDoS attack. The python code ran only for a specific time period which can be set according to the definition of SYN Flood DoS and DDoS attack that we are considering. For example, if a DoS SYN flood attack is defined by 500 SYN packets per second to a particular server, then the python code will run for every one second and the threshold count will be 500 in the sniff function. If a DoS attack occurs with rate greater than 500 SYN packets per second then the python code will capture it and create a deny flow for this [destination IP, destination port, source IP] combination on ODL controller. This flow will then be pushed to the OVS. Similarly, to mitigate SYN flood DDoS attack, if 2000 SYN packets arrive per second for a particular combination of [destination IP, destination port] then the existing flow for this combination will be deleted from OVS so that no traffic is allowed through to the server. As a result, a SYN flood DoS and DDoS attack will be mitigated and would protect the server from being compromised thus maintaining the server uptime. Before hole punching, the user requests for playing online game starts with a connect message to the gaming server. Through this connect message, the gaming server collects information about public IP address and port number of the users. The gaming server can forward this information to the SDN controller to analyze the user details and accordingly insert flows on the user’s NAT router to punch a hole and form a peer-to-peer tunnel between the users public IP address. After hole punching, the user request will be forwarded directly to the peer, thereby reducing latency. This approach is beneficial when the users are in close vicinity. In client-server model, the entire game is accessed from a distant server. In cases where the users are far from each other, accessing information from a single distant server can lead to latency issues in online gaming. In order to overcome these delay issues, based on our qualitative analysis we suggest implementing a peer-to-peer in cloud architecture as described in [2]. The user requests for the game can be forwarded to the centralized game server. The centralized game server can provide input to the analysis engine which will determine the need of the peer-to-peer in cloud architecture. This analysis engine will then provide the details of the user to the SDN controller. The SDN controller will then locate the nearest cloud server for the user and insert flows in the cloud server to build P2P tunnel. Thus, the cloud servers can form P2P tunnel between themselves to exchange data. As per our qualitative analysis, the user device in P2P gaming architecture needs to support consistency of data 6 among users which requires CPU intensive operations. As there is no centralized gaming server to do this, the user device should have faster and better CPU processors and RAM memory to share the load [17]. In order to achieve scalability in P2P architecture, the users need to send update messages to each other [17]. Having P2P tunnels and cloud servers that are closer to the user can reduce the latency in sending these updates. IV. multiplayer games as opposed to single player game [Fig4][2]. About 56% of the respondents enjoy playing games with friends in vicinity and around 48% of them enjoy playing with friends in different geographic locations [Fig4][2]. Thus, we have a high number of respondents who would appreciate a P2P tunnel which can decrease latency in online gaming. As per the qualitative analysis performed for identifying P2P architecture that can reduce the latency for online gaming, we propose two types of gaming architectures. For players who want to play in the same city, we can implement a process known as ‘hole punching’ so that the players can communicate with each other over a P2P tunnel. For players who enjoy playing with players in different cities, we propose using P2P in cloud architecture. RESEARCH RESULTS For testing our setup for QoS, we established two parallel TCP connections from the client to the server. The server listened on ports 1119 and 80. We used iperf tool to transmit packets from client to server to both these ports for a fixed period of time [21]. Once the transmission was complete, we measured the number of packets that were processed through the OVS. We found out that in each run, more number of packets with destination port 1119 (gaming packets) were transmitted than the ones with destination port as 80. We have plotted the graph of number of packets processed with default and specific priority for ports 1119 and 80. Fig. 9. RAM capacity of user’s device [Survey Result] [2] Fig. 8. Research results for QoS flow prioritization Figure 8 explains that when traffic destined for ports 1119 (WOW traffic) and 80 (HTTP traffic) had default priorities (32768), the number of packets processed for both on OVS were random. Thus, the latency with respect to both these ports was random. However, when port 1119 was given a higher priority (50000), the number of packets processed on OVS for it were higher than for port 80. Hence, there was a definite decrease in latency for packets destined to port 1119. Fig. 10. CPU model of user’s device [Survey Result] [2] We were able to detect the adding or removing of servers within our internal network and adding or removing of open ports on servers to create flows dynamically on the OVS by ODL. We could mitigate SYN flood based DoS and DDoS attacks using the data scrubber. In order that the gamers PC can support P2P models, we observed results of the current hardware possessed by them. 88% of the respondents have more than or equal to 4GB of RAM and about 3/4th of the respondents have processors better than Intel i3 and AMD A6 [Fig9][Fig10][2]. About 45% of the respondents had external video graphics card which will help to enhance the graphics of the game [2]. In terms of internet connectivity, 38% of respondents have more than 10Mbps of internet subscription [2]. The observation from survey results suggest that 77% of the survey respondents play more than one hour per gaming session [Fig2][2]. 85% of the respondents like to play 7 V. DISCUSSION OF RESULTS Through our research, we are able to add flows to the ODL dynamically. As a result, a network administrator does not need to create flows on the OVS through ODL when a new server is provisioned or a new port is opened on an existing server in the data center. The data scrubber analyzed the incoming traffic inserted flows with high priority into the OVS. This helped in reducing latency for the gaming traffic. By having a correlation between the incoming traffic and the destination ports opened on the servers, we were able to allow and deny flows on the OVS. This inherently acted as a security feature and helped us in mitigating the SYN flood DoS and DDoS attacks. Based on the survey results, we concluded that most of the respondents would appreciate having a P2P tunnel for playing multiplayer online games. Also, the two methods of building P2P tunnel between gamers will reduce latency with respect to every gaming request. VI. Link to the survey [Online]. Available: https://www.surveymonkey.com/summary/WOO_2FE7665HDOw7_ 2FQE9eKTcV_2F0ke3WCHy93xiktoe0i8_3D [3] “vSphere 5.5 Release Notes,” https://www.vmware.com/support/vsphere5/doc/vsphere-esx-vcenterserver-55-release-notes.html, 07-Apr-2015. [Online]. Available: https://www.vmware.com/support/vsphere5/doc/vsphere-esx-vcenterserver-55-release-notes.html. [Accessed: 25-Apr-2015]. [4] W. Eddy, “RFC 4987 - TCP SYN Flooding Attacks and Common Mitigations,” Aug-2007. [Online]. Available: https://tools.ietf.org/html/rfc4987. [Accessed: 25-Apr-2015]. [5] K.Chen, P.Huang, C. Lei, "How Sensitive are Online Gamers to Network Quality??" Communications of the ACM, vol. 49, no. 11, pp. 34-38, Nov 2006. [6] P. Ghosh, K. Basu, and S. Das, “A cross-layer design to improve quality of service in online multiplayer wireless gaming networks,” in Broadband Networks, 2005. BroadNets 2005. 2nd International Conference on, Oct. 2005, pp. 813–822 Vol. 2 [7] S. Huang and J. Griffioen, “HyperNet games: Leveraging SDN networks to improve multiplayer online games,” in 2013 18th International Conference on Computer Games: AI, Animation, Mobile, Interactive Multimedia, Educational Serious Games (CGAMES), 2013, pp. 74–78. [8] Programming Amazon EC2. O’Reilly Media, 2011. [Online]. Available: http://aws.amazon.com/ec2/ [9] “Amazon Simple Storage Service.” [Online]. Available: http://aws. amazon.com/s3/ CONCLUSIONS AND FUTURE RESEARCH Through our research we successfully implemented a method to reduce latency experienced by users playing online games. We also implemented a way of increasing security and mitigating downtime of gaming servers caused due to malicious attacks like SYN flood based DoS and DDoS. Finally, through our qualitative analysis we propose two P2P gaming architectures which can possibly decrease latency and enhance user experience. [10] “Using Amazon Web Services for Disaster Recovery,” October 2014. [Online]. Available: https://media.amazonwebservices.com/AWS_Disaster_Recovery.pdf In order to protect server from SYN flood based DDoS attack, we have dropped this traffic on OVS by deleting any flow that might allow this traffic through the OVS to the server. Instead of this, SYN cookie method could be used, where the data scrubber itself replies to SYN requests from clients to verify if they are causing any SYN flood DDoS attacks. The effect on performance of this method in an SDN environment could be analyzed to experiment the improvement in game performance. [11] D. Chappell, “Introducing Windows Azure for IT Professionals.” [Online]. Available: http://download.microsoft.com/download/D/6/7/D670D322-5771409E-BF345B98496DEB0A/Microsoft_Press_ebook_Introducing_Azure_PDF.p df [12] J. Ashraf and S. Latif, “Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques,” in Software Engineering Conference (NSEC), 2014 National, 2014, pp. 55–60. For future research, our network service chain can be made compatible with IPv6. Further, the two P2P architectures that we have proposed can be practically implemented to analyze whether they can effectively be implemented to decrease latency experienced by users playing online games. [13] UDP Hole Punching. [Online]. Available: https://www.usenix.org/legacy/event/usenix05/tech/general/full_pape rs/ford/ford.pdf [14] M. Holdrege and P. Srisuresh, “RFC 3027 - Protocol Complications with the IP Network Address Translator,” https://tools.ietf.org/html/rfc3027, Jan-2001. [Online]. Available: https://tools.ietf.org/html/rfc3027. [Accessed: 25-Apr-2015]. VII. REFERENCES [1] [2] [15] R. Suselbeck, G. Schiele, and C. Becker, “Peer-to-peer support for low-latency Massively Multiplayer Online Games in the cloud,” in 2009 8th Annual Workshop on Network and Systems Support for Games (NetGames), 2009, pp. 1–2. A. Nijholt, T. Romao, and D. Reidsma, Advances in Computer Entertainment: 9th International Conference, ACE 2012, Kathmandu, Nepal, November 3-5, 2012, Proceedings. Springer, 2012. [16] G. Schiele, R. Suselbeck, A. Wacker, J. Hähner, C. Becker, and T. Weis, “Requirements of Peer-to-Peer-based Massively Multiplayer Online Gaming,” in Seventh IEEE International Symposium on 8 Cluster Computing and the Grid, 2007. CCGRID 2007, 2007, pp. 773–782. [17] “Configuring Router and Firewall Ports - Battle.net Support,” 23Apr-2015. [Online]. Available: https://us.battle.net/support/en/article/configuring-router-and-firewallports. [Accessed: 25-Apr-2015]. [18] “World of WarCraft.” [Online]. Available: http://us.battle.net/wow/ [19] Github code. [Online]. CAPSTONE/Capstone Available: https://github.com/CU-ITP- [20] “Scapy,” http://www.secdev.org/projects/scapy/, Aug-2007. [Online]. Available: http://www.secdev.org/projects/scapy/. [Accessed: 25Apr-2015]. [21] “Iperf - The TCP/UDP Bandwidth Measurement Tool,” https://iperf.fr/. [Online]. Available: https://iperf.fr/. [Accessed: 25Apr-2015]. 9
© Copyright 2024