pith. sign in

arxiv: 1907.02323 · v1 · pith:VBPLJIUWnew · submitted 2019-07-04 · 💻 cs.NI · cs.LG

DeePCCI: Deep Learning-based Passive Congestion Control Identification

Constantin Sander , Jan R\"uth , Oliver Hohlfeld , Klaus Wehrle This is my paper

Pith reviewed 2026-05-25 09:04 UTC · model grok-4.3

classification 💻 cs.NI cs.LG
keywords congestion control identificationdeep learningpassive measurementencrypted trafficQUICnetwork performance analysismachine learning for networking
0
0 comments X

The pith

A deep learning model identifies congestion control variants from packet arrival times alone.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper presents DeePCCI, a method that trains a deep learning model solely on packet arrival traces from known congestion control variants and then classifies new flows. The model needs no hand-crafted features, behavioral rules, or access to transport headers, so it works on encrypted traffic including QUIC. A sympathetic reader would care because it removes the requirement for detailed protocol expertise when studying which congestion controls are active in real networks. The approach therefore supports measurement of variant deployment and its performance effects without the limitations of prior passive techniques.

Core claim

DeePCCI is a passive identification approach that uses deep learning to classify congestion control variants. It trains exclusively on packet arrival data from each variant and requires no additional domain knowledge. Because it operates only on arrival times, the method applies directly to flows whose transport headers are encrypted.

What carries the argument

A neural network that takes sequences of packet arrival times as input and outputs the congestion control variant label.

If this is right

  • Identification becomes possible for encrypted flows where header inspection is unavailable.
  • New variants can be supported simply by collecting their packet traces and retraining the model.
  • The method extends to QUIC traffic without modification.
  • Network studies can correlate observed performance with the identified variant without relying on outdated behavioral assumptions.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Large-scale passive traces could be labeled automatically to map variant usage over time and geography.
  • Real-time detection in operational networks becomes feasible if the model runs on live arrival streams.
  • The technique might be paired with other measurements to study how variant choice affects loss and delay.

Load-bearing premise

Packet arrival patterns produced by each congestion control variant stay distinguishable across varied network paths and conditions even without any domain-specific features.

What would settle it

A collection of real-world flows whose congestion control variant is independently verified through endpoint information or active tests, yet the model assigns the wrong label to most of them.

Figures

Figures reproduced from arXiv: 1907.02323 by Constantin Sander, Jan R\"uth, Klaus Wehrle, Oliver Hohlfeld.

Figure 1
Figure 1. Figure 1: Architecture of DeePCCI. Captured packets are at [PITH_FULL_IMAGE:figures/full_fig_p003_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: F1 scores for single and multi-host network w.r.t. bandwidth and delay. [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: F1 scores for single and multi-host network after [PITH_FULL_IMAGE:figures/full_fig_p005_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: F1 score w.r.t. flow duration for single and multi [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
read the original abstract

Transport protocols use congestion control to avoid overloading a network. Nowadays, different congestion control variants exist that influence performance. Studying their use is thus relevant, but it is hard to identify which variant is used. While passive identification approaches exist, these require detailed domain knowledge and often also rely on outdated assumptions about how congestion control operates and what data is accessible. We present DeePCCI, a passive, deep learning-based congestion control identification approach which does not need any domain knowledge other than training traffic of a congestion control variant. By only using packet arrival data, it is also directly applicable to encrypted (transport header) traffic. DeePCCI is therefore more easily extendable and can also be used with QUIC.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 0 minor

Summary. The manuscript presents DeePCCI, a passive deep-learning approach to identify congestion-control variants from packet-arrival traces alone. It claims that training on variant-specific traffic is sufficient, that no additional domain knowledge or hand-crafted features are required, and that the method remains applicable to encrypted flows (including QUIC) because only arrival times are used.

Significance. A reliable arrival-time-only classifier would simplify large-scale passive measurement of CC deployment in encrypted networks and ease extension to new variants. The approach is credited for avoiding explicit behavioral assumptions and for its potential extensibility, but these advantages remain conditional on demonstrated generalization.

major comments (2)
  1. [Abstract] Abstract: the central claim that the method 'does not need any domain knowledge other than training traffic' and 'is also directly applicable to encrypted traffic' is presented without any reported datasets, baselines, accuracy figures, or cross-traffic experiments, so it is impossible to judge whether the data or method supports the claim.
  2. [Method (implied by abstract description)] The load-bearing assumption that packet-arrival patterns learned from controlled traces remain separable under real-world cross-traffic, path changes, and encryption-induced loss of header information receives no robustness analysis or distribution-shift discussion; any mismatch between lab traces and live conditions directly falsifies the 'no domain knowledge needed' guarantee.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive comments. We address each major point below and indicate where revisions will be made to improve clarity and support for the claims.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the central claim that the method 'does not need any domain knowledge other than training traffic' and 'is also directly applicable to encrypted traffic' is presented without any reported datasets, baselines, accuracy figures, or cross-traffic experiments, so it is impossible to judge whether the data or method supports the claim.

    Authors: We agree that the abstract would be strengthened by including key quantitative results. The body of the manuscript reports evaluation on multiple datasets (including encrypted QUIC flows), baseline comparisons, and accuracy figures. We will revise the abstract to incorporate representative performance metrics and a brief reference to the experimental evaluation. revision: yes

  2. Referee: [Method (implied by abstract description)] The load-bearing assumption that packet-arrival patterns learned from controlled traces remain separable under real-world cross-traffic, path changes, and encryption-induced loss of header information receives no robustness analysis or distribution-shift discussion; any mismatch between lab traces and live conditions directly falsifies the 'no domain knowledge needed' guarantee.

    Authors: The manuscript includes evaluation across varied traces to support separability from arrival times alone. We acknowledge that an explicit discussion of distribution shift and robustness to real-world conditions (cross-traffic, path changes) would better substantiate the claims. We will add a dedicated paragraph in the discussion section addressing these aspects and any observed limitations. revision: yes

Circularity Check

0 steps flagged

No circularity: method is data-driven classification with no self-referential derivations

full rationale

The paper describes a supervised deep learning classifier trained on external packet-arrival traces of known congestion-control variants. No equations, first-principles derivations, or parameter-fitting steps are presented that would reduce the output classification to the inputs by construction. The central claim (identification from arrival times alone, applicable to encrypted traffic) rests on the empirical performance of the trained model rather than on any self-definition, fitted-input renaming, or load-bearing self-citation. Generalization to unseen traffic is an empirical question, not a circularity issue.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

The central claim rests on the empirical assumption that packet arrival timing alone contains sufficient distinguishing information for a neural network to learn congestion control variants from labeled examples.

pith-pipeline@v0.9.0 · 5650 in / 1067 out tokens · 61349 ms · 2026-05-25T09:04:40.747159+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

26 extracted references · 26 canonical work pages · 2 internal anchors

  1. [1]

    Cardwell, Y

    N. Cardwell, Y. Cheng, C. S. Gunn, S. H. Yeganeh, and V. Jacobson. 2016. BBR: Congestion-Based Congestion Control. ACM Queue 14, 5 (2016)

    work page 2016

  2. [2]

    Casagrande, F

    G. Casagrande, F. Granelli, and D. Miorandi. 2011. TCPMoon: Monitoring the Diffusion of TCP Congestion Control Variants in the Internet. In IEEE ICC

    work page 2011

  3. [3]

    M. Dong, T. Meng, D. Zarchy, E. Arslan, Y. Gilad, B. Godfrey, and M. Schapira

    work page

  4. [4]

    In USENIX NSDI

    PCC Vivace: Online-Learning Congestion Control. In USENIX NSDI

    work page

  5. [5]

    Gettys and K

    J. Gettys and K. Nichols. 2011. Bufferbloat: Dark Buffers in the Internet. ACM Queue 9, 11 (2011)

    work page 2011

  6. [6]

    S. Ha, I. Rhee, and L. Xu. 2008. CUBIC: A New TCP-friendly High-speed TCP Variant. ACM SIGOPS Oper. Syst. Rev. 42, 5 (2008)

    work page 2008

  7. [7]

    D. H. Hagos, P. E. Engelstad, A. Yazidi, and Ø. Kure. 2018. Recurrent Neural Network-Based Prediction of TCP Transmission States from Passive Measure- ments. In IEEE NCA

    work page 2018

  8. [8]

    K. He, X. Zhang, S. Ren, and J. Sun. 2016. Deep Residual Learning for Image Recognition. In IEEE CVPR

    work page 2016

  9. [9]

    Hochreiter and J

    S. Hochreiter and J. Schmidhuber. 1997. Long Short-Term Memory. Neural Computation 9, 8 (1997)

    work page 1997

  10. [10]

    M. Hock, R. Bless, and M. Zitterbart. 2017. Experimental Evaluation of BBR Congestion Control. In IEEE ICNP

    work page 2017

  11. [11]

    Ioffe and C

    S. Ioffe and C. Szegedy. 2015. Batch Normalization: Accelerating Deep Network Training by Reducing Internal Covariate Shift. In ICML

    work page 2015

  12. [12]

    Iyengar and M

    J. Iyengar and M. Thomson. 2019. QUIC: A UDP-Based Multiplexed and Secure Transport. Internet-Draft draft-ietf-quic-transport-18

    work page 2019

  13. [13]

    Jacobson

    V. Jacobson. 1988. Congestion Avoidance and Control. In ACM SIGCOMM

    work page 1988

  14. [14]

    Jaiswal, G

    S. Jaiswal, G. Iannaccone, C. Diot, J. Kurose, and D. Towsley. 2004. Inferring TCP Connection Characteristics Through Passive Measurements. In IEEE INFOCOM

    work page 2004

  15. [15]

    D. P. Kingma and J. Ba. 2014. Adam: A Method for Stochastic Optimization.CoRR (2014). http://arxiv.org/abs/1412.6980

    work page internal anchor Pith review Pith/arXiv arXiv 2014

  16. [16]

    Lantz, B

    B. Lantz, B. Heller, and N. McKeown. 2010. A Network in a Laptop: Rapid Prototyping for Software-defined Networks. In ACM HOTNETS

    work page 2010

  17. [17]

    LeCun and Y

    Y. LeCun and Y. Bengio. 1998. The Handbook of Brain Theory and Neural Networks. Chapter Convolutional Networks for Images, Speech, and Time Series

    work page 1998

  18. [18]

    J. Nagle. 1984. Congestion Control in IP/TCP Internetworks . RFC 896

    work page 1984

  19. [19]

    Oshio, S

    J. Oshio, S. Ata, and I. Oka. 2009. Identification of Different TCP Versions Based on Cluster Analysis. In IEEE ICCCN

    work page 2009

  20. [20]

    Padhye and S

    J. Padhye and S. Floyd. 2001. On Inferring TCP Behavior. In ACM SIGCOMM

    work page 2001

  21. [21]

    V. Paxson. 1997. Automated Packet Trace Analysis of TCP Implementations. In ACM SIGCOMM

    work page 1997

  22. [22]

    J. Rüth, I. Poese, C. Dietzel, and O. Hohlfeld. 2018. A First Look at QUIC in the Wild. In PAM

    work page 2018

  23. [23]

    T. N. Sainath, O. Vinyals, A. Senior, and H. Sak. 2015. Convolutional, Long Short-Term Memory, fully connected Deep Neural Networks. In IEEE ICASSP

    work page 2015

  24. [24]

    Very Deep Convolutional Networks for Large-Scale Image Recognition

    K. Simonyan and A. Zisserman. 2014. Very Deep Convolutional Networks for Large-Scale Image Recognition. CoRR abs/1409.1556 (2014)

    work page internal anchor Pith review Pith/arXiv arXiv 2014

  25. [25]

    P. Yang, J. Shao, W. Luo, L. Xu, J. Deogun, and Y. Lu. 2014. TCP Congestion Avoidance Algorithm Identification. IEEE/ACM Transactions on Networking 22, 4 (2014)

    work page 2014

  26. [26]

    Yin Zhang, Lee Breslau, Vern Paxson, and Scott Shenker. 2002. On the Character- istics and Origins of Internet Flow Rates. In ACM SIGCOMM

    work page 2002