Friday, July 2, 2010

There is a bandwidth hogger in my computer

I'm reading: There is a bandwidth hogger in my computerTweet this!

A couple of weeks ago we distributed our beta version of PerfProtector among a group of beta testers around the world.

Prior to running PerfProtector by the beta testers, we questioned them regarding some performance problems that they recently encountered.
Some beta testers reported that although they have a very fast Internet connection, they encountered some inconsistent slowdown in their connections - they had good hours but also very bad hours where they couldn't even check their e-mails. This problem wasn't location-specific.

After several hours of monitoring the beta testers machines, we got urgent e-mails from almost all of the slow-connected users. All of them said that PerfProtector identified a single process as the source of the major decrease in their Internet performance: the ultimate hogger was Skype.
All of these users had a public IP address and a relatively good Internet connection.

Well, it isn't such a big surprise since Skype is known to be a bandwidth hogger but the interesting thing was that PerfProtector detected Skype as a huge threat to the performance, almost simultaneously on all of the machines. As a matter of fact, it got the maximum abnormality score: a perfect 100.

In order to reproduce the problem, we set up a Windows XP machine with a public IP address in our lab.
We installed Skype version and monitored the machine with PerfProtector.

After one day, our Internet connection became a bit slower and PerfProtector identified Skype as the source of the problem.
After two days, it became much slower and all websites were uploaded very slowly.
After four days we couldn't surf to any website or use our mail client - the machine was hogged to death!

The graph of the number of Internet connections that Skype used in our machine during a period of nine days illustrates the problem

We can see how bad  things became over time and why our machine was completely blocked due to Skype abnormal behavior.
Hundreds of Internet connections, almost all our upload bandwidth, most of our download bandwidth - the result is a completely hogged machine. Skype indeed takes no prisoners...

The reason for that behavior is well-known: you have a machine with a public IP and a  fast internet connection. Your machine is online for hours and therefore you become a perfect Skype supernode candidate. Skype needs supernode machines in order to maintain its network and enable calls to/from users that are, for example, behind NAT or proxy.
This communication architecture is acceptable as long as it doesn't affect the performance of the supernodes machines. However, as we can see in our recent experiment, Skype has no limits and its greedy behavior just killed our machine.

What can be done?
It is possible to prevent the Skype client from being a supernode. This way, it will be limited to maintain only a few network connections.
However, if everyone will disable the supernode functionality the Skype network will die and no one will be able to make calls. Skype can't exist without supernodes.
This problem of hogging the bandwidth by Skype is known for a long time.,We think that Skype could have  solved this problem but it still continues to hog and affect dramatically the performance of machines around the world.
Skype is a commercial company - it has a business to maintain, it has clients and it has competitors. Skype has to solve the problems that it causes otherwise it won't have clients. As simple as that - unhappy customers can use other products.

Conclusion, until Skype solves this acute problem, we recommend to disable the Supernode functionality from every machine

How to solve this problem using PerfProtector?
The solution is very simple, while you are in the main dashboard of PerfProtector, right-click on the Skype alert and choose "Apply the Disable Supernode Functionality". That's it. From now on you won't be a supernode anymore.

How to solve this problem manually (on Windows machines)?
1. Copy the following text and save it as "DisableSkypeSupernode.reg" :

Windows Registry Editor Version 5.00

2. Double-click on the saved file. You should get a message box that is similar to this one:

 Choose "Yes"

3. You are done. You should get a message box that is similar to this one:

4. Reboot your machine


I'm reading: There is a bandwidth hogger in my computerTweet this!

Who are we?

I'm reading: Who are we?Tweet this!

Our team developed a novel anomaly detection system that monitors the processes in the user's machine and identifies abnormal behavior. The system uses patent protected mathematical algorithms and it is distributed as a freeware.

This system protects the machine by keeping the overall performance optimal - it makes sure that all processes behave normally  without causing problems that may affect the resources of the machine - for example,  hogging the network bandwidth, excessive resource usage (disk, memory, cpu) and more.

Our idea is that by combining our tools with the public knowledge the users have, we can improve the tools and create better methods that are constantly updated.
This way, the users of the system will get a free system, and by contributing their knowledge, the system will improve its detection over time. This way, we create a network of knowledge.

How does PerfProtector works?
Once installed in the client machine, PerfProtector starts its short training phase (about 20 minutes). During the training phase, PerfProtector collects and analyzes several statistics from each active process. Then, it builds a normal profile for each process.
At the end of the training phase, PerfProtector switches automatically to the testing phase. During this phase, PerfProtector monitors and analyzes in realtime the statistics of each process and it looks for deviations from the previously built normal behavior. 

These deviations are constantly scored according to their abnormality levels. The user can see in realtime the score of each process. The system displays automatically alerts regarding the most problematic processes.

In the following image we see a screenshot of the system.
The system presents:
On the upper section - the overall CPU and memory usage
On the middle section - the per-process statistics including the abnormality score for each process
On the lower section - the log of the major abnormality alerts including the duration of the abnormal behavior, the overall abnormality score of the anomalous process and individual abnormality scores for each statistic of this process

 Then, by combining the network of knowledge, the system suggests a solution that will improve the performance of the user's machine.

Couple of weeks ago we distributed our beta version of PerfProtector among a group of beta testers.
This was the first time that the system was running simultaneously on users machines in the US, in Europe and in Asia.

On the following posts, we will give some interesting events that PerfProtector detected around the world.

I'm reading: Who are we?Tweet this!