Initially, Active Queue Management (AQM) were designed to minimize the the impact of network trac and high latency. The rst congestion scheme that im-plemented AQM was introduced by Floyd is called Random Early Detection (RED) algorithm [173]. Later on, this issue has been extensively addressed.
According to Drop Tail algorithm TCP protocol detects congestion only after a packet has been dropped from the queue. Keeping large queues full most of the time will signicantly increase the delays. It is very important to have mechanisms that maintain a high overall throughput and at the same time maintain a low average queue size as possible. Furthermore, it is not necessary to keep queues completely empty all the time in order to maximize the throughput. Since this will result in under utilization of the link. Thus, the goal is to have high throughput and small queuing delay. Consequently, the queue length should be kept suciently small.
Additionally, drop tail considers two queue approaches that can be applied when the queue becomes full. They are: (i) random drop on full [200] and (ii) drop front on full [334]. Both approaches solve lock out problem, but neither of them solves full queue problem.
In order to fulll the above goal, several AQM algorithms were proposed. The main objective of these algorithms is the early detection of network congestion and dropping packets before the network throughput is inuenced. Nonetheless, this inuence depends on the quality of service to be delivered by the network.
AQM algorithms utilize various metrics in order to estimate the network con-gestion. Thus, some AQM algorithms involve congestion metrics like: queue length, load, both queue length and load, loss rate, etc. Other algorithms use those metrics along with ow information to analyze and control congestion more accurately.
Broadly, AQM algorithms are classied into two classes: reactive and proactive [312]. Following, a brief description of these classes:
5.2.1 Reactive AQM Algorithms
The goal of reactive AQM algorithms is congestion avoidance by active early detec-tion of and reacdetec-tion to congesdetec-tion. The status of current congesdetec-tion determines the decisions on the actions to be taken. According to the criteria on which the decision is made whether to drop packets from the queue or not, whenever a congestion is occurred, four strategies of queue management can be identied:
Average queue length-based algorithms
In this class of reactive AQM algorithms, the dropping decision is based on the observed average queue length. Algorithms in this class can be divided further based on whether or not the algorithm provides a fairness on distribution of the available bandwidth over the active data ows. RED [173] is the basis of all algorithms in this class of AQM. Other algorithms of this class, for example, ARED [329], FRED [241], CHOKe [282].
Packet loss and link utilization-based algorithms
The algorithms of this class use packet loss and link utilization for performing active queue management rather than using the instantaneous or average queue lengths.
A single probability p is maintained, which is used to drop packets when they are queued. In case such as buer overow the queue is continually dropping, p is incremented which increasing the rate of sending back congestion notication. In the other hand, if the queue becomes empty or if the link is idle, p is decremented.
Member algorithms of this class are, for example, BLUE and SFB [169], SFED [221], YELLOW [245], etc.
Class-based algorithms
These algorithms treat the incoming packet depending on its class. In general, there are many possible class denitions, but in practice, it is common the incoming pack-ets are categorized based on their transport protocol (i.e., TCP or UDP). Usually, for every non-TCP class, a threshold is dened, to limit the maximum number of packets a certain class can have in the queue. The Class-Based Threshold (CBT) [284] and Dynamic CBT (DCBT) [117] are members of this class of AQM algorithms.
Control theory-based algorithms
The algorithms of this class are based on the classical control theory techniques.
These AQM algoritms attempt to maintain the instantaneous queue length as close as possible to a desired value (reference input). PI-controller [202] and Adaptive Virtual Queue (AVQ) [225] are examples of this class of AQM.
Hybrid-based algorithms
They make use of the benets of each class to improve the drawbacks of another class group. Examples of this class of algorithms are: Random Early Marking (REM) [231], Stabilized Virtual Buer (SVB) [151] and RaQ [330].
5.2.2 Proactive AQM Algorithms
The congestion prevention is the aim of proactive AQM algorithms which use intelligent and proactive dropping of packets. The expected congestion determines the decisions on the being taken actions. Examples of this type are: GREEN [116]
and PAQM [311].
AQM algorithms provide an early detection of network congestion. In addi-tion, several AQM algorithms perform ow-based ltering and throttle ows which experience abnormal behavior, for example:
• SRED [281] identies ows that are taking more than their fair share of band-width and allocates a fair share of bandband-width for all ows;
• RRED [356] detects DoS ows and throttle those detected attack ows (RRED used to defend against low rate DoS); and
• Lin et al. [240] proposed a priority queue-based scheme to defend a gains DDoS attacks and compared the proposed scheme with Droptail and RED schemes.
Furthermore, Albiz in [26] considered AQM algorithms as a tolerance mechanism in his taxonomy of defense mechanisms of DoS attacks.
In Table 5.1, we give a summary of the important features of popular AQM algorithms.