Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intentional and Unintentional Denial-of- Service in Broadband Access Networks Dr. Jim Martin Associate Professor School of Computing Clemson University.

Published byLinda Cross Modified over 8 years ago

Similar presentations

Presentation on theme: "Intentional and Unintentional Denial-of- Service in Broadband Access Networks Dr. Jim Martin Associate Professor School of Computing Clemson University."— Presentation transcript:

1 Intentional and Unintentional Denial-of- Service in Broadband Access Networks Dr. Jim Martin Associate Professor School of Computing Clemson University jim.martin@cs.clemson.edu Website: http://www.cs.clemson.edu/~jmarty 1

2 Talk Overview Introduction Background Network Denial of Service (DoS) Example Research Projects – CyberTiger – Wireless HetNet 2

3 Clemson’s School of Computing To address the importance of computing throughout all fields, we evolved from a ‘Department’ to a ‘School of Computing’ with Three Divisions – Computer Science – Human Centered Computing – Visual Computing

4 Academic partners Business partners Government agencies Research & Medical centers Libraries, Museums Policy Biometrics Clouds, Clusters, Data centers Large facilities: turbine windmills, generators windmills, generators Sensors – river, forest, human, automotive, … human, automotive, … Analytics, Forecasting Access, Management Databases, File systems Data Intensive computing Mining Broadband access Campus test beds CybersecurityInternetworking Mobile and wireless systems Applications, Middleware, Systems Interfaces Mobile applications Software engineering Trustworthy computing Virtual environments Accessibility Human computer interaction Learning technologies Simulation and modeling Social computing Education, outreach, training EducationDiscoveryInnovation Clemson Computing Research Ecosystem Algorithms, Theory Computational science Digital Production Arts Eye tracking, Graphics High Performance Computing Visualization Expertise Organizations Scientific Instruments Computation Data Networking Software

5 Networking Lab’s Mission Vision Statement: – Computing and the Internet are converging – Traditional broadcast video (Cable/Satellite) is converging with the Internet – Networks are becoming more and more ‘heterogeneous’ – The scope of the lab’s interests is more than networking, it includes operating systems, distributed systems, secure and trustworthy systems, and next generation Internet. Collectively these define the term ‘cybersystems’ The networking group focuses on a range of problems that are at the heart of developing and analyzing emerging cybersystems. The mission of the lab is to support cutting edge research in cybersystems AND to train researchers to address the needs of the changing world.. 5

6 Background: Broadband Internet Access Wired technologies: – DSL, Cable, Fiber-to-the-home Wireless – 3G, WiMAX, 4G Trends – Bigger pipes (Comcast and Verizon both now offer 50 Mbps access connections!) Concern: the Internet works well because core routers serve thousands of flows at any given time. The behavior of one flow is insignificant. The concept applies at the access network. This is changing…. – Emerging wireless networks will involve multiple technologies (femtocells, 802.21 heterogeneous networks) Concern: wireless systems traditionally have been single, closed systems. Future systems will involve more open, cooperative wireless networks. 6

7 Network Denial of Service (shared medium access networks) 7 MAC Layer DoS: A DoS that leverages a MAC layer vulnerability. Example: a vulnerability of centralized broadband access schemes (like cable, WiMAX, and emerging 4G systems) have relatively inefficient methods for supporting low bandwidth upstream flows. Intentional DoS: A large number of 4G subscriber station’s are infected with malicious software that is part of a botnet. Unintentional DoS: In a cable access network, a subscriber consumes all available channel bandwidth causing ‘over-the-top’ VoIP calls (e.g., Vonage) by other subscribers to experience poor call quality.

8 Example Research Projects (intentional DoS) 8 “DoS Vulnerabilities in WiMAX networks” (R. Brooks, J. Martin, Student: J. Deng): Question: how sensitive is the choice of WiMAX system parameters to the effects of DoS attacks caused by infected subscriber computers? “Death by Scanning: Analysis of Worm-like Scanning in a cable network” (J. Martin, Student: Jordan Jueckstock) Question: what is the impact of the scanning activity of modern botnets such as Slammer and Conficker on a cable network?

9 CyberTiger Creative Inquiry Engage undergrads to work with PhD students on projects that develop applications that facilitate the study of large scale broadband wireless systems Current focus is building tools (server back end, smartphone apps) that provide a measurement and assessment capability of broadband cellular and WiFi data services Recent activities include a report to the FCC on the LACK of cellular infrastructure in SC outside of populated areas CyberTiger serves as a Honeypot – partnering with Clemson’s CCIT, the goals are: To entice and monitor bad guys to attempt to break in Detect infected smartphones on behalf of our user community One contribution of this work is the broader impact on society- we want to ensure everyone in the USA has equal access to measurably robust wireless services CyberTiger Creative Inquiry

10 Building Cooperative Heterogeneous Wireless Networks With Re-Configurable Devices 10 Internet Access Network Exit SmartPhone Global Resource Controller Autonomous Wireless Systems Open Spectrum Future handhelds will contain multiple radios that can be used concurrently AND that are reconfigurable. Future wireless networks will be heterogeneous with cooperative mechanisms in place (early examples are femtocells and WiFi off loading)

11 Results and Discussion – Spectral Efficiency Use Case 1 No co-operation between the two carriers Users use multiple static radios that can connect to its own carrier’s access technologies Use Case 2 Co-operation exists between the two carriers Reconfigurable radios are used to support access technologies implemented by the other carrier R. Amin, J. Martin, J. Deaton, L. DaSilva, A. Hussien, A. Eltawil, "Balancing Spectral Efficiency, Energy Consumption, and Fairness in Future Heterogeneous Wireless Systems with Reconfigurable Devices", To appear in the IEEE Journal on Selected Areas In Communications, 2013. J. Martin, R. Amin, A. Eltawil, A. Hussien, “Spectral Efficiency and Energy Consumption Tradeoffs for Reconfigurable Devices in Heterogeneous Wireless Systems”, Proceedings of the IEEE WCNC2012 Conference, (Paris, France, April 2012).

12 Simulation Topology Gateway Sink Node Stationary User 1 Stationary User 2 Mobile User 802.11e AP Start Stop 802.16e BS Rogue Users Topology Key  802.16e Coverage Radius: 1 Km  802.11e Coverage Radius: 150 m  # Stationary Users: 2  # Mobile User: 1  # Rogue Users: 0-30 (increments of 5)  Stationary/Mobile User Traffic: Downlink CBR TCP (From Sink Node to Stationary/Mobile User)  Rogue User Traffic: Uplink CBR UDP (From Rogue User to Sink Node) Talking points: Goal is for the 4G operator to benefit when using an open network Can a hierarchical allocation scheme work when faced with potential ‘DoS’ ?

13 Wrap Up…..Final Message Trends in Internet access networks: – Bigger pipes – Heterogeneous wireless networks These advancements are exposing new DoS concerns. – The impact of one user can be significant. – MAC layer vulnerabilities in emerging access networks, particularly in heterogeneous wireless systems, need to be studied. This motivates our research in intentional and unintentional DoS in broadband access networks. 13

14 Supplemental Slides 14

15 Simulation Details Stationary users 1 and 2 always use the 802.16e radio (400 seconds) – Receives infinite downlink traffic from Sink Node (15 Mbps TCP CBR Flow) Mobile user starts out using 802.16e radio (70 seconds), then uses 802.11e when it moves inside 802.11e coverage area (300 seconds) and finally switches back to 802.16e (30 seconds) when it moves outside of 802.11e coverage – However, due to Denial of Service attacks by the rogue users, if mobile user cannot connect to 802.11e even when it is in 802.11e coverage, it will fall back to 802.16e usage – Receives infinite downlink traffic from Sink Node (15 Mbps TCP CBR Flow) Rogue users always use 802.11e radio (400 seconds) – Impact of 3 different packet generation rates studied for rogue user UDP CBR traffic flows in uplink direction – 500 kbps, 1000 kbps, 1500 kbps Mobile User Traffic: – High Priority (over 802.11e) – CW Min = 7, CW Max = 15 Rogue User Traffic: – Low Priority – CW Min = 31, CW Max = 1023 (same as regular 802.11g CW Min and CW Max settings)

16 Simulation Results – Mobile User Throughput Talking points: preliminary results

Download ppt "Intentional and Unintentional Denial-of- Service in Broadband Access Networks Dr. Jim Martin Associate Professor School of Computing Clemson University."

Similar presentations

Requirements Based Evaluation of BPL for Power System Sensing, Command and Control Applications Erich W. Gunther EnerNex Corporation

Requirements Based Evaluation of BPL for Power System Sensing, Command and Control Applications Erich W. Gunther EnerNex Corporation
Workshop on Telecommunications for Disaster Relief, 17-19 February 2003, Geneva Dag Nielsen & Catherine Mulligan Ericsson Response WLAN in Disaster and.

Workshop on Telecommunications for Disaster Relief, February 2003, Geneva Dag Nielsen & Catherine Mulligan Ericsson Response WLAN in Disaster and.
IEEE INFOCOM 2004 MultiNet: Connecting to Multiple IEEE 802.11 Networks Using a Single Wireless Card.

IEEE INFOCOM 2004 MultiNet: Connecting to Multiple IEEE Networks Using a Single Wireless Card.
A Centralized Scheduling Algorithm based on Multi-path Routing in WiMax Mesh Network Yang Cao, Zhimin Liu and Yi Yang International Conference on Wireless.

A Centralized Scheduling Algorithm based on Multi-path Routing in WiMax Mesh Network Yang Cao, Zhimin Liu and Yi Yang International Conference on Wireless.
Detecting MAC Layer Back-off Timer Violations in Mobile Ad Hoc Networks Venkata Nishanth Lolla, Lap Kong Law, Srikanth V. Krishnamurthy, Chinya Ravishankar,

Detecting MAC Layer Back-off Timer Violations in Mobile Ad Hoc Networks Venkata Nishanth Lolla, Lap Kong Law, Srikanth V. Krishnamurthy, Chinya Ravishankar,
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
Rahul Amin, Dr. Jim Martin Clemson University, Clemson SC Contact:

Rahul Amin, Dr. Jim Martin Clemson University, Clemson SC Contact:
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CIF21) NSF-wide Cyberinfrastructure Vision People, Sustainability, Innovation,

1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CIF21) NSF-wide Cyberinfrastructure Vision People, Sustainability, Innovation,
Fault Tolerant Routing in Tri-Sector Wireless Cellular Mesh Networks Yasir Drabu and Hassan Peyravi Kent State University Kent, OH - 44240.

Fault Tolerant Routing in Tri-Sector Wireless Cellular Mesh Networks Yasir Drabu and Hassan Peyravi Kent State University Kent, OH
1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) IRNC Kick-Off Workshop July 13, 2010 1.

1 Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) IRNC Kick-Off Workshop July 13,
The Networking Lab in the School of Computing 1 Dr. Jim Martin Associate Professor School of Computing Clemson University

The Networking Lab in the School of Computing 1 Dr. Jim Martin Associate Professor School of Computing Clemson University
OVERVIEW OF NETWORKING RESEARCH IN NETLAB 1 Dr. Jim Martin Associate Professor School of Computing Clemson University

OVERVIEW OF NETWORKING RESEARCH IN NETLAB 1 Dr. Jim Martin Associate Professor School of Computing Clemson University
Priority Queuing Achieving Flow ‘Fairness’ in Wireless Networks Thomas Shen Prof. K.C. Wang SURE 2005.

Priority Queuing Achieving Flow ‘Fairness’ in Wireless Networks Thomas Shen Prof. K.C. Wang SURE 2005.
TECHNOLOGY GUIDE 5 Basics of the Internet and the World Wide Web.

TECHNOLOGY GUIDE 5 Basics of the Internet and the World Wide Web.
University of Kansas ITTC Research Overview Victor S. Frost Dan F. Servey Distinguished Professor Electrical Engineering and Computer Science Executive.

University of Kansas ITTC Research Overview Victor S. Frost Dan F. Servey Distinguished Professor Electrical Engineering and Computer Science Executive.
Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Communications and Networks Chapter 8.
Lecture 1 Internet Overview: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network structure,

Lecture 1 Internet Overview: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network structure,
Lecture 1 1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network structure,

Lecture Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network structure,
Chapter 2: Technology Infrastructure: The Internet and the World Wide Web.

Chapter 2: Technology Infrastructure: The Internet and the World Wide Web.

Similar presentations

Ads by Google