Googling the Internet (and Beyond) Aleksandar Kuzmanovic EECS Department Northwestern University

Slides:



Advertisements
Similar presentations
Google-based Traffic Classification Aleksandar Kuzmanovic Northwestern University IEEE Computer Communications Workshop (CCW 08) October 23, 2008
Advertisements

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
On the Effectiveness of Measurement Reuse for Performance-Based Detouring David Choffnes Fabian Bustamante Fabian Bustamante Northwestern University INFOCOM.
Marios Iliofotou (UC Riverside) Brian Gallagher (LLNL)Tina Eliassi-Rad (Rutgers University) Guowu Xi (UC Riverside)Michalis Faloutsos (UC Riverside) ACM.
Ao-Jan Su and Aleksandar Kuzmanovic Department of EECS Northwestern University Thinning Akamai USENIX/ACM SIGCOMM IMC ’08.
The War Between Mice and Elephants LIANG GUO, IBRAHIM MATTA Computer Science Department Boston University ICNP (International Conference on Network Protocols)
1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.
Spring 2003CS 4611 Content Distribution Networks Outline Implementation Techniques Hashing Schemes Redirection Strategies.
The Power of Explicit Congestion Notification Aleksandar Kuzmanovic Northwestern University
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
TDC365 Spring 2001John Kristoff - DePaul University1 Internetworking Technologies Transmission Control Protocol (TCP)
Congestion Dr. Abdulaziz Almulhem. Almulhem©20012 Congestion It occurs when network resources are becoming scarce High demand Over utilized Offered load.
An Analysis of Internet Content Delivery Systems Stefan Saroiu, Krishna P. Gommadi, Richard J. Dunn, Steven D. Gribble, and Henry M. Levy Proceedings of.
Criticisms of I3 Zhichun Li. General Issues Functionality Security Performance Practicality If not significant better than existing schemes, why bother?
A Poisoning-Resilient TCP Stack Amit Mondal Aleksandar Kuzmanovic Northwestern University
TCP over ad hoc networks Ad Hoc Networks will have to be interfaced with the Internet. As such backward compatibility is a big issue. One might expect.
SYN Flooding: A Denial of Service Attack Shivani Hashia CS265.
Aleksandar Kuzmanovic & Edward W. Knightly A Performance vs. Trust Perspective in the Design of End-Point Congestion Control Protocols.
1 Web Proxies Dr. Rocky K. C. Chang 6 November 2005.
Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.
Anycast Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Internet Cache Pollution Attacks and Countermeasures Yan Gao, Leiwen Deng, Aleksandar Kuzmanovic, and Yan Chen Electrical Engineering and Computer Science.
Drafting Behind Akamai (Travelocity-Based Detouring) Aleksandar Kuzmanovic Northwestern University Joint work with: A. Su, D. Choffnes, and F. Bustamante.
1 Drafting Behind Akamai (Travelocity-Based Detouring) AoJan Su, David R. Choffnes, Aleksandar Kuzmanovic, and Fabian E. Bustamante Department of Electrical.
Countering Large-Scale Internet Pollution and Poisoning Aleksandar Kuzmanovic Northwestern University
Using Prices to Allocate Resources at Access Points Jimmy Shih, Randy Katz, Anthony Joseph One Administrative Domain Access Point A Access Point B Network.
TCP Congestion Control
Unconstrained Endpoint Profiling (Googling the Internet)‏ Ionut Trestian Supranamaya Ranjan Aleksandar Kuzmanovic Antonio Nucci Northwestern University.
Internet Indirection Infrastructure (i3) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002.
Information-Centric Networks05a-1 Week 5 / Paper 1 On the use and performance of content distribution networks –Balachander Krishnamurthy, Craig Wills,
Norman SecureSurf Protect your users when surfing the Internet.
1 Content Distribution Networks. 2 Replication Issues Request distribution: how to transparently distribute requests for content among replication servers.
Content Distribution March 8, : Application Layer1.
Active Network Applications Tom Anderson University of Washington.
Ao-Jan Su, David R. Choffnes, Fabián E. Bustamante and Aleksandar Kuzmanovic Department of EECS Northwestern University Relative Network Positioning via.
Taming the Torrent: A Practical Approach to Reducing Cross-ISP Traffic in Peer-to-Peer Systems David R. Choffnes and Fabián E. Bustamante Speaker: Wally.
By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.
SCAN: a Scalable, Adaptive, Secure and Network-aware Content Distribution Network Yan Chen CS Department Northwestern University.
1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.
CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.
Web Application Firewall (WAF) RSA ® Conference 2013.
Making the Best of the Best-Effort Service (2) Advanced Multimedia University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot.
Content-oriented Networking Platform: A Focus on DDoS Countermeasure ( In incremental deployment perspective) Authors: Junho Suh, Hoon-gyu Choi, Wonjun.
Multimedia & Mobile Communications Lab.
Unconstrained Endpoint Profiling Googling the Internet Ionut Trestian, Supranamaya Ranjan, Alekandar Kuzmanovic, Antonio Nucci Reviewed by Lee Young Soo.
Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.
Denial of Service DoS attacks try to deny legimate users access to services, networks, systems or to other resources. There are DoS tools available, thus.
Drafting Behind Akamai (Travelocity-Based Detouring) Dr. Yingwu Zhu.
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.
Computer Networking Lecture 18 – More TCP & Congestion Control.
1 SIGCOMM ’ 03 Low-Rate TCP-Targeted Denial of Service Attacks A. Kuzmanovic and E. W. Knightly Rice University Reviewed by Haoyu Song 9/25/2003.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks TCP.
Skynet: A Cloud-Based Data Transfer Architecture Aleksandar Kuzmanovic
CS 6401 Overlay Networks Outline Overlay networks overview Routing overlays Resilient Overlay Networks Content Distribution Networks.
L Subramanian*, I Stoica*, H Balakrishnan +, R Katz* *UC Berkeley, MIT + USENIX NSDI’04, 2004 Presented by Alok Rakkhit, Ionut Trestian.
Content Delivery Networks: Status and Trends Speaker: Shao-Fen Chou Advisor: Dr. Ho-Ting Wu 5/8/
An Analysis of Internet Content Delivery Systems 19 rd November, 2007 Youngsub CSE, SNU.
John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS.
1 Three ways to (ab)use Multipath Congestion Control Costin Raiciu University Politehnica of Bucharest.
Adding Explicit Congestion Notification (ECN) Capability to TCP's SYN/ACK Packets A. Kuzmanovic, A. Mondal, S. Floyd, and K.K. Ramakrishnan draft-ietf-tcpm-ecnsyn-02.txt.
Drafting Behind Akamai (Travelocity-Based Detouring) Ao-Jan Su, David R. Choffnes, Aleksandar Kuzmanovic and Fabián E. Bustamante Department of EECS Northwestern.
Internet Quarantine: Requirements for Containing Self-Propagating Code
Adding ECN Capability to TCP’s SYN/ACK Packets
Monitoring Network Bias
Removing Exponential Backoff from TCP
Distributed Content in the Network: A Backbone View
AKAMAI INTELLIGENT PLATFORM™
Adding ECN Capability to TCP’s SYN/ACK Packets
Unconstrained Endpoint Profiling (Googling the Internet)‏
Presentation transcript:

Googling the Internet (and Beyond) Aleksandar Kuzmanovic EECS Department Northwestern University

A. KuzmanovicFrom TCP to Net Neutrality and Back 2 Today’s Talk TCP congestion control DoS against streaming CDNs Googling the Internet A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 3 TCP Congestion Control Question –Why do we care about TCP congestion control in the year 2009? Overwhelming opinion: –TCP research is incremental –Not relevant any more –It is boring –No high-impact breakthroughs are possible any more A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 4 Non-Incremental Advances are Possible A. Kuzmanovic, “The Power of Explicit Congestion Notification,” in ACM SIGCOMM “… throughput increases by more than 40% while the average web response time simultaneously decreases by nearly an order of magnitude.” A. Kuzmanovic, A. Mondal, S. Floyd, and K. K. Ramakrishnan, “Adding Explicit Congestion Notification (ECN) to TCP’s SYN/ACK Packets,” IETF Draft, work in progress. Server A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 5 Congestion Control Fundamentals Congestion collapse –1986: throughput from LBL to UC Berkeley dropped from 32 Kbps to 40 bps V. Jacobson, “Congestion Avoidance and Control,” in ACM CCR, 18(4): , Aug –Slow start –Dynamic window sizing –RTT variance estimation –Exponential retransmit timer backoff A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 6 Why Exponential Backoff? Jacobson adopted exponential backoff from the classical shared-medium Ethernet protocol –“IP gateway has essentially the same behavior as Ether in a shared-medium network.” A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 7 Why Exponential Backoff? Jacobson adopted exponential backoff from the classical shared-medium Ethernet protocol –“IP gateway has essentially the same behavior as Ether in a shared-medium network.” – Not true! C C A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 8 Our Result Implicit packet conservation principle –When to resend a packet: As soon as the retransmission timeout expires –End-to-end performance can only improve if we remove the exponential backoff from TCP (proof in the paper) A. Mondal and A. Kuzmanovic, “Removing Exponential Backoff from TCP,” in ACM CCR, October A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 9 Today’s Talk TCP congestion control DoS against streaming CDNs Googling the Internet A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back Background ● CDNs (e.g., Akamai) perform extensive network and server measurements Publish the results via DNS over short time scales Global Monitoring Infrastructure Edge Server 1 Edge Server 2 feedback update DNS Server New edge server IP 10 A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 11 CDN-Driven One-Hop Source Routing S A1 An A2 …….. D DNS ServerEnE2E1 A.-J. Su, D. Choffnes, A. Kuzmanovic, and F. Bustamante, “Drafting Behind Akamai (Travelocity-Based Detouring),” in ACM SIGCOMM A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 12 Relative Network Positioning Wide-area distributed network systems can benefit from network positioning systems Key idea: –Infer relative network distance by overlapping CDN replica servers A.-J. Su, D. Choffnes, F. Bustamante, and A. Kuzmanovic, “Relative Network Positioning via CDN Redirections,” in IEEE ICDCS Client 1 Replica servers R Client 2 R1 Redirection frequency for Client 1 to replica server R A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back Motivation 13 A. Kuzmanovic Googling the Internet (and Beyond) ● >50% of online users would leave and never come back to a streaming site when streaming quality is bad [Akamai ’07]

A. KuzmanovicFrom TCP to Net Neutrality and Back Akamai’s Streaming Architecture Entry Points Reflectors Edge Servers Is DNS-based load balancing resilient to DoS attacks? A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back Slow Load Balancing Experiment A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back Slow Load Balancing Result Start probing machines Edge server becomes overloaded DNS updated, stop probing machines DNS updated, stop probing machines Throughput recovers DNS-based system is too slow to react to overloaded conditions DNS-based system is too slow to react to overloaded conditions A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back  Facts: -Akamai gathers streams from different customers into channels -Streams from the same region and the same channel map to the same reflector  Facts: -Akamai gathers streams from different customers into channels -Streams from the same region and the same channel map to the same reflector  Issue: How to attack reflectors?  Challenge: Information about reflectors not publicly available  Approach: Use edge servers as proxies Need mapping between edge servers and reflectors  Issue: How to attack reflectors?  Challenge: Information about reflectors not publicly available  Approach: Use edge servers as proxies Need mapping between edge servers and reflectors Reflector-level Experiments Customers A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back Amplification Attack Service degradation at similar pace Service degradation at similar pace Throughput recovery It is possible to attack reflectors by using edge servers as “proxies” It is possible to attack reflectors by using edge servers as “proxies” Start probing machines Bottleneck observed, stop probing machines A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back Countermeasures Existing approaches –Stream replication –Resource-based admission control –Solving puzzles Our approach –Shielding internal administrative information –Secure edge-cluster design Key issues: –Tradeoff between transparency and DoS resiliency –Streaming-targeted bandwidth-based DoS attacks are feasible A-J. Su and A. Kuzmanovic, “Thinning Akamai,” in USENIX/ACM IMC A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 20 Today’s Talk TCP congestion control DoS against streaming CDNs Googling the Internet A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 21 Motivation Can we use Google for networking research? Can we systematically exploit search engines to harvest endpoint information available on the Internet? Huge amount of endpoint information available on the web A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 22 Websites run logging software and display statistics Some popular proxy services also display logs Popular servers (e.g., gaming) IP addresses are listed Blacklists, banlists, spamlists also have web interfaces Even P2P information is available on the Internet since the first point of contact with a P2P swarm is a publicly available IP address Where Does the Information Come From? Servers Clients P2P Malicious A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back URL Hit text URL Hit text URL Hit text …. Rapid Match Domain name Keywords Domain name Keywords …. IP tagging IP Address xxx.xxx.xxx.xxx Website cache Search hits 23 Methodology – Web Classifier and IP Tagging A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 24 Infer what applications people are using across the world without having access to network traces Infer what applications people are using across the world without having access to network traces Detecting Application Usage Trends A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 25 Traffic Classification Problem – traffic classification Current approaches (port-based, payload signatures, numerical and statistical etc.) Our approach –Use information about destination IP addresses available on the Internet A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back No sampling UEP maintains a large classification ratio even at higher sampling rates BLINC stays in the dark 2% at sampling rate Working with Sampled Traffic I. Trestian, S. Ranjan, A. Kuzmanovic, and A. Nucci, “Unconstrained Endpoint Profiling (Googling the Internet),” in ACM SIGCOMM A. Kuzmanovic Googling the Internet (and Beyond)

A. KuzmanovicFrom TCP to Net Neutrality and Back 27 Summary Congestion control is fundamental Tradeoff between transparency and DoS-resiliency Information is all around us (and Google is cool) Other projects: Monitoring network neutrality (NSF and Google Inc.) Auditing search engines ISP-enabled ad targeting Feasibility of location-based services (Narus Inc.) A. Kuzmanovic Googling the Internet (and Beyond)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.