Texas A&M University Page 1 10/10/2014 5:19:49 PM Real-Time Traffic Modeling and its Application in Network Camouflaging W ei Zhao, Riccardo Bettati, Nitin.

Slides:



Advertisements
Similar presentations
Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.
Advertisements

Scenario: EOT/EOT-R/COT Resident admitted March 10th Admitted for PT and OT following knee replacement for patient with CHF, COPD, shortness of breath.
Angstrom Care 培苗社 Quadratic Equation II
AP STUDY SESSION 2.
1
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Processes and Operating Systems
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
STATISTICS Joint and Conditional Distributions
STATISTICS POINT ESTIMATION Professor Ke-Sheng Cheng Department of Bioenvironmental Systems Engineering National Taiwan University.
STATISTICS Univariate Distributions
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
UNITED NATIONS Shipment Details Report – January 2006.
1 Hyades Command Routing Message flow and data translation.
David Burdett May 11, 2004 Package Binding for WS CDL.
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination. Introduction to the Business.
Introduction to Algorithms 6.046J/18.401J
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
Properties of Real Numbers CommutativeAssociativeDistributive Identity + × Inverse + ×
CALENDAR.
1 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt BlendsDigraphsShort.
1 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt RhymesMapsMathInsects.
1 Click here to End Presentation Software: Installation and Updates Internet Download CD release NACIS Updates.
Break Time Remaining 10:00.
Turing Machines.
Table 12.1: Cash Flows to a Cash and Carry Trading Strategy.
PP Test Review Sections 6-1 to 6-6
1 Atomic Routing Games on Maximum Congestion Costas Busch Department of Computer Science Louisiana State University Collaborators: Rajgopal Kannan, LSU.
Bright Futures Guidelines Priorities and Screening Tables
EIS Bridge Tool and Staging Tables September 1, 2009 Instructor: Way Poteat Slide: 1.
Bellwork Do the following problem on a ½ sheet of paper and turn in.
CS 6143 COMPUTER ARCHITECTURE II SPRING 2014 ACM Principles and Practice of Parallel Programming, PPoPP, 2006 Panel Presentations Parallel Processing is.
Operating Systems Operating Systems - Winter 2010 Chapter 3 – Input/Output Vrije Universiteit Amsterdam.
Exarte Bezoek aan de Mediacampus Bachelor in de grafische en digitale media April 2014.
TESOL International Convention Presentation- ESL Instruction: Developing Your Skills to Become a Master Conductor by Beth Clifton Crumpler by.
Sample Service Screenshots Enterprise Cloud Service 11.3.
Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.
1 RA III - Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Buenos Aires, Argentina, 25 – 27 October 2006 Status of observing programmes in RA.
Basel-ICU-Journal Challenge18/20/ Basel-ICU-Journal Challenge8/20/2014.
1..
CONTROL VISION Set-up. Step 1 Step 2 Step 3 Step 5 Step 4.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 10 Routing Fundamentals and Subnets.
Adding Up In Chunks.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 2 Networking Fundamentals.
SLP – Endless Possibilities What can SLP do for your school? Everything you need to know about SLP – past, present and future.
MaK_Full ahead loaded 1 Alarm Page Directory (F11)
1 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt 10 pt 15 pt 20 pt 25 pt 5 pt Synthetic.
Subtraction: Adding UP
: 3 00.
1 hi at no doifpi me be go we of at be do go hi if me no of pi we Inorder Traversal Inorder traversal. n Visit the left subtree. n Visit the node. n Visit.
Analyzing Genes and Genomes
Prof.ir. Klaas H.J. Robers, 14 July Graduation: a process organised by YOU.
Speak Up for Safety Dr. Susan Strauss Harassment & Bullying Consultant November 9, 2012.
Essential Cell Biology
Converting a Fraction to %
Clock will move after 1 minute
Intracellular Compartments and Transport
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 9 TCP/IP Protocol Suite and IP Addressing.
PSSA Preparation.
Essential Cell Biology
Immunobiology: The Immune System in Health & Disease Sixth Edition
Physics for Scientists & Engineers, 3rd Edition
Energy Generation in Mitochondria and Chlorplasts
Select a time to count down from the clock above
1.step PMIT start + initial project data input Concept Concept.
TCP/IP Protocol Suite 1 Chapter 18 Upon completion you will be able to: Remote Login: Telnet Understand how TELNET works Understand the role of NVT in.
1 Decidability continued…. 2 Theorem: For a recursively enumerable language it is undecidable to determine whether is finite Proof: We will reduce the.
NetCamo Camouflaging network traffic at right time and right place
TAMU and NSWC July Objectives Keep network activity anonymous and unobservable Provide QoS-guaranteed communication services Be upward and downward.
Presentation transcript:

Texas A&M University Page 1 10/10/2014 5:19:49 PM Real-Time Traffic Modeling and its Application in Network Camouflaging W ei Zhao, Riccardo Bettati, Nitin Vaidya Department of Computer Science Texas A&M University College Station, TX

Texas A&M University Page 2 10/10/2014 5:19:49 PM Outline 1. Project Overview 2. Real-Time Traffic Modeling 3. Design and Implementation of NetCamo 4. Camouflaging Other Network Entities 5. Summary

Texas A&M University Page 3 10/10/2014 5:19:49 PM 1. Project Overview Objectives Characteristics Major Results

Texas A&M University Page 4 10/10/2014 5:19:49 PM Project Objectives Development of countermeasures for generalized traffic analysis Development of countermeasures for denial of services

Texas A&M University Page 5 10/10/2014 5:19:49 PM Characteristics of our Work Based on real-time traffic modeling Countermeasures for generalized traffic analysis: Camouflaging the network activities while guaranteeing end-to-end delays Countermeasures for denial of services: Detecting DoS attacks in real-time Our solutions intended for wired and wireless networks Our solutions are upward and downward compatible

Texas A&M University Page 6 10/10/2014 5:19:49 PM Major Results Developed a prototype of NetCamo/M A middle-ware solution for dealing with traffic analysis + No change to current network architecture + Efficient Developed a prototype of NetCamo/N Using independent “mini routers” for camouflaging + No disturbance to application hosts + To be used by Navy HiPer-D 2000

Texas A&M University Page 7 10/10/2014 5:19:49 PM TeamTeam Faculty Members Wei Zhao, Riccardo Bettati, and Nitin Vaidya Previous Results Our bandwidth allocation method has been officially adopted by DoD SAFENET Two releases of NetEx tool kit: NetEx/Basic and NetEx/Adaptation Two best paper awards Two U.S. patents Support from DoD and industry: Nortel, Networks, Cisco, Myricom, Packet Engine, and XYLAN. The Team

Texas A&M University Page 8 10/10/2014 5:19:49 PM TeamTeam The Collaborators Government Navy Surface Warfare Center HiPer-D Project (Dave Marlow and Mike Masters) Navy SPAWAR Distributed real-time combat systems (Russell Johnston) West Point Camouflaging technology (Daniel Ragsdale)

Texas A&M University Page 9 10/10/2014 5:19:49 PM Industry Alcatel (Packet Engines and XYLAN) High speed routers (Kim Stearns and Dennis Majeski) Intrusion.Com Real-time intrusion and camouflaging devices (Joe Head) 3INet Real-time intrusion and camouflaging devices (Mike Wang) The Collaborators

Texas A&M University Page 10 10/10/2014 5:19:49 PM TAMU Internal Texas Transportation Institute ALERT Project (Cedric J. Sims) Texas Center for Applied Technology University XXI Project (James Wall) The Collaborators

Texas A&M University Page 11 10/10/2014 5:19:49 PM 2. Real-Time Traffic Modeling Motivations To gain information on payload traffic in order to predict the behavior of the applications and systems * Predict the worst-case delay * Provide profile information of payload - on-line verification - on-line masking

Texas A&M University Page 12 10/10/2014 5:19:49 PM Traffic Modeling 1. Peak rate method pessimistic; over-estimating delay 2. Average rate method optimistic; under-estimating delay 3. Timing history method impractical, too much information 4. Our method: the maximum rate function:  (I) can also be randomized to deal with statistical rate bounds

Texas A&M University Page 13 10/10/2014 5:19:49 PM Traffic Modeling Features of  (I): * It covers a wide range of applications * It is mathematically analyzable * It is enforceable * It is holographic

Texas A&M University Page 14 10/10/2014 5:19:49 PM  (I) is Mathematically Analyzable  (I)   (I) = ? F*(I) = Output between t and t + I < Input between t - d and t+I = F(I+d) =  (I+d) * (I+d)   (I) = F*(I)/I =  (I+d) * (I+d)/I

Texas A&M University Page 15 10/10/2014 5:19:49 PM  (I) is Enforceable   (I) = (  +  I)/I Leaky Bucket  Any traffic I Size of token bucket Line rate  F*(I)

Texas A&M University Page 16 10/10/2014 5:19:49 PM  (I) is Holographic   (I) can be approximated by any number of points. Assume that   (I 1 ) =   then  (I) is approximated by     + min(I 1, I -    I   Formula can be used recursively if more points are known.

Texas A&M University Page 17 10/10/2014 5:19:49 PM Traffic Modeling An experiment: A workstation (H 1 ) sends 16Mbit data per second.

Texas A&M University Page 18 10/10/2014 5:19:49 PM Traffic Modeling Peak Rate Average Rate Derived by our method Observed

Texas A&M University Page 19 10/10/2014 5:19:49 PM Applications of Real-Time Traffic Modeling * NetEx: Providing Delay-Guaranteed Communications A Quorum project Integrated with Honeywell RTARM system * Countermeasure for Traffic Analysis * Countermeasure for Denial Services

Texas A&M University Page 20 10/10/2014 5:19:49 PM Preventing Traffic Analysis by RTTM Traffic Analysis: Obtain the mission status by observing network traffic Our objectives: »Camouflaging the traffic density »Camouflaging the connectivity

Texas A&M University Page 21 10/10/2014 5:19:49 PM Countermeasure for Traffic Analysis Approaches »Network flooding »Traffic rerouting

Texas A&M University Page 22 10/10/2014 5:19:49 PM Network Flooding Flooding the network at right place and right time to make it appear to be constant rate network Challenge: How much? For link j,  i F i,j ( I ) + S j ( I ) =  I ? ? ?

Texas A&M University Page 23 10/10/2014 5:19:49 PM Traffic Rerouting Indirect delivery of packets Challenge: Can we still guarantee real-time delay bound? For for connection j,  i d i,,j, < D j

Texas A&M University Page 24 10/10/2014 5:19:49 PM ObjectivesObjectives Objectives Camouflage network activities Provide QoS-guaranteed communication services Be upward and downward compatible with existing operating systems, applications, and network technologies Be scalable and evolvable 3. Design and Implementation of NetCamo

Texas A&M University Page 25 10/10/2014 5:19:49 PM Traffic camouflaging: rerouting and traffic padding based on real-time traffic modeling theory. Real-time communication: providing delay guaranteed services to applications while having traffic camouflaged NetCamo/M: A middle-ware solution » No change to current network architecture » Efficient NetCamo/N: Using independent “routers” for camouflaging » No disturbance to application hosts » To be used by Navy HiPer-D 2000 NetCamo Approaches

Texas A&M University Page 26 10/10/2014 5:19:49 PM NetCamo/M Payload Host Payload Host Payload Host Payload Host Network Middle-Ware

Texas A&M University Page 27 10/10/2014 5:19:49 PM NetCamo/M Workflow Client Applications NetCamo Network Controller Client Applications NetCamo Host Controller Network NetCamo Host Controller

Texas A&M University Page 28 10/10/2014 5:19:49 PM NetCamo/M Architecture NetCamo Network Controller Host Agent Router Agent NetCamo Traffic Manager Router API API Host Manager Client Applications Traffic Controller H323H323 NetCamo Host Controller API API Host Manager Traffic Controller H323H323 NetCamo Host Controller Host Network Client Applications

Texas A&M University Page 29 10/10/2014 5:19:49 PM

Texas A&M University Page 30 10/10/2014 5:19:49 PM

Texas A&M University Page 31 10/10/2014 5:19:49 PM NetCamo/M Host Implementation

Texas A&M University Page 32 10/10/2014 5:19:49 PM NetCamo/M Host Traffic Controller

Texas A&M University Page 33 10/10/2014 5:19:49 PM NetCamo TestbedNetCamo Testbed NetCamo/M Testbed

Texas A&M University Page 34 10/10/2014 5:19:49 PM NetCamo/M Testbed

Texas A&M University Page 35 10/10/2014 5:19:49 PM NetCamo/M Results Station 1  Station 2: CBR 250 pps (200 Direct + 50 Re-route via Station 4) Station 1  Station 4: VBR 40pps (Direct) Station 4  Station 1: VBR 20pps (Direct) Station 4  Station 2: VBR 20pps (Direct)

Texas A&M University Page 36 10/10/2014 5:19:49 PM NetCamo/N Payload Host Payload Host Payload Host Payload Host Network Mini Router

Texas A&M University Page 37 10/10/2014 5:19:49 PM NetCamo Mini Router

Texas A&M University Page 38 10/10/2014 5:19:49 PM Use of NetCamo/N in HiPer-D 2000 Navy SD Base NSWC Mini Router

Texas A&M University Page 39 10/10/2014 5:19:49 PM NetCamo/N Testbed

Texas A&M University Page 40 10/10/2014 5:19:49 PM NetCamo/N Results Cover ModePayloadDummy

Texas A&M University Page 41 10/10/2014 5:19:49 PM 4. Camouflaging Other Entities Camouflaging the topology So that distributed denial of service attacks can be prevented or avoided Camouflaging servers No one can attack them anymore Camouflaging wireless networks Be power aware.

Texas A&M University Page 42 10/10/2014 5:19:49 PM Motivation Reducing the damage of organized and distributed DoS attacks Topology Camouflaging

Texas A&M University Page 43 10/10/2014 5:19:49 PM Topology Camouflaging Approaches Preventive Camouflaging Purposely let a group of routers misunderstand the topology Reactive Camouflaging Dynamically change routing strategy

Texas A&M University Page 44 10/10/2014 5:19:49 PM Topology Camouflaging: Challenges Consistency: An altered topology should still make sense Efficiency: Minimizing the network management effort to let an altered topology be perceived for a given effectiveness measure Effectiveness: Minimizing the potential damage of DoN attacks for a given attack power

Texas A&M University Page 45 10/10/2014 5:19:49 PM Topology Camouflaging: Realization Methods Preventive Camouflaging (PC) Change Internet Control Message Protocol at some routers Reactive Camouflaging (RC) Adaptively and autonomously adjust routing tables at some routers

Texas A&M University Page 46 10/10/2014 5:19:49 PM 5. Summary Cyber space camouflaging (CSC) is an important strategy to realize tolerant networks Traditional encryption is a special case of CSC: i.e., camouflaging the content of payload While some concepts can be borrowed from physical camouflaging techniques, much more challenges are ahead.

Texas A&M University Page 47 10/10/2014 5:19:49 PM Camouflaging, Concealment, and Decoy in Cyber Space Means Packet Conn. Traffic Server Topology Op Mode Hide Blend Encryption Flooding Disguising Anycasting Neutral mode Disrupting Re-routing RC Decoy PC Multiple cover modes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.