I-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda, Ichiro Murase Dai Mochinaga, and Katsushi Kobayashi* 1 * Waseda University **

Slides:

Advertisements

Similar presentations

Introduction 2 1: Introduction.

Advertisements

RIP V1 W.lilakiatsakun.

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

CISCO NETWORKING ACADEMY PROGRAM (CNAP)

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

Congestion Control An Overview -Jyothi Guntaka. Congestion  What is congestion ?  The aggregate demand for network resources exceeds the available capacity.

Traffic Engineering With Traditional IP Routing Protocols

NAT: Network Address Translation local network (e.g., home network) /24 rest of Internet Datagrams.

Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.

10 - Network Layer. Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

Low Delay Marking for TCP in Wireless Ad Hoc Networks Choong-Soo Lee, Mingzhe Li Emmanuel Agu, Mark Claypool, Robert Kinicki Worcester Polytechnic Institute.

CS 268: Project Suggestions Ion Stoica February 6, 2003.

1 Network Layer: Host-to-Host Communication. 2 Network Layer: Motivation Can we built a global network such as Internet by extending LAN segments using.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Lecture 1 Overview: roadmap 1.1 What is computer network? the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Copyright 2003 CCNA 1 Chapter 7 TCP/IP Protocol Suite and IP Addressing By Your Name.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

1: Introduction1 Part I: Introduction Goal: r get context, overview, “feel” of networking r more depth, detail later in course r approach: m descriptive.

1 Proceeding the Second Exercises on Computer and Systems Engineering Professor OKAMURA Laboratory. Othman Othman M.M.

Network Layer4-1 NAT: Network Address Translation local network (e.g., home network) /24 rest of.

Adapted from: Computer Networking, Kurose/Ross 1DT066 Distributed Information Systems Chapter 4 Network Layer.

1 Multi-Protocol Label Switching (MPLS). 2 MPLS Overview A forwarding scheme designed to speed up IP packet forwarding (RFC 3031) Idea: use a fixed length.

1 NAT Network Address Translation Motivation for NAT To solve the insufficient problem of IP addresses IPv6 –All software and hardware need to be updated.

Introduction to Network Address Translation

Network Layer4-1 DHCP: Dynamic Host Configuration Protocol Goal: allow host to dynamically obtain its IP address from network server when it joins network.

Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.

1 The Research on Analyzing Time- Series Data and Anomaly Detection in Internet Flow Yoshiaki HARADA Graduate School of Information Science and Electrical.

Othman Othman M.M., Koji Okamura Kyushu University 1.

CIS 3360: Internet: Network Layer Introduction Cliff Zou Spring 2012.

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

Mitsubishi Research Institute, Inc Analyses on Distribution of Malicious Packets and Threats over the Internet August 27-31, 2007 APAN Network Research.

Ch 1. Computer Networks and the Internet Myungchul Kim

COP 4930 Computer Network Projects Summer C 2004 Prof. Roy B. Levow Lecture 3.

Security Issues in Control, Management and Routing Protocols M.Baltatu, A.Lioy, F.Maino, D.Mazzocchi Computer and Network Security Group Politecnico di.

1 Network Layer Lecture 13 Imran Ahmed University of Management & Technology.

Othman Othman M.M., Koji Okamura Kyushu University 1.

Cisco 3 - Switch Perrine. J Page 111/6/2015 Chapter 5 At which layer of the 3-layer design component would users with common interests be grouped? 1.Access.

Multimedia & Mobile Communications Lab.

Lectu re 1 Recap: “Operational” view of Internet r Internet: “network of networks” m Requires sending, receiving of messages r protocols control sending,

Transport Layer3-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

1 Capacity Dimensioning Based on Traffic Measurement in the Internet Kazumine Osaka University Shingo Ata (Osaka City Univ.)

Network Sniffer Anuj Shah Advisor: Dr. Chung-E Wang Department of Computer Science.

A Bandwidth Estimation Method for IP Version 6 Networks Marshall Crocker Department of Electrical and Computer Engineering Mississippi State University.

1 Virtual Dark IP for Internet Threat Detection Akihiro Shimoda & Shigeki Goto Waseda University

1 IEX8175 RF Electronics Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.

Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 19 Omar Meqdadi Department of Computer Science and Software Engineering University.

Mobile IP 순천향대학교 전산학과 문종식

ITP 457 Network Security Networking Technologies III IP, Subnets & NAT.

Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.

Masaki Hirabaru (NICT) and Jin Tanaka (KDDI) Impact of Bottleneck Queue on Long Distant TCP Transfer August 25, 2005 NOC-Network Engineering Session Advanced.

@Yuan Xue A special acknowledge goes to J.F Kurose and K.W. Ross Some of the slides used in this lecture are adapted from their.

Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 

1 Computer Networks Chapter 5. Network layer The network layer is concerned with getting packets from the source all the way to the destination. Getting.

INTRODUCTION NETWORKING CONCEPTS AND ADMINISTRATION CSIS 3723

Network Address Translation

CS4470 Computer Networking Protocols

* Essential Network Security Book Slides.

i-Path : Network Transparency Project

Distributed Systems CS

Visible routers in Visible network

Request for Comments(RFC) 3489

DHCP: Dynamic Host Configuration Protocol

Computer Networks Protocols

Distributed Systems CS

Presentation transcript:

i-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda*, Ichiro Murase* Dai Mochinaga**, and Katsushi Kobayashi*** 1 * Waseda University ** Mitsubishi Research Institute Inc., *** National Institute of Advanced Science and Technology (AIST) 14th JSPS/NRF Core University Program Seminar on Next Generation Internet

Agenda 1.Introduction –Background and Motivation –Applications 2.Overview of i-Path –Data Collection –New Software 3.More Applications 4.Conclusion Acknowledgement 2

The Goal of i-Path project  Accessible Information between the hosts  Observing the information disclosure policy of all stakeholders along the path 3

Background Because of … –Observe the information disclosure policy –Status of network depends on variety of factors Growing demand for backbone bandwidth Routers keep rich information Routing table, Link utilization Temperature, Location, Contact point, Supply voltage etc. Routers keep rich information Routing table, Link utilization Temperature, Location, Contact point, Supply voltage etc. Network performance fluctuation (e.g. throughput) Not easy to collect right information and to utilize information along the path 4 Introduction

Providing transparency of underlying networks End-to-End visibility provides benefit to end hosts and network operators Disclosing information leads to improved End-to-End visibility Motivation –Monitoring network status –Reporting events and troubleshooting –Reduction in operational cost 5 Introduction

Enhanced Congestion Control Applications Best peer selection in P2P communication applications Best peer selection in P2P communication applications Dynamic network configuration (e.g. according to Time zones) Dynamic network configuration (e.g. according to Time zones) Adjust optimal bit rate in VoD Selection of the appropriate path (e.g. Not violating policies related to content management) 6 Introduction

Data Collection Explicit Network Information Collection Along a Path SIRENS *(Simple Internet Resource Notification Scheme) –Based on the cross layer approach  Bottleneck bandwidth  Interface queue capacity  Corruption losses etc. –Scalable network information measurement * K. Nakauchi and K. Kobayashi. An explicit router feedback framework for high bandwidth-delay product networks. Computer Networks, 51(7):1833–1846, Overview

Structure of shim-header Inserted between the network and transport headers 8 Overview

Information Disclosure Prohibit to access some Information on routers Unwilling to disclose inside network status –Security –Cost Each ISP has a disclosure policy End hosts have their disclosure policy 9 Negotiation: requests and responses OK to Disclose? Overview

Observing Information Disclosure Policies  Policy: Alice & Bob allow to disclose beyond 3rd hop router.  Implementation: Alice does not send req. for her neighbor & the next neighbor routers, i.e.,1st & 2nd hops. Bob does not send back res. same as Alice, i.e., 6th & 7th hops.  Results: Alice obtains 3-5 hops data. Bob obtains 3-7 hops data Selective requests and responses 10

New Software Tools xml Sender Receiver TCP Data (a) Send a SIRENS request packet (b) Receive the request packet and reply (c) Receive the reply packet and make xml files Developed software TCP Data i-Path Router 11

Snapshot of the Visualization Tool Dark colored (Blue) routers –Data Collection: Enabled Gray colored routers –Data Collection: Not enabled or Not Exist 12

Network Threat Detection Attackers TARGET IP address : X.X.X.X DDoS Packets destination: TARGET Source IP Address: Spoofed IP Address Back Scatter Packets destination: Spoofed IP Address Source: TARGET Internet extraneous hosts/servers More applications S.Nogami, A.Shimoda and S.Goto, Detection of DDoS attacks by i-Path flow analysis, (in Japanese, to appear) 72 nd National Convention of IPSJ, Mar

NAT traversal 14 More applications Different kind of NATs: full cone, restricted cone, port restricted cone, symmetric symmetric NAT K.Tobe, A.Shimoda and S.Goto, NAT traversal with transparent routers, (in Japanese, to appear) 72 nd National Convention of IPSJ, Mar. 2010

Current Status and Future Plans i-Path project wiki Dai Mochinaga, Katsushi Kobayashi, Shigeki Goto, Akihiro Shimoda, and Ichiro Murase, Collecting Information to Visualize Network Status, 28 th APAN Network Research Workshop, pp.1—4, Network application utilizing collected information Demonstration on R&D testbed: JGN in Japan Demonstration at SC09, Portland, OR, Nov

Conclusion We proposed new method disclosing network information i-Path –Offering end-to-end visibility, transparency –Observing privacy protection –Respecting disclosure policy 16

Acknowledgement This project is supported by National Institute of Information and Communications Technology (NICT), Japan. 17