Intentional and Unintentional Denial-of- Service in Broadband Access Networks Dr. Jim Martin Associate Professor School of Computing Clemson University Website: 1
Talk Overview Introduction Background Network Denial of Service (DoS) Example Research Projects – CyberTiger – Wireless HetNet 2
Clemson’s School of Computing To address the importance of computing throughout all fields, we evolved from a ‘Department’ to a ‘School of Computing’ with Three Divisions – Computer Science – Human Centered Computing – Visual Computing
Academic partners Business partners Government agencies Research & Medical centers Libraries, Museums Policy Biometrics Clouds, Clusters, Data centers Large facilities: turbine windmills, generators windmills, generators Sensors – river, forest, human, automotive, … human, automotive, … Analytics, Forecasting Access, Management Databases, File systems Data Intensive computing Mining Broadband access Campus test beds CybersecurityInternetworking Mobile and wireless systems Applications, Middleware, Systems Interfaces Mobile applications Software engineering Trustworthy computing Virtual environments Accessibility Human computer interaction Learning technologies Simulation and modeling Social computing Education, outreach, training EducationDiscoveryInnovation Clemson Computing Research Ecosystem Algorithms, Theory Computational science Digital Production Arts Eye tracking, Graphics High Performance Computing Visualization Expertise Organizations Scientific Instruments Computation Data Networking Software
Networking Lab’s Mission Vision Statement: – Computing and the Internet are converging – Traditional broadcast video (Cable/Satellite) is converging with the Internet – Networks are becoming more and more ‘heterogeneous’ – The scope of the lab’s interests is more than networking, it includes operating systems, distributed systems, secure and trustworthy systems, and next generation Internet. Collectively these define the term ‘cybersystems’ The networking group focuses on a range of problems that are at the heart of developing and analyzing emerging cybersystems. The mission of the lab is to support cutting edge research in cybersystems AND to train researchers to address the needs of the changing world.. 5
Background: Broadband Internet Access Wired technologies: – DSL, Cable, Fiber-to-the-home Wireless – 3G, WiMAX, 4G Trends – Bigger pipes (Comcast and Verizon both now offer 50 Mbps access connections!) Concern: the Internet works well because core routers serve thousands of flows at any given time. The behavior of one flow is insignificant. The concept applies at the access network. This is changing…. – Emerging wireless networks will involve multiple technologies (femtocells, heterogeneous networks) Concern: wireless systems traditionally have been single, closed systems. Future systems will involve more open, cooperative wireless networks. 6
Network Denial of Service (shared medium access networks) 7 MAC Layer DoS: A DoS that leverages a MAC layer vulnerability. Example: a vulnerability of centralized broadband access schemes (like cable, WiMAX, and emerging 4G systems) have relatively inefficient methods for supporting low bandwidth upstream flows. Intentional DoS: A large number of 4G subscriber station’s are infected with malicious software that is part of a botnet. Unintentional DoS: In a cable access network, a subscriber consumes all available channel bandwidth causing ‘over-the-top’ VoIP calls (e.g., Vonage) by other subscribers to experience poor call quality.
Example Research Projects (intentional DoS) 8 “DoS Vulnerabilities in WiMAX networks” (R. Brooks, J. Martin, Student: J. Deng): Question: how sensitive is the choice of WiMAX system parameters to the effects of DoS attacks caused by infected subscriber computers? “Death by Scanning: Analysis of Worm-like Scanning in a cable network” (J. Martin, Student: Jordan Jueckstock) Question: what is the impact of the scanning activity of modern botnets such as Slammer and Conficker on a cable network?
CyberTiger Creative Inquiry Engage undergrads to work with PhD students on projects that develop applications that facilitate the study of large scale broadband wireless systems Current focus is building tools (server back end, smartphone apps) that provide a measurement and assessment capability of broadband cellular and WiFi data services Recent activities include a report to the FCC on the LACK of cellular infrastructure in SC outside of populated areas CyberTiger serves as a Honeypot – partnering with Clemson’s CCIT, the goals are: To entice and monitor bad guys to attempt to break in Detect infected smartphones on behalf of our user community One contribution of this work is the broader impact on society- we want to ensure everyone in the USA has equal access to measurably robust wireless services CyberTiger Creative Inquiry
Building Cooperative Heterogeneous Wireless Networks With Re-Configurable Devices 10 Internet Access Network Exit SmartPhone Global Resource Controller Autonomous Wireless Systems Open Spectrum Future handhelds will contain multiple radios that can be used concurrently AND that are reconfigurable. Future wireless networks will be heterogeneous with cooperative mechanisms in place (early examples are femtocells and WiFi off loading)
Results and Discussion – Spectral Efficiency Use Case 1 No co-operation between the two carriers Users use multiple static radios that can connect to its own carrier’s access technologies Use Case 2 Co-operation exists between the two carriers Reconfigurable radios are used to support access technologies implemented by the other carrier R. Amin, J. Martin, J. Deaton, L. DaSilva, A. Hussien, A. Eltawil, "Balancing Spectral Efficiency, Energy Consumption, and Fairness in Future Heterogeneous Wireless Systems with Reconfigurable Devices", To appear in the IEEE Journal on Selected Areas In Communications, J. Martin, R. Amin, A. Eltawil, A. Hussien, “Spectral Efficiency and Energy Consumption Tradeoffs for Reconfigurable Devices in Heterogeneous Wireless Systems”, Proceedings of the IEEE WCNC2012 Conference, (Paris, France, April 2012).
Simulation Topology Gateway Sink Node Stationary User 1 Stationary User 2 Mobile User e AP Start Stop e BS Rogue Users Topology Key e Coverage Radius: 1 Km e Coverage Radius: 150 m # Stationary Users: 2 # Mobile User: 1 # Rogue Users: 0-30 (increments of 5) Stationary/Mobile User Traffic: Downlink CBR TCP (From Sink Node to Stationary/Mobile User) Rogue User Traffic: Uplink CBR UDP (From Rogue User to Sink Node) Talking points: Goal is for the 4G operator to benefit when using an open network Can a hierarchical allocation scheme work when faced with potential ‘DoS’ ?
Wrap Up…..Final Message Trends in Internet access networks: – Bigger pipes – Heterogeneous wireless networks These advancements are exposing new DoS concerns. – The impact of one user can be significant. – MAC layer vulnerabilities in emerging access networks, particularly in heterogeneous wireless systems, need to be studied. This motivates our research in intentional and unintentional DoS in broadband access networks. 13
Supplemental Slides 14
Simulation Details Stationary users 1 and 2 always use the e radio (400 seconds) – Receives infinite downlink traffic from Sink Node (15 Mbps TCP CBR Flow) Mobile user starts out using e radio (70 seconds), then uses e when it moves inside e coverage area (300 seconds) and finally switches back to e (30 seconds) when it moves outside of e coverage – However, due to Denial of Service attacks by the rogue users, if mobile user cannot connect to e even when it is in e coverage, it will fall back to e usage – Receives infinite downlink traffic from Sink Node (15 Mbps TCP CBR Flow) Rogue users always use e radio (400 seconds) – Impact of 3 different packet generation rates studied for rogue user UDP CBR traffic flows in uplink direction – 500 kbps, 1000 kbps, 1500 kbps Mobile User Traffic: – High Priority (over e) – CW Min = 7, CW Max = 15 Rogue User Traffic: – Low Priority – CW Min = 31, CW Max = 1023 (same as regular g CW Min and CW Max settings)
Simulation Results – Mobile User Throughput Talking points: preliminary results