Presentation on theme: "ECEN5553 Telecom Systems Dr. George Scheets Week 6 Readings: [11a] "Cybercrime: Dissecting the State of Underground Enterprise" [11b] "A Call to Cyber."— Presentation transcript:
ECEN5553 Telecom Systems Dr. George Scheets Week 6 Readings: [11a] "Cybercrime: Dissecting the State of Underground Enterprise" [11b] "A Call to Cyber Arms" [12a] "The Compleat Story of Phish" [12b] "Diplomatic and government agencies targeted in years-long cyberespionage operation" [12c] "DDoS Attack Doesn't Spell Internet Doom" Exam #1 Lecture 16, 24 September (Live) No later than 1 October (Remote DL) Outline 8 October 2014, Lecture 22 (Live) No later than 15 October (Remote DL)
Outlines Received due 8 October (local) 15 October (remote) 35 %
The Internet Is... a Security Nightmare The Internet Is... a Security Nightmare Bad things have been out there for years Viruses, Worms, Trojans, Denial of Service, etc. November 2, 1988 Internet Worm Network shut down for 2-3 days Took advantage of Unix buffer overflow problems Poor password choices 2009-2010 Stuxnet Worm State sponsored? Seemed to target Iran's nuclear bomb program
The Internet Is... a Security Nightmare n TCOM5223 Information Assurance Management n TCOM5233 Applied Information Systems Security n TCOM5243 Information Technology Forensics n “Remember, when you connect with another computer, you're connecting to every computer that computer has connected to.” u Dennis Miller, Saturday Night Live
Pros of Using the Internet n n Any-to-Any Connectivity n n It’s Inexpensive (save $$$$) n n Tons of valuable information available n n Excellent marketing/sales tool
Cons of Using the Commodity Internet n n Any-to-Any Connectivity puts all attached machines at risk n n Slightly higher risk of Theft of Traffic n n Tons of Worthless Information Available n n No QoS guarantees or Guaranteed Bandwidth May have trouble rapidly moving large files May have trouble reliably moving time sensitive traffic WARNING: SECURITY HAZARD!
802.3 Ethernet Packet Format MAC Destination Address MAC Source Address CRC Data + Padding Bytes: 7 1 6 6 2 40 20 6-1440 4 IPv6TCP
Connectionless vs. Connection Oriented n n Connectionless * Packet delivery may be out of order * Packet delivery NOT guaranteed * Packets may be mangled * End User’s responsibility to fix any problems n n Connection Oriented * Packet delivery in order * Packet delivery usually guaranteed
IP is Connectionless Data + Padding 20 20 up to 1,460 IPTCP I/O decisions based on IP address & look-up table. Tables updated independent of traffic.
Wide Area Connectivity Options n n Leased Line (a.k.a. Private Line) Network u u Switches are byte aware u u Circuit is assigned trunk BW via TDM F F BW required is based on peak input rates u u Route through system determined in advance. u u Pricing function of distance & peak rate u u Most expensive connectivity option u u Highest quality connectivity option
Leased Line Usage n Revenues still around $34 Billion in 2009 u Drop in Corporate u Increase in wireless backhaul n Figure Source: Insight Research October 2004 Network World Article
Telecom Carriers dedicate 320, 128, and 256 Kbps links for our sole use via Circuit Switching. OKC Detroit NYC Carrier Leased Line Network Router Leased Line Ex) Corporate Leased Line Connectivity
OKC Detroit NYC Carrier Leased Line Network Router 384 Kbps From/ToOKCDETNYC OKC-14476 DET88-28 NYC11234- 320 Kbps Ex) Corporate Leased Line Connectivity
How will company connect to Internet? n Configuration u Every site connect locally? u All sites connect thru, say, OKC? n Type of connection u Leased Line u DSL? u Cable Modem? u Other?
OKC Detroit NYC Carrier Leased Line Network Router 384 Kbps ISP 320 Kbps Ex) Internet thru OKC From/ToOKCDETNYCISP OKC-1447660 DET88-2850 NYC11234-40 ISP11010090- How big should the pipe to the ISP be? 300 Kbps is outbound from ISP > 640 Kbps circuit needed. 640 Kbps
OKC Detroit NYC Carrier Leased Line Network Router 576 Kbps ISP 448 Kbps Ex) Internet thru OKC From/ToOKCDETNYCISP OKC-1447660 DET88-2850 NYC11234-40 ISP11010090- Need to bump size of other 2 pipes. 194/186 I/O @ NYC → 448 Kbps 278/166 I/O @ DET → 576 Kbps 640 Kbps
WAN Design (Link Reduction) n Start with Traffic Matrix n Examine Full Mesh n Consider eliminating lightly used links u Reroute affected traffic n Compare costs at each iteration
WAN Connectivity Options n Internet u Routers are packet aware u Datagrams are assigned trunk BW via StatMux F BW required based more so on average input rates u Each packet individually routed F MPLS enabled networks can use Virtual Circuits u Pricing a function of connection size F & Possibly QoS if MPLS and/or DiffServe used
Ex) Commodity Internet Corporate Connectivity Local Carriers dedicate bandwidth to our use. ISP provides random Packet Switched StatMux connectivity via datagrams. OKC Detroit NYC ISP Network Router
Ex) IP with QoS Corporate & Commodity Internet Connectivity OKC Detroit NYC Internet Service Provider Network MPLS VC, OKC - Detroit MPLS VC, NYC - OKC 768 Kbps Detroit & NYC: No change. OKC: Port Speed must be bumped to relay Detroit ↔ NYC corporate traffic. From/ToOKCDETNYCISP OKC-1447660 DET88-2850 NYC11234-40 ISP11010090- 576 Kbps 448 Kbps
Leased Line at OKC ↔ ISP n Outbound u OKC→Det 144 u OKC→NYC 76 u OKC→ISP 60 u Det →NYC 28 u NYC → Det 34 From/ToOKCDETNYCISP OKC-1447660 DET88-2850 NYC11234-40 ISP11010090- n Inbound u Det→OKC 88 u Det→NYC 28 u NYC→OKC 112 u NYC→Det 34 u ISP → OKC 110 Total Outbound = 342 Kbps Total Inbound = 372 Kbps Leased Line Size > 744 Kbps Leased Line = 768 Kbps minimum.
Carrier Leased Line Network Carrier reserves BW from pool for our use. Ex) For a 384 Kbps connection, Cross-Connects assign 6 byte sized TDM time slots 8000 times/second = 6*8*8000 = 384 Kbps. Cross-Connect Trunks Leased Line Byte Aware
Internet Service Provider Backbone Router Trunks Leased Line ISP Routers assign BW for our use on Random, as needed basis via StatMux & Packet Switching. Packet Aware
LAN Internet Service Provider Network Corporate customers might attach via Edge Router & Leased Lines. Router Trunks Leased Line PC WS
Internet (Inside the Cloud) n Example Internet Router 100 Mbps Trunk ?? 1.54 Mbps Connections P(Access Line is Active) = 10% How many access lines can this switch support?