Presentation is loading. Please wait.

Presentation is loading. Please wait.

DipZoom: A Marketplace for Internet Measurements Michael Rabinovich, Sipat Tiukose, Limin Wang EECS Department Case Western Reserve University.

Published byAmelia Coffey Modified over 10 years ago

Similar presentations

Presentation on theme: "DipZoom: A Marketplace for Internet Measurements Michael Rabinovich, Sipat Tiukose, Limin Wang EECS Department Case Western Reserve University."— Presentation transcript:

1 DipZoom: A Marketplace for Internet Measurements Michael Rabinovich, Sipat Tiukose, Limin Wang EECS Department Case Western Reserve University

2 Internet Measurements A-priori measurement platforms (e.g. IDMaps) - Great for large-scale characterrizations On-demand measurements (Keynote, Scriptroute/PlanetLab, traceroute servers) –Hard to deploy sufficient platform to serve unpredictable needs –Vulnerable to being gamed –Limited choice of measurements

3 Needs Focused on-demand measurements Infrastructure that scale with Internet –Measuring host (MH) location –MH type (platform, connectivity) –Measurement type and regime

4 Example 1: Choosing a CDN CDN measurements –Chinese readership –With/without persistent connections –Repeat/new users Keynote limitations –Only one location in China –Not all measurements offered –Losing CDN cries foul

5 Example 2: Latency Measurements Measuring latency between a laptop connected through VZACCESS BroadbandAccess and a Linux PC on Case network RTT measured by average of 2000 pings: 280 msec King Measurements

6 Our Approach Coax Internet users to become measurement providers Deploy a matchmaking service instead of measurement infrastructure Use market approach with real money as the means to control the system

7 DipZoom: Deep Internet Performance Zoom Anyone can offer measurements Anyone can request measurements Anyone can offer measuring software Participants are free to set their prices, compete for requests, bit and solicit bids, etc. Facilitates open echosystem, ebay for Internet measurements

8 Some Questions Will anyone want to become a provider? –Seti@home, upromise.com, gomez.com suggest yes. Will anyone pay for the measurements? –Keynote and Gomez suggest yes

9 Related Work Gomez.com –Closed system DIMES, Traceroute@home –No incentives –Users participate in a particular measurement Band-X –Marketplace for network capacity

10 Pros and Cons of Real Money (-) Raises the bar for security (+) Provides incentive for providers (+) Encourages innovation and measurement diversity (+) Addresses the frivolous usage problem (+) Helps prevent some DoS attacks

11 System Overview UDDI/WSDL/SOAP SSL IOTP

12 Issues Security and trust Traversing firewalls and NATs

13 Security Issues Induced DoS attacks against measurment target Open ports on measuring hosts High-level DoS attack against measuring host Measurement side-effects

14 Trust Payment trust –Trusted core helps –Replay-based cheating Measurement trust –Fake MH registrations –MH impersonation –Fake measurements

15 Core Needs Integrity of measuring software Globally unique ID of measuring host (MHID) Duplicate detection + request/response matching Measurement rate limiting Building blocks of a solution: –Unique embedded secret –GUID or MAC address or hostID –Nonces –Ranking and calibration

16 DipZoom Request Credential DipZoom core returns an encrypted credential with response to requesters query Requester includes the credential with request Measuring host –Decrypts nonce –Modifies it using a well known operation (nonce + 1) –Return encrypted nonce with response –Caches nonces for early duplicate detection Nonce/modified nonce addresses request replay and response replay, and third-party response replay attacks MHID addresses the random nonce attack

17 Ranking and Calibration Security measures raise the bar but do not guarantee protection from malicious MH. If cant protect - detect and blacklist! –Deploy calibrating measurement targets –Purchase measurements from suspect MHs –Compare responses with passive measurements by calibrating hosts Can calibrating hosts be gamed? –Keynote advertises its measuring hosts location –Calibrating hosts are secret –The risk of blacklisting deters data mining

18 Summary Growing Internet diversity (devices, links, applications) entails growing needs for focused measurements Proprietary platforms are insufficient DipZoom: a facilitator instead of infrastructure –Open system (pricing, measurements, participants) –Market approach to system control –Based on P2P principles Many challenges ahead

Download ppt "DipZoom: A Marketplace for Internet Measurements Michael Rabinovich, Sipat Tiukose, Limin Wang EECS Department Case Western Reserve University."

Similar presentations

www.dynamicsoft.com U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP 2000-05-10-00 SIP Security Jonathan Rosenberg Chief Scientist.

U N L E A S H I N G A S E R V I C E S R E N A I S S A N C E SIP SIP Security Jonathan Rosenberg Chief Scientist.
Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.

1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
H t t p : / / w w w. e e c s. c a s e. e d u / DipZoom A Marketplace for Internet Measurements Faculty: Michael Rabinovich Students: Sipat Tiukose, Zhihua.

H t t p : / / w w w. e e c s. c a s e. e d u / DipZoom A Marketplace for Internet Measurements Faculty: Michael Rabinovich Students: Sipat Tiukose, Zhihua.
DipZoom: A Marketplace for Internet Measurements Michael Rabinovich, Sipat Tiukose, Zhihua Wen Limin Wang EECS Department Case Western Reserve University.

DipZoom: A Marketplace for Internet Measurements Michael Rabinovich, Sipat Tiukose, Zhihua Wen Limin Wang EECS Department Case Western Reserve University.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

Similar presentations

Ads by Google