applications where we are in the course
play

Applications! Where we are in the Course Started from the bottom - PowerPoint PPT Presentation

Mar 07, 2024 •380 likes •806 views

Applications! Where we are in the Course Started from the bottom Now were here Application Transport Network Link Physical CSE 461 University of Washington 2 DNS Protocol Query and response messages Built on UDP messages,

  1. Applications!

  2. Where we are in the Course • Started from the bottom • Now we’re here Application Transport Network Link Physical CSE 461 University of Washington 2

  3. DNS Protocol • Query and response messages • Built on UDP messages, port 53 • ARQ for reliability; server is stateless ! • Messages linked by a 16-bit ID field Client Server Query ID=0x1234 Time ID=0x1234 Response

  4. Goal and Threat Model • Naming is a crucial Internet service • Binds host name to IP address • Wrong binding can be disastrous … 11.22.33.44 bank.com? 99.88.77.66 Internet Introduction to Computer Networks 4

  5. Goal and Threat Model (2) • Goal is to secure the DNS so that the returned binding is correct • Integrity/authenticity vs confidentiality • Attacker can tamper with messages on the network bank.com? 11.22.33.44 Network Introduction to Computer Networks 5

  6. DNS Spoofing • Hang on – how can attacker corrupt the DNS? • Can trick nameserver into caching the wrong binding • By using the DNS protocol itself • This is called DNS spoofing Introduction to Computer Networks 6

  7. DNS Spoofing (2) • To spoof, Trudy returns a fake DNS response that appears to be true • Fake response contains bad binding DNS query Nameserver Cache Client Nameserver False DNS reply Trudy

  8. DNS Spoofing (3) • Lots of questions! 1. How does Trudy know when the DNS query is sent and what it is for? 2. How can Trudy supply a fake DNS reply that appears to be real? 3. What happens when the real DNS reply shows up? • There are solutions to each issue … Introduction to Computer Networks 8

  9. DNS Spoofing (4) 1. How does Trudy know when the query is sent and what it is for? • Trudy can make the query herself! • Nameserver works for many clients • Trudy is just another client Introduction to Computer Networks 9

  10. DNS Spoofing (5) 2. How can Trudy supply a fake DNS reply that appears to be real? • A bit more difficult. DNS checks: • Reply is from authoritative nameserver (e.g., .com) • Reply ID that matches the request • Reply is for outstanding query • (Nothing about content though …) Introduction to Computer Networks 10

  11. DNS Spoofing (6) 2. How can Trudy supply a fake DNS reply that appears to be real? • Techniques: • Put IP of authoritative nameserver as the source IP address • ID is 16 bits (64K). Send many guesses! (Or if a counter, sample to predict.) • Send reply right after query • Good chance of succeeding! Introduction to Computer Networks 11

  12. DNS Spoofing (7) 3. What happens when real DNS reply shows up? • Likely not be a problem • There is no outstanding query after fake reply is accepted • So real reply will be discarded Introduction to Computer Networks 12

  13. DNSSEC (DNS Security Extensions) • Extends DNS with new record types • RRSIG for digital signatures of records • DNSKEY for public keys for validation • DS for public keys for delegation • First version in ‘97, revised by ’05 • Deployment requires software upgrade at both client and server • Root servers upgraded in 2010 • Followed by uptick in deployment Introduction to Computer Networks 13

  14. HTTP

  15. HTTP, (HyperText Transfer Protocol) • Basis for fetching Web pages request Network CSE 461 University of Washington 15

  16. Sir Tim Berners-Lee (1955 – ) • Inventor of the Web • Dominant Internet app since mid 90s • He now directs the W3C • Developed Web at CERN in ‘89 • Browser, server and first HTTP • Popularized via Mosaic (‘93), Netscape • First WWW conference in ’94 … Source: By Paul Clarke, CC-BY-2.0, via Wikimedia Commons CSE 461 University of Washington 16

  17. Web Context Page as a set of related HTTP transactions HTTP request HTTP response CSE 461 University of Washington 17

  18. Web Protocol Context • HTTP is a request/response protocol for fetching Web resources • Runs on TCP, typically port 80 • Part of browser/server app browser server request HTTP HTTP response TCP TCP IP IP 802.11 802.11

  19. Fetching a Web page with HTTP • Start with the page URL: http://en.wikipedia.org/wiki/Vegemite Protocol Server Page on server • Steps: • Resolve the server to IP address (DNS) • Set up TCP connection to the server • Send HTTP request for the page • (Await HTTP response for the page) • Execute/fetch embedded resources/render • Clean up any idle TCP connections CSE 461 University of Washington 19

  20. Static vs Dynamic Web pages • Static web page is a file contents, e.g., image • Dynamic web page is the result of program execution • Javascript on client, PHP on server, or both CSE 461 University of Washington 20

  21. HTTP Protocol • Originally a simple protocol, with many options added over time • Text-based commands, headers • Try it yourself: • As a “browser” fetching a URL • Run “telnet en.wikipedia.org 80” • Type “GET /wiki/Vegemite HTTP/1.0” to server followed by a blank line • Server will return HTTP response with the page contents (or other info) CSE 461 University of Washington 21

  22. HTTP Protocol (2) • Commands used in the request Method Description Fetch GET Read a Web page page HEAD Read a Web page's header Upload POST Append to a Web page data PUT Store a Web page Basically defunct DELETE Remove the Web page TRACE Echo the incoming request CONNECT Connect through a proxy OPTIONS Query options for a page

  23. HTTP Protocol (3) • Codes returned with the response Code Meaning Examples 1xx Information 100 = server agrees to handle client's request Yes! 200 = request succeeded; 204 = no content 2xx Success present 3xx Redirection 301 = page moved; 304 = cached page still valid 4xx Client error 403 = forbidden page; 404 = page not found 5xx Server error 500 = internal server error; 503 = try again later CSE 461 University of Washington 23

  24. Representational State Transfer (R (REST) • Moving HTTP beyond websites • An ideal for design of HTTP-based APIs • Called RESTful APIs • 5 Core Tenants: • Stateless (no state on server) • Cachable (individual urls can be cached) • Layered (no visibility under REST hood)

  25. Representational State Transfer (R (REST) • RESTful Interfaces use HTTP to provide a variety of other media (e.g., JSON) • For example, GET will always be safe and change nothing HTTP methods Uniform Resource Locator (URL) GET PUT POST DELETE Create a new entry in the Collection, such List the URIs and perhaps other collection. The new entry's URI Replace the entire collection as http://api.example.com/reso details of the collection's is assigned automatically and is Delete the entire collection. with another collection. urces/ members. usually returned by the operation. [17] Retrieve a representation of the Not generally used. Treat the Element, such addressed member of the Replace the addressed member addressed member as a Delete the addressed member as http://api.example.com/reso collection, expressed in an of the collection, or if it does collection in its own right of the collection. urces/item17 appropriate Internet media not exist, create it. and create a new entry within it. [17] type.

  26. Performance

  27. PLT (Page Load Time) • PLT is the key measure of web performance • From click until user sees page • Small increases in PLT decrease sales • PLT depends on many factors • Structure of page/content • HTTP (and TCP!) protocol • Network RTT and bandwidth CSE 461 University of Washington 27

  28. Early Performance Client Server • HTTP/1.0 uses one TCP connection to fetch one web resource • Made HTTP very easy to build • But gave fairly poor PLT … CSE 461 University of Washington 28

  29. Early Performance (2) • HTTP/1.0 used one TCP connection to fetch one web resource • Made HTTP very easy to build • But gave fairly poor PLT… CSE 461 University of Washington 29

  30. Early Performance (3) • Many reasons why PLT is larger than necessary • Sequential request/responses, even when to different servers • Multiple TCP connection setups to the same server • Multiple TCP slow-start phases • Network is not used effectively • Worse with many small resources / page CSE 461 University of Washington 30

  31. Ways to Decrease PLT 1. Reduce content size for transfer • Smaller images, gzip 2. Change HTTP to make better use of bandwidth 3. Change HTTP to avoid repeat sending of same content • Caching, and proxies 4. Move content closer to client • CDNs [later] CSE 461 University of Washington 31

  32. Parallel Connections • One simple way to reduce PLT • Browser runs multiple (8, say) HTTP instances in parallel • Server is unchanged; already handled concurrent requests for many clients • How does this help? • Single HTTP wasn’t using network much … • So parallel connections aren’t slowed much • Pulls in completion time of last fetch CSE 461 University of Washington 32

  33. Persistent Connections • Parallel connections compete with each other for network resources • 1 parallel client ≈ 8 sequential clients? • Exacerbates network bursts, and loss • Persistent connection alternative • Make 1 TCP connection to 1 server • Use it for multiple HTTP requests CSE 461 University of Washington 33

  34. Persistent Connections (2) Client Server Client Server Client Server Persistent +Pipelining CSE 461 University of Washington 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

OpenStack Workload Reference Architecture: Web Applications Web applications are the most

OpenStack Workload Reference Architecture: Web Applications Web applications are the most

OpenStack Workload Reference Architecture: Web Applications Web applications are the most prevalent Apache, MySQL, and PHP/Python/Perl and is applications in business today. They are driven considered by many as the platform of choice by user

106 views • 9 slides
Applications of AMS There is a rich field of applications for AMS due to the increased efficiency

Applications of AMS There is a rich field of applications for AMS due to the increased efficiency

Applications of AMS There is a rich field of applications for AMS due to the increased efficiency and accuracy of radiocarbon dating. It ranges from geology, hydrology, oceanology, climatology, and a wide range of environmental applications

338 views • 29 slides
New Directions for Web Applications Dave Raggett, Canon, TV Raman, IBM 1/11 Web Applications

New Directions for Web Applications Dave Raggett, Canon, TV Raman, IBM 1/11 Web Applications

Canon New Directions for Web Applications Dave Raggett, Canon, TV Raman, IBM 1/11 Web Applications Workshop, San Jose, June 2004 Canon Goals Break Web applications out of the browser! Freedom to build wider variety of applications

612 views • 18 slides
Multimedia Applications Multimedia Applications Srinidhi Varadarajan Multimedia Applications

Multimedia Applications Multimedia Applications Srinidhi Varadarajan Multimedia Applications

Multimedia Applications Multimedia Applications Srinidhi Varadarajan Multimedia Applications Multimedia Applications Multimedia requirements Streaming Phone over IP Recovering from Jitter and Loss RTP Diff-serv, Int-serv,

483 views • 27 slides
Network Applications Network Applications There are many network applications Network

Network Applications Network Applications There are many network applications Network

Network Applications Network Applications There are many network applications Network applications involve the cooperation Client Server Programming Client Server Programming of processes running on different hosts connected by a

323 views • 7 slides
Web applications are used extensively in many areas: We will rely on web applications more in

Web applications are used extensively in many areas: We will rely on web applications more in

Muath Alkhalaf 1 Shauvik Roy Choudhary 2 Mattia Fazzini 2 Tevfik Bultan 1 Alessandro Orso 2 Christopher Kruegel 1 1 UC Santa Barbara 2 Georgia Tech Web applications are used extensively in many areas: We will rely on web applications more in

872 views • 47 slides
Topic 10: Applications of Holography Aim: To review a range of applications of holography,

Topic 10: Applications of Holography Aim: To review a range of applications of holography,

E I H T Y T Modern Optics O H F G R E U D B I N Topic 10: Applications of Holography Aim: To review a range of applications of holography, including holo- graphic lenses and commercial holographic applications. Contents:

298 views • 14 slides
MY IPHONE APPLICATIONS - 2018 S U P P O R T I N G M E A N D O T H E R S W I T H A D H D

MY IPHONE APPLICATIONS - 2018 S U P P O R T I N G M E A N D O T H E R S W I T H A D H D

MY IPHONE APPLICATIONS - 2018 S U P P O R T I N G M E A N D O T H E R S W I T H A D H D TODAYS AGENDA Top 20 Applications on my Iphone Additional assorted applications you may find useful Format: Combination of screen

859 views • 56 slides
Applications of Immune System Computing Ricardo Hoar What kind of applications? l Computer

Applications of Immune System Computing Ricardo Hoar What kind of applications? l Computer

Applications of Immune System Computing Ricardo Hoar What kind of applications? l Computer Security l Pattern Recognition l Data Mining and Retrieval l Multi-Agent Systems l Design Optimization l Control Applications l Robotics l A

414 views • 28 slides
BFS/DFS Applications BFS and DFS applications Tyler Moore Shortest path between two nodes in a

BFS/DFS Applications BFS and DFS applications Tyler Moore Shortest path between two nodes in a

BFS/DFS Applications BFS and DFS applications Tyler Moore Shortest path between two nodes in a graph CSE 3353, SMU, Dallas, TX Topological sorting Lecture 7 Finding connected components Some slides created by or adapted from Dr. Kevin Wayne.

366 views • 7 slides
New Applications for Graphene Electronics New Applications for Graphene Electronics Han Wang,

New Applications for Graphene Electronics New Applications for Graphene Electronics Han Wang,

New Applications for Graphene Electronics New Applications for Graphene Electronics Han Wang, Daniel Nezich, Jing Kong and Tomas Palacios Department of Electrical Engineering and Computer Science Massachusetts Institute of Technology

421 views • 10 slides
Chapter 2: outline 2.5 P2P applications 2.1 principles of network applications 2.6 video

Chapter 2: outline 2.5 P2P applications 2.1 principles of network applications 2.6 video

Chapter 2: outline 2.5 P2P applications 2.1 principles of network applications 2.6 video streaming and content distribution 2.2 Web and HTTP networks 2.3 electronic mail 2.7 socket programming SMTP, POP3, IMAP with UDP and TCP 2.4 DNS

648 views • 53 slides
Applets and Applications Developing Applets and Applications Application run by user,

Applets and Applications Developing Applets and Applications Application run by user,

Applets and Applications Developing Applets and Applications Application run by user, double-clickable/command-line Create a JPanel with the guts of the GUI/logic No restrictions on access, reads files, URLS, What will be in the

256 views • 6 slides
New Real-time Applications PhD Peter Idestam-Almquist Starcounter AB New real time applications

New Real-time Applications PhD Peter Idestam-Almquist Starcounter AB New real time applications

NewSQL Database for New Real-time Applications PhD Peter Idestam-Almquist Starcounter AB New real time applications Millions of simultaneous online users. High degree of concurrency. Interactive applications (95% reads; 5% writes). 2

700 views • 38 slides
Com paring W eb Applications w ith Desktop Applications: An Em pirical Study Paul Pop

Com paring W eb Applications w ith Desktop Applications: An Em pirical Study Paul Pop

Com paring W eb Applications w ith Desktop Applications: An Em pirical Study Paul Pop paupo@ida.liu.se Department of Computer and Information Science Linkping University Sweden 1 of 13 May 26, 20 0 0 Motivation and Objective Draw

519 views • 13 slides
Maximum Flow Applications Max flow extensions and applications. Disjoint paths and network

Maximum Flow Applications Max flow extensions and applications. Disjoint paths and network

Maximum Flow Applications Contents Maximum Flow Applications Max flow extensions and applications. Disjoint paths and network connectivity. Bipartite matchings. Circulations with upper and lower bounds. Census tabulation (matrix

492 views • 20 slides
NetFlow Ne t wor k M a na g e me nt W or k s h op APRI COT 2010 Kua l a Lumpur Contents

NetFlow Ne t wor k M a na g e me nt W or k s h op APRI COT 2010 Kua l a Lumpur Contents

NetFlow Ne t wor k M a na g e me nt W or k s h op APRI COT 2010 Kua l a Lumpur Contents Netflow What it is and how it works Uses and Applications Vendor Configurations/Implementation Cisco and Juniper NetFlow tools

1.24k views • 62 slides
CSN08101 Digital Forensics Lecture 1B: Essential Linux and Caine Lecture 1B: Essential Linux

CSN08101 Digital Forensics Lecture 1B: Essential Linux and Caine Lecture 1B: Essential Linux

CSN08101 Digital Forensics Lecture 1B: Essential Linux and Caine Lecture 1B: Essential Linux and Caine Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak Essential Linux and Caine You will learn in this lecture: Essential

1.05k views • 29 slides
Bespin Mozilla Labs Web Editor https://bespin.mozillalabs.com Joe Walker twitter.com/joewalker

Bespin Mozilla Labs Web Editor https://bespin.mozillalabs.com Joe Walker twitter.com/joewalker

Bespin Mozilla Labs Web Editor https://bespin.mozillalabs.com Joe Walker twitter.com/joewalker Friday, 12 March 2010 Friday, 12 March 2010 Friday, 12 March 2010 Why? Features Architecture Editor Command Line Sharing Friday, 12 March

1.08k views • 73 slides
Virgo by Example Florian Waibel, Markus Knauer Survey Who has used Virgo ? RFC 6455 The

Virgo by Example Florian Waibel, Markus Knauer Survey Who has used Virgo ? RFC 6455 The

Virgo by Example Florian Waibel, Markus Knauer Survey Who has used Virgo ? RFC 6455 The WebSocket Protocol WebSockets ? Docker ? Gradle ? git ? Who we are Florian Markus Roadmap 1. Setup Workspace - Intro to

1.11k views • 84 slides
Introduction 1989: REAL network simulator Ns Tutorial 2002 1995: DARPA VINT project at

Introduction 1989: REAL network simulator Ns Tutorial 2002 1995: DARPA VINT project at

Introduction 1989: REAL network simulator Ns Tutorial 2002 1995: DARPA VINT project at LBL, Xerox PARC, UCB, and USC/ISI Present: DARPA SAMAN project and Padmaparna Haldar (haldar@isi.edu) NSF CONSER project Xuan Chen

584 views • 9 slides
SAFE is a clean-slate effort to build a highly secure computer system, via simultaneous

SAFE is a clean-slate effort to build a highly secure computer system, via simultaneous

SAFE is a clean-slate effort to build a highly secure computer system, via simultaneous co-design of a new computer architecture, systems software, application software, and programming languages. The SAFE architecture has several

720 views • 61 slides
The Tempest (Proprioception & Painting) Andre Ru, Sahil Narula, Sneha Desai, Sumeet Ranka

The Tempest (Proprioception & Painting) Andre Ru, Sahil Narula, Sneha Desai, Sumeet Ranka

The Tempest (Proprioception & Painting) Andre Ru, Sahil Narula, Sneha Desai, Sumeet Ranka December 13, 2018 Overview Proprioception Topics Painting Experiment The Tempest Overview Theatrical presentation leveraging

363 views • 21 slides
The Tempest Lesson 4 Learning Objective How does Shakespeare present the relationship between

The Tempest Lesson 4 Learning Objective How does Shakespeare present the relationship between

The Tempest Lesson 4 Learning Objective How does Shakespeare present the relationship between Miranda and Prospero? Act 1 Scene 2 - Discussion Highlight words and phrases in Miranda s speech that show the power of the storm. Copy words

401 views • 6 slides

More recommend