coordinated non intrusive capturing of flow paths
play

Coordinated Non-intrusive Capturing of Flow Paths Tanja Zseby - PowerPoint PPT Presentation

Mar 03, 2024 •224 likes •427 views

Coordinated Non-intrusive Capturing of Flow Paths Tanja Zseby Competence Center Network Research Fraunhofer FOKUS, Berlin, Germany January 2011 Motivation Traffic Observation Network operation (management, security,..)

  1. Coordinated Non-intrusive Capturing of Flow Paths Tanja Zseby Competence Center Network Research Fraunhofer FOKUS, Berlin, Germany January 2011

  2. Motivation • Traffic Observation – Network operation (management, security,..) – Information to users (quality, path) – Adaptive network algorithms • Answering questions – routes that are followed by my flows through the network – delays and losses that occurred between nodes – quality that was experienced by my traffic

  3. Coordinated Traffic Observation • H op-by-hop path and quality of packet delivery Quality Path • Coordinated network observation • Non-Intrusive measurement method

  4. Capturing the Path s A - sequence t A - arrival time Calculate Path, Delay,… c A – content (header+payload Packet ID Packet ID Generation Generation <s B , t B , c B > <s A , t A , c A > Correlation of events at different observation points Correlation of events at different observation points based on packet ID (from parts of packet content) based on packet ID (from parts of packet content)

  5. Challenge: Coordinated Data Selection Select same packet at different observation points Select same packet at different observation points <s B , t B , c 1 > <s B , t B , c 1 > <s A , t A , c 1 > Selection Processes: Filtering: f(c i )  parts on c remain  can select same packets  Sampling: f( s i ) or f(t i ,)  s, t change  cannot select same 

  6. Hash-based Selection [RFC5475] Goal: Select same packet at different observation points Goal: Select same packet at different observation points c 1 Packet Content: Hash-function Hash-value: [ ] [ ] f( c 1 )=1 f( c 1 )=0 Selection Decision: Duffield, Grossglauser: Trajectory Sampling, 2001 [RFC 5475] Zseby, Molina, Duffield, Niccolini, Raspall. Sampling and Filtering Techniques for IP Packet Selection, RFC 5475, Standards Track, March 2009.

  7. Challenges Goal: Emulate random selection • Problem1: Some content not suitable  Content Selection • Problem2: Predictability of selection decision  Detection Avoidance • Problem3: Deterministic operation  Biased Selection • Problem4: Variability of traffic  Sample size variation

  8. Suitable Content Criterion1: Invariant on the path X Criterion1: Invariant on the path  Theoretical IP Version IHL TOS Total Length Identification Flags Fragment Offset X X TTL Protocol Header Checksum Source Address Destination Address Options Padding TCP Source Port Destination Port Sequence Number Acknowledgement Number Offset Reserved Control Flags Window Checksum Urgent Pointer Options Padding Payload Higher Layer Data …

  9. Suitable Content Criterion2: Variable among packets  Theoretical and Empirical X X X IP Version IHL TOS Total Length X Identification Flags Fragment Offset X X TTL Protocol Header Checksum Source Address Destination Address Options Padding TCP Source Port Destination Port Sequence Number Acknowledgement Number Offset Reserved Control Flags Window Checksum Urgent Pointer Options Padding Payload Higher Layer Data …

  10. Coordinated Packet Selection • Problem1: Content selection (further challenges) – IPv6  different fields, few data available – Middlebox operations (e.g., NAT) • Problem2: Predictability of selection decision – [Goldberg&Rexford, 2007]: Crypto-strong PRF with secret key • Problem3: Bias – Traffic Dependent (!) • Problem4: Sample size variation – Adaptation to CPU load  but further investigations needed

  11. Adaptation of Parameters IPFIX Parameter (path, delay,…) adjustment Collector: Calculate Path, Delay,… IPFIX (id, timestamp, sample rate,..) ID generation Measurement ID generation Process Hash-based selection Hash-based selection timestamping timestamping

  12. Advantages • Non-intrusive – No test traffic, no side effects – Quality statement about real traffic  SLA validation • Controllable costs – Sampling parameter adjustment – Heterogeneous/federated environments • Privacy-preserving – Sampling and aggregation, no DPI • Standardized data export (IPFIX) – Comparability of results, re-usability of tools, traces – Reduction of errors from conversion steps 12 of 47

  13. Main Contributions • Investigations on suitable hash-functions – Statistical properties, performance [HeSZ08] • Sampling parameter adjustment – Adjust accuracy and resource consumption – Coordinate parameter settings in heterogeneous/federated environments • Contributions to Standardization • Deployment in experimental facilities • Open Source Packet Tracking Software HeSZ08] Henke, Schmoll, Zseby: Empirical Evaluation of Hash Functions for Multipoint November 2010 T. Zseby 13 of 47 Measurements, ACM Comput. Commun. Rev. CCR 38, 3, July 2008.

  14. Standardization is Crucial • Provide comparability of results – Allow comparison of results Imperial – Provide reference data or metric ??? • Reduce Costs – Common interfaces for analysis tools – Re-usage of archived data • Reduce errors – Avoid error-prone conversion steps – Gain experiences with only one format

  15. PlanetLab 1 0 1 1 nodes around the w orld 1 0 1 1 nodes around the w orld 3 5 countries 3 5 countries 4 7 6 sites ( universities, research labs) 4 7 6 sites ( universities, research labs) m ore than 1 0 0 0 researchers m ore than 1 0 0 0 researchers Picture from www.planet-lab.org

  16. PlanetLab Europe • PlanetLab Nodes in Europe – PLE Control in Paris (UPMC) – In cooperation with PlanetLab Central, Princeton – PLE users have access to whole PlanetLab – Profit from additional testbeds and new tools • Supported by the EU FIRE Project OneLab – Development of new tools for PLE users – Integration of new testbed types: wireless, autonomic, DTNs, etc. – Federation with other testbeds • http://www.planet-lab.eu/

  17. Demonstration

  18. Future Work • Deployment in Future Internet testbeds – Support for experimentere – OneLab, G-Lab, Federica, KOREN, ..) • Solutions for IPv6 – Different Header fields – Different traffic patterns  new recommendations for hash functions • New Applications – Support for Routing Security

  19. Contact: tanja.zseby@fokus.fraunhofer.de Thank you!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Review. Ford-Fulkerson algorithm for max-flow: repeatedly augment flow along paths in the

Review. Ford-Fulkerson algorithm for max-flow: repeatedly augment flow along paths in the

Review. Ford-Fulkerson algorithm for max-flow: repeatedly augment flow along paths in the residual graph If capacities are integers, F-F finds an integer valued flow Running time: O((m+n)OPT), where OPT is the value of the max flow

836 views • 30 slides
Review Network flow definitions CSE 421 Flow examples Augmenting Paths Algorithms

Review Network flow definitions CSE 421 Flow examples Augmenting Paths Algorithms

Review Network flow definitions CSE 421 Flow examples Augmenting Paths Algorithms g Residual Graph Richard Anderson Ford Fulkerson Algorithm Lecture 22 Cuts Network Flow Maxflow-MinCut Theorem Network Flow

860 views • 4 slides
Modeling Per-flow Throughput and Capturing Starvation in CSMA Multi-hop Wireless Networks

Modeling Per-flow Throughput and Capturing Starvation in CSMA Multi-hop Wireless Networks

Modeling Per-flow Throughput and Capturing Starvation in CSMA Multi-hop Wireless Networks Michele Garetto Theodoros Salonidis Edward W. Knightly Rice Networks Group http://www.ece.rice.edu/networks Modeling Per-flow Throughput and Capturing

697 views • 28 slides
Maximum Flow Applications Max flow extensions and applications. Disjoint paths and network

Maximum Flow Applications Max flow extensions and applications. Disjoint paths and network

Maximum Flow Applications Contents Maximum Flow Applications Max flow extensions and applications. Disjoint paths and network connectivity. Bipartite matchings. Circulations with upper and lower bounds. Census tabulation (matrix

492 views • 20 slides
1. Capturing Social Performance in the Value Flow Chart Stakeholders Viewpoints 1 2 3 4 5

1. Capturing Social Performance in the Value Flow Chart Stakeholders Viewpoints 1 2 3 4 5

1. Capturing Social Performance in the Value Flow Chart Stakeholders Viewpoints 1 2 3 4 5 Activities Inputs Outputs Outcomes Impact (process) Process of creating Improvements made to Direct or indirect The amount of

303 views • 3 slides
Unsplittable Flow Problem on Paths and Trees Closing the LP Relaxation Integrality Gap Adam

Unsplittable Flow Problem on Paths and Trees Closing the LP Relaxation Integrality Gap Adam

Unsplittable Flow Problem on Paths and Trees Closing the LP Relaxation Integrality Gap Adam Jozefiak, Yuchong Pan November 28, 2019 Adam Jozefiak, Yuchong Pan Unsplittable Flow Problem on Paths and Trees The Problem Given an undirected graph

386 views • 11 slides
&quot;Interesting&quot; Paths = Shortest Paths? &quot;Interesting&quot; Paths Shortest Paths!

&quot;Interesting&quot; Paths = Shortest Paths? &quot;Interesting&quot; Paths Shortest Paths!

WiSP : Weighted Shortest Paths for RDF graphs Gonzalo Tartari, Aidan Hogan DCC, Universidad de Chile &quot;Interesting&quot; Paths = Shortest Paths? &quot;Interesting&quot; Paths Shortest Paths! (Many of the) Existing Approaches Enumerate

783 views • 52 slides
EXPERIMENTAL EVALUATION OF HEAT TRANSFER MEASUREMENTS DURING LCM PROCESSES BY INTRUSIVE AND

EXPERIMENTAL EVALUATION OF HEAT TRANSFER MEASUREMENTS DURING LCM PROCESSES BY INTRUSIVE AND

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS EXPERIMENTAL EVALUATION OF HEAT TRANSFER MEASUREMENTS DURING LCM PROCESSES BY INTRUSIVE AND NON-INTRUSIVE HEAT FLUX SENSORS. U. Pineda 1 *, N. Monts 1 , F. Snchez 1 , L. Domenech 1 1

310 views • 6 slides
Counting authorised paths in constrained control-flow graphs Nikola K. Blanchard 1 , Siargey

Counting authorised paths in constrained control-flow graphs Nikola K. Blanchard 1 , Siargey

Counting authorised paths in constrained control-flow graphs Nikola K. Blanchard 1 , Siargey Kachanovich 2 1 Digitrust, Loria, Universit e de Lorraine 2 Inria Sophia-Antipolis 5th Bordeaux Graph Workshop October 29th, 2019 Why this question?

802 views • 22 slides
Plan Discrete paths as Heyting algebras Discrete paths as categories Discrete paths as quantales

Plan Discrete paths as Heyting algebras Discrete paths as categories Discrete paths as quantales

Discrete paths as Heyting algebras Discrete paths as categories Discrete paths as quantales Counting idempotents Conclusions Algebra and logic of discrete paths 1 Luigi Santocanale LIS (team LIRICA), Aix-Marseille Universit e, France S

1.31k views • 108 slides
Today Flow review Augmenting paths Ford-Fulkerson Algorithm Intro to cuts (reason: prove

Today Flow review Augmenting paths Ford-Fulkerson Algorithm Intro to cuts (reason: prove

Today Flow review Augmenting paths Ford-Fulkerson Algorithm Intro to cuts (reason: prove correctness) Flow Networks s = source, t = sink. c(e) = capacity of edge e Capacity condition: 0 f(e) c(e) Conservation condition: for v V

494 views • 28 slides
Week 11 - Monday What did we talk about last time? Euler paths Network flow Started

Week 11 - Monday What did we talk about last time? Euler paths Network flow Started

Week 11 - Monday What did we talk about last time? Euler paths Network flow Started B-trees Lab hours Wednesdays at 5 p.m. in The Point 113 Saturdays at noon in The Point 113 CS Club Tuesdays at 5 p.m. in The

496 views • 20 slides
Current Flight Paths Current Flight Paths Current approach and departure paths are all over

Current Flight Paths Current Flight Paths Current approach and departure paths are all over

Current Flight Paths Current Flight Paths Current approach and departure paths are all over water and avoid noise sensitive areas Flight paths are typically based on guidance from ground based navigational aids which result in linear

455 views • 13 slides
Chino Groundwater Basin Recharge Basin Lysimeters Conceptual Percolation Flow Paths

Chino Groundwater Basin Recharge Basin Lysimeters Conceptual Percolation Flow Paths

Chino Groundwater Basin Recharge Basin Lysimeters Conceptual Percolation Flow Paths Unsaturated Zone Monitoring Well Groundwater (Saturated Zone) Soil-Aquifer Treatment (SAT) The natural biodegradation process occurs during

262 views • 8 slides
Non-Intrusive Load Monitoring (NILM) Presentation to the EEAC May 25 th , 2016 What is NILM?

Non-Intrusive Load Monitoring (NILM) Presentation to the EEAC May 25 th , 2016 What is NILM?

Non-Intrusive Load Monitoring (NILM) Presentation to the EEAC May 25 th , 2016 What is NILM? NILMs = Non-Intrusive Load Monitoring Hardware coupled with software that disaggregates whole house load into individual end use loads using

560 views • 12 slides
Capturing data and use of GPS Capturing data GIS GPS Paper maps Coordinates Satellite images

Capturing data and use of GPS Capturing data GIS GPS Paper maps Coordinates Satellite images

Capturing data and use of GPS Capturing data GIS GPS Paper maps Coordinates Satellite images What is a GPS? Global Positioning System A network of satellites that continuosly transmit informations Making possible to identify locations How

579 views • 26 slides
Adaptive Controls for In-Line Checked Baggage Screening Systems (CBSS) Shalom Dolev and Cathal

Adaptive Controls for In-Line Checked Baggage Screening Systems (CBSS) Shalom Dolev and Cathal

Adaptive Controls for In-Line Checked Baggage Screening Systems (CBSS) Shalom Dolev and Cathal Flynn SecureLogic Corporation, New York, New York, USA Abstract The first principle of risk management is to reduce risk to the lowest affordable

195 views • 6 slides
Towards a Smart Data Transfer Node Zhengchun Liu, Rajkumar Kettimuthu, Ian Foster, Peter H.

Towards a Smart Data Transfer Node Zhengchun Liu, Rajkumar Kettimuthu, Ian Foster, Peter H.

The 4th Innovating the Network for Data Intensive Science (INDIS) workshop Towards a Smart Data Transfer Node Zhengchun Liu, Rajkumar Kettimuthu, Ian Foster, Peter H. Beckman Presented by: Zhengchun Liu November 12, 2017, Denver CO Motivation

1.06k views • 38 slides
Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization Robert

Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization Robert

Primitives for Active Internet Topology Mapping: Toward High-Frequency Characterization Robert Beverly, Arthur Berger , Geoffrey Xie Naval Postgraduate School MIT/Akamai November 2, 2010 ACM Internet Measurement Conference R. Beverly,

681 views • 26 slides
Ingress Point Spreading: A New Primitive for Adaptive Active Network Mapping Guillermo Baltra,

Ingress Point Spreading: A New Primitive for Adaptive Active Network Mapping Guillermo Baltra,

Ingress Point Spreading: A New Primitive for Adaptive Active Network Mapping Guillermo Baltra, Robert Beverly, Geoffrey G. Xie Naval Postgraduate School {gbaltra,rbeverly,xie}@nps.edu March 10, 2014 PAM 2014 G. Baltra et al. (NPS) Ingress

759 views • 29 slides
FTNCT-2019 at CDAC, Mohali (22 nd to 23 rd November) Date: 22 nd November Session Timing: 3:00 to

FTNCT-2019 at CDAC, Mohali (22 nd to 23 rd November) Date: 22 nd November Session Timing: 3:00 to

FTNCT-2019 at CDAC, Mohali (22 nd to 23 rd November) Date: 22 nd November Session Timing: 3:00 to 4:00 PM Session: Parallel Technical Session-1 Venue: Class Room No. 1 Session Chair: Dr. Vivek Kumar Sehgal, SS_CDAC-01 Paper ID Title Date

622 views • 5 slides
ITE San Francisco Bay Area Section Pre se nte d b y Randy Durre nb e rg e r F e b ruary 21,

ITE San Francisco Bay Area Section Pre se nte d b y Randy Durre nb e rg e r F e b ruary 21,

T he I -80 I nte g ra te d Co rrido r Mo b ility (I CM) Pro je c t ITE San Francisco Bay Area Section Pre se nte d b y Randy Durre nb e rg e r F e b ruary 21, 2013 IT E Sa n F ra nc isc o Ba y Are a Se c tio n F e b rua ry

328 views • 19 slides
Data Privacy, Mechanism Design and Learning Steven Wu University of Pennsylvania ITCS

Data Privacy, Mechanism Design and Learning Steven Wu University of Pennsylvania ITCS

Data Privacy, Mechanism Design and Learning Steven Wu University of Pennsylvania ITCS 2016 Graduating Bits Differential Privacy [DMNS06] Basic query release problem: release aggregate statistics on sensitive data (e.g. medical

213 views • 4 slides
Cyber and Electronic Warfare Division DSTO Partnerships Week 2015 Science and technology to

Cyber and Electronic Warfare Division DSTO Partnerships Week 2015 Science and technology to

UNCLASSIFIED CLASSIFICATION Cyber and Electronic Warfare Division DSTO Partnerships Week 2015 Science and technology to understand and counter the threat using electronic means Dr Jackie Craig Chief jackie.craig@dsto.defence.gov.au

708 views • 35 slides

More recommend