Monitoring network bias
This presentation is the property of its rightful owner.
Sponsored Links
1 / 11

Monitoring Network Bias PowerPoint PPT Presentation


  • 64 Views
  • Uploaded on
  • Presentation posted in: General

Monitoring Network Bias. A joint project with Prof. Aleksandar Kuzmanovic (Northwestern University) Supported by NSF CAREER Award No. 0746360. Gergely Bicz ók PhD Candidate [email protected] Outline. Motivation: network neutrality Internet Audit System design Implementation

Download Presentation

Monitoring Network Bias

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Monitoring network bias

Monitoring Network Bias

A joint project with Prof. Aleksandar Kuzmanovic (Northwestern University)

Supported by NSF CAREER Award No. 0746360

Gergely Biczók

PhD Candidate

[email protected]


Outline

Outline

  • Motivation: network neutrality

  • Internet Audit

  • System design

  • Implementation

  • Future work

| 2008-06-29 | FuturICT 2009


Net neutrality basics

Net neutrality: basics

  • “… a network free of restrictions on equipment, modes of communication allowed, on content, sites, and platforms and where communication is not unreasonably degraded by other communication streams …” – Wikipedia

  • Own definition: you get what you asked/paid for

    • not less (e.g. blocking some websites)

    • not more (e.g. ISP-embedded content to websites)

  • Debate in public, struggle in legislation, war in the Internet

  • Pro net neutrality: content providers (e.g., Google) and freedom activists

    • www.savetheinternet.com

  • Anti net neutrality: Internet Service Providers (with infrastructure, e.g., AT&T)

    • http://www.handsoff.org/blog/

| 2008-06-29 | FuturICT 2009


Net neutrality incentives and history

Net Neutrality: incentives and history

  • (Access) ISPs have incentives to violate NN

    • “Resource management” (Comcast)

    • Potential side deals with content providers (AT&T)

    • Larger profit through own proprietary services (blocking Skype in favor of own VoIP service)

  • 2005: FCC enforcing net neutrality involving Madison River Communications that blocked Vonage VoIP

  • 2006: China using Narus middleboxes to block Skype

  • 2007: Comcast actively poisoning BitTorrent uploads

  • 2008: YouTube outage, routing black hole caused by Pakistani ISP’s regulatory policy

  • 2009: BitTorrent portals are blocked around the world

  • 2005-: Rogers (Canada) blocks/shapes P2P, shapes all encrypted (!) traffic, forces users to its own SMTP servers, embed own content (!) into third-party webpages, …

    • http://ihaterogers.ca

| 2008-06-29 | FuturICT 2009


Internet audit

Internet Audit

  • Goal: not to take sides in the net neutrality debate, but rather to design a system capable of making the Internet more transparent

  • A distributed system to enable network accountability:

    • What happened, where did it happen, and who is responsible?

  • Challenges:

    • Non-repudiable identification of discriminating network elements

    • Detect unfair service favoring, e.g., content provider/ISP alliances

    • Explore a range of threat models

      • from open DoS attacks to using network policies in destructive ways

  • First step: monitoring biased network behavior

    • provide the users with information

  • | 2008-06-29 | FuturICT 2009


    Monitoring network bias1

    Monitoring network bias

    • An active measurement system which is

      • Distributed

      • Large-scale

      • For all end-users

      • Targeting access ISPs

    • Capable of

      • Detecting DPI, blocking, shaping, DNS hijacking, …

      • Locating the discriminatory network element

      • Finding out the subtype of biased behavior (e.g., shaping based on DPI vs. shaping)

    • Provides an online service for end-users

      • With feedback

    | 2008-06-29 | FuturICT 2009


    System overview

    System overview

    | 2008-06-29 | FuturICT 2009


    Measurement methodology

    Measurement methodology

    • Collect reported/possible means of discrimination applied by ISPs

    • Create active probes that likely trigger these mechanism

    • We mostly emulate application/protocols

      • e.g., BitTorrent-like traffic pattern without implementing a client

      • Minimal user action is required

    • Filtering

    • Shaping (HTTP, FTP, SSL, BitTorrent)

    • WWW bias (DNS hijacking, torrent portal blocking, …)

    • Locating middleboxes

      • By executing probes from multiple vantage points to the same end-host

      • Correlating results

      • Vantage point selection is critical (IP/geo, iPlane)

    | 2008-06-29 | FuturICT 2009


    Filtering details

    Filtering details

    • Port-based

      • Sending packets with random payload to well-defined ports

    • Signature-based

      • Deep Packet Inspection

      • List of byte signatures for applications/protocols

      • We derived a list based on

        • open-source DPI: ipp2p, l7-filter

        • protocol definitions

        • own packet traces

    • Flow-pattern based for P2P applications

      • Header inspection plus spatial correlation of flows

      • Random payload

      • Data exchange: Parallel TCP connections from the same IP to several others in a port range

      • Control: Parallel UDP connections from the same IP to different IPs to the same port

    • With the correct order of probes the subtype can be determined

    | 2008-06-29 | FuturICT 2009


    Implementation issues

    Implementation issues

    • PlanetLab is widely used

      • De facto standard test network

      • Lot of users, slice-based access, ~20 active slices on one node

      • Nodes go down at times

    • M-Lab: dedicated to network transparency research

      • Founded by: Open Technology Institute, Google, PlanetLab Consortium and researchers

      • Administered by PlanetLab

      • Limited number of users, ~1 slice per CPU core

      • Ideal for active probing

    • We are deploying our system to both platforms currently

    | 2008-06-29 | FuturICT 2009


    Future work

    Future work

    • Conduct a large-scale measurement campaign

    • Evaluate and draw the global map of biased network behavior

      More on the Internet Audit project at

      http://networks.cs.northwestern.edu/internet-audit/

      NetBias tool will be available at the M-Lab website soon

      http://www.measurementlab.net/

    Thank you for your attention!

    | 2008-06-29 | FuturICT 2009


  • Login