Internet Connection with Wireless Sensor Networks - PowerPoint PPT Presentation

internet connection with wireless sensor networks l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Internet Connection with Wireless Sensor Networks PowerPoint Presentation
Download Presentation
Internet Connection with Wireless Sensor Networks

play fullscreen
1 / 68
Internet Connection with Wireless Sensor Networks
297 Views
Download Presentation
liam
Download Presentation

Internet Connection with Wireless Sensor Networks

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Internet Connection with Wireless Sensor Networks Lixia Zhang The Croucher Foundation Advanced Study Institute Wireless Sensor Networks December 6, 2006

  2. Disclaimer • Personal view • Sharing my own experience from 25 years with TCP/IP development • PHTYMH Potentially harmful to your mental health ASI

  3. Waves of research efforts • A new direction is proposed • Center of research gravity shifted • Many efforts devoted to the new topic • And . . . • Are we pushing the frontier of science, engineering, or technology? ASI

  4. Why talking the connection between Internet and sensor networking ? • Understand what we have learned • How our past result may guide our future effort ASI

  5. What is the "connection" ? Between the Internet and wireless sensor networks? • Sensors will be connected to the Internet! ASI

  6. But the most important connection The similarities between the two • Sensor networks: a new technology emerging on the horizon today • That's where the Internet was 30 years ago • Today's Internet: a global scale communication infrastructure • Sensor networking: Expected to succeed as the Internet has • and growing into large-scale deployment ASI

  7. Why multi-scale distributed sensor-networking will transform ecology Radioastronomy Computing Field ecology Supercomputers Single Telescopes Individual observations … because it has done so over and over again Very Large Array Internet NEON D. Estrin, keyntote@3rd IMUA Conf

  8. The second similarity • Both are man-built artifacts • A fundamental question: Have we mastered the principles for designing successful large-scale distributed systems? • Where to find these principles? ASI

  9. Here's what a famous scientist had to say • "The principle of science, the definition, almost, is the following: the test of all knowledge is experiment. Experiment is the sole judge of scientific 'truth'. " ASI

  10. "But what is the source of knowledge? Where do the laws that are to be tested come from? • Experiment, itself, helps to produce these laws, in the sense that it gives us hints." ASI

  11. The best way to find/learn the design principles • Is to build a sensor network • then one can learn from the successes, and more importantly from the lessons • We do not have to start from a blank sheet of paper • The Internet: real-world example of the largest system human ever built • Learn from a critical examination of the successes and lessons of the Internet ASI

  12. Programs H/W-/W Platforms /Publications LWIM Paper (ACM ISLPED) DARPA DSN Under-sea Networks Ubiquitous Computing Distributed Tracking Robotic Ecology (DARPA ISAT 1999) DARPA LWIM LWIM-III (UCLA) SmartDust, Diffusion (MobiCom 1999) DARPA AWAIRS TinyOS (OSDI 2000) WINS(UCLA/ROckwell) Embedded Everywhere (NRC Report 2001) DARPA SensIT MICA(Berkeley) ACM SenSys and ACM/IEEE IPSN DARPA PACC MICA2(Berkeley/Crossbow) NSF CENS STC ACM TOSN DARPA NEST NSF CASA ERC HelioMote Telos NSF NeTS-NOSS Cyclops NSF Cyber Physical Systems? Illumimote LEAP A Walk Through History 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 D. Estrin, keyntote@3rd IMUA Conf

  13. Brief History of the Internet • 1968 - DARPA (Defense Advanced Research Projects Agency) contracts with BBN (Bolt, Beranek & Newman) to create ARPAnet • 1970 - First five nodes: • UCLA • Stanford • UC Santa Barbara • U of Utah, and • BBN • 1974 - TCP specification by Vint Cerf • 1984 – On January 1, the Internet with its 1000 hosts converts en masse to using TCP/IP for its messaging from William F. Slater, III Chicago Chapter of the Internet Society ASI

  14. aren't there big enough differences Between Internet and sensor networking • That would make the Internet experience irrelevant? e.g. • Wireless bandwidth is intrinsically limited • But see the progress in WiFi speed over the last few years • "a fundamental challenge in wireless sensors is the energy problem" ASI

  15. ASI

  16. The fundamental challenge • Lies on discovering the principles for large scale systems • Technologies can, and will, be moving forward to meet whatever the market needs ASI

  17. Network Design in Practice • The initial packet switchted network design and validation were done while the system was small • Focus: solving the functional problems to get the system up and running • TCP/IP: delivering packets across networks made of different networking technologies • Early experiments necessarily done in a small setting that can be understood and controlled • ARPAnet started with a few nodes, then grew to dozens of nodes. ASI

  18. Scalability Consideration during the design phase: • Designs explicitly assumes that the network would grow large • Larger number of nodes getting connected • Larger number of route table entries; • Larger volume of data traffic • More types of new applications • And with different performance requirements ASI

  19. Internet scaling up • A success design in enabling growth to large-scale. • The Internet now faces new challenges resulted from its growth • Many new (unforeseen) problems popped up from practice • Many open challenges • Take a look at a real large scale distributed network ASI

  20. The Internet as a Large System • Expected impact of larger size • More users • Larger traffic volume • Bigger routing tables • Wider range of heterogeneity in networking technology the Internet has grown both in size and in importance ASI

  21. 1. Growing Large Includes:Changes in User Community • Small-scale: a close-nit, friendly research community • Large-scale open system: facing brutal real world • Expected user population growth • Unexpected changes in types of users: diverse interest • Millions of users contribute and gain from the Internet • Spammers, phishing, DDoS ASI

  22. Dangerous Financial Phish Phishing ASI

  23. DDoS Example: ASI

  24. could sensors possibly be abused? • In day-1 of Internet, no one thought it could possibly be abused either • What bad things can be done to sensor networking? • Military applications? • Terrorists? • Bottom line: When sensor networks start providing valuable services to some people, there will be some others who have a different interest ASI

  25. Small, knowledgeable, close-knit research community 2. Growing Large Includes:Changes in Operational Community • Small-scale: knowledgeable operators committed to growth and promotion of system • Collaboration toward the common goal. • Large-scale: diverse operators with competing agendas • Highly diverse levels of expertise • Competition instead of collaboration  Large operator community with different degrees of expertise ASI

  26. Operational Errors: an example • Operational errors have been the cause of most major outages so far • One common configuration error: route leak-out Global Internet regional ISP ASI

  27. A few route leak-out cases • Apr. 25, 1997 At 11:30 am EST, a router in AS7007 accidentally advertised to its peers 73,000+ routes. A large number of networks became unreachable as a result. This incident was partly aggravated by some BGP implementations’ inability to remove the false routes; even after AS7007 disconnected their router, the false routes still persisted for at least seven hours • Apr. 7, 1998 AS8584 announced over 11,000 prefixes belonging to other networks …… • Apr. 7, 1999 AS7374 leaked many routes via the Internet exchange point CIX (AS1280). It appears to be announcing routes for most of the Internet ... • Apr. 6, 2001 Cable and Wireless (AS3561) had a configuration error that caused it to propagate route announcements from a downstream customer AS15412…. • ........ • December 2004 AS9121 announced routes to almost all the Internet destinations, successfully hijacked a large number of prefixes hosted by tier-1 ISPs such as ATT and UUNET ASI

  28. Persistent existence "Understanding BGP Misconfiguration", SIGCOMM 2002 ASI

  29. foo.com. NS ns1.foo.com. foo.com. NS ns2.foo.com. foo.com. NS ns3.foo.com. ns1.foo.com. A 1.1.1.1 ns2.foo.com. A 2.2.2.2 ns3.foo.com. A 3.3.3.3 foo.com. NS ns1.foo.com. foo.com. NS ns2.foo.com. foo.com. NS ns3.foo.com. ns1.foo.com. A 1.1.1.1 ns2.foo.com. A 2.2.2.2 ns3.foo.com. A 3.3.3.3 Another example: DNS misconfiguration DNS stores all data in Resource Records (RR) • NS Resource Record: • Provides the names of a zone’s authoritative servers • Stored both at the parent and at the child zone com • A Resource Record • Associated with a NS resource record • Stored at the parent zone (glue A record) foo.com ASI

  30. Common config. error: Lame Delegation foo.com. NS A.foo.com. foo.com. NS B.foo.com. A.foo.com. A 1.1.1.1 B.foo.com. A 2.2.2.2 com 1) Non-existing server foo 2) Non-authoritative 3) Useless referral A.foo.com B.foo.com ASI

  31. Lame Delegation: how bad is it? ASI

  32. Internet Microsoft DNS servers Major incidents due to config. errors “Microsoft's websites were offline for up to 23 hours -- the most dramatic snafu to date on the Internet --because of an equipment misconfiguration” -- Wired News, Jan 2001 ASI

  33. 3. Growing Large Includes: unforeseen protocol impl. consequence • We are not talking about implementation bugs here • Though it is a serious problem • i.e. all the viruses/worms resulted from exploitation of bugs (in either OS or applications) • The problem: protocol implementors do not understand the consequence of specific protocol implementation decisions ASI

  34. Benign implementation  security threat • In spring'03 U. Wisc experienced sudden increase in incoming traffic: potential DDoS? • Notified the ISP and blocked the attack traffic • The traffic did not stopped ASI

  35. The culprit ASI

  36. What happened? • Several popular Netgear products "relied on a separate NTP-based time source to set the current date and time, as it did not have an internal battery and clock. The product is hard-coded with specific NTP time sources that are accessible through the public Internet." • "The Candidate Firewall Product met all the criteria elements in the Baseline and Residential modules and therefore has attained ICSA Labs Firewall Certification." These home routers: send 1 NTP query per second! ASI

  37. ISP 4. Growing Large Includes: unforeseen protocol design consequence • In designing a protocol: exactly what information should/not be carried in the protocol message? • One common view: the more the better • One design case: BGP aggregator attribute 1.2.3.0/24 Aggr=R1 R3 R1 1.2.3.0/25 R2 1.2.3.128/25 ASI

  38. AS Path= <568>,AG=R1 AS Path= <209, 268>, R1 AS Path= <568>,AG=R2 AS Path= <209,568>, R2 subtle design issues show up at worst time • R1 and R2 connect to the upstream ISP. • AS X: local decision to prefer R1 or R2 as entry point. • AGG value differs depending on choice of R1 or R2. • During a worm attack: wild route fluctuationglobal flood of updates AS209 R1 R2 We are here Local instability  global overhead ASI

  39. 5. Growing Large Includes: unforeseen component behaviors • Routing protocols are designed with quick reactions to all topological changes • Unforeseen: started seeing small number of unstable edge networks • Inevitable in large scale • Global impact C Internet D A B X Y E ASI

  40. Let's fix it: BGP Damping Design • Use penalty to track route instability • Increase upon receiving an update • Otherwise decay exponentially • Suppress the route if penalty is over the cutoff threshold • Reuse when the penalty drops below the reuse threshold ASI

  41. Expected BGP Damping Behavior C Internet D damped … A B X Y E C Internet D  A B X Y E ASI

  42. "Route Flap Damping Exacerbates Internet Routing Convergence" • "We analyze a previously not well-studied interaction between BGP's route withdrawal process and its route flap damping mechanism for ensuring the overall stability of the Internet routing system. • "This interaction can, depending upon the topology, suppress up to one hour the propagation of a route that has been withdrawn once and re-announced." ASI

  43. C Internet D A  BA XBA A B another flap! X Y E 6. Growing Large Includes: unforeseen dynamics in large scale C Internet XCBA D XDBA W XEBA W XDCBA … W A B damped! X Y E ASI

  44. Secondary Charge Path exploration Secondary charging ASI

  45. 7. Growing Large Includes:Growth in value and importance! • Value and importance of the Internet attract malicious attacks • There exists an underground economy that is driving all the bad traffic in the Internet today • Using our network, our technology to attack us • This was not expected • Thus the original Internet protocol design and implementation were vulnerable in face of these attacks ASI

  46. www.google.com ? Answer: www.google.com A 4.4.4.10 Authority: google.com NS ns.google.com Additional: ns.google.com A 4.4.4.1 www.google.com = 4.4.4.10 8. Growing Large Includes:Trust Exploited By Attackers Original DNS design: information piggybacking  performance improvement Google DNS server UCLA Caching Server Query www.google.com UCLA Laptop ASI

  47. www.google.com = 128.9.128.127 Query www.google.com DNS cache poisoning byattracting servers to bad place Response www.attacker.com A 128.9.128.127 attacker.com NS ns.attacker.com attacker.com NS www.google.com ns.attacker.com A 128.9.128.2 www.google.com A 128.9.128.127 UCLA Caching Server attacker.com DNS server Query www.attacker.com UCLA Laptop Remote attacker ASI

  48. www.google.com ? answer Answer: www.google.com A 128.9.128.127 Authority: google.com NS ns.google.com Additional: ns.google.com A 128.9.128.2 www.google.com = 128.9.128.127 www.google.com? Query www.google.com DNS cache poisoning by Exploiting weakness in protocol design google.com NS ns.google.com ns.google.com A 4.4.4.1 128.9.128.2 www.google.com A 128.9.128.127 Google DNS server UCLA Caching Server UCLA Laptop ASI

  49. Putting the Problems in Context • The above is only a small sample set of observed problems due to growing large • The original protocol design/implementation enabled Internet growth to large scale, but are not well suited to maintain it at large scale ASI