slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
OUTDOOR THROUGHPUT PowerPoint Presentation
Download Presentation
OUTDOOR THROUGHPUT

Loading in 2 Seconds...

play fullscreen
1 / 1

OUTDOOR THROUGHPUT - PowerPoint PPT Presentation


  • 109 Views
  • Uploaded on

STATUS QUO: WIMAX PARAMETERS AND MAC-LEVEL DoS ATTACKS. GEC 14, Boston MA July 9 th -11 th , 2012. Katherine Cameron and Richard R Brooks Clemson University. ABSTRACT. PREVIOUS WORK.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'OUTDOOR THROUGHPUT' - parley


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

STATUS QUO: WIMAX PARAMETERS AND

MAC-LEVEL DoS ATTACKS

GEC 14,

Boston MA

July 9th-11th, 2012

Katherine Cameron and Richard R Brooks

Clemson University

ABSTRACT

PREVIOUS WORK

WiMAX networks are vulnerable to Denial of Service (DoS) attacks. Our work considers a new type of DoS attack that exploits WiMAX system parameters. The behavior of the WiMAX MAC level protocol is sensitive to such parameters. Analyzing parameters of the Bandwidth Contention Resolution (BCR) process of WiMAX, we will determine which have significant effect on client throughput. Experiments have been simulated using the ns-2 simulator and hardware experiments are currently being conducted on GENI WiMAX testbeds. Analysis of Variance (ANOVA) techniques are applied on throughput and packet-loss measurements to identify which parameters and combinations affect WiMAX vulnerability to DoS attacks. The primary goals of our research include:

• Compare effects of setting different values for a single parameter,

• Learn which parameter(s) are dominant, compare the effect of important parameter interactions,

• Provide recommendations on best settings for system parameters,

• And analyze difference between software and hardware

simulations and determine the accuracy of the ns-2 simulator.

  • Software simulations analyzed a low, medium, and high setting for, frame duration, request_retries, and backoff_start, for a set of attacker SS’s and client SS’s. A total of 100 nodes were used and 3 ratios of attacker to client nodes were considered. In each experiment all SS’s used a constant-bit rate generator to send traffic for 120 s to a sink node. All parameter combinations were ran and ANOVA analysis of throughput and packet-loss measurements indicate that attacker settings have effect on user throughput, but are minimal in comparison to the following user SS’s settings:
      • Frame duration explains about 21% of the variability, while request_retries accounts for another 31%,
      • And the most significant 2nd order effect is the interaction of frame duration and request_retries, which accounts for an additional 18%.
  • Initial hardware experiments that included 56 trials analyzed the effect of a low, medium, and high setting for backoff_start and backoff_end on an indoor and outdoor WiMAX environment. Figure 1 summarizes ANOVA results of these experiments.

EXPERIMENT DESIGN

Hardware simulations analyze the influence of two parameters on DoS attacks for client and attacker nodes. Both the indoor and outdoor WiMAX testbeds of Rutgers University’s ORBIT facility are used for experiments. All hardware experiments consist of 1 base station (BS), 8 WiMAX subscriber stations (SS’s) and 1 sink node. SS’s send UDP traffic for 120 s to the sink node and measurements are collected using ORBIT’s Measurement Library. Our work follows factorial experiment design for data collection and ANOVA is used for analysis. Some changes of the parameters were required between software and hardware simulation due to the WiMAX equipment used. Frame duration is fixed at 5 ms for WiMAX equipment and request_retries is no longer considered. The parameter backoff_end is used as a replacement for request_retries due to the role it plays in determining when data packets are dropped during BCR process which is similar to request_retries.

INDOOR THROUGHPUT

OUTDOOR THROUGHPUT

FIG. 1: INDOOR AND OUTDOOR HARDWARE RESULTS

  • It is important to note the difference between the indoor and outdoor environments and also:
    • Individual parameters do not have significant affect on throughput, but interaction of parameters are significant in indoor environment. (FO>For PROB> FO < 0.5),
    • And 2nd-order interaction of backoff_start and backoff_end accounts for 10% of variance in outdoor and 42% in indoor.

FILE SYSTEM (/)

LINUX FILESYSTEM

WIMAX SOURCE CODE

HOME

ETC

ROOT

BOOT

LIB

  • We are determining which source files of the wimax-1.5.1 package for IntelCentrinoAdvanced + Wireless 6250handle system parameters and pass info to the firmware. Figure 3 displays wimax-1.5.1 file hierarchy. The following files may handle these duties:
    • Infrastack/OSAgnostic/WiMax/Agents/NDnS/L4_db/
      • NDnSAgent_DB_Common.c, NDnSAgent_DB_Update.c
    • Infrastack/OSDependent/Linux/L4Generated/
      • L4BufMan_L3L4DmStructs.c
    • Infrastack/OSAgnostic/WiMax/Wrappers/Miscellaneous/
      • wmxSDK_Msc_Impl.c
    • Infrastack/OSAgnostic/Common/CommonServices/
      • L4ConfigurationManager.c
  • Some of the parameters we are investigating are:
    • SubscriptionParams_t
    • nwParams_t
    • wmx_ConnectParams
    • qosParams

BIN

SBIN

NET

MNT

DEV

  • Within the Linux file system is various WiMAX related files. Some our configuration files, other log files, but we are attempting to find out if the system parameters of BCR are stored somewhere within the file system. The Linux file system is displayed as a tree in Figure 2. The promising parent directories include:
    • /proc - interface to kernel data structures
    • /var - system writes to files within during operation
    • /sys - exports kernel device info to user space
    • /usr - secondary hierarchy for user data
  • Each of these directories stores information related to WiMAX and network devices. Scripts are being used to write the contents of files from these directories to a text file that is later compared for different system parameters. Hopefully, we will find a specific file that changes to reflect system parameter changes. Controlling the system parameters could be accomplished by overwriting this specific file.

USR

PROC

VAR

SYS

SYS

SHARE

MODULE

LOG

PID

I2400-RX

PID

I2400

I2400m

usb

WiMAX

WiMAX

PID

i2400-TX

i2400m

WiMAX

FIG. 2: LINUX FILE SYSTEM - WIMAX FILES

INFRASTACK

OS DEPENDENT

OS AGNOSTIC

LINUX

PRODUCT

COMMON

WIMAXCU

OS INTERF

EVENT LOG

WIMAX

WIMAX

UTIL

INFRASTACK

MODULE

AGENTS

WRAPPERS

OSAL

L4 GEN

FUTURE WORK

FIG. 3: WiMAX-1.5.1FILE SYSTEM

ACKNOWLEDGEMENTS

Future work includes completing the rest of hardware simulations on the indoor and outdoor testbeds and determining whether it is best to modify Linux memory or WiMAX drivers to allow us to set the client and attackers system parameters separately. Following conclusion of hardware experiments, we will conduct a full analysis of the parameters backoff_start and backoff_end and compare these results to the ns-2 simulations. Other possible future work includes:

  • Expand experiments to include more than 8 nodes, possibly 20 or more nodes,
  • Find a more complete response surface for the BCR parameters that significantly influence DoS vulnerability,
  • And determine how BCR parameters affect other factors such as robustness to environmental conditions and other forms of DoS attacks.
  • This material is based upon work supported by, or in part by, the EAGER-GENI Experiments on Network Security and Traffic Analysis contract/grant number CNS-1049765. Opinions expressed are those of the author and not the National Science Foundation.
  • This research effort has contributed to the following publication and dissertation:
  • J. Deng, R. R. Brooks, J. Martin. Assessing the Sensitivity of WiMAX Parameters to MAC-level DoS Attacks, International Journal of Performability Engineering. Volume 8, pages 163-178, 2012
  • J. Deng, Connected Vehicle Information Assurance. Clemson University. May 2011