1 cis 6930: workshop iii encounter-based networks presenter: sapon tanachaiwiwat [email protected]...
TRANSCRIPT
1
CIS 6930: Workshop IIIEncounter-based Networks
Presenter: Sapon [email protected]
Instructor: Dr. Helmy2/5/2007
2
Agenda
• Introduction
• Motivation
• Examples of Encounter based networking
• Encounter-based worm interactions
• Experiment for our class
• Reference
3
Introduction
• What is Encounter-based networking– Networking relying on encounter or relationships between nodes
(Social networking)– Wireless ad hoc networks– Discontinuous path (Intermittent connection)– Store-and-forward (Bundles)– Similar to delay-and-disruption-tolerant-networking
• Large delay• Low data rate• High loss rate
• Basic assumptions of each node– Persistent storage– Willing to participate– Limitation of Power– Short Radio Range
4
Motivation
• Why we need encounter-based networks– Reasons?– What we can learn from Experiment 1 and 2
• Wireless LAN Coverage on Campus is good for any where and any time computing?
• How can you analyze of the potential of encounter-based networking?
– Step 1: Look where the holes on campus?– Step 2: Analyze the encounter characteristic based on WLAN– Step 3: Do Experiment number 3– Step 4: ?
5
Examples of encounter-based networks
• Military tactical networks• Disaster relief• ZebraNet• Interplanetary networks• Rural village networks• Underwater acoustic networks• Other?
8
Encounter-based worms
• Future direction on worm attacks!! (Cabir, ComWar)– Rely on encounter pattern/relationships between users.– Close to flooding, i.e. Epidemic routing.– Propagate via Bluetooth connection (10-meter range)
• Question: How can we alleviate this problem?– Traditional prevention at gateway such as firewall not effective
against fully distributed attacks– Disconnected networks No centralized update
• Inspired by War of the Worms : CodeGreen worms launched to terminate CodeRed worms
• Approach: Deploy automated generated predator worm to terminate prey worm worm interaction
9
Encounter-based worm interaction
PredatorPrey
Susceptible
Prey and predator’s infection rate rely only on encounter characteristics
10
Analysis of Worm Interaction
ASI BAII
BSI
S A B
BA SISIdt
dS
BAAA IISI
dt
dI
BABB IISI
dt
dI
S=SusceptibleIA= Prey infected hostsIB = Predator infected hostsβ = Contact rate
11
Simulation Results
Simulation Mathematical Model
1000 Nodes Aggressive Encounter Rate = 0.01/sec
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
80.00%
90.00%
100.00%
0 1000 2000 3000 4000 5000 6000
sec
%in
fec
tiv
es
A-Delay0
A-Delay500
A-Delay1000
A-Delay1500
A-Delay2000
B-Delay0
B-Delay500
B-Delay1000
B-Delay1500
B-Delay2000
1000 Nodes Mathematic model Encouter Rate 0.01/sec
0.00E+00
1.00E+02
2.00E+02
3.00E+02
4.00E+02
5.00E+02
6.00E+02
7.00E+02
8.00E+02
9.00E+02
1.00E+03
0.00E+00 1.00E+03 2.00E+03 3.00E+03 4.00E+03 5.00E+03 6.00E+03
Time
Infe
ctiv
es
A Delay 0
A Delay 500
A Delay 1000
A Delay 1500
A Delay 2000
B Delay 0
B Delay 500
B Delay 1000
B Delay 1500
B delay 2000
Closely estimate the infectives when varying reaction times (off 3.8%)
encounter rate = contact rateBased on aggressive one-sided interaction
Encounter level simulation with 1000 mobile nodes having uniform encounter
Reaction time Reaction time
12
Worm Propagation Based On Encounter Derived from WLAN Trace
Worm propagation from USC WLAN Trace file
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
0 500000 1000000 1500000 2000000 2500000 3000000
Time (Sec)
Infe
cti
ve
s
population1001_prop1036_prop1873_prop
14
Experiment Setup
• Goal: To answer the following questions– Is the UF campus the good target for worm
propagation, given that it propagates via Bluetooth?– If so, what places are most vulnerable?– If you want to stop the propagation with other worm,
how can you do it effectively?• Equipments: iPAQs, your laptops, your
strategies• Software: Modified Bluechat, Bluetooth
Explorer,Netstumbler, AirSnort, etc.• Trace format of Modified Bluechat:
– Name of device (brand) [MAC Address] Month/Date/Year Hour/Minute/Second
15
Experiment
• Bluetooth device discovery– Distribution of Bluetooth devices that you encounter
during the day• E.g. Type of devices such as cell phone or lap top, brand of
such devices such as Nokia, Motorola, etc.
• Bluetooth game Design the strategies for– Largest of encounter rate per day– Largest number of unique devices– Largest number of stable devices (long-duration
encounters)– Different roles between teams e.g. Cops and Cons
• Bluetooth and WLAN relationships– Can you derive the correlation between them?
17
Reference• E. Anderson, K. Eustice, S. Markstrum, M. Hansen, P. L. Reiher , “Mobile
Contagion: Simulation of Infection and Defense” PADS 2005: 80-87• S. Capkun, J. P. Hubaux, and L. Buttyan "Mobility Helps Security in Ad Hoc
Networks" Fourth ACM Symposium on Mobile Networking and Computing (MobiHoc), June 2003
• F. Castaneda, E.C. Sezer, J. Xu, “WORM vs. WORM: preliminary study of an active counter-attack mechanism”, ACM workshop on Rapid malcode, 2004
• A. Chaintreau, P. Hui, J. Crowcroft, C. Diot, R. Gass and J. Scott, “Impact of Human Mobility on the Design of Opportunistic Forwarding Algorithms” IEEE INFOCOM, April 2006
• W. Hsu, A. Helmy, "On Nodal Encounter Patterns in Wireless LAN Traces", The 2nd IEEE Int.l Workshop on Wireless Network Measurement (WiNMee), April 2006
• S.Tanachaiwiwat, A. Helmy, "Encounter-based Worms: Analysis and Defense", IEEE Conference on Sensor and Ad Hoc Communications and Networks (SECON) 2006 Poster/Demo Session, VA, September 2006
• A. Vahdat and D. Becker. Epidemic routing for partially connected ad hoc networks. Technical Report CS-2000.