dong xuan: cse885 on 11/07/07 the ohio state university 1 research in networking dong xuan dept. of...
DESCRIPTION
Dong Xuan: CSE885 on 11/07/07 The Ohio State University 3 Group Members r Student members: Xiaole Bai, Adam Champion, Sriram Chellappan (to be assistant professor in Univ. of Missouri at Rolla), Boxuan Gu, Wenjun Gu, Thang Le, Zhimin Yang r Former members: Sandeep Reddy (M.S., 2004, Microsoft), Lamonte Glove (M.S., 2004, Avaya) and Kurt Schosek (M.S., 2005), Xun Wang (Ph.D, 2007, CISCO) r Faculty member: Dong XuanTRANSCRIPT
1Dong Xuan: CSE885 on 11/07/07The Ohio State University
Research in Networking
Dong Xuan
Dept. of Computer Science and EngineeringThe Ohio State University
2Dong Xuan: CSE885 on 11/07/07The Ohio State University
Outline
Group Research Overview Performance - Optimal Deployment in
Wireless Sensor Networks Security - Flow Marking in the Internet
3Dong Xuan: CSE885 on 11/07/07The Ohio State University
Group Members
Student members: Xiaole Bai, Adam Champion, Sriram Chellappan (to be assistant professor in Univ. of Missouri at Rolla), Boxuan Gu, Wenjun Gu, Thang Le, Zhimin Yang
Former members: Sandeep Reddy (M.S., 2004, Microsoft), Lamonte Glove (M.S., 2004, Avaya) and Kurt Schosek (M.S., 2005), Xun Wang (Ph.D, 2007, CISCO)
Faculty member: Dong Xuan
4Dong Xuan: CSE885 on 11/07/07The Ohio State University
Research Interests Real-time computing and communications
Deterministic and statistic QoS guarantees [ICDCS00, INFOCOM01, RTSS01, ToN04]
Voice over IP [RTAS02, TPDS05] Performance
Topology control [MOBIHOC06, INFOCOM08] Mobility control [TPDS06, TMC07]
Security Internet security
• Overlay security [ICDCS04, TPDS06]• Anonymous communications [IPDPS05, SP07,
INFOCOM08_mini]• Worm/Malware defense[SECURECOM06, 07, ACSAC06]
Wireless network security [IWQoS06, TPDS06]
5Dong Xuan: CSE885 on 11/07/07The Ohio State University
Research Grants
ARO: “Defending against Physical Attacks in Wireless Sensor Networks”, (PI, 2007-2010)
NSF: “Efficient Resource Over-Provisioning for Network Systems and Services”, (PI, CAREER award, 2005-2010)
NSF: “Overlay Network Support to Remote Visualization on Time-Varying Data”, (PI, 2003-2006)
SBC/Ameritech: “Providing Statistic Real-time Guarantees to Multimedia Teleconferences”, (PI, 2002-2003)
6Dong Xuan: CSE885 on 11/07/07The Ohio State University
Performance: Optimal Deployment Patterns in WSNs
Xiaole Bai, Santosh Kumar, Dong Xuan, Ziqiu Yun and Ten H. Lai, Deploying Wireless Sensors to Achieve Both Coverage and Connectivity, in ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2006
Xiaole Bai, Ziqiu Yun, Dong Xuan, Ten H. Lai and Weijia Jia, Deploying Four-Connectivity And Full-Coverage Wireless Sensor Networks, in IEEE International Conference on Computer Communications (INFOCOM), 2008
7Dong Xuan: CSE885 on 11/07/07The Ohio State University
Problem Definition
What is the optimal number of sensors needed to achieve p-coverage and q-connectivity in WSNs?
An important problem in WSNs: Connectivity is for information transmission and coverage
is for information collection Avoid ad hoc deployment to save cost To help design topology control algorithms and protocols other practical benefits
The Ohio State University
8Dong Xuan: CSE885 on 11/07/07The Ohio State University
p-Coverage and q-Connectivity
q-connectivity: there are at least q disjoint paths between any two sensors
p-coverage: every point in the plane is covered by at least p different sensors
rs
rc
Node ANode B
For example, nodes A, B, C andD are two connected
Node C
Node D
9Dong Xuan: CSE885 on 11/07/07The Ohio State University
Relationship between rs and rc
Most existing work is focused on In reality, there are various values of
sc rr 3
The communication range of the Extreme Scale Mote (XSM) platform is 30 m and the sensing range of the acoustics sensor is 55 m
Sometimes even when it is claimed for a sensor to have , it may not hold in practice because the reliable communication range is often 60-80% of the claimed value
sc rr /
sc rr 3
10Dong Xuan: CSE885 on 11/07/07The Ohio State University
A Big Picture
Research on Asymptotically Optimal Number of Nodes
[1] R. Kershner. The number of circles covering a set. American Journal of Mathematics, 61:665–671, 1939, reproved by Zhang and Hou recently.[2] R. Iyengar, K. Kar, and S. Banerjee. Low-coordination topologies for redundancy in sensor networks. MobiHoc2005.
MobiHoc06 INFOCOM08
11Dong Xuan: CSE885 on 11/07/07The Ohio State University
Known Results: Triangle Pattern [1]
sc rr 3
srd 31
Notice it actually achieves 1-coverage and 6-connectivity
d1srd
232
d2
12Dong Xuan: CSE885 on 11/07/07The Ohio State University
Place enough disks between the strips to connect them See the paper for a
precise expression The number is disks
needed is negligible asymptotically
sc rrd 3,min14
22
2 ss rrd
Our Optimal Pattern for 1-Connectivity
Note : it may be not the only possible deployment pattern d1
d2
A
13Dong Xuan: CSE885 on 11/07/07The Ohio State University
Connect the neighboring horizontal strips at its two ends
Our Optimal Pattern for 2-Connectivity
Note : it may be not the only possible deployment pattern
sc rrd 3,min14
22
2 ss rrd
d1
d2
A
14Dong Xuan: CSE885 on 11/07/07The Ohio State University
Our Optimal Pattern for 4-Connectivity
/ 2c sr r
Note : it may be not the only possible deployment pattern
crdd 21d1
d2
A
Square pattern
15Dong Xuan: CSE885 on 11/07/07The Ohio State University
Our Optimal Pattern for 4-Connectivity
sc rr /2
sc rrd 3,min1 )2/arcsin2sin(12 sc rrdd
Note : it may be not the only possible deployment pattern d1
d2
A
Diamond pattern
16Dong Xuan: CSE885 on 11/07/07The Ohio State University
Workflow of optimality proof (1) Step 1
We lay out the theoretical foundation of the optimality proof: for any collection of the Voronoi polygons forming a tessellation, the average edge number of them is not larger than six asymptotically.
• It is built on the well known Euler formula.
Step 2 We show that any collection of Voronoi polygons generated in
any deployment can be transformed into the same number of Voronoi polygons generated in a regular deployment while full coverage and desired connectivity can still be achieved.
• The proof is based on the technique of pattern transformation and the theoretical foundation obtained in Step 1.
17Dong Xuan: CSE885 on 11/07/07The Ohio State University
Workflow of optimality proof (2) Step 3
We prove the number of Voronoi polygons from any regular deployment has a lower bound.
Step 4 We show that the number of Voronoi polygons used
in the patterns we proposed is exactly the lower bound value. Hence the patterns we proposed are the optimal in all regular deployment patterns.
• Based on the conclusion obtained in Step 2, the patterns we proposed are also the optimal among all the deployment patterns.
18Dong Xuan: CSE885 on 11/07/07The Ohio State University
Future WorkResearch on Asymptotically Optimal Number of Nodes
19Dong Xuan: CSE885 on 11/07/07The Ohio State University
Security: Flow Marking Techniques in the Internet Security Wei Yu, Xinwen Fu, Steve Graham, Dong Xuan and
Wei Zhao, DSSS-Based Flow Marking Technique for Invisible Traceback, in Proc. of IEEE Symposium on Security and Privacy (Oakland), May 2007, pp18-32
Xun Wang, Wei Yu, Xinwen Fu, Dong Xuan and Wei Zhao, iLOC: An invisible LOCalization Attack to Internet Threat Monitoring System, accepted to appear in the mini-conference conjunction with IEEE International Conference on Computer Communications (INFOCOM), April 2008.
20Dong Xuan: CSE885 on 11/07/07The Ohio State University
Invisible Traceback in the Internet Internet has brought convenience to our
everyday lives However, it has also become a breeding
ground for a variety of crimes Network forensics has become part of
legal surveillance We study flow marking for a
fundamental network-based forensic technique, traceback
21Dong Xuan: CSE885 on 11/07/07The Ohio State University
Problem Definition
Suspect Sender is sending traffic through encrypted and anonymous channel, how can Investigators trace who is the receiver?
ReceiverSenderNetwork
22Dong Xuan: CSE885 on 11/07/07The Ohio State University
Traffic Confirmation by Flow Marking Investigators want to know if Sender
and Receiver are communicatingReceiverSender
SnifferInterferer
AnonymousChannel
The investigators know that Sender communicates with Receiver
InvestigatorHQ
23Dong Xuan: CSE885 on 11/07/07The Ohio State University
Issues in Flow Marking
Traceback accuracy Periodic pattern ok?
Traceback secrecy Traceback without conscience of suspects
DSSS-based technique for accuracy and secrecy in traceback!
24Dong Xuan: CSE885 on 11/07/07The Ohio State University
Basic Direct Sequence Spread Spectrum (DSSS)
A pseudo-noise code is used for spreading a signal and despreading the spread signal
DespreadingSpreading
PN Code
Original Signal
tb
ct
dt
PN Code
cr
Recovered Signal
noisychannel
Interferer Snifferrb dr
25Dong Xuan: CSE885 on 11/07/07The Ohio State University
Example – Spreading and Despreading
Signal dt: 1 -1 DSSS code ct: 1 1 1 -1 1 -1 -1 Spread signal tb=dt.ct=1 1 1 -1 1 -1 -1 -1 -1 -1 +1 -1 1 1
One symbol is “represented” by 7 chips PN code is random and not visible in time and frequency domains
Despreading is the reverse process of spreading
+1
-1dt t
ct
+1
-1
Tc (chip)
t
NcTc
t
tb
26Dong Xuan: CSE885 on 11/07/07The Ohio State University
Mark Generation by Interferer
1. Choose a random signal
2. Obtain the spread signal
3. Modulate a target traffic flow by appropriate interference
Chip +1: without interference
Chip -1: with interference Low interference favors
traceback secrecy
PN Code
Original Signal dt
FlowModulator
Internet
rx = spread signal + noise
tb
ct
tx
27Dong Xuan: CSE885 on 11/07/07The Ohio State University
Mark Recognition by Sniffer1. Sample received traffic to
derive traffic rate time series
2. Use high-pass filter to remove direct component by Fast Fourier Transform (FFT)
3. Despreading by local DSSS code
4. Use low-pass filter to remove high-frequency noise
5. Make decision Recovered signal == Original
signal?
PN Code
Decision Rule
rx = spread signal + noise
High-pass Filter
Low-pass Filter
rx’
rb
cr
28Dong Xuan: CSE885 on 11/07/07The Ohio State University
Invisible Location Attack to Internet Monitoring Systems Widespread attackers attempt to evade the
distributed monitoring/detection systems We design invisible LOCalization (iLOC) attack
which can locate the detection monitors accurately and invisibly. Then the widespread attacks can evade these located monitors.
Effectiveness of iLOC attack We implement iLOC attack, carry out
experiments and analyze the effectiveness of iLOC attack.
29Dong Xuan: CSE885 on 11/07/07The Ohio State University
Internet Threat Monitoring SystemsGlobal traffic monitoring based Internet Threat Monitor Systems (ITM):
- Distributed monitors - Data center Data center
monitors
Network A Network B
Internet
Attacker
Network C
MONITORS’ LOG UPDATE
monitors
Attacker
A vulnerability: location privacy of monitors (ITM only monitors a small part of whole IP address space.)
30Dong Xuan: CSE885 on 11/07/07The Ohio State University
invisible LOCalization Attack
Basic idea: Verify attack traffic in traffic report, verify existence of monitors.
Two Stages: - Attack traffic generating - Attack traffic decoding
Embed an attack mark in the attack traffic, which can be recognized by the attacker.
31Dong Xuan: CSE885 on 11/07/07The Ohio State University
Final Remarks
Group research: theorem and implementation Research on Performance
Optimal deployment pattern in WSNs Limited mobility WSNs
Research Security Flow marking in internet security Worm detection Wireless security
32Dong Xuan: CSE885 on 11/07/07The Ohio State University
Thank you !Questions?