efficient over-provisioning of network systems and services: principles and practices

04/19/23 The Ohio State University 1

Efficient Over-Provisioning of Network Systems and Services:

Principles and Practices

Dong Xuan

Department of Computer Science and EngineeringThe Ohio-State University

http://www.cse.ohio-state.edu/~xuan


What is Over-Provisioning?

Resources are allocated conservatively, depending on expected demands

Examples: replicated content, replicated servers, allocating more bandwidth, multi-path routing etc.


Outline

Objective Principles Practices in Overlay Networks Practices in Sensor Networks Final Remarks


Objective

Providing high performance, reliability and security to network systems and services


Challenges and Opportunities

Challenges: Traffic amount Dynamics of traffic pattern Malicious and non-conforming participants

Opportunities: Resources, such as bandwidth, storage,

processing power are no longer the bottlenecks that used to be so in the past


Why Over-Provisioning?

Enable uninterrupted services Reaction under extreme operating

conditions are milder if not eliminated Maintenance and corresponding

dynamics are easier if done properly System update is easier


However……

Over provisioning is not always good Over provisioning also comes at the

price of increased maintenance Resource come at a price, they are not

free Resource availability is unbalanced


What We Want to Do?

Study the principles of over provisioning

Practices in a wide spectrum of network systems and services


Related Work

Bandwidth over-provisioning by ISPs (Internet Service Providers)

Data backup for fault tolerant services Over-deployment in sensor networks


Principles A case study – bandwidth over provisioning in networks

Currently it is conducted in an ad hoc manner by ISPs QOP: Quantitative Over Provisioning

Our work on Transaction on Networking 04 [1] and RTSS 01 [2]


Further Study on Over Provisioning Principles

System resources System nodes Connectivity Network Paths Data content, energy and storage

Dynamics due to failures and attacks


Practical Applications of Over-Provisioning

Overlay Networks

Sensor Networks


Practices in Overlay Networks

Secure Overlay Forwarding Systems

Resilient Structured Peer to Peer Systems

QoS aware and Reliable Overlay Multicast and Anycast Services


Overlay Networks


Secure Overlay Forwarding Systems

It is an intermediate forwarding overlay system to defend against DDoS attacks

Layering: Each node only knows the next layer nodes

Access to target controlled by a set of filters Target is known only to filters


Design Features

The number of layers: 3 layers of hierarchy between sources and a target

Mapping degree: Number of next layer neighbors

Node density: Number of nodes per layer

Under random congestion attacks, path availabilities are high if mapping degree is high


The Generalized Secure Overlay Forwarding System

We have generalized the system in ICDCS 04 [8] Design features are flexible


Intelligent DDoS Attacks Combination of Congestion-based

attacks and break-in based attacks Congestion attacks result in node being

non-functional for the duration of the attack

Successful break-in attacks result in disclosure of next layer neighbors


System Performance Observation

Over Provisioning is not always good Care should be exercised


Resilient Structured P2P Systems

Structured P2P systems Distributed Hash Table (DHT) based Node ID and data ID match together CAN, CHORD, PASTRY and TAPSTRY

These systems are not resilient to malicious attacks !

Our solutions: Over provisioning in neighbor connectivity RCHORD [4] and CAN-SW [3]


Unicast, multicast and anycast

Network layer multicast and anycast We have proposed an efficient fault-tolerant multicast

routing protocol in TPDS 99 [5] (38) We have proposed a routing protocol for anycast

messages in TPDS 00 [6], 04 [7] (38, 39) Overlay multicast and anycast

Multiple path over provisioning based approaches

QoS Aware Overlay Multicast and Anycast


Practices in Sensor Networks

Sensor network deployment using limited mobility sensors

Defending against Physical Attacks


Sensor Networks

A new paradigm of networking A lot of applications like tracking intruders, monitoring

animals, forest fires, and warehouse monitoring Cheap, easy to deploy, but limited in energy

MTS 310 CA sensor A simple sensor network

Base station


Sensor Networks Deployment using Limited Mobility Sensors

Sensor network deployment

Issues Sensors may be damaged Sensor may be out of energy Manual redeployment is hard

Solutions Over-provision sensor nodes Exploit sensor mobility

1

5 6

3 42

7 8

9 10 11 12

13 14 15 16 2D-grid


Limited Mobile Sensors

Mobility in sensors is an energy consuming operation

XYZ sensor platform can move up to 165 m DARPA has already built limited mobility

sensors, whose maximum movement is 100 hops

Resource of sensor nodes are redundant but their mobility is limited


Our Deployment Problem

Problem definition Given 2-D grid sensor network model, determine a movement

plan for the sensors to minimize variance in number of sensors among all regions from and simultaneously minimize the required number of movements

Variance =

No. of movement hops =


An Example

Sensor Network with 16 regions and =2

A simple, purely localized solution Regions 14, 15 and 16 have less than 2 sensors

(b)

(a)

1

5 6

3 42

7 8

9 10 11 12

13 14 15 16

6

0

0 0 4

0

4 2

0

4 0 2

0 2

2 6

2

22

2

1

2 2

1

1

5 6

3 42

7 8

9 10 11 12

13 14 15 16

4

3

2 2 2

1

2 2

2

2 1 1

2 2

2 2

1


Discussions on Our Deployment Problem

Each region has sensors, which is over-provisioned to provide reliable services

It is a non-linear optimal problem. However, when = 1, the problem is changed to a linear one [10]

The problem is harder due to over-provisioning


Our Solutions We proposed two classes of solutions

Max-flow based solutions Translate non linear variance problem into linear weight assignment problem Translate sensor network into a graph structure and determine minimum cost

maximum weighted flow plan It is optimal if run in a centralized manner Can also execute in a distributed manner

Simple Peak-Pit solution Pits request sensors from peaks. Requests contain weights depending on sensors needed Requests are served in descending order of weights Performance is good under favorable deployment conditions


Defending against Physical Attacks in Sensor Networks

Physical attacks: destroy sensors physically Physical attacks are inevitable in sensor networks

Sensor network applications that operate in hostile environments Volcanic monitoring Battlefield applications

Small form factor of sensors Unattended and distributed nature of deployment

Different from other types of electronic attacks Can be fatal to sensor networks Simple to launch

Defending physical attacks Tampering-resistant packaging helps, but not enough We adopt sensor node over-provisioning approach


Blind Physical Attacks


Search-Based Physical Attacks


The Impacts of Physical Attacks

Lifetime Vs. Attack arrival rate

0

2

4

6

8

10

0.0001 0.001 0.01 0.1λ (attacks/second)

T (days)

A = 20m,nf = 50

A = 20m,nf = 100

A = 20m,nf = 200

A = 20m,nf = 300

A = 20m,nf = 400

A = 20m,nf = 500

A = 20m,nf = 600


Defense Strategies

Over-provisioning sensor nodes Deploying more sensors to compensate the

damage of blind attacks [9] Using sacrificial node to compensate the

weakness of sensors in sensing capacity compared with the attacker [11]


Final Remarks

The principles of Over Provisioning QOP: Quantitative Over Provisioning on network

resources Practices of Over Provisioning in

Overlay Networks Secure Overlay Forwarding Systems – Layers and

Connectivity Resilient Structure P2P systems – Neighbor connectivity QoS aware Overlay multicast and anycast – Path

Sensor networks Reliable sensor network – limited mobility sensor nodes Resilience to Physical attacks – node and structure


References1. S. Wang, Dong Xuan, R. Bettati and W. Zhao, “Providing Absolute Differentiated Services for Real-Time

Applications in Static-Priority Scheduling Networks”, in IEEE/ACM Transactions on Networking (ToN), Vol 12, No. 2, April 2004.

2. S. Wang, Dong Xuan, R. Bettati and W. Zhao, “Differentiated Services with Statistical Real-Time Guarantees in Static-Priority Scheduling Networks”, in Proc. of IEEE RTSS, 2001.

3. S. Wang, Dong Xuan and W. Zhao, “On Resilience of Structured Peer-to-Peer Systems”, in Proc. of IEEE GLOBECOM, Dec. 2003.

4. Dong Xuan, S. Chellappan and M. Krishnamoorthy, “RChord: An Enhanced Chord System Resilient to Routing Attacks”, in Proc. of IEEE ICCNMC, Oct. 2003.

5. W. Jia, W. Zhao, Dong Xuan, and G. Xu, “An Efficient Fault-Tolerant Multicast Routing Protocol with Core-Based Tree Techniques”, in IEEE Transactions on Parallel and Distributed Systems (TPDS), Vol. 10, No. 10, Oct. 1999.

6. Dong Xuan, W. Jia, W. Zhao, and H. Zhu, “A Routing Protocol for Anycast Messages”, in IEEE Transactions on Parallel and Distributed Systems (TPDS), Vol. 11, No. 6, June 2000.

7. W. Jia, Dong Xuan, W. Tu, L. Lin and W. Zhao, “Distributed Admission Control for Anycast Flows”, in IEEE Transactions on Parallel and Distributed Systems (TPDS), Vol 15, No. 8, August 2004.

8. Dong Xuan, S. Chellappan, X. Wang and S. Wang, ”Analyzing the Secure Overlay Services Architecture under Intelligent DDoS Attacks”, in Proc. of IEEE International Conference on Distributed Computing Systems (ICDCS), March 2004.

9. Xun Wang, Wenjun Gu, Sriram Chellappan, Kurt Schosek, Dong Xuan, “Lifetime Optimization of Sensor Networks under Physical Attacks ”, IEEE ICC 2005.

10. S. Chellappan, X. Bai, B. Ma and Dong Xuan, Mobility Limited Flip-based Sensor Network Deployment, accepted by IEEE Transactions on Parallel and Distributed Systems (TPDS), Oct. 2005.

11. W. Gu, X. Wang, S. Chellappan, Dong Xuan and Ten H. Lai, Defending against Search-based Physical Attacks in Sensor Networks, to appear in Proc. of IEEE MASS, Nov. 2005

efficient over-provisioning of network systems and services: principles and practices

Documents