MonNet status Sven Tafvelin Chalmers. RouterDWDM Original configuration.

Slides:



Advertisements
Similar presentations
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Advertisements

Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
Understanding Internet Protocol
CISCO NETWORKING ACADEMY Chabot College ELEC Address Resolution Protocol.
Chapter 5: Common Support Problems
Monks use computers to preserve their books. The information can be stored on CDs and uploaded to the Internet so that the whole world can learn from.
Network (Internet) Neutrality CMPT 771 Qiang (Scott) Zhang.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Computer Networks Fall, 2007 Prof Peterson. CIS 235: Networks Fall, 2007 Western State College  What is “store and forward”?  What is a buffer / queue?
Software Copyright. Learning Objectives: By the end of this topic you should be able to:
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
National Center for Supercomputing Applications Adam Slagell, Jun Wang and William Yurcik, National Center for Supercomputing Applications (NCSA) University.
Using Prices to Allocate Resources at Access Points Jimmy Shih, Randy Katz, Anthony Joseph One Administrative Domain Access Point A Access Point B Network.
William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture.
Fast binary and multiway prefix searches for pachet forwarding Author: Yeim-Kuan Chang Publisher: COMPUTER NETWORKS, Volume 51, Issue 3, pp , February.
TCP: Software for Reliable Communication. Spring 2002Computer Networks Applications Internet: a Collection of Disparate Networks Different goals: Speed,
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Licentiate Seminar: On Measurement and Analysis of Internet Backbone Traffic Wolfgang John Department of Computer Science and Engineering Chalmers University.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Troubleshooting Software Tools vs. Professional Test Equipment.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
HiVision SNMP Software.
Layering and the TCP/IP protocol Suite  The TCP/IP Protocol only contains 5 Layers in its networking Model  The Layers Are 1.Physical -> 1 in OSI 2.Network.
Data Communications and Networks
Chapter Seven Advanced Shell Programming. 2 Lesson A Developing a Fully Featured Program.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
J.H.Saltzer, D.P.Reed, C.C.Clark End-to-End Arguments in System Design Reading Group 19/11/03 Torsten Ackemann.
What is FORENSICS? Why do we need Network Forensics?
XP New Perspectives on Microsoft Office Access 2003 Tutorial 12 1 Microsoft Office Access 2003 Tutorial 12 – Managing and Securing a Database.
Common Devices Used In Computer Networks
By Anthony W. Hill & Course Technology1 Common End User Problems.
1. There are different assistant software tools and methods that help in managing the network in different things such as: 1. Special management programs.
Limitations of Port Knocking Software Project Presentation Paper Study – Part III Group Member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Oppenheimer.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web Lecture 2 This material was developed by Oregon Health.
William Stallings Data and Computer Communications 7 th Edition Data Communications and Networks Overview Protocols and Architecture.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 2: Configuring Network Protocols.
Fall 2005Computer Networks20-1 Chapter 20. Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv ARP 20.2 IP 20.3 ICMP 20.4 IPv6.
A Level ICT Unit Implementing CBIS’s. Support Installing a new system is disruptive and the support program will need to be planned well in advance.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1.
IP ADDRESSING, SUBNETTING & VLSM 1. Decimal vs. Binary Numbers – Decimal numbers are represented by the numbers 0 through 9. – Binary numbers are represented.
Heuristics to Classify Internet Backbone Traffic based on Connection Patterns Wolfgang John and Sven Tafvelin Dept. of Computer Science and Engineering.
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES Lesson №18 Telecommunication software design for analyzing and control packets on the networks by using.
The Internet The History and Future of the Internet.
Denial of Service DoS attacks try to deny legimate users access to services, networks, systems or to other resources. There are DoS tools available, thus.
Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.
1 Version 3.1 Module 6 Routed & Routing Protocols.
The Devil and Packet Trace Anonymization Authors: Ruoming Pang, Mark Allman, Vern Paxson and Jason Lee Published: ACM SIGCOMM Computer Communication Review,
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
QoS measurements Sven Tafvelin Chalmers university of Technology Gothenburg, Sweden.
Chapter 5. An IP address is simply a series of binary bits (ones and zeros). How many binary bits are used? 32.
Ethernet Basics – 7 IP Addressing. Introducing IP Addressing  IP address (TCP/IP address)  Not unique (but should be), user assigned  Layer 3  4 byte.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
INTERNET PROTOCOL ADDRESS AND SUBNET MASK KAAN EREN.
Network Troubleshooting CT NWT NameTP No. Gan Pei ShanTP Tan Ming FattTP Elamparithi A/L ThuraisamyTP Tan Ken SingTP
Internet Architecture
LESSON Networking Fundamentals Understand IPv4.
The Devil and Packet Trace Anonymization
Packets & Routing Lower OSI layers (1-3) concerned with packets and the network Packets carry data independently through the network, and into other networks…
Connecting Networks Repeater: physical layer Bridge: data link layer
Application Layer Mobility Management Scheme for Wireless Internet
IPv6 Addressing By Aman Agrawal Archisman Bhattacharya
Layering and the TCP/IP protocol Suite
Presentation transcript:

MonNet status Sven Tafvelin Chalmers

RouterDWDM Original configuration

RouterDWDM Measurement configuration Measurem. comp Splitters G-bit Ethernet switch

What can the traces be used for? Network statistics (of course) What type of traffic is the network used for Changes of network usage over time Application behaviour on the net Delay properties Network stability Network forensics

Performance issues In general a 10 Gbit/s connection can potentially generate very much trace data at a speed which even fast computers have problems to sustain. We have 6 fast disks used in parallel and have received sustained write speed of about 480 Mbyte/s corresponding to 3.8 Gbit/s which is substantially less than 10 Gbit/s.

Performance issues (2) On the other hand: We will not store user data The links are generally not fully loaded

Trace formats are incompatible(1) There is no standard on trace formats. The number of alternatives is large and many exist in incompatible versions also: PCAP – from the libpcap DAG/ERF – from Endace equipment FR, FR+, TSH – from NLANR CRL – from Coral/CoralReef Etc etc

Trace formats are incompatible(2) There exist conversion programs between some of these formats but converting usually means loosing information. We can only keep information which can be represented in both formats.

Trace sanitization and desensitation Immediately after (or in parallel) when the trace is caught it need to be processed. Sanitization means that the trace is processed: Obvious start/end problems are adjusted Time stamp information is improved as much as possible Correctness is checked Traces may need to be merged

Desensitation Often the equipment will catch more information than is allowed: Surplus information need to be removed IP# need to be anonymized

Ethics issues There are people who regard Internet as the last bastion of total freedom and therefore don’t want traffic traces taken at all. The current political debate is going in the other direction. Police, authorities etc will be able to get rather detailed information about Internet traffic.

Trace anonymization There is a (vague?) connection between the IP# recorded in the packets and the person behind the keyboard. Therefore there is a general vish to anonymize the IP# without destroying the value when traffic should be analyzed.

Trace anonymization(2) Trace anonymization is regarded as important. This means that the IP# in the trace should systematically be replaced by a pseudonym IP#. We want the replacement to be prefix preserving. This means that if two IP#s belong to the same subnet the pseudonyms will also seem to belong to the same subnet.

Trace anonymization(3) There are two well known methods for prefix preserving anonymization: 1) TCPdpriv is almost a standard which every new proposal is measured against. It is prefix preserving but there is a major problem: The pseudonym IP# depends on the order of original IP#s. Therefore the same IP# will get different pseudonyms in different traces! This makes it impossible to merge two traces for example.

Trace anonymization(4) 2) Crypto-PAn solves this problem. It uses encryption algorithms and given a certain key it will always translate an IP# into the same pseudonym IP# and be prefix preserving on all levels. If the key is not known the pseudonym IP# cannot be inverted.

Research ethics The MonNet project was accepted by the regional research ethics committee in August 2005

Early traces Early traces for short periods have been taken to test all facilities and software. On Sept 6 three 6 minutes traces were taken , and Some, not very interesting,results are here: