Department of Computer Science, Purdue University Active Networks: Applications, Security, Safety and Architectures Author: Konstantinos Psounis Stanford.

Slides:

Advertisements

Similar presentations

Dynamic Replica Placement for Scalable Content Delivery Yan Chen, Randy H. Katz, John D. Kubiatowicz {yanchen, randy, EECS Department.

Advertisements

QoS Routing for MPLS Networks Employing Mobile Agents By: Sergio Gonzalez-Valenzuela and Victor C. M. Leung Presented by: Nathan Balon.

Internetworking II: MPLS, Security, and Traffic Engineering

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.

UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.

Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.

1 Improving the Performance of Distributed Applications Using Active Networks Mohamed M. Hefeeda 4/28/1999.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

15-441: Computer Networking Lecture 26: Networking Future.

CS 268: Active Networks Ion Stoica May 6, 2002 (* Based on David Wheterall presentation from SOSP ’99)

Internet Indirection Infrastructure Ion Stoica UC Berkeley.

A loss detection Service for Active Reliable Multicast Protocols Moufida MAIMOUR & C. D. PHAM INRIA-RESO RESAM UCB-Lyon – ENS Lyon INC’02, Plymouth Tuesday,

© 2003 By Default! A Free sample background from Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,

1 IMPROVING RESPONSIVENESS BY LOCALITY IN DISTRIBUTED VIRTUAL ENVIRONMENTS Luca Genovali, Laura Ricci, Fabrizio Baiardi Lucca Institute for Advanced Studies.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

1 Network Management Active Networks. 2 Network Management.

Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.

CS335 Networking & Network Administration Tuesday, April 20, 2010.

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

PRASHANTHI NARAYAN NETTEM.

Wireless Video Sensor Networks Vijaya S Malla Harish Reddy Kottam Kirankumar Srilanka.

An Active Reliable Multicast Framework for the Grids M. Maimour & C. Pham ICCS 2002, Amsterdam Network Support and Services for Computational Grids Sunday,

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Internet Infrastructure and Pricing. Internet Pipelines Technology of the internet enables ecommerce –Issues of congestion and peak-load pricing –Convergence.

1 Napster & Gnutella An Overview. 2 About Napster Distributed application allowing users to search and exchange MP3 files. Written by Shawn Fanning in.

Mobile IP Performance Issues in Practice. Introduction What is Mobile IP? –Mobile IP is a technology that allows a "mobile node" (MN) to change its point.

1 Route Optimization Chapter Route Filters Use access list to filter out unwanted routes Identifies packets or addresses to be filtered Prevents.

Application-Layer Anycasting By Samarat Bhattacharjee et al. Presented by Matt Miller September 30, 2002.

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Defense by Amit Saha March 25 th, 2004, Rice University ANTS : A Toolkit for Building and Dynamically Deploying Network Protocols David Wetherall, John.

UNIT IP Datagram Fragmentation Figure 20.7 IP datagram.

1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.

Management for IP-based Applications Mike Fisher BTexaCT Research

Tag Switching Architecture Overview Qingfeng Zhuge Fangxia Li Xin Jiang.

Locating Mobile Agents in Distributed Computing Environment.

Presentation slides prepared by Ramakrishnan.V LMS: A Router Assisted Scheme for Reliable Multicast Christos Papadopoulos, University of Southern California.

1 ACTIVE FAULT TOLERANT SYSTEM for OPEN DISTRIBUTED COMPUTING (Autonomic and Trusted Computing 2006) Giray Kömürcü.

A Survey of Active Network Research By:Tennehouse,Smith,Sincoskie,Wettherall,Minden Presented By:Prashant, Ravikiran, Ashutosh.

Introduction to Active Network Technology Bernhard Plattner Computer Engineering and Networks Laboratory ETH Zurich, Switzerland.

Ad Hoc Network.

An Application of VoIP and MPLS Advisor: Dr. Kevin Ryan

High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.

1 Java-enable Network Devices Programmable Network Node: Applications 1 Technology Center, Enterprise Solutions, Nortel Networks 2 Department of Computer.

Wikipedia Edit. Internet of Things It is the idea of enabling everyday objects with software, sensors and network connectivity. The connectivity would.

1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

1 Chapter 4: Internetworking (IP Routing) Dr. Rocky K. C. Chang 16 March 2004.

Mobile IP 순천향대학교 전산학과 문종식

By Nitin Bahadur Gokul Nadathur Department of Computer Sciences University of Wisconsin-Madison Spring 2000.

Building a Reliable IP Multicast Distributed System Karl Thomas Rees CS 560.

Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Active Networks Jennifer Rexford. Nice Quotation from the Tennenhouse Paper There is presently a disconnect between what users consider to be “inside”

MOBILE IP & IP MICRO-MOBILITY SUPPORT Presented by Maheshwarnath Behary Assisted by Vishwanee Raghoonundun Koti Choudary MSc Computer Networks Middlesex.

Network Layer COMPUTER NETWORKS Networking Standards (Network LAYER)

Authors: Jiang Xie, Ian F. Akyildiz

SwitchWare Active Network Architecture

ANTS Goals Today’s networks lack flexibility …

Programming with ANTS ANTS facilitates protocols construction and deployment Demonstrate some examples using Mobility services Multicasting.

NET323 D: Network Protocols

* Essential Network Security Book Slides.

Overlay Networking Overview.

NET323 D: Network Protocols

The Active Node Transfer System By Chris McAnally & Manu Mittal

EE 122: Lecture 22 (Overlay Networks)

Computer Networks ARP and RARP

Internet Protocol version 6 (IPv6)

Presentation transcript:

Department of Computer Science, Purdue University Active Networks: Applications, Security, Safety and Architectures Author: Konstantinos Psounis Stanford University Presenter: Sanjay Agrawal Purdue University Purdue University Nov 15, 2000

Department of Computer Science, Purdue University Passive and Active Networks Passive: Consists of smart hosts at the edges of the network performing computations up to the app layer, routers interconnecting them can only perform computations up to the network layer. Active: Allows Intermediate routers to perform computations up to the application layer. Users can program the network by injecting programs into them.

Department of Computer Science, Purdue University Networks, Passive and Active: Passive Networks: Processing limited to Routing, congestion Control and QoS Schemes Problems: 1. Difficulty of integrating new technologies 2. No support for applications that require computation within the network. 3. Poor performance due to redundant operations.

Department of Computer Science, Purdue University Need for Active Networks: Need an ability to program the networks. Networks should be able to do computations on user data. Users can supply the programs to perform these computations.

Department of Computer Science, Purdue University Arguments for and against AN Against: –Internet successful because of its simplicity. For –Need –Will increase the pace of innovation. –Mobile code technology enables it. –End to end performance of applications will improve.

Department of Computer Science, Purdue University End to End Argument: A function or service should be placed in the network only if it can be implemented cost effectively. Idea of AN is compatible with this argument. Some services can best be supported using info available inside the net.

Department of Computer Science, Purdue University Online Auctions The price info by server may not be up-to- date causing client to submit a low bid. So auction server will receive bids that are too low and must be rejected. In AN such low bids can be filtered out in the network, before reaching the server. At heavy load, server activates filters in nearby nodes, updating them with current price periodically. Frees server resources for processing competitive bids, reduces net utilization at the server.

Department of Computer Science, Purdue University Performance.. Improvement brought about by delegating some of app’s functionality to internal network nodes. Normal traffic could infact benefit from active processing which will reduce bandwidth utilization in some regions of the network. Doing work within the network reduces the total amount of work done by the app.

Department of Computer Science, Purdue University Performance We need App performance rather than network performance, which are not correlated. AN may cause fewer pkts to be sent, with longer per hop latencies because of increased computation and storage. Still overall app performance will improve, because of reduced demand for bandwidth at end- points.

Department of Computer Science, Purdue University Applications Active Networks can be beneficial for a variety of applications: –Network Management –Congestion Control –Multicasting –Caching

Department of Computer Science, Purdue University Congestion Control Prime Candidate for Active Networking A special case of Network Management. It’s an intranetwork event, hence solutions to it should be far removed from the app. Delay in congestion information to propagate to the user.

Department of Computer Science, Purdue University AN and Congestion: Active Node can monitor the available bandwidth and control data flow rate accordingly. Probe packets can gather congestion information as they travel and Monitor packets can use the info to identify the onset of congestion and regulate the flow accordingly. Applications can produce congestion control data according to the situation if they are aware of it, like selective dropping.

Department of Computer Science, Purdue University Experimental Technologies: Network defines a finite set of functions which can be performed at a node on the active packets. Header information in each packet called APCI to specify the function. Packets processed according to APCI and the header recomputed if the function transforms the data. Tested using a Unit Level Dropping Function.

Department of Computer Science, Purdue University contd.. Model is conservative, since no executable code travels in the packets. However, it is a step towards more radical changes. More complex models will have packets carrying code that makes on the fly routing and congestion control decisions based on information brought to the node by other packets. Upcoming congestion tracked and regulation done before congestion takes place.

Department of Computer Science, Purdue University Multicasting Current “passive” schemes provide only partial solution to the problem of NACK implosion, load of retransmissions, duplication of packets. Active Reliable Multicast deals with these problems efficiently by storing a soft state and performing customized computation based on packet types. Note that not all nodes need to be active for ARM to work. So an ActiveBONE similar to MBONE will work.

Department of Computer Science, Purdue University Active Reliable Multicast Local retransmission handled by caching the multicast packets which reduces both latency and traffic. Active router maintains a NACK record and a repair record to perform NACK suppression and scoped retransmission. Flexible and robust as active routers do not need knowledge of group topology. Results show ARM has lower recovery latency than passive schemes.

Department of Computer Science, Purdue University Active Network Architectures Some architectures carry executable code, which is executable on the data of the packet that carries the code. Others place code in the active nodes. Identifiers on the packets used to decide which code to be executed.

Department of Computer Science, Purdue University Active IP Option: Active Packets approach. Extension to IP Options mechanism. Option to carry program fragments in a variety of languages. And to query the languages supported. Backward compatibility ensured since unknown options are silently ignored. Implementation in TCL, to take advantage of TCL interpreter’s restricted execution environment.

Department of Computer Science, Purdue University ANTS Active Nodes approach. Network viewed as a distributed programming system. Packets travel as capsules carrying code. Some code is comprised of well-known routines that reside at every active node. Rest of the application specific code is transferred by mobile code distribution techniques.

Department of Computer Science, Purdue University ANTS Provides a flexible network service. Default forwarding. New protocols can also be introduced into the network. –Simultaneous use of a variety of network protocols –Construction and use of new protocols by mutual agreement among interested parties, rather than their centralized registration. –Dynamic deployment of these protocols.

Department of Computer Science, Purdue University Security An active packet could consume not only many resources but at a faster rate. Denial of service attacks may occur if there is no resource management. SANE, a layered architecture proposed at University of Pennsylvania addresses these issues.

Department of Computer Science, Purdue University Architecture of ANTS The requirements for having a flexible network layer met by having: –Packets replaced by capsules, dictate the processing to be performed on their behalf. –Selected routers replaced by active nodes. Provide an API for capsule processing and execute those routines safely. – A code distribution mechanism to enable active nodes to download code when needed.

Department of Computer Science, Purdue University SANE Architecture A Computer system is organized as a series of layers, each of which defines a virtual machine. Higher levels trust the integrity of the lower layers. Uses AEGIS, a secure bootstrap architecture to cold-start the system. Assumes a PKI Infrastructure for node to node Authentication. Uses a special programming language, PLAN, which is statically type checked and is pointer safe.

Department of Computer Science, Purdue University Current Work SANE at University of Pennsylvania. Georgia Tech- congestion control. Bowman an OS for Active Nodes. ARM and active Router Architecture for Multicasting.

Department of Computer Science, Purdue University Conclusions Definitely an exciting step in network design. Can potentially solve many of the current problems in passive networks, with a wide application range. Will increase the pace of innovation, through rapid deployment and testing of new research. However, most of the current implementations haven’t been deployed on a large-scale net. Security requirements are enormous!