PSMC Proxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White.

Slides:

Advertisements

Similar presentations

Interconnection Networks: Flow Control and Microarchitecture.

Advertisements

On Proxy Server based Multipath Connections (PSMC) PhD Proposal Yu Cai 12/2003 University of Colorado at Colorado Springs.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Overview of Distributed Denial of Service (DDoS) Wei Zhou.

Distributed Denial of Service Attacks: Characterization and Defense Will Lefevers CS522 UCCS.

Criticisms of I3 Zhichun Li. General Issues Functionality Security Performance Practicality If not significant better than existing schemes, why bother?

On Proxy Server based Multipath Connections (PSMC) PhD Proposal Yu Cai 10/2003 University of Colorado at Colorado Springs.

© 2003 By Default! A Free sample background from Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,

Semester Copyright USM EEE442 Computer Networks Introduction: Protocols En. Mohd Nazri Mahmud MPhil (Cambridge, UK) BEng (Essex, UK)

ChowSCID1 Secure Collective Internet Defense (SCID) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

ChowSCOLD1 Secure Collective Defense Network (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

Multipath Routing: Proxy Selection By Joseph A LaConte CS 591 – Semester Project December 07, 2005.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

EE 4272Spring, 2003 Protocols & Architecture A Protocol Architecture is the layered structure of hardware & software that supports the exchange of data.

Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.

Secure Collective Internet Defense (SCID) Yu Cai 05/30/2003

Enhanced Secure Dynamic DNS Update with Indirect Route David Wilkinson, C. Edward Chow, Yu Cai 06/11/2004 University of Colorado at Colorado Springs IEEE.

ChowSCOLD1 Secure Collective Internet Defense (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

Overlay Architecture and API Fang Yu Noah Treuhaft Takashi Suzuki Matthew Caesar.

Multipath Routing CS 522 F2003 Beaux Sharifi. Agenda Description of Multipath Routing Necessity of Multipath Routing 3 Major Components Necessary for.

Basic Dynamic Scheduling for Multiple Path Routing Joseph A LaConte CS 526 May 5, 2005.

Autonomous Anti-DDoS Network V2.0 (A2D2-2) Sarah Jelinek University Of Colorado, Colo. Spgs. Spring Semester 2003, CS691 Project.

Error Checking continued. Network Layers in Action Each layer in the OSI Model will add header information that pertains to that specific protocol. On.

COEN 252: Computer Forensics Router Investigation.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

An Overview Zhang Fu Outline What is DDoS ? How it can be done? Different types of DDoS attacks. Reactive VS Proactive Defence.

1 Latency Equalization: A Programmable Routing Service Primitive Minlan Yu Joint work with Marina Thottan, Li Li at Bell Labs.

Wireless MESH network Tami Alghamdi. Mesh Architecture – Mesh access points (MAPs). – Mesh clients. – Mesh points (MPs) – MP uses its Wi-Fi interface.

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

Distributed Denial of Service Attack and Prevention Andrew Barkley Quoc Thong Le Gia Matt Dingfield Yashodhan Gokhale.

1 Study on Adaptation of CDN Request-Routing to Scalable Conference System Toshiyuki KAWASAKI* Koji OKAMURA** * Graduate School of Information Science.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

P EER - TO -P EER N ETWORKS Michael Fine 1. W HAT ARE P EER -T O -P EER N ETWORKS ? Napster Social networking spawned from this concept. Emerged in the.

Brierley 1 Module 4 Module 4 Introduction to LAN Switching.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

SANE: A Protection Architecture for Enterprise Networks

Professor OKAMURA Laboratory. Othman Othman M.M. 1.

Terminodes and Sybil: Public-key management in MANET Dave MacCallum (Brendon Stanton) Apr. 9, 2004.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

Computer Networks Performance Metrics. Performance Metrics Outline Generic Performance Metrics Network performance Measures Components of Hop and End-to-End.

On the use of Reliable Multicast for Content Distribution Vassilis Chatzigiannakis

Class 2 Agenda Networking Basics Networking Basics Nestle Case Nestle Case Text Chapter Review Text Chapter Review.

Univ. of TehranAdv. topics in Computer Network1 Advanced topics in Computer Networks University of Tehran Dept. of EE and Computer Engineering By: Dr.

TOMA: A Viable Solution for Large- Scale Multicast Service Support Li Lao, Jun-Hong Cui, and Mario Gerla UCLA and University of Connecticut Networking.

Advanced Network Architecture Research Group 2001/11/74 th Asia-Pacific Symposium on Information and Telecommunication Technologies Design and Implementation.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 4 Switching Concepts.

1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.

FireProof. The Challenge Firewall - the challenge Network security devices Critical gateway to your network Constant service The Challenge.

Content-oriented Networking Platform: A Focus on DDoS Countermeasure ( In incremental deployment perspective) Authors: Junho Suh, Hoon-gyu Choi, Wonjun.

Firewall Security.

SOS: An Architecture For Mitigating DDoS Attacks Angelos D. Keromytis, Vishal Misra, Dan Rubenstein ACM SIGCOMM 2002 Presented By : Tracy Wagner CDA 6938.

Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.

SOS: An Architecture For Mitigating DDoS Attacks Angelos D. Keromytis, Vishal Misra, Dan Rubenstein ACM SIGCOMM 2002 Presented By : Hiral Chhaya CDA 6133.

1 Protecting Network Quality of Service against Denial of Service Attacks Douglas S. Reeves S. Felix Wu Chandru Sargor N. C. State University / MCNC October.

A Cooperative SIP Infrastructure for Highly Reliable Telecommunication Services BY Sai kamal neeli AVINASH THOTA.

Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Protocols and Architecture Slide 1 Use of Standard Protocols.

P2PSIP Security Analysis and evaluation draft-song-p2psip-security-eval-00 Song Yongchao Ben Y. Zhao

Introduction Chapter 1. Business Applications of Networks A network with two clients and one server. Client-Server Model.

CS 6401 Overlay Networks Outline Overlay networks overview Routing overlays Resilient Overlay Networks Content Distribution Networks.

COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.

Ing-Ray Chen, Member, IEEE, Hamid Al-Hamadi Haili Dong Secure and Reliable Multisource Multipath Routing in Clustered Wireless Sensor Networks 1.

Mobile Ad Hoc Networking By Shaena Price. What is it? Autonomous system of routers and hosts connected by wireless links Can work flawlessly in a standalone.

Distributed Systems.

Multipath Routing Using Distributed Proxy Servers

Multiple Path Connection through a Set of Connection Relay Servers

On Proxy Server based Multipath Connections (PSMC)

Single path routing in most of the servers

Presentation transcript:

PSMC Proxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White

Overview Network Architectures Network Overlays SCOLD PSMC Issues Conclusion On Proxy Server Based Multipath Connections Yu Cai, PhD Dissertation, UCCS, 2005

Network Architecture Clients Servers Routers Links Name Servers

Client/Server Model 1. Client requests DNS name translaton 2. Router directs query to local proxy server 3. Proxy server redirects shortest path to host

Client/Server Problems 1. Client requests DNS name translation 2. Router directs query to local proxy server 3. Proxy server redirects shortest path to host Shortest path not always fastest! Wasted bandwidth!

Client/Server Vulnerability 1. Client requests DNS name translation 2. Router directs query to local proxy server 3. Proxy server redirects shortest path to host Shortest path not always fastest! Wasted bandwidth! Distributed Denial of Service (DDoS) Attack!

Layered Architecture

Service Overlays Build on existing capabilities Don’t need to retrofit existing services Modular compatibility for adding and removing

Secure Collective Defense (SCOLD) SCOLD Coordinator SCOLD Proxy Servers

Secure Collective Defense (SCOLD) SCOLD Coordinator SCOLD Proxy Servers Defends against DDoS attacks!

Secure Collective Defense (SCOLD) SCOLD Coordinator blocks incoming attack on main gateway Notifies trusted DNSs to use trusted proxys Trusted proxys route requests through alternate gateways

SCOLD Performance SCOLD overhead incurs performance delays SCOLD overhead is insignicant compared to attacks!

Proxy Server-based Multipath Connection (PSMC) Can we extend the SCOLD concept to enhance network perfromance? Shortest path not always fastest! Wasted bandwidth!

PSMC Architecture Sender module responsible for packet distribution among multiple paths Some packets go through normal “direct route” Some packets go through “indirect routes” Receiver module reassembles packets in correct order.

Proxy Server-based Multipath Connection (PSMC) Aggregating bandwidth increases throughput Multiple paths increase reliability, decrease vulnerability

Proxy Server-based Multipath Connection (PSMC) PSMC increases probability packets arrive out of order

Proxy Server-based Multipath Connection (PSMC) PSMC increases probability packets arrive out of order Resulting in significantly higher retransmit requests 5643

Buffer 2 Buffer Proxy Server-based Multipath Connection (PSMC) PSMC increases probability packets arrive out of order Resulting in significantly higher retransmit requests Solution: Create a double receiving buffer!

PSMC Performance PSMC without double buffering was worse than standard routing! PSMC with double buffering was significantly better than standard routing!

Issues Detecting compromised proxy servers Controlling malicious users More efficient double- buffer management Investigating quality of service capabilities

Conclusion Increase bandwidth utilization Decrease vulnerability to attack & failure Can be used to implement quality of service proportional differentiation