WiFi-Reports: Improving Wireless Network Selection Jeffrey Pang (CMU) with Ben Greenstein (IRS) Michael Kaminsky (IRP) Damon McCoy (U. Colorado) Srinivasan.

Slides:

Advertisements

Similar presentations

Network Systems Sales LLC

Advertisements

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

WiFi-Reports: Improving Wireless Network Selection with Collaboration Presented By Tim McDowell.

Copyright Jill M. Forrester This work is the intellectual property of the author. Permission is granted for this material to be shared for non- commercial,

Doc.: IEEE /0023r1 Submission January 2011 Hitoshi MORIOKA, ROOT INC.Slide 1 Use Case Scenario for TGai Date: Authors: NameAffiliationsAddressPhone .

Module 1.3 Internet connection choices Theme: Let’s communicate.

Mark-and-Sweep: Getting the “Inside” Scoop on Neighborhood Networks Dongsu Han *, Aditya Agarwala *, David Andersen *, Michael Kaminsky †, Dina Papagiannaki.

LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006.

Introduction to Your Name Goes Here

1 (Un)Trustworthy Wireless: What your wireless traffic says about you… Jeff Pang with Ben Greenstein, Ramki Gummadi, Tadayoshi Kohno, David Wetherall (UW/Intel.

Presenting: Dafna Shahaf. Infranet: Circumventing Web Censorship and Surveillance Nick Feamster, Magdalena Balazinska, Greg Harfst, Hari Balakrishnan,

Wifi-Reports Improving Wireless Network Selection with Collaboration Jeffrey Pang (CMU) Ben Greenstein (Intel Research Seattle) Michael Kaminsky (Intel.

Srinivasan Seshan (and many collaborators) Carnegie Mellon University 1.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Toward a Framework for Preventing Side-Channel Attacks in Wireless Networks Jeff Pang.

Wireless networking Roger Treweek Oxford University Computing Services.

Self-Management in Chaotic Wireless Deployments A. Akella, G. Judd, S. Seshan, P. Steenkiste Presentation by: Zhichun Li.

A Network Measurement Architecture for Adaptive Networked Applications Mark Stemm* Randy H. Katz Computer Science Division University of California at.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

1 Making Local Service Discovery Confidential with Tryst Jeffrey Pang CMU Ben Greenstein Intel Research Srinivasan Seshan CMU David Wetherall University.

User Fingerprinting Jeff Pang, Ben Greenstein, Ramki Gummadi, Srini Seshan, and David Wetherall Most slides borrowed from Ben.

1 Drafting Behind Akamai (Travelocity-Based Detouring) AoJan Su, David R. Choffnes, Aleksandar Kuzmanovic, and Fabian E. Bustamante Department of Electrical.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

Adaptive Self-Configuring Sensor Network Topologies ns-2 simulation & performance analysis Zhenghua Fu Ben Greenstein Petros Zerfos.

Signing and Encrypting With the Thawte Web of Trust CSU Professional Development Institute January 8, 2009 Steve Lovaas.

By: Alena Newcomb.  What is a WI-FI hotspot?  Wireless Local Area Network location that provides broadband Internet access.  Use of laptops, PDA, or.

The StarNet Analyzer. Contact SNA Department x172

Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.

Wifi-Reports: Improving Wireless Network Selection with Collaboration Jeffrey Pang (CMU) Ben Greenstein (Intel Research Seattle) Michael Kaminsky (Intel.

Presented by Tao HUANG Lingzhi XU. Context Mobile devices need exploit variety of connectivity options as they travel. Operating systems manage wireless.

Preventing Active Timing Attacks in Low- Latency Anonymous Communication The 10 th Privacy Enhancing Technologies Symposium July 2010 Joan Feigenbaum Yale.

On the Anonymity of Anonymity Systems Andrei Serjantov (anonymous)

BreadCrumbs: Forecasting Mobile Connectivity Presented by Hao He Slides adapted from Dhruv Kshatriya Anthony J. Nicholson and Brian D. Noble.

1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.

Wireless Security: A Search for Public and Secure Wireless networks Kory Kirk.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

BusTracker: SmartPhone- based Mass Transit Tracking Steve Kopman 4/27/2011.

03/09/2003Helsinki University of Technology1 Overview of Thesis Topic Presented By: Zhao Xuetao.

Anonymity on the Internet Presented by Randy Unger.

WiFi-Reports: Improving Wireless Network Selection Jeffrey Pang (CMU) with Ben Greenstein (IRS) Michael Kaminsky (IRP) Damon McCoy (U. Colorado) Srinivasan.

Discipline, Crime, and Violence August New DCV Application The DCV application and submission process has been revised beginning with the

HTTPA (Accountable Hyper Text Transfer Protocol) PhD Proposal Talk Oshani Seneviratne DIG, MIT CSAIL May 31, 2011.

Sharing Information across Congestion Windows CSE222A Project Presentation March 15, 2005 Apurva Sharma.

1 An Advanced Hybrid Peer-to-Peer Botnet Ping Wang, Sherri Sparks, Cliff C. Zou School of Electrical Engineering & Computer Science University of Central.

Tony McGregor RIPE NCC Visiting Researcher The University of Waikato DAR Active measurement in the large.

Improved Access Point Selection MobiSys2006. Outline INTRODUCTION FIELD STUDY VIRGIL EVALUATION CONCLUSION.

WEP Protocol Weaknesses and Vulnerabilities

Mapping Internet Sensors with Probe Response Attacks Authors: John Bethencourt, Jason Franklin, Mary Vernon Published At: Usenix Security Symposium, 2005.

NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.

WISER: Remote access to databases and datasets This session will help you to set up access to Oxford online resources from your home computer. The session.

User Fingerprinting Jeffrey Pang 1 Ben Greenstein 2 Ramakrishna Gummadi 3 Srinivasan Seshan 1 David Wetherall 2,4 Presenter: Nan Jiang Most Slides:

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

Rover Technology Enabling Scalable Location Aware Computing ( Wireless ) Myoung – Seo Kim Super Computing Lab

1 City With a Memory CSE 535: Mobile Computing Andreea Danielescu Andrew McCord Brandon Mechtley Shawn Nikkila.

FriendFinder Location-aware social networking on mobile phones.

FriendFinder Location-aware social networking on mobile phones.

Overview: 1.Past project review 2.How to communicate with clients 1.Clients taste in design 2.How to avoid misunderstandings w/client or project manager.

Cracow Grid Workshop, October 15-17, 2007 Polish Grid Polish NGI Contribution to EGI Resource Provisioning Function Automatized Direct Communication Tomasz.

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.

A HotSpot is a location with an access point which provides wireless broadband network services. It is expected today to have Hotspots in heavily populated.

MC-Quiz: Chapter 9 Communications and Networks Discovering Computers 2010.

Dirk Grunwald Dept. of Computer Science, ECEE and ITP University of Colorado, Boulder.

A HotSpot is a location with an access point which provides wireless broadband network services. It is expected today to have Hotspots in heavily populated.

Team: Aaron Sproul Patrick Hamilton

When small data is better data

PrivateRide: A Privacy-Enhanced Ride-Hailing Service

Networked Systems Practicum

Energy-Delay Tradeoffs in Smartphone Applications

Presentation transcript:

WiFi-Reports: Improving Wireless Network Selection Jeffrey Pang (CMU) with Ben Greenstein (IRS) Michael Kaminsky (IRP) Damon McCoy (U. Colorado) Srinivasan Seshan (CMU)

Problem: Commercial AP Selection tmobile attwifi (ap 1) attwifi (ap 2) seattlewifi linksys Free Public Wifi $3.99 $9.99 Free! Which networks will run my applications? Which ones have good performance? Quality = ??? We often have many choices of wireless access points (APs), but little information about each Jiwire.com Hotspot database Jiwire.com Hotspot database

Wifi-Reports Database Bandwidth: 30 kbps Blocked ports: Bandwidth: 5 Mbps Blocked ports: None community uploads measurement reports members download summary statistics

Wifi-Reports tmobile attwifi (ap 1) attwifi (ap 2) seattlewifi linksys Free Public Wifi I need to use VoIP so this is the best network for me Bandwidth: 300 kbps Blocked ports: None Doesn’t work! Wifi-Reports provides information about AP performance and application support Doesn’t work! Bandwidth: 100 kbps Blocked ports: None Bandwidth: 300 kbps Blocked ports: None Wifi-Reports Hotspot database Wifi-Reports Hotspot database Bandwidth: 30 kbps Blocked ports: Bandwidth: 5 Mbps Blocked ports: None Doesn’t work!

Research Challenges Doesn’t work! Bandwidth: 300 kbps Blocked ports: None Location privacy – Reports shouldn’t be linked, otherwise they can be used to track users – But also need to limit fraud; e.g., 1 report per AP per user – Solution: new ecash-like reporting protocol & robust summary functions

Research Challenges Doesn’t work! Bandwidth: 300 kbps Blocked ports: None Bandwidth: 10 Mbps Works great! (Really!) Location privacy – Reports shouldn’t be linked, otherwise they can be used to track users – But also need to limit fraud; e.g., 1 report per AP per user – Solution: new ecash-like reporting protocol & robust summary functions

Research Challenges Location privacy – Reports shouldn’t be linked, otherwise they can be used to track users – But also need to limit fraud; e.g., 1 report per AP per user – Solution: new ecash-like reporting protocol & robust summary functions Location context – Performance dependent on location with respect to AP – Wireless channel effects loss rate – Solution: estimate different loss regimes w/ distributed measurements Doesn’t work! Bandwidth: 300 kbps Blocked ports: None Bandwidth: 10 Mbps Works great! (Really!)

WiFi-Reports Overview WiFi-Reports Account Service WiFi-Reports Account Service Independent Report Databases Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on UBookstore Cafe: Bandwidth: 4000 kbps Blocked ports: , Skype,… Report on UBookstore Cafe: Bandwidth: 4000 kbps Blocked ports: , Skype,… Users collect measurement reports when they use networks Reports are sent to databases for others to download

Questions and Challenges How useful would this system be in practice? – Do users have many choices of usable wireless networks? – Is there diversity in network performance/functionality? – Is performance stable enough to be predictive? – Are networks better for some applications but worse for others? – Do enough users use real networks to gather measurements? How do we limit “report fraud” and provide anonymity? – Not even the account service should be able to link a user’s reports to each other (otherwise location privacy is violated) – But each user should only be able to report once per network

Part I: Measurement Study We built a measurement tool to simulate reports that users would collect – Bandwidth, latency, jitter, blocked ports, number of other users, etc. We measured all networks visible from: – 13 hotspots near The Ave – ~7 days at different times of day Measurement procedure: – Sit near center of hotspot – Perform active spot measurements (2-3 minutes per network) shinka tea tullys 1 starbucks 1 tullys 2 trabant oasis lounjin yunnie bubble tea sureshot bookstore cafeontheave starbucks 2 cafesolstice Our study is the first to examine pay networks and encrypted networks, in addition to open networks Our study is the first to examine pay networks and encrypted networks, in addition to open networks

Results: Are there many APs? Better

Results: Are there many APs? Better

Results: Is there diversity? Better

Results: Is there diversity? Better

Results: Are measurements predictive? Better

Results: Are there application trade-offs? Better Better latency Better bandwidth

Part II: Private and Accountable Reporting How do we limit “vote fraud” and provide anonymity? Requirements: – No one, even the account service, should be able to link a user’s reports to each other (otherwise previous work says location privacy is violated) – Each user should only be able to report once per network

Anonymizing Mix Network Design Sketch WiFi-Reports Account Service WiFi-Reports Account Service Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Independent Report Databases tmobile seattlewifi CAFEONTHEAVE … 1.Client creates one token per AP 2.Client blinds each token 3.Account Service signs blinded tokens 4.Client unblinds tokens … 1.Client uses and measures an AP 2.Client uses token to sign report 3.Report is published via mix network Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None Report on tmobile: Bandwidth: 1200 kbps Blocked ports: None

Design Sketch Details = random public key pair {K tmobile, K tmobile -1 } – Account Service signs the public key K tmobile – Private key K tmobile -1 is used to sign reports  can update reports Assumptions: – The account service only gives one identity to each user – Most users are honest Open issues: – Client must get all tokens signed before using them  expensive If only get signed token after AP is used, use of the AP is revealed Can obtain a subset of all tokens instead (e.g., all tokens for a city)  trade off between token signing overhead for more location privacy

Token Generation Time Time to generate tokens for all APs in one city (single threaded Xenon 3.4 Ghz server)

Resistance to Fraud CDF of Prediction accuracy (1 = most accurate)

Ongoing work Implemented Wifi-Reports service – Linux client exists – Currently implementing Android client. Anyone want to help? MobiSys ‘09

Questions? (Other summer projects)

Results: Is there diversity? Better Blocked port = no measurement

Results: Is there diversity? Better Blocked port = no measurement

Results: Are measurements predictive? Better Blocked port = no measurement