Written by Yu-Chung Cheng, John Bellardo, Peter Benko, Alex C. Snoeren, Geoffrey M. Voelker and Stefan Savage Written by Yu-Chung Cheng, John Bellardo,

Slides:



Advertisements
Similar presentations
* Distributed Algorithms in Multi-channel Wireless Ad Hoc Networks under the SINR Model Dongxiao Yu Department of Computer Science The University of Hong.
Advertisements

Hidden Terminal Problem and Exposed Terminal Problem in Wireless MAC Protocols.
Chapter 7: Transport Layer
© Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS591 – Wireless & Network Security.
1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.
Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.
Networking Theory (Part 1). Introduction Overview of the basic concepts of networking Also discusses essential topics of networking theory.
OSI Model.
Ethernet: CSMA/CD (Carrier Sense Multiple Access with Collision Detection) Access method: method of controlling how network nodes access communications.
20 – Collision Avoidance, : Wireless and Mobile Networks6-1.
11 Diagnosing and improving Wireless Networks Patrick Verkaik Mikhail Afanasyev Yuvraj Agarwal Yu-Chung Cheng Stefan Savage Alex C. Snoeren Geoffrey.
CMPE 80N - Introduction to Networks and the Internet 1 CMPE 80N Winter 2004 Lecture 9 Introduction to Networks and the Internet.
6: Wireless and Mobile Networks6-1 Chapter 6: Wireless and Mobile Networks Background: r # wireless (mobile) phone subscribers now exceeds # wired phone.
1 Elements of a wireless network network infrastructure wireless hosts r laptop, PDA, IP phone r run applications r may be stationary (non- mobile) or.
11 Automating Cross-Layer Diagnosis of Enterprise Wireless Networks Yu-Chung Cheng Mikhail Afanasyev Patrick Verkaik Jennifer Chiang Alex C. Snoeren.
1. 2 Enterprise WLAN setting 2 Vivek Shrivastava Wireless controller Access Point Clients Internet NSDI 2011.
MAC Protocol By Ervin Kulenica & Chien Pham.
5-1 Data Link Layer r What is Data Link Layer? r Wireless Networks m Wi-Fi (Wireless LAN) r Comparison with Ethernet.
Jigsaw: Solving the Puzzle of Enterprise Analysis Yu-Chung Cheng John Bellardo, Peter Benko, Alex C. Snoeren, Geoff Voelker, Stefan Savage.
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.
Energy-Aware Synchronization in Wireless Sensor Networks Yanos Saravanos Major Advisor: Dr. Robert Akl Department of Computer Science and Engineering.
6: Wireless and Mobile Networks6-1 Elements of a wireless network network infrastructure wireless hosts r laptop, PDA, IP phone r run applications r may.
Wireless Networking & Mobile Computing CS 752/852 - Spring 2012 Tamer Nadeem Dept. of Computer Science Lec #7: MAC Multi-Rate.
Adapted from: Computer Networking, Kurose/Ross 1DT066 Distributed Information Systems Chapter 6 Wireless, WiFi and mobility.
Chapter 2 The Infrastructure. Copyright © 2003, Addison Wesley Understand the structure & elements As a business student, it is important that you understand.
Wi-Fi Wireless LANs Dr. Adil Yousif. What is a Wireless LAN  A wireless local area network(LAN) is a flexible data communications system implemented.
CECS 474 Computer Network Interoperability Notes for Douglas E. Comer, Computer Networks and Internets (5 th Edition) Tracy Bradley Maples, Ph.D. Computer.
CS640: Introduction to Computer Networks Aditya Akella Lecture 22 - Wireless Networking.
Wireless LAN Advantages 1. Flexibility 2. Planning 3. Design
Introduction1-1 Data Communications and Computer Networks Chapter 5 CS 3830 Lecture 27 Omar Meqdadi Department of Computer Science and Software Engineering.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 7: Transport Layer Introduction to Networking.
9/19/20151 Automating Cross-Layer Diagnosis of Enterprise Wireless Networks Geoffrey M. Voelker Mikhail Afanasyev, John Bellardo, Peter Benko, Yu-Chung.
2006/12/04NTU/nslab1 Jigsaw: Solving the Puzzle of Enterprise Analysis Yu­Chung ChengYu­Chung Cheng, John Bellardo, P´eter Benk¨o Alex C. Snoeren,
1 Architecture and Techniques for Diagnosing Faults in IEEE Infrastructure Networks Atul Adya, Victor Bahl, Ranveer Chandra, Lili Qiu Microsoft.
CWNA Guide to Wireless LANs, Second Edition
6: Wireless and Mobile Networks6-1 Chapter 6 Wireless and Mobile Networks Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router Chapter 7.
Wireless Access avoid collisions: 2 + nodes transmitting at same time CSMA - sense before transmitting –don’t collide with ongoing transmission by other.
MOJO: A Distributed Physical Layer Anomaly Detection System for WLANs Richard D. Gopaul CSCI 388.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Wireless and Mobility The term wireless is normally used to refer to any type of electrical or electronic operation which is accomplished without the use.
ECE 256: Wireless Networking and Mobile Computing
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Connecting Devices CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL Department of Electronics and.
Improving TCP Performance over Wireless Networks
Planning and Analyzing Wireless LAN
WIRELESS COMMUNICATION Husnain Sherazi Lecture 1.
A Multi-Channel CSMA MAC Protocol with Receiver Based Channel Selection for Multihop Wireless Networks Nitin Jain, Samir R. Das Department of Electrical.
EEC-484/584 Computer Networks Lecture 14 Wenbing Zhao
MAC Sublayer MAC layer tasks: – Control medium access – Roaming, authentication, power conservation Traffic services – DCF (Distributed Coordination.
Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Overview of Ethernet Networking A Rev /31/2011.
1 Chapter 4 MAC Layer – Wireless LAN Jonathan C.L. Liu, Ph.D. Department of Computer, Information Science and Engineering (CISE), University of Florida.
Doc.: IEEE /482r0 Submission October 2001 Steve Shellhammer, Symbol Technologies Slide 1 IEEE P Working Group for Wireless Personal Area.
LECTURE 13 CT1303 LAN. DYNAMIC MAC PROTOCOL: CONTENTION PROTOCOL CSMA\CA Carrier Sense Multiple Access\Collision Avoidance CSMA\CA Each station will sense.
Wireless LAN Requirements (1) Same as any LAN – High capacity, short distances, full connectivity, broadcast capability Throughput: – efficient use wireless.
COMP2322 Lab 1 Introduction to Wireless LAN Weichao Li Apr. 8, 2016.
IEEE Wireless LAN. Wireless LANs: Characteristics Types –Infrastructure based –Ad-hoc Advantages –Flexible deployment –Minimal wiring difficulties.
Medium Access Control. MAC layer covers three functional areas: reliable data delivery access control security.
Media Access Methods MAC Functionality CSMA/CA with ACK
Outline What is Wireless LAN Wireless Transmission Types
Wireless LANs Wireless proliferating rapidly.
Channel Allocation (MAC)
Introduction to Networking
Network Basics Extended Learning Module E
CS 457 – Lecture 7 Wireless Networks
Jigsaw: Solving the Puzzle of Enterprise Analysis
EEC-484/584 Computer Networks
Introduction to Wireless Networks
EEC-484/584 Computer Networks
Protocols.
Protocols.
Presentation transcript:

Written by Yu-Chung Cheng, John Bellardo, Peter Benko, Alex C. Snoeren, Geoffrey M. Voelker and Stefan Savage Written by Yu-Chung Cheng, John Bellardo, Peter Benko, Alex C. Snoeren, Geoffrey M. Voelker and Stefan Savage Jigsaw: Solving the Puzzle of Enterprise Analysis Analysis by Carlos Troncoso CS388 Wireless Security Analysis by Carlos Troncoso CS388 Wireless Security

February 28, 2008 Common problems in production Wireless Networks  Conflicts with nearby wireless devices  Bad AP channel assignments  Microwave ovens interference  Bad interaction between TCP and  Rogue access points interference  Poor choice of APs (weak signal)  Incompatible user software/hardware  Conflicts with nearby wireless devices  Bad AP channel assignments  Microwave ovens interference  Bad interaction between TCP and  Rogue access points interference  Poor choice of APs (weak signal)  Incompatible user software/hardware

February 28, 2008 Sounds Familiar? Helpdesk receives a phone call…  User: “…my Internet connection is flaky… ”  Support: “What happened?…”  User: “Well Internet got disconnected and now it is very slow…”  Support:“OK, let me check here…”  User: “Wait!..wait…it’s working now….” Helpdesk receives a phone call…  User: “…my Internet connection is flaky… ”  Support: “What happened?…”  User: “Well Internet got disconnected and now it is very slow…”  Support:“OK, let me check here…”  User: “Wait!..wait…it’s working now….”

February 28, 2008 Goal of Jigsaw To develop a deeper understanding of the dynamics and interactions in production wireless networks by reconstructing their behavior in its entirety.

February 28, 2008 Jigsaw Provides a single, unified view of all physical, link, network, and transport-layer activity on a production network.

February 28, 2008 Wireless traffic measure challenges:  Ambient environmental interference  Sender’s transmit power  Distance to the receiver  Strength of any simultaneous transmissions on nearby channels heard by the same receiver  MAC (Media Access Control) protocol  Traffic is based on TCP protocol that carries a set of complex dynamics  Ambient environmental interference  Sender’s transmit power  Distance to the receiver  Strength of any simultaneous transmissions on nearby channels heard by the same receiver  MAC (Media Access Control) protocol  Traffic is based on TCP protocol that carries a set of complex dynamics

February 28, 2008 Methodology  Large-scale monitoring infrastructure deploying hundreds of radio monitors to gather traffic activity over the Wireless network (covering around 1million cubic feet)  These monitors feed the centralized system Jigsaw to produce a precise global picture of the network activity.  Large-scale monitoring infrastructure deploying hundreds of radio monitors to gather traffic activity over the Wireless network (covering around 1million cubic feet)  These monitors feed the centralized system Jigsaw to produce a precise global picture of the network activity.

February 28, 2008 Methodology (continued)  Large-scale Synchronization: achieved through a passive algorithm that synchronizes the hundreds of simultaneous traces  Frame Unification: achieved by combining and merging duplicate traces to construct a single trace  Multi-Layer Reconstruction: achieved by reconstructing raw frame data into a complete trace with all link and transport-layer conversations.  Large-scale Synchronization: achieved through a passive algorithm that synchronizes the hundreds of simultaneous traces  Frame Unification: achieved by combining and merging duplicate traces to construct a single trace  Multi-Layer Reconstruction: achieved by reconstructing raw frame data into a complete trace with all link and transport-layer conversations.

February 28, 2008 Media Access Control  protocol uses the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) to schedule and retry transmissions  CSMA/CA has the hidden node problem  protocol uses the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) to schedule and retry transmissions  CSMA/CA has the hidden node problem

February 28, 2008 Hidden Node problem  Creates co-channel interference from other transmitters  Finding:  CSMA/CA uses special RTS/CTS (Request to Send/Clear to Send) frames to handle this problem  Hidden nodes are handled by Jigsaw (with exceptions)  Creates co-channel interference from other transmitters  Finding:  CSMA/CA uses special RTS/CTS (Request to Send/Clear to Send) frames to handle this problem  Hidden nodes are handled by Jigsaw (with exceptions) A Laptop B A sends data and Laptop sends an ACK Hidden Node: A sends data, Laptop‘s reception is interfered by B ?

February 28, 2008 Previous Related Work  Researches measured traffic using less monitoring nodes  Previous efforts focused on separate channels, or focused on small number of traces  The Jigsaw approach focuses on large-scale online monitoring and complete multi-layer reconstruction.  Researches measured traffic using less monitoring nodes  Previous efforts focused on separate channels, or focused on small number of traces  The Jigsaw approach focuses on large-scale online monitoring and complete multi-layer reconstruction.

February 28, 2008 Data Collection  Environment  Hardware  Software  Environment  Hardware  Software Department of Computer Science and Engineering University of California, San Diego

February 28, 2008 Environment  Study was done at the University’s CS building  4 story building  500 users with 10 to 100 active client connections  Study was done at the University’s CS building  4 story building  500 users with 10 to 100 active client connections

February 28, 2008 Hardware  2.8 GHz Pentium Server with 2 TB of Storage  40 sensor pods used for wireless infrastructure  4 radios in each sensor pod to capture all channels, timestamp, errors, etc.  2.8 GHz Pentium Server with 2 TB of Storage  40 sensor pods used for wireless infrastructure  4 radios in each sensor pod to capture all channels, timestamp, errors, etc.

February 28, 2008 Software  Pebble Linux and MadWifi driver for each monitor  Driver modified to capture even corrupted frames and physical errors  Jigdump application to manage data capture  Pebble Linux and MadWifi driver for each monitor  Driver modified to capture even corrupted frames and physical errors  Jigdump application to manage data capture

February 28, 2008 Trace Merging Trace merging is necessary to produce a coherent description of combined traces.

February 28, 2008 Trace Merging Requirements  Synchronization: monitors timestamps by properly synchronizing all frames to a common reference time  Unification: minimizes duplicate traces  Efficiency: trace merging executes faster than real time radios  Synchronization: monitors timestamps by properly synchronizing all frames to a common reference time  Unification: minimizes duplicate traces  Efficiency: trace merging executes faster than real time radios

February 28, 2008 Bootstrap synchronization  Method finds set of reference points to synchronize the radios  All clocks run at the same rate and Jigsaw system places each frame into a universal time by adjusting its timestamp  Methodology allows frames on one channel to be related to timestamps on another  Method finds set of reference points to synchronize the radios  All clocks run at the same rate and Jigsaw system places each frame into a universal time by adjusting its timestamp  Methodology allows frames on one channel to be related to timestamps on another

February 28, 2008 Unification After bootstrap synchronization, Jigsaw processes traces by time and unifies duplicate frames (instances) into single data structures called jframes

February 28, 2008 Jigsaw trace: jframe Monitors Time Received frames Received, with error Corrupted data Traces synchronized

February 28, 2008 Unification (continued)  Basic unification: a linear scan is performed to group instances with the same timestamp  Clock adjustment: because radio clock’s skew over time, jigsaw takes advantage of the unification method and resynchronizes each trace  Managing skew and drift: if sensors do not detect frames in common, then jigsaw relies in the local clock of the radio sensor to assign a timestamp  Basic unification: a linear scan is performed to group instances with the same timestamp  Clock adjustment: because radio clock’s skew over time, jigsaw takes advantage of the unification method and resynchronizes each trace  Managing skew and drift: if sensors do not detect frames in common, then jigsaw relies in the local clock of the radio sensor to assign a timestamp

February 28, 2008 Link and transport reconstruction After constructing a global view of the physical events, the next step is to reconstruct the link and transport layer traffic.

February 28, 2008 Link-Layer inference L2  Jigsaw identifies each transmission attempt from the sender and records subsequent responses  MAC address are used to group frames to check whether transmission requests are being delivered successfully or not  Jigsaw uses frame sequence number to reference groups of frames, but also deduces the presence of missing frames based on subsequent behavior of sender and receiver  Jigsaw identifies each transmission attempt from the sender and records subsequent responses  MAC address are used to group frames to check whether transmission requests are being delivered successfully or not  Jigsaw uses frame sequence number to reference groups of frames, but also deduces the presence of missing frames based on subsequent behavior of sender and receiver

February 28, 2008 Transport inference L4  The transport analysis takes frame exchanges as input and reconstructs TCP flows based on the packet headers  By capturing TCP ACKs, Jigsaw can record even the omitted frames shown in the packet  The transport analysis takes frame exchanges as input and reconstructs TCP flows based on the packet headers  By capturing TCP ACKs, Jigsaw can record even the omitted frames shown in the packet

February 28, 2008 Coverage  Obtaining effective coverage for all transmissions is an evident challenge  Monitors need to be precisely placed and properly configured to capture ALL data  97% of traffic was covered in this Jigsaw implementation  Obtaining effective coverage for all transmissions is an evident challenge  Monitors need to be precisely placed and properly configured to capture ALL data  97% of traffic was covered in this Jigsaw implementation

February 28, 2008 Analysis Global perspective provided by the distributed monitors  Trace summary  Interference  g protection mode  TCP loss rate inference Global perspective provided by the distributed monitors  Trace summary  Interference  g protection mode  TCP loss rate inference

February 28, 2008 Trace Summary  High level characteristics of trace by collecting traffic from active APs  Average of three observations made for every frame in the network  Finding: management traffic (beacon, ARP) consumes 10% of the channel at a given time  High level characteristics of trace by collecting traffic from active APs  Average of three observations made for every frame in the network  Finding: management traffic (beacon, ARP) consumes 10% of the channel at a given time

February 28, 2008 Interference Simultaneous transmission that causes frame loss Red color shows an example of physical interference caused by a Microwave oven Instantly detects and tags interference

February 28, g Protection mode  Protection policy is extremely conservative  Reduces performance  Should only be used when b is present  Protection policy is extremely conservative  Reduces performance  Should only be used when b is present

February 28, 2008 TCP loss rate inference  The TCP reconstruction algorithm is used to assemble all flows that complete a handshake.  TCP loss is dominant over physical traffic  The TCP reconstruction algorithm is used to assemble all flows that complete a handshake.  TCP loss is dominant over physical traffic

February 28, 2008 Present  Jigsaw is an attempt to attain a high level of detailed analysis  Jigsaw unifies traces from multiple passive wireless monitors to reconstruct a global view of network activity  Jigsaw is only the building block to answer the questions  Why is the network malfunctioning?  How do I fix it?  Jigsaw is an attempt to attain a high level of detailed analysis  Jigsaw unifies traces from multiple passive wireless monitors to reconstruct a global view of network activity  Jigsaw is only the building block to answer the questions  Why is the network malfunctioning?  How do I fix it?

February 28, 2008 Future  Real-time system for automated detection and evaluation of poor network performance  Identifies problem flows and isolates potential causes of poor performance  Real-time system for automated detection and evaluation of poor network performance  Identifies problem flows and isolates potential causes of poor performance

February 28, 2008 Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.