How Bad Are The Rogues’ Impact on Enterprise 802.11 Network Performance ? Kaixin Sui, Dan Pei, Youjian Zhao, Zimu Li Tsinghua University.

Slides:

Advertisements

Similar presentations

YellowJacket b/a/n/g Berkeley Varitronics Systems, Inc. - Liberty Corporate Park Liberty Street - Metuchen, NJ Ph: (732)

Advertisements

1 Fault Analysis for Large-scale Campus-wide Wireless Networks Jian Chen Department of CS, Tsinghua University, Beijing, China.

Doc.: IEEE /0849r1 Submission July 2013 Brian Hart (Cisco Systems) Slide 1 New Technique: Enabling Real World Improvement By Exposing Internal.

Pervasive Wireless LANs Serving The Needs Of Higher Education Kamal Anand VP Marketing

Xiaolong Zheng, Zhichao Cao, Jiliang Wang, Yuan He, and Yunhao Liu SenSys 2014 ZiSense Towards Interference Resilient Duty Cycling in Wireless Sensor Networks.

Special Topics in Wireless Networking: MAC design and cross-layer issues.

Optimal Collaborative Access Point Association In Wireless Networks Ouldooz Baghban Karimi School of Computing Science Simon Fraser University Jiangchuan.

SELECT: Self-Learning Collision Avoidance for Wireless Networks Chun-Cheng Chen, Eunsoo, Seo, Hwangnam Kim, and Haiyun Luo Department of Computer Science,

1 Link Layer Multicasting with Smart Antennas: No Client Left Behind Souvik Sen, Jie Xiong, Rahul Ghosh, Romit Roy Choudhury Duke University.

Interactions Between the Physical Layer and Upper Layers in Wireless Networks: The devil is in the details Fouad A. Tobagi Stanford University “Broadnets.

Collision Aware Rate Adaptation (CARA) Bob Kinicki Computer Science Department Computer Science Department Advanced Computer.

Emerging Technologies in Wireless LANs. Replacement for traditional Ethernet LANs Several Municipalities Portland, OR Philadelphia, PA San Francisco,

Wireless Packet Loss Rate Xiangzhou Chen Zhihan Xia.

Experimental Measurement of VoIP Capacity in IEEE WLANs Sangho Shin Henning Schulzrinne Department of Computer Science Columbia University.

Wireless Local Area Networks By Edmund Gean August 2, 2000.

Performance Analysis of the Intertwined Effects between Network Layers for g Transmissions Wireless Multimedia Networking and Performance Modeling.

Self-Management in Chaotic Wireless Deployments A. Akella, G. Judd, S. Seshan, P. Steenkiste Presentation by: Zhichun Li.

20 – Collision Avoidance, : Wireless and Mobile Networks6-1.

VoIP over Wireless LANs Sangho Shin Ph.D. Candidate Department of Computer Science Columbia University.

IEEE in the Large: Observations at the IETF Meeting Henning Schulzrinne, Andrea G. Forte, Sangho Shin Department of Computer Science Columbia University.

CS541 Advanced Networking 1 Cognitive Radio Networks Neil Tang 1/28/2009.

802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.

Can we get Wi-Fi connectivity for 15 µW? Bryce Kellogg.

1. 2 Enterprise WLAN setting 2 Vivek Shrivastava Wireless controller Access Point Clients Internet NSDI 2011.

Enhancing TCP Fairness in Ad Hoc Wireless Networks Using Neighborhood RED Kaixin Xu, Mario Gerla University of California, Los Angeles {xkx,

Performance Analysis of the Intertwined Effects between Network Layers for g Transmissions Wireless Multimedia Networking and Performance Modeling.

1 Assessing The Real Impact of WLANs: A Large-Scale Comparison of Wired and Wireless Traffic Maria Papadopouli * Assistant Professor Department.

TCP Behavior across Multihop Wireless Networks and the Wired Internet Kaixin Xu, Sang Bae, Mario Gerla, Sungwook Lee Computer Science Department University.

Packet Loss Characterization in WiFi-based Long Distance Networks Authors : Anmol Sheth, Sergiu Nedevschi, Rabin Patra, Lakshminarayanan Subramanian [INFOCOM.

1 Self Management in Chaotic Wireless Networks Aditya Akella, Glenn Judd, Srini Seshan, Peter Steenkiste Carnegie Mellon University.

1 © 2011 XIRRUS :: All Rights Reserved BRING YOUR OWN DEVICE (BYOD) DOESN’T HAVE TO MEAN UNCONTROLLED NOVEMBER 2011 Perry Correll Xirrus, Principal Technologist.

Northeastern Illinois University. Authors Salwa Abdelrahim Samia Nur Eldayim Supervisor Prof. Cafatori.

ECE 4450:427/527 - Computer Networks Spring 2015

VoIP Packets In the Air and Over the Wire J. Scott Haugdahl CTO

WIRELESS LAN SECURITY Using

Unwanted Link Layer Traffic in Large IEEE Wireless Network By Naga V K Akkineni.

Wireless Networks 2015 CTSP Course CTSP Clsss Wireless - February

Qian Zhang and Christopher LIM Department of Computer Science and Engineering, Hong Kong University of Science and Technology IEEE ICC 2009.

Understanding the Real-World Performance of Carrier Sense MIT Computer Science and Artificial Intelligence Laboratory Networks and Mobile Systems

Enhancing the Security of Corporate Wi-Fi Networks using DAIR PRESENTED BY SRAVANI KAMBAM 1.

Study on Coexistence of LAA and WiFi

Enhancing TCP Fairness in Ad Hoc Wireless Networks using Neighborhood RED Kaixin Xu, Mario Gerla UCLA Computer Science Department

Self Management of Rate, Power and Carrier-Sense Threshold for Interference Mitigation in IEEE Networks Adviser : Frank, Yeong-Sung Lin Presented.

WiCop: Engineering WiFi Temporal White-Space for Safe Operations of Wireless Body Area Networks in Medical Applications Yufei Wang, Qixin Wang, Zheng Zeng,

Deployment Guidelines for Highly Congested IEEE b/g Networks Andrea G. Forte and Henning Schulzrinne Columbia University.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router Chapter 7.

MOJO: A Distributed Physical Layer Anomaly Detection System for WLANs Richard D. Gopaul CSCI 388.

Packet Dispersion in IEEE Wireless Networks Mingzhe Li, Mark Claypool and Bob Kinicki WPI Computer Science Department Worcester, MA 01609

Doc.: IEEE /0648r0 Submission May 2014 Chinghwa Yu et. al., MediaTekSlide 1 Performance Observation of a Dense Campus Network Date:

Networking Devices.

Characterizing Home Wireless Performance: The Gateway View Ioannis Pefkianakis* H. Lundgren^, A. Soule^, J. Chandrashekar^, P. Guyadec^, C. Diot^, M. May^,

Characterizing Home Wireless Performance: The Gateway View Ioannis Pefkianakis* H. Lundgren^, A. Soule^, J. Chandrashekar^, P. Guyadec^, C. Diot^, M. May^,

Doc.: IEEE / ax Submission M. Shahwaiz Afaqui Date: 2015-March Proposal and simulation based evaluation of DSC-AP algorithm. Authors:

Muhammad Niswar Graduate School of Information Science

Cisco Discovery Networking for Homes and Small Businesses Chapter 7 JEOPARDY.

Cisco Discovery Home and Small Business Networking Chapter 7 – Wireless Networking Jeopardy Review v1.1 Darren Shaver Kubasaki High School – Okinawa,

1 Chapter 4 MAC Layer – Wireless LAN Jonathan C.L. Liu, Ph.D. Department of Computer, Information Science and Engineering (CISE), University of Florida.

Performance Evaluation of Multiple IEEE b WLAN Stations in the Presence of Bluetooth Radio.

Dirk Grunwald Dept. of Computer Science, ECEE and ITP University of Colorado, Boulder.

Meeting High Speed Wi-Fi Needs in Difficult Dorm Environments ANGELO D. SANTABARBARA DIRECTOR NETWORKS & SYSTEMS.

Wi-Fi Network Signal Strength Field Data

A Rate-Adaptive MAC Protocol for Multi-Hop Wireless Networks

IEEE in the Large: Observations at the IETF Meeting

CS 457 – Lecture 7 Wireless Networks

Slobodan Milanko Manweiler, J., Franklin, P., & Choudhury, R. R. (2012, March). RxIP: Monitoring the health of home wireless networks. In INFOCOM, 2012.

Goal Control the amount of traffic in the network

Self Management in Chaotic Wireless Networks

Muhammad Niswar Graduate School of Information Science

Investigation of Voice Traffic in Wi-Fi Environment

LAA / Wi-Fi Coexistence evaluations with commercial hardware

Presentation transcript:

How Bad Are The Rogues’ Impact on Enterprise Network Performance ? Kaixin Sui, Dan Pei, Youjian Zhao, Zimu Li Tsinghua University

EWLAN, AC, EAP, and RAP EWLAN (Enterprise WLAN) EAP (Enterprise AP) AC (Wireless Controller) RAP (Rogue AP) Security threat Great impact on EWLAN performance 2

Chaotic RAP deployment in EWLAN 5GHz v.s. 2.4GHz of #RAP : 292 v.s Focus on 2.4 GHz 3

Chaotic RAP deployment in EWLAN 5GHz v.s. 2.4GHz of #RAP : 292 v.s Focus on 2.4 GHz #RAP v.s. #EAP in 2.4GHz : v.s The RAP to EAP ratio > 7:1 4

Chaotic RAP deployment in EWLAN 5GHz v.s. 2.4GHz of #RAP : 292 v.s Focus on 2.4 GHz #RAP v.s. #EAP in 2.4GHz : v.s The RAP to EAP ratio > 7:1 5

Chaotic RAP deployment in EWLAN 5GHz v.s. 2.4GHz of #RAP : 292 v.s Focus on 2.4 GHz #RAP v.s. #EAP in 2.4GHz : v.s The RAP to EAP ratio > 7:1 Chaotic RAPs may cause great performance degradation of EWLAN. Our GOAL: Measure RAPs’ impact on EWLAN performance 6

Data collection EWALN of Tsinghua campus 4 km 2, students, faculties and staff 5 Weekdays (2014/07/14-18) 11 ACs (Cisco), 2002 EAPs (Cisco), EAP Clients 79 Buildings ( 5 types: administrative, classroom, cafeteria, department, dorm) RAPs, RAP Clients 7

Data collection EWALN of Tsinghua campus 4 km 2, students, faculties and staff 5 Weekdays (2014/07/14-18) 11 ACs (Cisco), 2002 EAPs (Cisco), EAP Clients 79 Buildings ( 5 types: administrative, classroom, cafeteria, department, dorm) RAPs, RAP Clients 8

Data collection EWALN of Tsinghua campus 4 km 2, students, faculties and staff 5 Weekdays (2014/07/14-18) 11 ACs (Cisco), 2002 EAPs (Cisco), EAP Clients 79 Buildings ( 5 types: administrative, classroom, cafeteria, department, dorm) RAPs, RAP Clients One of the largest scale WiFi measurement 9

Data collection SNMP Data without any additional measurement hardware 10 min interval 10

Data collection SNMP Data without any additional measurement hardware 10 min interval 17 Objects 11 confirmed

RAP Classification 12

RAP Impact: CS RAP and HT RAP [CS RAP] Carrier Sense RAP Impact: EAP Access Delay [HT RAP] Hidden Terminal RAP Impact: EAP Packet Loss HT RAPEAPClient Collision Zone CS RAPEAP Client 13

RAP Impact: CS RAP and HT RAP [CS RAP] Carrier Sense RAP Impact: EAP Access Delay [HT RAP] Hidden Terminal RAP Impact: EAP Packet Loss Due to the totally different impacts on EAP 14

RAP Impact: CS RAP and HT RAP [CS RAP] Carrier Sense RAP Impact: EAP Access Delay [HT RAP] Hidden Terminal RAP Impact: EAP Packet Loss Due to the totally different impacts on EAP The CS RAP and HT RAP needs to be distinguished. The impact of CS RAP and HT RAP needs to be measured respectively. 15

Distinguish CS RAPs and HT RAPs CS RAPs or HT RAPs? RSSI = -75dBmRSSI = -80dBmRSSI = - 90dBmRSSI = -95dBm Use the RAP RSSI and CST to distinguish. RSSI is from SNMP CST = -85 dBm (Carrier Sense Threshold) 16

Distinguish CS RAPs and HT RAPs CS RAPs or HT RAPs? RSSI = -75dBmRSSI = -80dBmRSSI = - 90dBmRSSI = -95dBm Use the RAP RSSI and CST to distinguish. CS RAP (RSSI ≥ CST)HT RAP (RSSI < CST) RSSI is from SNMP CST = -85 dBm (Carrier Sense Threshold) 17 RAP ∈ CS RAP IF RSSI ≥ CST

Distinguish CS RAPs and HT RAPs Why CST (Carrier Sense Threshold) = -85dBm ? Empirical value : Nabeel Ahmed. Interference Management in Dense Networks. PhD thesis. 18

EAP Client Distinguish CS RAPs and HT RAPs Why CST (Carrier Sense Threshold) = -85dBm ? Empirical value Control experiment EAP RAP 19 RAP

Distinguish CS RAPs and HT RAPs Why CST (Carrier Sense Threshold) = -85dBm ? 20 ClientEAP RAP CS RAP ClientEAP RAP HT RAP -85 dBm

#CS RAP and #HT RAP - vary over time 21

#CS RAP and #HT RAP - vary over time Human traffic has a significant impact on the RSSI of WiFi devices 22 Some HT RAPs disappear at the Rush Hour : Multipath Fading Human Traffic -> #RAP ->

#CS RAP and #HT RAP - vary over time Human traffic has a significant impact on the RSSI of WiFi devices Some HT RAPs disappear at the Rush Hour : Multipath Fading 23

#CS RAP and #HT RAP - at an EAP #CS RAP v.s. #EAP : 5 v.s. 1 #HT RAP v.s. #EAP : 15 v.s. 1 Large number of RAPs and more HT RAPs than CS RAPs. 24

Measure RAPs' impact on EWLAN performance CS RAP impact: EAP access delay CSI (Carrier Sense Interference) when channel utilization is high Not Severe (~ 5%, < 10% in most cases) CSI = Interference Utilization / ( Channel Utilization - Interference Utilization ) 25 The EAP placement, channel, and power are carefully designed and optimized by the vendor software for the EWLAN.

Measure RAPs' impact on EWLAN performance HT RAP Impact: EAP packet loss LOSSRATE of packets from EAP to high SNR clients 26

Measure RAPs' impact on EWLAN performance HT RAP Impact: EAP packet loss LOSSRATE of packets from EAP to high SNR clients Filter the Packet Loss caused by Low SNR including Non-WiFi Interference, Fading Channel, etc. 27

Measure RAPs' impact on EWLAN performance HT RAP Impact: EAP packet loss LOSSRATE of packets from EAP to high SNR clients Severe (~ 30%, > 50% in 20% cases) MAC LOSSRATE = (Retry Limit * Fail Count + Retry Count)/(Retry Limit * Fail Count + Retry Count + Success Count) Current EAP software do nothing about HT RAPs. Operators should take more attention to HT RAPs to alleviate the LOSSRATE. 28

Measure RAPs' impact on EWLAN performance The overall impact of RAPs: IP layer delay at the WiFi hop IMPACT Severe (~ 50%, > 80% in 20% cases) IMPACT = ( 1 + CSI ) * ( 1 + MAC LOSSRATE ) – 1 29

Conclusion The first large-scale measurement study on rogue APs’ impact on the EWLAN performance. Propose a generic methodology to distinguish CS RAPs and HT RAPs, and roughly quantify their impact using only SNMP data. Key findings of our studied EWALN RAPs are chaotic in EWLAN. Carrier sense interference due to RAPs are not severe. Hidden terminal interference due to RAPs are much more severe. (increasing up to 50% MAC loss rate) 30

Thank you ! 31

Backups 32

INFORMATION ABOUT 79 BUILDINGS 33

Distinguish CS RAPs and HT RAPs Why CST (Carrier Sense Threshold) = -85dBm ? Empirical value Minimum power that an RF receiver must receive to detect the transmission of a wireless signal. Most wireless card manufacturers conservatively set this threshold to a low value -85 dBm. 34

RAP Mobility RAP has relatively stable channel and location. Only < 8% of the RAPs are actually mobile. Fake Move! Because some Enterprise AP use Extender to share one MAC. 35