Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Traffic Management: Security vs. Economics

Published byHilary Oliver Modified over 6 years ago

Similar presentations

Presentation on theme: "Internet Traffic Management: Security vs. Economics"— Presentation transcript:

1 Internet Traffic Management: Security vs. Economics
Sergey Gorinsky Developing the Science of Networks NPSec 2013, the 8th IEEE workshop on Secure Network Protocols Göttingen, Germany, 7 October 2013

2 Preview Security vs. economics of Internet traffic
How to deal with uncertainty in network protocols? Personal research retrospective (with ICNP anecdotes) Security against inflated multicast subscription RD network services Economics of traffic attraction Cooperative IP transit Attempts to generalize and conclude Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

3 Prehistory (before Security and Economics)
Performance is the king Internet traffic management needs to be improved! Obsession with perfection Optimal algorithms Scalability without a limit “Good enough is not good enough” Frustrations of perfectionism NP-complete problems Physical constants Researchers with alternative ideas Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

4 Receiver-driven Layered Multicast (McCanne et al. 1996)
1 Mbps group Sender 3 Mbps group 1 Mbps receiver 1 Mbps receiver 4 Mbps receiver Idea: control congestion by the receivers subscribing to multicast groups in a multiple-group session Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

5 To Security (“I am a Control Freak”)
Expecting others to follow my design Others doing things their own way? This would be less efficient This is a misbehavior This has to be secured against “My way or the highway” ICNP 1998 (Austin, Texas), Hui Zhang’s tutorial “Traffic Control and QoS Management in the Internet”: TCP, router mechanisms, IntServ (Integrated Services), DiffServ (Differentiated Services) Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

6 Security against Inflated Subscription (Gorinsky et al. 2003)
Updated key Idea: link the group access with the congestion status Packets Sender Receiver No updated key Receiver Receiver Updated key Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

7 Security Mechanism Details (Gorinsky et al. 2003)
Packets of group 4: 16 17 18 19 20 3 Packets of group 3: 11 12 13 14 15 2 Packets of group 2: 7 6 8 9 10 1 Packets of group 1: 1 2 3 4 5 Time slot Top key for each group g where is XOR, is a component in packet p of group j Each packet of group g carries a decrease key for group g-1 When an increase is authorized, the increase key is Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

8 How dangerous is the outside world?
How common is this misbehavior? How strong is the need for solving the problem? Allan Borodin and Stephen Cook, University of Toronto, 2003 Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

9 Network Service Differentiation
11/18/2018 IntServ performance guarantees for end-to-end flows end-to-end delay and throughput high complexity no end-to-end deployment DiffServ reduced complexity performance guarantees for classes of flows Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

10 Towards Economics Others have the right to have a choice
This is not an Internet. (© Magritte) ICNP 2007 (Beijing, China) panel discussion by NSF Others have the right to have a choice Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

11 Internet of Multiple Stakeholders
11/18/2018 Internet of Multiple Stakeholders legacy user adopting user : legacy network : adopting network Networks (and users) with different economic interests Ineffective service differentiation under partial deployment No ability to charge differently for different services Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

12 RD Network Services (Podlesny and Gorinsky 2008)
11/18/2018 RD Network Services (Podlesny and Gorinsky 2008) RD router R queue output link D queue Differentiation with free choice between two services R (Rate) service of higher throughput D (Delay) service of lower delay Router implementation via link scheduling and buffer sizing Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

13 In Economics What others want? How much do they value it?
How can I provide it? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

14 Internet Traffic Value (Bangera and Gorinsky 2013)
Sender traffic Receiver How valuable is traffic for transit networks? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

15 Internet Traffic Value (Bangera and Gorinsky 2013)
Sender traffic path announcement Receiver Can a network attract traffic to increase transit revenue? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

16 Economics of Attraction (Bangera and Gorinsky 2013)
Traffic attraction can substantially increase transit revenues pulls traffic up the transit hierarchy reduces peering traffic is effective despite countermeasures Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

17 Reduction of Transit Costs
Network interest in reducing its transit costs Solutions that reduce transit traffic Peering, multicast, content delivery networks, … (4) animations Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

18 Tuangou of CIPT (Stanojevic, Castro, and Gorinsky 2011)
Reduction of transit costs without altering traffic Economies of scale in transit pricing CIPT (Cooperative IP Transit) multiple ISPs jointly purchase transit in bulk Shapley value to share the savings $ $ (4) animations Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

19 Individual Savings (Stanojevic, Castro, and Gorinsky 2011)
Each CIPT network reduces its own transit cost Absolute savings grow with the network size Relative savings drop with the network size (1) animation Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

20 CIPT and the Internet (Castro, Stanojevic, and Gorinsky 2013)
Reaction by transit providers CIPT as a new customer Bypass of the middleman Overall impact on the Internet ecosystem $ (4) animations Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

21 Attempt to Conclude Be open to alternative ways Accept inefficiency
Securing own design is fine Forcing my security on others is not Working with the environment, not against it Accept inefficiency My designs are not perfect and never will be Diversity is valuable in itself No “price of anarchy” blues Think globally, act locally Improve global traffic management via local improvements Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

22 Thanks! Maxim Podlesny Harrick Vin Yongguang Zhang Sugat Jain
Rade Stanojevic Ignacio Castro Pradeep Bangera Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

23 ICNP 2013 (Göttingen, Germany)
What will we learn here? Sergey Gorinsky, “Internet Traffic Management: Security vs. Economics” 18 November November 2018

Download ppt "Internet Traffic Management: Security vs. Economics"

Similar presentations

Bulk-Data Metanet: Virtualization by Example Sergey Gorinsky Applied Research Laboratory Applied Research Laboratory Department of Computer Science and.

Bulk-Data Metanet: Virtualization by Example Sergey Gorinsky Applied Research Laboratory Applied Research Laboratory Department of Computer Science and.
P4P: ISPs and P2P Laird Popkin, Pando Networks Doug Pasko, Verizon.

P4P: ISPs and P2P Laird Popkin, Pando Networks Doug Pasko, Verizon.
Policy-based Congestion Management for an SMS Gateway Alberto Gonzalez (KTH) Roberto Cosenza (Infoflex) Rolf Stadler (KTH) June 8, 2004, Policy Workshop.

Policy-based Congestion Management for an SMS Gateway Alberto Gonzalez (KTH) Roberto Cosenza (Infoflex) Rolf Stadler (KTH) June 8, 2004, Policy Workshop.
Resource Pooling A system exhibits complete resource pooling if it behaves as if there was a single pooled resource. The Internet has many mechanisms for.

Resource Pooling A system exhibits complete resource pooling if it behaves as if there was a single pooled resource. The Internet has many mechanisms for.
Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli SIGCOMM 1996.

Receiver-driven Layered Multicast S. McCanne, V. Jacobsen and M. Vetterli SIGCOMM 1996.
Network Congestion Gabriel Nell UC Berkeley. Outline Background: what is congestion? Congestion control – End-to-end – Router-based Economic insights.

Network Congestion Gabriel Nell UC Berkeley. Outline Background: what is congestion? Congestion control – End-to-end – Router-based Economic insights.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6600: Internet Protocols Informal Quiz #11 Shivkumar Kalyanaraman: GOOGLE: “Shiv RPI”

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6600: Internet Protocols Informal Quiz #11 Shivkumar Kalyanaraman: GOOGLE: “Shiv RPI”
A Case for Relative Differentiated Services and the Proportional Differentiation Model Constantinos Dovrolis Parameswaran Ramanathan University of Wisconsin-Madison.

A Case for Relative Differentiated Services and the Proportional Differentiation Model Constantinos Dovrolis Parameswaran Ramanathan University of Wisconsin-Madison.
Jang, Donghyun 2011/4/4 1/21.

Jang, Donghyun 2011/4/4 1/21.
ACN: IntServ and DiffServ1 Integrated Service (IntServ) versus Differentiated Service (Diffserv) Information taken from Kurose and Ross textbook “ Computer.

ACN: IntServ and DiffServ1 Integrated Service (IntServ) versus Differentiated Service (Diffserv) Information taken from Kurose and Ross textbook “ Computer.
Internet Research Needs a Critical Perspective Towards Models –Sally Floyd –IMA Workshop, January 2004.

Internet Research Needs a Critical Perspective Towards Models –Sally Floyd –IMA Workshop, January 2004.
RCS: A Rate Control Scheme for Real-Time Traffic in Networks with High B X Delay and High error rates J. Tang et al, Infocom 2001 Another streaming control.

RCS: A Rate Control Scheme for Real-Time Traffic in Networks with High B X Delay and High error rates J. Tang et al, Infocom 2001 Another streaming control.
Promoting the Use of End-to- End Congestion Control in the Internet Sally Floyd and Kevin Fall Presented by Scott McLaren.

Promoting the Use of End-to- End Congestion Control in the Internet Sally Floyd and Kevin Fall Presented by Scott McLaren.
ACN: Congestion Control1 Congestion Control and Resource Allocation.

ACN: Congestion Control1 Congestion Control and Resource Allocation.
Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)

Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)
Lecture 1, 1Spring 2003, COM1337/3501Computer Communication Networks Rajmohan Rajaraman COM1337/3501 Textbook: Computer Networks: A Systems Approach, L.

Lecture 1, 1Spring 2003, COM1337/3501Computer Communication Networks Rajmohan Rajaraman COM1337/3501 Textbook: Computer Networks: A Systems Approach, L.
Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.

Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.
Rade Stanojevic Using Tuángòu to Reduce IP Transit Costs Rade Stanojevic (Joint work with Ignacio Castro and Sergey Gorinsky) ‍‍ ACM CoNext 2011 Tokyo,

Rade Stanojevic Using Tuángòu to Reduce IP Transit Costs Rade Stanojevic (Joint work with Ignacio Castro and Sergey Gorinsky) ‍‍ ACM CoNext 2011 Tokyo,
QOS مظفر بگ محمدی دانشگاه ایلام. 2 Why a New Service Model? Best effort clearly insufficient –Some applications need more assurances from the network.

QOS مظفر بگ محمدی دانشگاه ایلام. 2 Why a New Service Model? Best effort clearly insufficient –Some applications need more assurances from the network.
NUS.SOC.CS5248 Ooi Wei Tsang Previously, on CS5248..

NUS.SOC.CS5248 Ooi Wei Tsang Previously, on CS5248..

Similar presentations

Ads by Google