Presentation is loading. Please wait.

Presentation is loading. Please wait.

Program and deploy your SN in minutes –Single System Image Program –“Write Once, Run… Wherever” –Each program runs on an SN “slice” i.e., a Virtual Sensor.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Program and deploy your SN in minutes –Single System Image Program –“Write Once, Run… Wherever” –Each program runs on an SN “slice” i.e., a Virtual Sensor."— Presentation transcript:

1 Program and deploy your SN in minutes –Single System Image Program –“Write Once, Run… Wherever” –Each program runs on an SN “slice” i.e., a Virtual Sensor Network VSN “Painless” administration –Self-organizing, automated dispatch. –Sensor network can grow or shrink as resources become available install and run the Sensorium eXecution Environment (SXE) Sensorium Resource Manager and Sensorium Service Dispatcher do the rest. Extensibility –Support for new sensing hardware/modality or new computation ability requires implementing Java classes given interfaces and API. –Programs continue to use simple, high-level STEP language and can immediately leverage new devices or capabilities. Reasonable cost –Programs are interpreted and executed by the framework. Induced computational overhead is reasonable and can be minimized by thoughtful implementation. The Sensor Network is the Computer Implementing a Multi-Modal Wireless Network Security Service on the snBench Michael Ocean, Azer Bestavros and Assaf Kfoury Computer Science Department, Boston University Observing Wireless Network Behavior The snBench can be extended to support wireless network monitoring (security/intrusion detection) that is easily tasked and integrates other modalities (e.g., video). The experiment environment: –CS Graduate Research Lab 2 Linksys Access Points imaged with OpenAP Linux and Kismet (open-source) wireless monitoring package 4 Axis Pan-Tilt-Zoom on a dedicated gigabit network Crossbow motes, servers, compute node, 750GB SQL server, etc. Adding Wireless Sesning to the infrastructure –DLink Access Points run as “Kismet drones” passively monitoring all 802.11 and report wireless frames over Ethernet. –Separate Kismet server process interprets drone’s results and detects “Alert” events via (published) UDP protocol, »DEAUTHFLOOD »DISASSOCTRAFFIC »Etc. –Packet analysis can be run on the AP but performance (and extensibility) improves when processed elsewhere. Other processors can be plugged in and customized to detect different attacks/events (flag “any traffic from sender X”, etc). –Extensions to the Sensor eXecution Environment (SXE) provide access to KismetSensor as a “first class” sensor device. A KismetSensor process communicates with Kismet server via UDP protocol. E-mail notification on detected intrusion letonce WIFIPKT = DetectWifiAlertEvent(Sensor) in leteach SRC = WIFIPKT.getfield(“MAC”) in level_trigger( not(isnil(WIFIPKT)) email(“mocean@cs.bu.edu”, concat($NOW$,“:Found banned MAC”, SRC,“ at”, WIFIPKT.getfield(“time”) )) Build a MAC blacklist on detected intrusion letonce WIFIPKT = DetectWifiAlertEvent(Sensor) in leteach SRC = WIFIPKT.getfield(“MAC”) in level_trigger( not(contains(SQL.get(“BLACKLIST”),SRC)), SQL.put(“BLACKLIST”,SRC) ) Take a picture when a wireless intruder is detected letonce WIFIPKT = DetectWifiAlertEvent(Sensor) in leteach SRC = WIFIPKT.getfield(“MAC”) in level_trigger( contains(SQL.get(“BLACKLIST”),SRC), SQL.put( “wifi_intrusion_$EVAL_COUNT$”, drawstring(concat(“MAC ”, SRC), snapshot( findadjacentsensor(“Image”, WIFIPKT.getfield(“SOURCE_AP”))))) Programs ran for 48 hours (stable). Simulated detectable attacks via laptop with open-source tools (AirJack, Netstumbler). –Simulated attacks were detected. Response processed on an average of 2.8 seconds in “polling” mode. Optimizations reduced processing time to 550ms using “simulated interrupts.” Anything under 30 seconds is likely acceptable for intrusion response time – consider the attacker and the situation; “OK! I did it, now run!” ? findadjacentsensor does not move the PTZ cameras –Use signal strength to improve captured image by moving the cameras to the best vantage point and take an image from all applicable sensors Implement SendDisassociate() and DetectWifiCommEvent() take defensive action against an attacker. –For example: Forcibly Disassociate a Blacklisted User Whenever Detected…Anywhere! letonce WIFIPKT = DetectWifiAlertEvent(Sensor) in leteach SRC = WIFIPKT.getfield(“MAC”) in level_trigger( not(isnll(WIFIPKT)), SendDisassociate(WIFIPKT.getfield(“BASESTATION”), SRC)) Motivation and Scope Inexpensive networked video sensing elements will be pervasively deployed in our environment. Harnessing the power of these emergent sensory environments (Sensoria) will hinge on our ability to build applications capable of gathering, interpreting and storing data from distributed sensors and to provide scalable mechanisms for managing the networks and systems resources that these applications consume. These resources must be composed, tasked and administered in some structured, extensible and maintainable fashion – enter the Sensor Network WorkBench The snBench provides users with their own virtual Sensor Network via programming and run-time infrastructure enabling developers to specify and deploy distributed applications over a heterogeneous network of Sensing and Computing Elements. What sensors can I use and what functionality do they expose? snBench: the Life-Cycle of a SN Application Program –The high-level functional style specification language SNAFU glues together atomic operations. Compile –A SNAFU program is compiled into a Sensorium Task Execution Plan (STEP). Map and Link –Run-time support components break the STEP into smaller sub-STEPs that fit on available resources. Load and Execute –STEPs are dispatched to Sensor eXecution Environments (SXEs). SNAFU SN Applications As Functions SNAFU programs describe a data-flow with sensory data flow manipulated by a series of functions. STEP Sensorium Task Execution Plan The explicit evaluation strategy for an SN app. Data percolates up toward the root from the leaves. Sensor eXecution Environments SXEs accept partial STEP graphs and evaluate them. email(“security@bu.edu”, trigger( (motion(snapshot(cam2)) && (2am<NOW<4am)), snapshot(cam2))) SXE trigger email “security@bu.edu” cam2 snapshot motion clock4AM 2AM << && SXE Example The user writes a SNAFU program that strings together the sensors and operations the user is interested in The SNAFU program is compiled into STEP and the infrastructure does the rest! Adding Wireless Sensing to the snBench The experiment environment (the CS grad lab) is shown. Common areas of the lab are fitted with various sensing equipment. (sensing equipment relevant to the experiment is shown). Results, Progress and Future Work SNAFU Intrusion Detection Programs

Download ppt "Program and deploy your SN in minutes –Single System Image Program –“Write Once, Run… Wherever” –Each program runs on an SN “slice” i.e., a Virtual Sensor."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
INTRODUCTION TO SIMULATION WITH OMNET++ José Daniel García Sánchez ARCOS Group – University Carlos III of Madrid.

INTRODUCTION TO SIMULATION WITH OMNET++ José Daniel García Sánchez ARCOS Group – University Carlos III of Madrid.
Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.

Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.
June 2010 At A Glance The Room Alert Adapter software in conjunction with AVTECH Room Alert™ devices assists in monitoring computer room environments as.

June 2010 At A Glance The Room Alert Adapter software in conjunction with AVTECH Room Alert™ devices assists in monitoring computer room environments as.
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Adding WiFi sensors to the infrastructure  Linksys Access Points run as “Kismet drones” passively monitoring all 802.11 and report wireless frames over.

Adding WiFi sensors to the infrastructure  Linksys Access Points run as “Kismet drones” passively monitoring all and report wireless frames over.
Leveraging IP for Sensor Network Deployment Simon Duquennoy, Niklas Wirstrom, Nicolas Tsiftes, Adam Dunkels Swedish Institute of Computer Science Presenter.

Leveraging IP for Sensor Network Deployment Simon Duquennoy, Niklas Wirstrom, Nicolas Tsiftes, Adam Dunkels Swedish Institute of Computer Science Presenter.
1 SAFIRE Project DHS Update – July 15, 2009 Introductions  Update since last teleconference Demo Video - Fire Incident Command Board (FICB) SAFIRE Streams.

1 SAFIRE Project DHS Update – July 15, 2009 Introductions  Update since last teleconference Demo Video - Fire Incident Command Board (FICB) SAFIRE Streams.
Design and Implementation of a Middleware for Sentient Spaces Bijit Hore, Hojjat Jafarpour, Ramesh Jain, Shengyue Ji, Daniel Massaguer Sharad Mehrotra,

Design and Implementation of a Middleware for Sentient Spaces Bijit Hore, Hojjat Jafarpour, Ramesh Jain, Shengyue Ji, Daniel Massaguer Sharad Mehrotra,
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
Causality Interface  Declares the dependency that output events have on input events.  D is an ordered set associated with the min ( ) and plus ( ) operators.

Causality Interface  Declares the dependency that output events have on input events.  D is an ordered set associated with the min ( ) and plus ( ) operators.
Jan 31, 2007CS5111 Unbound STEP graph Bound STEP graph Resource management components solve graph embedding Deployment Sensor eXecution Environments Remember.

Jan 31, 2007CS5111 Unbound STEP graph Bound STEP graph Resource management components solve graph embedding Deployment Sensor eXecution Environments Remember.
Chapter 15 Chapter 15: Network Monitoring and Tuning.

Chapter 15 Chapter 15: Network Monitoring and Tuning.
OSMOSIS Final Presentation. Introduction Osmosis System Scalable, distributed system. Many-to-many publisher-subscriber real time sensor data streams,

OSMOSIS Final Presentation. Introduction Osmosis System Scalable, distributed system. Many-to-many publisher-subscriber real time sensor data streams,
Program and deploy your SN in minutes  Program: Single System Image  “Write Once, Run… Wherever”  Each program runs on an SN “slice” i.e., a Virtual.

Program and deploy your SN in minutes  Program: Single System Image  “Write Once, Run… Wherever”  Each program runs on an SN “slice” i.e., a Virtual.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
GridScape Ding Choon Hoong Grid Computing and Distributed Systems (GRIDS) Lab. The University of Melbourne Melbourne, Australia www.gridbus.org WW Grid.

GridScape Ding Choon Hoong Grid Computing and Distributed Systems (GRIDS) Lab. The University of Melbourne Melbourne, Australia WW Grid.
Managing Agent Platforms with the Simple Network Management Protocol Brian Remick Thesis Defense June 26, 2015.

Managing Agent Platforms with the Simple Network Management Protocol Brian Remick Thesis Defense June 26, 2015.
If You Build It, They Will Come: The SN B ENCH Architecture Adam Bradley Azer Bestavros & Michael Long Computer Science.

If You Build It, They Will Come: The SN B ENCH Architecture Adam Bradley Azer Bestavros & Michael Long Computer Science.

Similar presentations

Ads by Google