Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fall 2008CS 334: Computer Security1 Networks Tutorial.

Published byKevin Parker Modified over 9 years ago

Similar presentations

Presentation on theme: "Fall 2008CS 334: Computer Security1 Networks Tutorial."— Presentation transcript:

1 Fall 2008CS 334: Computer Security1 Networks Tutorial

2 Thanks… To Anthony Joseph, Doug Tygar, Umesh Vazirani, and David Wagner for generously allowing me to use their slides as the basis for this set of slides. Fall 2008CS 334: Computer Security2

3 Outline Communications Network Taxonomy –Packet Networks The Internet Transport Layer: UDP/IP, TCP/IP Network Service Examples P2P applications Fall 2008CS 334: Computer Security3

4 What is a Communications Network? (End-system Centric View) Network offers one basic service: move information –Bird, fire, messenger, truck, telegraph, telephone, Internet … What distinguish different types of networks? –The services they provide, security, … Fall 2008CS 334: Computer Security4

5 What is a Communications Network? (End-system Centric View) What distinguish the services? –Latency –Bandwidth –Loss rate –Number of end systems –Service interface (how to invoke the service?) –Others Reliability, unicast vs. multicast, real-time... What are the security issues? –Authentication, privacy, anonymity, integrity, … Fall 2008CS 334: Computer Security5

6 What is a Communication Network (Infrastructure Centric View) Communication medium: electron, photon Network components: –Links – carry bits from 1 place to 1 or more: fiber, copper, wireless,… –Interfaces – attach devices to links –Switches/routers – interconnect links: electronic/optic, crossbar/Banyan –Hosts – communication endpoints: PCs, PDAs, cell phones, toasters Fall 2008CS 334: Computer Security6

7 What is a Communication Network (Infrastructure Centric View) Protocols – rules governing communication between nodes –TCP/IP, ATM, MPLS, SONET, Ethernet, X.25 Applications: Web browser, X Windows, FTP,... Low-level security issues: –Authentication, privacy, integrity, … Fall 2008CS 334: Computer Security7

8 Network Components (Examples) Fall 2008CS 334: Computer Security8 LinksInterfacesSwitches/routers Fibers Coaxial CableTelephone switch Large router Wireless card Ethernet card

9 Taxonomy of Communication Networks Communication networks can be classified based on the way in which the nodes exchange information: Fall 2008CS 334: Computer Security9 Communication Network Broadcast Communication Network Switched Communication Network Circuit-switched Communication Network Packet-switched Communication Network Virtual Circuit Network Datagram Network

10 Broadcast vs Switched Communications Networks Broadcast Communication Networks –Information transmitted by any node is received by every other node in the network Examples: usually in LANs (non-switched Ethernet, WiFi) Switched Communication Networks –Information transmitted to a sub-set of designated nodes Examples: WANs (Telephony Network, Internet), switched Ethernet –Problem: how to forward information to intended node(s)? Done by special nodes (e.g., routers, switches) executing routing protocols Can the routing process be subverted? Fall 2008CS 334: Computer Security10

11 Taxonomy of Communication Networks Communication networks can be classified based on the way in which the nodes exchange information: Fall 2008CS 334: Computer Security11 Communication Network Broadcast Communication Network Switched Communication Network Circuit-switched Communication Network Packet-switched Communication Network Virtual Circuit Network Datagram Network Public Telephone Network

12 Taxonomy of Communication Networks Communication networks can be classified based on the way in which the nodes exchange information: Fall 2008CS 334: Computer Security12 Communication Network Broadcast Communication Network Switched Communication Network Circuit-switched Communication Network Packet-switched Communication Network Virtual Circuit Network Datagram Network

13 Datagram Packet Switching Each packet is independently switched –Each packet header contains destination address No resources are pre-allocated (reserved) in advance Example: IP networks Fall 2008CS 334: Computer Security13

14 Timing of Datagram Packet Switching Fall 2008CS 334: Computer Security14

15 Datagram Packet Switching Fall 2008CS 334: Computer Security15

16 Outline Communications Network Taxonomy –Packet Networks The Internet Transport Layer: UDP/IP, TCP/IP Network Service Examples P2P applications Fall 2008CS 334: Computer Security16

17 The Internet Global scale, general purpose, heterogeneous- technologies, public, computer network Internet Protocol –Open standard: Internet Engineering Task Force (IETF) as standard body ( http://www.ietf.org ) –Technical basis for other types of networks Intranet: enterprise IP network Developed by the research community Fall 2008CS 334: Computer Security17

18 History of the Internet 68-70’s: started as a research project, 56 kbps, initially 4 nodes (UCLA, UCSB, SRI, Utah) then < 100 computers 80-83: TCP/IP, DNS; ARPANET and MILNET split 85-86: NSF builds NSFNET as backbone, links 6 Supercomputer centers, 1.5 Mbps, 10,000 computers 87-90: link regional networks, NSI (NASA), ESNet (DOE), DARTnet, TWBNet (DARPA), 100,000 computers Fall 2008CS 334: Computer Security18

19 History of the Internet 90-92: NSFNET moves to 45 Mbps, 16 mid-level networks 94: NSF backbone dismantled, multiple private backbones; Introduction of Commercial Internet Today: backbones run at 10 Gbps, close to 600M computers in 150 countries Fall 2008CS 334: Computer Security19

20 Network “Cloud” Fall 2008CS 334: Computer Security20

21 Regional Nets + Backbone Fall 2008CS 334: Computer Security21

22 Backbones + NAPS + ISPs Fall 2008CS 334: Computer Security22

23 Core Networks + Access Networks Fall 2008CS 334: Computer Security23

24 Computers Inside the Core Fall 2008CS 334: Computer Security24

25 Internet Protocol Layers Fall 2008CS 334: Computer Security25

26 Services Provided by the Internet Shared access to computing resources –telnet (1970’s), ssh (1990’s) Shared access to data/files –FTP, NFS, AFS (1980’s), CIFS (late 90’s) Communication medium over which people interact –email (1980’s), on-line chat rooms, instant messaging (1990’s) –audio, video, Voice-over-IP (1990’s, early 00’s) replacing telephone network? Fall 2008CS 334: Computer Security26

27 Services Provided by the Internet Medium for information dissemination –USENET (1980’s) –WWW (1990’s) replacing newspaper, magazine? –Audio, video (late 90’s, early 00’s) replacing radio, TV? –File sharing (late 90’s, early 00’s) Fall 2008CS 334: Computer Security27

28 Addressing Every Internet host has an IP address –e.g., 67.114.133.15 Packets include destination address –Network is responsible for routing packet to address Host-view: Fall 2008CS 334: Computer Security28 helllowthe

29 IP-centric View Fall 2008CS 334: Computer Security29

30 Routing Routers have “routing tables” –Tables mapping each destination with an outgoing link –Requires that routing table is highly compressible! –Implications for address assignment, mobility, etc. Routing decisions made packet-by-packet –Routers keep no connection state Question: Why have the network do routing? –Why not the hosts? –Compare delivery-by-hand to FedEx Fall 2008CS 334: Computer Security30

31 Internet Service “Best-Effort” service –No guarantees about packet delivery –Hosts must cope with loss, delay, reordering, duplication Why not guarantee no loss and low delay? IP packets are addressed to a host –How to decide which application gets which packets? Need a transport layer! Fall 2008CS 334: Computer Security31

32 Outline Communications Network Taxonomy –Packet Networks The Internet Transport Layer: UDP/IP, TCP/IP Network Service Examples P2P applications Fall 2008CS 334: Computer Security32

33 Transport Layer Fall 2008CS 334: Computer Security33

34 Ports Need to decide which application gets which packets Solution: map each socket to a port Client must know server’s port Separate 16-bit port address space for UDP and TCP –(src_IP, src_port, dest_IP, dest_port) uniquely identifies TCP connection Well known ports (0-1023): everyone agrees which services run on these ports –e.g., ssh: 22, http: 80 –On UNIX, must be root to gain access to these ports (why?) Ephemeral ports (most 1024-65535): given to clients –e.g., chat client gets one of these Fall 2008CS 334: Computer Security34

35 Fall 2008CS 334: Computer Security35 IP Internet Protocol Stack (note difference between TCP and IP) R1 ETH FDDI IP ETH TCP R2 FDDI PPP IP R3 PPP ETH IP H1 IP ETH TCP H8

36 Headers IP header: used for IP routing, fragmentation, error detection… UDP header: used for multiplexing/demultiplexing, error detection TCP header: used for multiplexing/demultiplexing, flow and congestion control Fall 200836 data TCP/UDP IP Application TCP IP UDP Application TCP IP UDP data TCP/UDP IP

37 UDP User Datagram Protocol Minimalist transport protocol Same best-effort service model as IP Messages up to 64KB “Fire and Forget” Provides multiplexing/demultiplexing to IP Does not provide flow and congestion control Application examples: video/audio streaming, VoIP Fall 2008CS 334: Computer Security37

38 UDP Service and Header Service: –Send datagram from (IPa, Port 1) to (IPb, Port 2) –Service is unreliable, but error detection possible Header: UDP length is UDP packet length (including UDP header and payload, but not IP header) Optional UDP checksum is over UDP packet Fall 2008CS 334: Computer Security38 Source port UDP length Destination port Payload (variable) UDP checksum 01631

39 TCP Transmission Control Protocol Reliable, in-order, and at most once delivery Messages can be of arbitrary length Provides multiplexing/demultiplexing to IP Provides congestion control and avoidance Application examples: file transfer, chat, P2P Fall 2008CS 334: Computer Security39

40 TCP Service 1.Open connection 2.Reliable byte stream transfer from (IPa, TCP Port1) to (Ipb, TCP Port2) 1.Indication if connection fails: Reset 3.Close connection Fall 2008CS 334: Computer Security40

41 TCP Timing Diagram Fall 2008CS 334: Computer Security41 Hello there This is good

42 Outline Communications Network Taxonomy –Packet Networks The Internet Transport Layer: UDP/IP, TCP/IP Network Service Examples P2P applications Fall 2008CS 334: Computer Security42

43 Domain Name Service (DNS) Humans/applications use machine names –e.g., www.richmond.edu Network (IP) uses IP addresses –e.g., 141.166.112.23 DNS translates between the two –An overlay service in its own right –Global distribution of name-to-IP address mapping — a kind of content distribution system as well –Unsung hero of the Internet Fall 2008CS 334: Computer Security43

44 File Transfer (FTP, SCP, etc) Fall 2008CS 334: Computer Security44

45 Question Why isn’t the network in this picture? –Network just delivers (or not) packets to their destination –It plays no other role in application Obvious concept now, but novel at the time –Makes it both harder and easier for applications –Hosts more complex, applications less efficient –Long-term flexibility Security issues are hidden –Ex: Broadcast vs. switched Fall 2008CS 334: Computer Security45

46 Email Email message exchange is similar to previous example, except Exchange is between mail servers DNS gives name of mail server for domain Fall 2008CS 334: Computer Security46

47 Web Fall 2008CS 334: Computer Security47

48 Outline Communications Network Taxonomy –Packet Networks The Internet Transport Layer: UDP/IP, TCP/IP Network Service Examples P2P applications Fall 2008CS 334: Computer Security48

49 Challenges Find where a particular file is stored –Napster used central servers to store index Scaling to hundreds of millions Machines come and go Fall 2008CS 334: Computer Security49

50 P2P Services in the Internet: Napster, Gnutella, BitTorrent Fall 2008CS 334: Computer Security50

Download ppt "Fall 2008CS 334: Computer Security1 Networks Tutorial."

Similar presentations

Introduction 2 1: Introduction.

Introduction 2 1: Introduction.
Spring 2000CS 4611 Introduction Outline Statistical Multiplexing Inter-Process Communication Network Architecture Performance Metrics.

Spring 2000CS 4611 Introduction Outline Statistical Multiplexing Inter-Process Communication Network Architecture Performance Metrics.
COS 461 Fall 1997 Networks and Protocols u networks and protocols –definitions –motivation –history u protocol hierarchy –reasons for layering –quick tour.

COS 461 Fall 1997 Networks and Protocols u networks and protocols –definitions –motivation –history u protocol hierarchy –reasons for layering –quick tour.
T.Sharon-A.Frank 1 Internet Resources Discovery (IRD) Introduction to the Internet/WWW.

T.Sharon-A.Frank 1 Internet Resources Discovery (IRD) Introduction to the Internet/WWW.
EECS122 - UCB13 TOCTOC: Introduction Network Examples Network Components Ethernet Interconnected LANs Internetwork Types of Networks Internet Packets Transport.

EECS122 - UCB13 TOCTOC: Introduction Network Examples Network Components Ethernet Interconnected LANs Internetwork Types of Networks Internet Packets Transport.
Introduction1-1 Introduction to Computer Networks Our goal:  get “feel” and terminology  more depth, detail later in course  approach:  use Internet.

Introduction1-1 Introduction to Computer Networks Our goal:  get “feel” and terminology  more depth, detail later in course  approach:  use Internet.
1: Introduction1 Protocol “Layers” Networks are complex! r many “pieces”: m hosts m routers m links of various media m applications m protocols m hardware,

1: Introduction1 Protocol “Layers” Networks are complex! r many “pieces”: m hosts m routers m links of various media m applications m protocols m hardware,
1 Katz, Stoica F04 EECS 122: Introduction to Computer Networks Network Service and Applications Computer Science Division Department of Electrical Engineering.

1 Katz, Stoica F04 EECS 122: Introduction to Computer Networks Network Service and Applications Computer Science Division Department of Electrical Engineering.
Networking Support In Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Networking Support In Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.

Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.
1 Day 01 - The Internet. 2 Chapter 1 Introduction Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross.

1 Day 01 - The Internet. 2 Chapter 1 Introduction Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross.
1 CS 268: Graduate Computer Networks – Spring 2005  Instructors: -Scott Shenker 683 Soda -Ion Stoica.

1 CS 268: Graduate Computer Networks – Spring 2005  Instructors: -Scott Shenker 683 Soda -Ion Stoica.
CS 552 Computer Networks Fall 2004 Rich Martin. Course Description Graduate course on computer networking –Undergraduate knowledge of networking assumed.

CS 552 Computer Networks Fall 2004 Rich Martin. Course Description Graduate course on computer networking –Undergraduate knowledge of networking assumed.
Review on Networking Technologies Linda Wu (CMPT 471 2003-3)

Review on Networking Technologies Linda Wu (CMPT )
Introduction© Dr. Ayman Abdel-Hamid, CS4254 Spring 20061 CS4254 Computer Network Architecture and Programming Dr. Ayman A. Abdel-Hamid Computer Science.

Introduction© Dr. Ayman Abdel-Hamid, CS4254 Spring CS4254 Computer Network Architecture and Programming Dr. Ayman A. Abdel-Hamid Computer Science.
What’s the Internet: “nuts and bolts” view

What’s the Internet: “nuts and bolts” view
TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.

TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.
1: Introduction1 Part I: Introduction Goal: r get context, overview, “feel” of networking r more depth, detail later in course r approach: m descriptive.

1: Introduction1 Part I: Introduction Goal: r get context, overview, “feel” of networking r more depth, detail later in course r approach: m descriptive.
Chapter 1 Introduction Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

Chapter 1 Introduction Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
What Can IP Do? Deliver datagrams to hosts – The IP address in a datagram header identify a host IP treats a computer as an endpoint of communication Best.

What Can IP Do? Deliver datagrams to hosts – The IP address in a datagram header identify a host IP treats a computer as an endpoint of communication Best.

Similar presentations

Ads by Google