Presentation is loading. Please wait.

Presentation is loading. Please wait.

I-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda*, Ichiro Murase* Dai Mochinaga**, and Katsushi Kobayashi*** 1 * Waseda University **

Similar presentations


Presentation on theme: "I-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda*, Ichiro Murase* Dai Mochinaga**, and Katsushi Kobayashi*** 1 * Waseda University **"— Presentation transcript:

1 i-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda*, Ichiro Murase* Dai Mochinaga**, and Katsushi Kobayashi*** 1 * Waseda University ** Mitsubishi Research Institute Inc., *** National Institute of Advanced Science and Technology (AIST) 14th JSPS/NRF Core University Program Seminar on Next Generation Internet

2 Agenda 1.Introduction –Background and Motivation –Applications 2.Overview of i-Path –Data Collection –New Software 3.More Applications 4.Conclusion Acknowledgement 2

3 The Goal of i-Path project  Accessible Information between the hosts  Observing the information disclosure policy of all stakeholders along the path 3

4 Background Because of … –Observe the information disclosure policy –Status of network depends on variety of factors Growing demand for backbone bandwidth Routers keep rich information Routing table, Link utilization Temperature, Location, Contact point, Supply voltage etc. Routers keep rich information Routing table, Link utilization Temperature, Location, Contact point, Supply voltage etc. Network performance fluctuation (e.g. throughput) Not easy to collect right information and to utilize information along the path 4 Introduction

5 Providing transparency of underlying networks End-to-End visibility provides benefit to end hosts and network operators Disclosing information leads to improved End-to-End visibility Motivation –Monitoring network status –Reporting events and troubleshooting –Reduction in operational cost 5 Introduction

6 Enhanced Congestion Control Applications Best peer selection in P2P communication applications Best peer selection in P2P communication applications Dynamic network configuration (e.g. according to Time zones) Dynamic network configuration (e.g. according to Time zones) Adjust optimal bit rate in VoD Selection of the appropriate path (e.g. Not violating policies related to content management) 6 Introduction

7 Data Collection Explicit Network Information Collection Along a Path SIRENS *(Simple Internet Resource Notification Scheme) –Based on the cross layer approach  Bottleneck bandwidth  Interface queue capacity  Corruption losses etc. –Scalable network information measurement * K. Nakauchi and K. Kobayashi. An explicit router feedback framework for high bandwidth-delay product networks. Computer Networks, 51(7):1833–1846, 2007. 7 Overview

8 Structure of shim-header Inserted between the network and transport headers 8 Overview

9 Information Disclosure Prohibit to access some Information on routers Unwilling to disclose inside network status –Security –Cost Each ISP has a disclosure policy End hosts have their disclosure policy 9 Negotiation: requests and responses OK to Disclose? Overview

10 Observing Information Disclosure Policies  Policy: Alice & Bob allow to disclose beyond 3rd hop router.  Implementation: Alice does not send req. for her neighbor & the next neighbor routers, i.e.,1st & 2nd hops. Bob does not send back res. same as Alice, i.e., 6th & 7th hops.  Results: Alice obtains 3-5 hops data. Bob obtains 3-7 hops data Selective requests and responses 10

11 New Software Tools xml Sender Receiver TCP Data (a) Send a SIRENS request packet (b) Receive the request packet and reply (c) Receive the reply packet and make xml files Developed software TCP Data i-Path Router 11

12 Snapshot of the Visualization Tool Dark colored (Blue) routers –Data Collection: Enabled Gray colored routers –Data Collection: Not enabled or Not Exist 12

13 Network Threat Detection Attackers TARGET IP address : X.X.X.X DDoS Packets destination: TARGET Source IP Address: Spoofed IP Address Back Scatter Packets destination: Spoofed IP Address Source: TARGET Internet extraneous hosts/servers More applications S.Nogami, A.Shimoda and S.Goto, Detection of DDoS attacks by i-Path flow analysis, (in Japanese, to appear) 72 nd National Convention of IPSJ, Mar. 2010. 13

14 NAT traversal 14 More applications Different kind of NATs: full cone, restricted cone, port restricted cone, symmetric symmetric NAT K.Tobe, A.Shimoda and S.Goto, NAT traversal with transparent routers, (in Japanese, to appear) 72 nd National Convention of IPSJ, Mar. 2010

15 Current Status and Future Plans i-Path project wiki http://i-path.goto.info.waseda.ac.jp/trac/i-Path/ http://i-path.goto.info.waseda.ac.jp/trac/i-Path/ Dai Mochinaga, Katsushi Kobayashi, Shigeki Goto, Akihiro Shimoda, and Ichiro Murase, Collecting Information to Visualize Network Status, 28 th APAN Network Research Workshop, pp.1—4, 2009. Network application utilizing collected information Demonstration on R&D testbed: JGN in Japan Demonstration at SC09, Portland, OR, Nov. 2009 15

16 Conclusion We proposed new method disclosing network information i-Path –Offering end-to-end visibility, transparency –Observing privacy protection –Respecting disclosure policy 16

17 Acknowledgement This project is supported by National Institute of Information and Communications Technology (NICT), Japan. 17


Download ppt "I-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda*, Ichiro Murase* Dai Mochinaga**, and Katsushi Kobayashi*** 1 * Waseda University **"

Similar presentations


Ads by Google