View
1
Download
0
Category
Preview:
Citation preview
Internet applications,
performance and security
Maria Kihl
2
Book chapters
Forouzan 4th: 21.2, 24.2, 25.1-4, 27, 31.1
Forouzan 5th: 18.3, 19.2, 25.1, 26.1, 26.6, 31
Kihl: 8.8, 10.2, 11.2
Application layer paradigms
There are two basic user paradigms for Internet
applications:
• Client-server paradigm
• For example WWW, Online games, Web TV, Facebook
• Peer-to-peer paradigm
• For example BitTorrent, Voddler, Skype
• Some applications use both paradigms, for example
Spotify.
3
Client-server paradigm
4
Peer-to-peer paradigm
5 25.5
Example of application: WWW
• The idea of the World Wide Web (WWW) was
first proposed by Tim Berners-Lee in 1989 at
CERN, the European Organization for Nuclear
Research, to allow several researchers at different
locations throughout Europe to access each
others’ researches.
• The commercial Web started in the early 1990s.
6
Basic concept of WWW
WWW is based on three basic parts:
• Web documents (pages)
• HyperTextMarkup Language (HTML) is used for static web
documents
• Dynamic web documents are created with script languages (JSP,
CGI, ASP, etc.)
• Universal Resource Locator (URL)
• Standardized way to identify the location of web documents
• HyperText Transfer Protocol (HTTP)
• Protocol for access of web documents on a web server 7
Universal Resource Locator (URL)
A web document has four identifiers: Protocol, Host,
Port and Path. An URL is defined as:
protocol://host:port/path
When standard HTTP port 80 is used it is omitted, for
example:
http://www.mhhe.com/compsci/forouzan
8
Basic document retrieval process
9
HTTP
• HTTP is a text-based protocol with two basic types
of messages: Requests and Responses.
• HTTP sets up and uses a TCP connection
• HTTP 1.1 uses persistent connections which means that all
parts of the web document use the same TCP
connection.
10
Basic operation of HTTP 1.1
11
Formats of Requests and Responses
12
Cookies
• The original WWW was stateless, which means that
each request/response message is treated separately,
with no history of other messages.
• Cookies were introduced to be able to store
information about the client.
• Cookies introduces the concept of a user session.
• The creation and storage of cookies depend on the
implementation, but the concept is the same.
13
Example of cookies
14
Mapping from host name to IP address
• Application protocols use host names (for example
www.lth.se).
• However, TCP/IP uses IP addresses.
• The mapping from host name to IP addresses is
performed by Domain Name System (DNS).
15
Basic operation of DNS
16
17
Domain Name space
• DNS uses a hierarchical name space and the whole Internet is divided into domains and subdomains.
• A domain name is a sequence of labels separated with dots, e.g. www.telecom.lth.se.
18
Domain name space in DNS
root
Example of labels and domains
19
Domains and subdomains
20
21
Domain types
The domain name space is divided into three different
sections.
22
Generic domains
23
Country domains
24
Domain Name Servers
The domain name space is stored in special DNS servers. The
servers are distributed and each domain or subdomain have
their own servers.
25
From name to address (1)
angel2.angelnet.se
angel1.heavennet.se
1. angel2.angelnet.se ?
ns.heavennet.se
26
From name to address (2)
angel1.heavennet.se
angel2.angelnet.se
ns.heavennet.se sunic.sunet.se
2. angel2.angelnet.se ?
3. Ask ns.angelnet.se
27
From name to address (3)
angel1.heavennet.se
angel2.angelnet.se
ns.heavennet.se
ns.angelnet.se
4. angel2.angelnet.se ?
5. IP = 194.52.54.47
Network Performance
A good network performance is crucial for most
applications. Two factors of a network or system that
influence the performance are:
Delay
Throughput
Both these factors are dependent on the load on the
network or system.
Congestion
Congestion (Overload) occurs when the number of
packets sent to a system is greater than the number of
packets the system can handle.
System Arrivals (packets/sec)
Capacity (packets/sec)
Arrivals > Capacity Congestion (Overload)
Queuing delay
All routers and servers have buffers where jobs are stored in
wait for service. When the load increases, the buffers fill up,
and the queuing delay increases. Finally, packets will be
dropped due to full buffers.
Delay as a function of load
The delay will increase exponentially to the load.
This can be shown with queuing theory.
Throughput as a function of load
During overload, the throughput declines sharply.
Long delays casues retries from hosts or routers. All
dropped packets also cost capacity.
Internet Control Message Protocol
(ICMP)
The IP protocol has no error-reporting or error-
correcting mechanism. The IP protocol also lacks a
mechanism for host and management queries.
The Internet Control Message Protocol (ICMP) has
been designed to compensate for the above two
deficiencies.
It is a companion to the IP protocol.
ICMP in the TCP/IP stack
ICMP message
Two types of messages:
Error-reporting messages
Query messages
Encapsulation
The ICMP message is encapsulated in an IP datagram:
Error-reporting
When an error in the IP datagram delivery is detected, ICMP
reports the error to the source of the IP datagram. The error
message includes the IP header and first 8 bytes of the original
datagram.
Some Error reporting messages
Destination unreachable: A router cannot route a datagram or a host cannot deliver a datagram.
Source quench: A datagram is discarded due to congestion.
Time exceeded: A datagram has been discarded since its TTL value has reached 0.
Redirection: A host has the wrong default router, and needs to update its routing table.
Some ICMP Query messages
Echo-request and Reply: Is used to determine if two systems
(hosts or routers) have connection on the IP level.
Timestamp request and reply: Is used to determine the
round-trip time (RTT) between two systems.
Router-Solicitation and Advertisment: Is used by a host to
find the routers that are connected to its network.
Debugging Tools
There are several tools that can be used in the Internet
for debugging. Some of them are:
Ping
Traceroute
Ping
The Ping program uses ICMP echo-request and reply
messages to find information about a destination.
Traceroute
Traceroute (in UNIX) or Tracert (in Windows) can be
used to trace the route of a packet from the source to
the destination.
It manipulates the TTL field in the IP header and uses
two ICMP messages: Time Exceeded and Destination
Unreachable to find the route of a packet.
Traceroute, example
Network Security
There are five concepts that relates to network
security:
Message confidentiality (Privacy)
Message confidentiality (or privacy) means that the
transmitted message must make sense to only the
intended receiver. To all others, the message must be
unreadable.
Privacy is usually achieved by encryption of the
message.
Encryption, example
Message Integrity
Message Integrity means that the message must arrive
at the receiver exactly as it was sent. There must be no
changes during the transmission, neither accidently nor
maliciously.
Message Integrity can be achieved with message
digests.
Message digest
Message Authentication
In message authentication the receiver needs to be
sure of the sender’s identity and that an imposter has
not sent the message.
Message authentication can be achieved with a keyed
hash function that constructs an encrypted message
digest, also called a digital signature.
Digital signature
Message Nonrepudiation
Message nonrepudiation means that a sender must not
be able to deny sending a message that he or she, in
fact, did send.
Message nonrepudiation can be solved with a trusted
third party and the use of digital signatures.
Trusted center for nonrepudiation
Entity Authentication
Entity authentication is a technique designed to let one
party prove the identity of another party. An entity can
be a person, a process, a client, or a server.
The simplest solution is to use passwords. Another
solution is a so called challenge-response
authentication.
Challenge-response authentication
Rb = Random bit sequence (Nonce)
Internet security protocols
The following three security protocols ensure
Authentication and Confidentality on different layers:
IPSec: Security for IP.
SSL/TLS: Security for TCP.
PGP: Security for Email (SMTP).
These protocols will be studied in the course Internet Protocols.
Some bonus material: Research on Internet
user behavior and traffic volumes
• In collaboration with Acreo AB, we are involved in
European Research projects related to Internet
traffic monitoring and modelling.
• We have published some papers on Internet user
behavior patterns and generated traffic volumes.
56
Investigated network
57
Residential network in Sweden with about 2600 households
(FTTH and DSL). The measurements shown were performed
in 2007, 2009, and 2012.
Total traffic volumes
58
Traffic volume ratios
59
WWW usage
60
Which types of web sites are people using the most?
Major changes since 2007
• More video streaming.
• Less BitTorrent (but still much!)
• Facebook has increased the ratio for social media
sites.
61
World of Warcraft traffic pattern
62
WoW session lengths
63 Longest session identfied was 28 hours...
Some results on Facebook
• Recently, I supervised a master project that analysed
Facebook user behavior.
• The objective was to analyse how users
upload/download pictures, and ”like” patterns.
• Measurements during 6 days in the network shown
before (May 2012).
64
Ranking of downloaded pictures
65
The graph shows a ranking of the pictures downloaded by
users at least 50 times.
Popularity ranking
Identification and ranking of the Facebook users that
are most downloaded by other users.
66 There are a few users with a huge amount of followers.
Ranking of Likes
There are a few users that are heavy ”like”-users. The
most active user ”liked” 760 times in the measurement
period.
67
Recommended