View
219
Download
1
Embed Size (px)
Citation preview
Ongoing UMass MURI Research W. Gong, D. Towsley
Poisson counter driven stochastic differential Equation (PCSDE) models of correlation attack (D. Towsley)
heavy tails (B. Jiang) queues fed by heavy-tailed traffic
multipath effects of heavy tails on performance (W. Wei)
graph sampling how does graph structure affect sampling (D.
Towsley)
UMASS, MURI Workshop, Sep 9, 2009 2
On the Mitigation of Traffic Correlation On the Mitigation of Traffic Correlation Attacks on Router QueuesAttacks on Router Queues
Yan Cai, Patrick P. C. Lee, Weibo Gong, Don TowsleyUMASS
MURI Workshop
Sep 9, 2009
UMASS, MURI Workshop, Sep 9, 2009 4
Correlation Attack
definition adversary introduces traffic burstiness at routers introduce correlation among multiple attack flows degrades performance of normal flows
small buffers – more packet drops large buffers – higher end-to-end transfer delay
why daunting? low-rate: not to congest links
evade volume-based detection can be launched using botnets
UMASS, MURI Workshop, Sep 9, 2009 5
Contributions
analytical framework to study correlation attack, using PCSDE fluid models: impact of inter-flow correlation on average queue
lengths impact of increased queue length on normal flows
defense strategy two-stage pacing: ON-OFF pacing, rate-limiting
UMASS, MURI Workshop, Sep 9, 2009 6
Correlation-Attack Model
Parameters xi(t) = ON-OFF process of flow i, xi(t) {0,1}
hi = capacity of access link i
c = capacity of outgoing link v(t) = queue length of target router at time t
…
h1
h2
hn
x1
x2
c
xn
vSingle-Queue Model
UMASS, MURI Workshop, Sep 9, 2009 7
Correlation-Attack Model
SDE for v(t)
if xi(t) is Markov ON-OFF process
n
i iiv dtxhdtcIdv1
211 iiiii dNxdNxdx
Ni1 = ON Poisson counter
with rate λi1
Ni2 = OFF Poisson counter
with rate λi2…
h1
h2
hn
x1
x2
c
xn
v
Single-Queue Model
UMASS, MURI Workshop, Sep 9, 2009 8
Correlation-Attack Model
Theorem: If hi > c > hiE[xi],
…
h1
h2
hn
x1
x2
c
xn
v
n
i
n
ijjjijii
ii
in
i ii
xxEhxEchh
xEhcvE
1 ,1211
][][)(][
1][
inter-flow correlation
Single-Queue Model
UMASS, MURI Workshop, Sep 9, 2009 9
Evaluation of Correlation Attack solution via numerical simulation from SDEs three cases:
Independent: xi’s have independent ON/OFF transitions Weakly correlated: xi’s have same ON transitions Identical: xi’s have same ON/OFF transitions
results: inter-flow correlation
increases buffer’s average queue length
PCSDE models conform to ns2 simulation
UMASS, MURI Workshop, Sep 9, 2009 10
Defense using Pacing
put pacers on upstream routers to de-correlate flows, reduce burstiness at target router
…
h1
h2
hn
x1
x2
xn
v
c
PP
PP
PP
UMASS, MURI Workshop, Sep 9, 2009 11
Two-Stage Pacing
rate-limiting: limit peak rate
using leaky bucket hici
ci < hivir
Markov ON-OFF: chop long bursts
into small bursts output bursts at
random times
hi
Ni3 = ON Poisson counter
Ni4 = OFF Poisson counter
vim
zi є {0,1}
UMASS, MURI Workshop, Sep 9, 2009 12
Two-Stage Pacing
n
i v
riv
iviv
ri
ri
iiivimi
iiiii
dtIcdtcIdv
nidtzIhdtIcdv
nidtxhdtzIhdv
nidNzdNzdz
ri
mi
ri
mi
1
43
,...,1 ,
,...,1 ,
,...,1 ,)1(
SDEs :
two-stage pacing: combine above components
Markov ON-OFF Rate-limiting
hihi
vim vi
r
ci
UMASS, MURI Workshop, Sep 9, 2009 13
Preliminary Results
Parameters: n = 60, hi=0.4Mbps, E[ON] = 1s, E[OFF] = 4s, ci = 0.2Mbps, c = 10Mbps
Two-stage pacing better than each pacing component alone
UMASS, MURI Workshop, Sep 9, 2009 14
Preliminary Results
Pacing removes delay spikes of normal flows
Pacing in presence of correlation attack
RTTs of TCP packets(without pacing)
RTTs of TCP packets(with 2-stage pacing)
UMASS, MURI Workshop, Sep 9, 2009 15
Open issues
adaptive pacing? ON-OFF pacing adds delay to normal traffic
pace only a subset of traffic classes? implementation?
impact of two-stage pacing on heavy-tailed bursts?
An SDE Model for Power LawAn SDE Model for Power Law
Bo Jiang, Weibo Gong, Don TowsleyUMASS
MURI Workshop
Sep 9, 2009
UMASS, MURI Workshop, Sep 9, 2009 17
From Lognormal to Power LawFrom Lognormal to Power Law
, geometric Brownian motion
, standard Wiener process (Brownian motion) lognormally distributed
independent of has double Pareto distribution
[Reed 2001]
UMASS, MURI Workshop, Sep 9, 2009 18
SDE Model for Double ParetoSDE Model for Double Pareto
Consider following SDE
95 95.5 96 96.5 97 97.5 98 98.5 99 99.5 1000
0.2
0.4
0.6
0.8
1
1.2
1.4
1.6
1.8
t
X(t
)
W, standard Wiener process
N, Poisson process with rate λ
UMASS, MURI Workshop, Sep 9, 2009 19
Fokker-Planck EquationFokker-Planck Equation
Apply Itô’s rule to
Take expectation
Since is arbitary, density of evolves according to following Fokker-Planck equation
UMASS, MURI Workshop, Sep 9, 2009 20
Steady-state DistributionSteady-state Distribution
In steady state,
where are roots of quadratic equation
If , degenerates to
UMASS, MURI Workshop, Sep 9, 2009 21
Speed of ConvergenceSpeed of Convergence
Let
characteristic function of
Apply Itô’s rule to and take expectation,
Solution is
where
converges exponentially.
exponential convergence
UMASS, MURI Workshop, Sep 9, 2009 22
Future WorkFuture Work
Application as traffic model for fluid queueing system Allows for power-law traffic rate May degrade queueing performance May have longer burst of output traffic
Pacing as potential mitigation mechanism Cost vs. benefit Expect overall performance improvement Need detailed analysis and simulations
Can Multipath Mitigate Power Law Delays?
Wei Wei, Bo Jiang, Patrick Lee, Weibo Gong, Don Towsley
University of Massachusetts, Amherst
Motivation - Outages Lead to Power Law Retransmissions
Packet Length L: On-off Channel: A, U
N: # of transmissions needed to deliver a packet
If then
Jelenkovic & Tan, Infocom 2007
A1 A2 A3 AnU1 U2 U3
)()( xLPxF
)()( xAPxG
,)(log
)(loglim xG
xFx
.log
)(loglim n
nNPn
L L L L L
Light tail distributionsCan lead to power law N
Can Multipath Mitigate Power Law Delays?
Given K i.i.d. channels Redundant Routing
• Duplicate packet and send over K channels Split Routing
• Split packet into K equal length pieces and send over K channels
Question What is effect on number of transmissions?
1
2
K
3
1
2
K
3
Redundant Routing
Given a packet, packet transmission succeeds if one channel succeeds Given a packet, N = min{N1, N2, … , NK}
If then
Redundant routing does not mitigate power law retransmissions
.log
)(loglim n
nNPn
,)(log
)(loglim xG
xFn
Split Routing
Tradeoffs Smaller packet in each channel (L/K) For each packet, transmission succeeds iff when
all channels succeed• Given a packet, N = max{N1,N2,…,NK}
Looks ugly, Taylor expansion?
General result? Or depends on F and G?
])))/(1(1(1[()]|([)( KnLL KLGELnNPEnNP
Split Routing – No General Results
If F, G both Pareto F, G both Exponential F, G both Weibull
1
0
1
0
0
Kn
)()1))(1((
)(}])1(1[1{
(x)F}d](x/K))G-(1-[1-{1)(
ydHyoK
ydHy
nNP
n
Kn
))(()(,)(
)( 1 yFKFyHxG
xF
))(()( 1 yGKFyH Let , we have
Different H(y)Different P(N>n)
Split Routing - Pareto and Exponential
Pareto
Exponential
yKyH )(
KyyH )(
n
nNPn log
)(loglim
Kn
nNPn
log
)(loglim
Rate Unchanged!
Same as Redundant
Better than Redundant
Split Routing - Weibull
b > 1, tail lighter than exponential Rate better than exponential
0 < b < 1, tail heavier than exponential Rate worse than exponential
bb
bb
xxb
xxb
exGexbxg
exFexbxf)()(1
)()(1
)(,)()(
)(,)()(
bKyyH )( bn
Kn
nNP
log
)(loglim
b
Split Routing – Exponential Tail
/
,)(
)(lim
)(loglim
,)(
)(lim
)(loglim
xG
xg
x
xG
xF
xf
x
xF
xx
xxIf
then
for split routing over K i.i.d. channels.
.log
)(loglim K
n
nNPn
Conclusions
Power law retransmissions Redundant routing
• Does not mitigate power law retransmissions Split Routing
• Depends on distribution• Sometimes better than redundant routing• Sometimes same as redundant routing
Future Work
Complete analysis for split routing More general distributions
Analysis on packet delivery delayDifferent combinations of distributionsIndependent but not identical channels
Problem
Given large, possibly dynamic, network, how does one efficiently sample/crawl to accurately characterize it?
degree distributionassortativityclustering coefficient…
Motivation
understanding technological networks Internet, wireless networks
social networks on-line social networks such as FaceBook,
MySpace, Orkut, YouTube, …
where network dataset not available size, lack of global view, dynamics
Sampling methods
random node sampling unbiased not always possible
• limited entry points high overhead
• on-line social networks sparsely populatedbreadth first, depth first crawling
snowball sampling – commonly used method random walk
Random sampling, snowball sampling
CC
DF
CC
DF
Snowball sampling highly biased
strong degree correlation
Orkut data set (Mislove 2007), 3M nodes, 200M edges
True distributionRandom node
sampling5000 samples
Random walk sampling random walk (RW)
produces biased estimate iRW
v – vertex in undirected graph G no. neighbors n(v )
P(v selected in RW) n(v)
iRW
i i
i = iRW
avg. degree/i
avg degree estimated during RW
CC
DF
RW sampling
^
Sampling error – independent degrees
degree distribution i, n samples random sampling
random walk
head: GOOD tail: BAD
Power-law tails easier to sample
head: BAD tail: GOOD
Node sampling vs. RW: Orkut
node sampling better for low degree nodes
RW better for high degree nodes
log(degree)
log(
CC
DF
)
random walk
log(degree)
log(
CC
DF
node sampling
Future work hybrid sampling: node sampling,
RW sampling) budget of m samples use m’ to sample nodes use RW to sample m-m’
example 10000 node power law
network 100 samples edge sampling – not feasible
MS
E/A
VG
Frontier sampling