Module F

Transport Layer over Wireless Networks + Voice over IP (VoIP)

JP Hubaux With help from P. Papadimitratos and M. Poturalski

Mobile Networks

http://mobnet.epfl.ch

Some slides addapted from Jochen H. Schiller, Nitin Vaidya, and James Kurose & Keith Ross

Outline

g  TCP in Mobile Networks

g  Real-time traffic in Mobile Networks

2

Reminder: Transmission Control Protocol (TCP)

g  Reliable, in-order data delivery

g  Flow control

g  Congestion avoidance and control

g  End-to-end semantics

Host A Host B

SYN, Seq_no = x

SYN, Seq_no = y, ACK, Ack_no = x+1

Seq_no = x+1, ACK, Ack_no = y+1

3

TCP basic operation

Send buffer

Segments

Receive buffer

Application writes bytes in send buffer

ACKs Sender Receiver

Application reads bytes from receive buffer

Application layer

Transport layer

Write 45 bytes Write 15 bytes Write 20 bytes

Read 40 bytes Read 40 bytes

Internet 4

TCP flow control

g  Flow control is a speed-matching service i Sender adjusts the transmission rate to the receiver

g  Receiver advertises the remaining buffer space (rwnd)to the sender

g  The sender keeps unacknowledged data below rwnd LastByteSent – LastByteAcked ≤ rwnd

5

Congestion

Light traffic i  Arrival Rate << R i  Low delay i  Can accommodate more

Congestion onset i  Arrival rate approaches R i  Delay increases rapidly i  Throughput begins to saturate

Saturation i  Arrival rate > R i  Large delays, packet loss i  Useful application throughput

drops

Thro

ughp

ut (b

ps)

Del

ay (s

ec)

R

R

Arrival Rate

Arrival Rate

6

TCP congestion control g  Keeps TCP off the congestion collapse cliff

g  Congestion window mechanism LastByteSent – LastByteAcked ≤ min{cwnd, rwnd}

g  Slow Start phase i Increase congestion window size (cwnd) by one segment for each

received ACK i Congestion window increases exponentially

ACK

Segment

Time (expressed in RTTs)

cwnd

7

TCP congestion control

g  Congestion Avoidance phase i Congestion threshold ssthresh i When cwnd > ssthresh,

increase cwnd slowly i cwnd++ per round-trip-time (RTT)

• Each time an ACK arrives, cwnd is increased by 1/cwnd

• In one RTT, cwnd segments are sent, so total increase in cwnd is cwnd x 1/cwnd = 1 • cwnd grows linearly

cwnd

ssthresh

8

Time (expressed in RTTs)

TCP congestion control g  Congestion detection:

i Timeout or i Receipt of duplicate ACKs

(Fast Retransmit) g  Assumption: current cwnd

corresponds to available bandwidth

g  TCP Tahoe i ssthresh = ½ cwnd i cwnd = 1 i Go back to Slow Start

g  Over several cycles expect to converge to ssthresh equal to about ½ the available bandwidth

Con

gest

ion

win

dow

0

Slow Start

Congestion Avoidance

Time-out

ssthresh

9 Time (expressed in RTTs)

TCP congestion control

g  Fast Retransmit mechanism i If a segment is dropped,

subsequent segments trigger duplicate ACKs

i Sender retransmits segment instantly (without waiting for a timeout) when duplicate ACKs are received (typically 3)

g  Improves performance i Faster reaction to packet loss

g  Implemented in TCP-Reno (more recent than TCP-Tahoe)

SEQ=1 ACK=1

ACK=1 ACK=1 ACK=1

SEQ=2 SEQ=3 SEQ=4 SEQ=5

10

Wireless and Mobile Networks

Mobile Host (1) Access Point

Internet

Base Station

Mobile Host (2)

Wireline Communication

Wireless Communication

11

Wireless and Mobile Networks

Mobile Host (1) Access Point

Internet

g  Wireless transmission errors i High Bit Error Rates i Packet (frame) loss

12

Wireless and Mobile Networks

Internet

Base Station (A) Mobile Host (2)

Base Station (B) Mobile Host (2)

g  Mobility i Disconnection i Hand-offs i Delays 13

Challenge

g  TCP i Assumptions for the Wire-line Internet

• Packet loss only due to congestion • Packet loss is rare

g  Wireless and mobile networks i TCP assumptions are not valid

g  Problem: TCP under-performs i TCP cannot distinguish between packet losses due to

congestion and transmission or disconnection errors i Reducing the congestion window when an error or a

disconnection occurs is not necessary i Throughput suffers

14

Questions

g  What can we do about… i transmission errors? i errors due to mobility?

g  Which part of the system functionality should we modify… i The sender? i The receiver? i An intermediate node? i Some or all of the above?

15

Directions

g  Transmissions errors i Hide error losses from the sender

• If the sender is unaware of the packet losses due to errors, it does not reduce the congestion window

i Inform sender of packet loss cause • If the loss is due to an error, the congestion window is

not reduced

g  Errors due to mobility i Hide mobility from the TCP sender i Make TCP adaptive to mobility

16

Solution classification

g  Split-connection approaches i Split a TCP connection into two: the wire-line part and wire-

less part at a Base Station or Access Point (Foreign Agent)

g  Link layer approaches i Improve link layer reliability

g  End-to-end approaches i Modify TCP congestion control mechanism

g  Hybrid approaches

17

Split-connection approaches

18

Indirect TCP (I-TCP)

g  Split the TCP connection at the AP into two parts i AP buffers and retransmits received segments i AP sends ACKs for the received segments

g  Standard TCP on the wire-line link g  On the wireless link:

i TCP optimized for wireless i Even standard TCP benefits from shorter RTT

• Shorter timeout • Faster retransmissions

Mobile Host Access Point (AP) Internet

“Wireless” TCP Standard TCP

19

I-TCP example

Mobile Host Correspondent Host Access Point

ack 1

segment 2

ack 2

segment 3

ack 3

segment 1

segment 1

ack 1

segment 2

segment 3

segment 2

segment 2 timeout

(short timeout thanks to short RTT)

ack 2

ack 3

20

I-TCP and mobility

g  Moving to a new access point requires transfer of socket state i Including segments buffered at the FA

Mobile Host Access point (1)

Internet

Access Point (2)

Socket migration and state transfer

21

I-TCP summary

g  I-TCP Advantages i No changes in the fixed network or hosts (TCP protocol), all current

TCP optimizations still work • Potentially no changes in mobile hosts

i Wireless transmission errors do not “propagate” to the wire-line network

g  I-TCP Disadvantages i Loss of end-to-end semantics

• An ACK does not imply that the receiver got the segment • For mobility support, all FAs need to be I-TCP compatible, and the

state needs to be transferred to maintain end-to-end semantics i Higher end-to-end delays due to buffering and forwarding to a new

agent i Problem with security mechanisms, e.g. IPsec

• FA needs to spoof ACKs

22

Mobile TCP (M-TCP)

g  Handling of long and frequent disconnections g  Splits connection at FA as I-TCP does g  Foreign agent

i No caching, no retransmission i Monitors all packets i If it detects a disconnection (no ACKs from MN for a while)

• Reports rwnd = 0 to sender • Sender automatically goes into “persist” mode: Does not

timeout or in any other way change the congestion window

Mobile Host Access Point (Foreign Agent) Internet

“Wireless” TCP Standard TCP

23

M-TCP summary

g  M-TCP advantages i End-to-end semantics preserved i Moving to another FA does not require forwarding buffered

packets to new FA (since FA does no buffering)

g  M-TCP disadvantages i Wireless link loss propagates to the wire-line network i Packets lost due to link errors need to be retransmitted by the

sender i Problems with security mechanisms (just like I-TCP)

g  M-TCP handles mobility errors, not transmission errors

24

Snooping TCP

g  “TCP-Aware Link Layer” g  Splits connection like I-TCP and M-TCP

i FA buffers and retransmits segments (if necessary) i FA does not ACK buffered packets as I-TCP does

(preserves end-to-end semantics)

Internet

Buffering of data

End-to-end TCP connection

Local Retransmission Correspondent Host Foreign

Agent

Mobile Host

Snooping of ACKs

25

Snooping TCP: data transfer

g  Data transfer to the Mobile Host i FA buffers a segment until it receives an ACK from the MH i FA detects segment loss via duplicate ACKs or a timeout

• FA timeout is shorter than the round-trip timeout (RTO) at the sender

i FA locally retransmits lost segments i FA drops duplicated ACKs from MH

• Prevents unnecessary retransmissions and congestion window reductions at the sender

• Does not violate end-to-end semantics: Even if the FA crashes before MH receives the segment, the sender will eventually detect the loss via a timeout and retransmit

26

Snooping TCP: data transfer

g  Data transfer from the Mobile Host i FA detects segment loss on the

wireless link via missing sequence numbers

i FA triggers retransmission of lost segment at MH • E.g., with a NACK mechanism

i MH retransmits data with a much shorter delay

Mobile Host Foreign Agent

SEQ=1000

SEQ=1100

SEQ=1200

NACK=1100

SEQ=1100

27

Snooping TCP and mobility

g  When the MH moves to a new FA, should the buffered segments be transferred from the old FA?

i Not necessary • Even if some of the buffered segments are lost in the

transition, the sender will eventually timeout and retransmit them

• This preserves end-to-end semantics

i Yet, this buffer transfer would improve performance because the timeout puts the sender into slow start phase

28

Snooping TCP summary

g  Snooping TCP advantages i End-to-end semantics preserved i Transfer of buffered segments not necessary during handoff

• MH can move to FA without Snoop TCP support

g  Snooping TCP disadvantages i Does not isolate wireless link failures as well as I-TCP does

•  If FA takes too long to retransmit a segment, CH will timeout i Requires modifications at Mobile Host

• NACK or similar mechanism to force retransmission i Snooping cannot be done if TCP headers are encrypted (like in

IPsec EPS; application layer security, e.g. TLS, is compatible) i Dropping duplicate ACKs can break integrity

29

Performance enhancing proxies (PEP)

g  Transport layer proxies i Local retransmissions and acknowledgements i Any of the approaches reviewed above qualifies

g  Application layer proxies i HTTP, FTP, … i Content caching, filtering, compression, picture downscaling

g  Big problem: breaks security end-to-end semantics i Disables use of IP security i Choose between PEP and security!

Mobile Host PEP Corr. Host wireless

Internet

Link layer approaches

31

Forward Error Correction (FEC)

g  FEC: Introduce redundancy in the packet, allowing a receiver to correct a limited number of errors

g  Increasingly popular in wireless standards i Repetition and Hamming codes in Bluetooth i Convolutional codes in IEEE 802.11a i Reed-Solomon + convolutional codes in WiMax i Turbo codes in HSDPA i LDPC in IEEE 802.11n and 802.11ac

g  Helps to avoid retransmissions i Shorter and less variable transmission time

g  Increases computational and bandwidth overhead i Less of a concern nowadays thanks to Moore’s law

32

Efficient link layer handoff: IEEE 802.11r

g  Handoff without IEEE 802.11r 1.  MH discovers new AP 2.  MH authenticates with new AP 3.  MH (re)associates with new AP 4.  MH and new AP generate and confirm

shared temporal keys (based on PSK or IEEE 802.1X)

5.  MH requests QoS resources 6.  Data communication with new AP can

start

communication with old AP still possible

communication with old AP no longer possible

g  IEEE 802.11r allows key generation and QoS resource allocation (steps 4 and 5) to take place prior or during (re)association (step 3)

33

End-to-end approaches

34

Fast Retransmit and Fast Recovery

g  Assumptions i Congestion causes many segments to

be dropped i If a single segment is dropped, but the

triggered duplicate ACKs are delivered, the network is probably not congested

g  Hence i No need for drastic reduction of

congestion window (as in TCP Tahoe) i Fast Recovery phase

SEQ=1 ACK=1

ACK=1 ACK=1 ACK=1

SEQ=2 SEQ=3 SEQ=4 SEQ=5

35

TCP Tahoe vs TCP Reno

g  3 duplicate ACKs arrive i Fast Retransmit: instantly

retransmit 1st lost segment i ssthresh = ½ cwnd i cwnd = 1 i Enter Slow Start

g  3 duplicate ACKs arrive i Fast Retransmit: instantly

retransmit 1st lost segment i ssthresh = ½ cwnd i cwnd = ssthresh + 3 i Enter Fast Recovery

g  Fast Recovery i Increase cwnd by 1 segment

for every duplicate ACK received

i When new ACK received • cwnd = ssthresh •  Enter Congestion Avoidance

i If a timeout occurs •  Reset cwnd to 1 •  Enter Slow Start

36

Every duplicate ACK received indicates a delivered segment àA new segment can be transmitted

TCP Reno vs TCP new-Reno

g  Fast Recovery i Increase cwnd by 1

segment for every duplicate ACK received

i When new ACK received • cwnd = ssthresh •  Enter Congestion

Avoidance i If a timeout occurs

•  Reset cwnd to 1 •  Enter Slow Start

g  Fast Recovery (FR) i Note last segment transmitted

before entering FR as n i Increase cwnd by 1 segment

for every duplicate ACK received

i When new partial ACK received (for k < n) •  Retransmit 1st unacked

segment •  Remain in Fast Recovery

i When ACK for n received • cwnd = ssthresh •  Enter Congestion Avoidance

i If a timeout occurs •  Reset cwnd to 1 •  Enter Slow Start

37

Performance comparison of TCP variants

g  With single packet lost in congestion window, TCP Reno and TCP new-Reno avoid Slow Start, and outperform TCP Tahoe i cwnd oscillates around the optimal

g  With multiple packet lost per congestion window (not shown in the figure), TCP Reno underperforms severely; new-Reno introduced to resolve this i Bursty packet loss common in mobile networks

cwnd

10

5

15

20

0

Slow start

Congestion avoidance

Time-out

Triple duplicate ACK

38

Behavior of Reno and new-Reno

Time (expressed in RTTs)

Selective acknowledgment (SACK)

g  TCP acknowledgements are cumulative i ACK n acknowledges correct and in-sequence receipt of

packets up to n i The sender only learns about the first lost segment

• What if more segments are lost? g  Selective retransmission as one solution

i RFC2018 allows for acknowledgments of single packets, not only acknowledgments of in-sequence packet streams without gaps

i Sender can retransmit missing packets more efficiently g  Advantage

i Higher efficiency g  Disadvantage

i More complex software in the receiver, more buffer needed at the receiver (CPU-, memory- and power-constraint MH)

39

Long disconnections

g  TCP doubles RTO (Retransmit Time Out) each time a timeout occurs i Can cause unnecessary idle time after longer disconnection

Mobile Host

Correspondent Host

MH disconnected

timeout

MH connected

connection idle

segment n+1

segment n+1

segment n+1

segment n+1

segment n+1

40

Long disconnections

g  TCP doubles RTO each time a timeout occurs i Can cause unnecessary idle time after longer disconnection

g  A Mobile Host aware of connection state can “wake up” the CH i Trigger fast retransmit with duplicate ACKs

g  Simple solution i No changes at CH necessary i But TCP at MH needs to be aware of connectivity

Mobile Host

Correspondent Host

MH disconnected

timeout

MH connected

segment n+1

segment n+1

segment n+1

segment n+1

ack

n

segment n+1

Fast Retransmission triggered

41

Explicit notification approaches

g  Explicit congestion notification i Instead of TCP indirectly inferring congestion, let routers

and/or other hosts inform the sender/receiver directly i Requires changes to TCP and the routing infrastructure

g  Explicit bad state notification i Base Station/Access Point (FA) keeps track of wireless link

conditions i Bad link conditions are signal to the Correspondent Host i Correspondent Host reacts accordingly

• Reduces/freezes transmission rate • Resumes transmission at previous rate when good state

notification arrives i Requires using a FA and making changes to TCP at all

hosts 42

Conclusions

g  Many proposed techniques g  Different characteristics and requirements

g  TCP used in more heterogeneous networks nowadays i Mobile networks i Over satellite links

g  Can a single TCP protocol perform in these settings? g  Or should we develop specialized TCP versions (and split TCP

connections when possible)?

43

References g  H. Elaarg, Improving TCP Performance over Mobile Networks, ACM Computing

Surveys, Vol. 34, No. 3, September 2002 g  Y. Tian, K. Xu, and N. Ansari. TCP in Wireless Environments: Problems and Solutions.

IEEE Radio Communications, March 2005 g  J. Huang et al. Anatomizing Application Performance Differences on Smartphones.

ACM MobiSys 2010 g  A. Bakre, B.R. Badrinath. I-TCP: Indirect TCP for Mobile Hosts. ICDCS 1995 g  K. Fall, S. Floyd. Simulation-based comparisons of Tahoe, Reno and SACK TCP. ACM

Sigcomm 1996 g  K. Brown, S. Singh. M-TCP: TCP for mobile cellular networks. ACM Sigcomm 1997 g  H. Balakrishnan, S. Seshan , R. H. Katz. Improving reliable transport and handoff

performance in cellular wireless networks. Wireless Networks. Volume 1, Issue 4, 1995 (this is the reference addressing Snooping TCP)

g  J. Border , M. Kojo , J. Griner , G. Montenegro , Z. Shelby. Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations. RFC 3135, June 2001

g  W. Wei, C. Zhang, H. Zang, J. Kurose, and D. Towsley. Inference and Evaluation of Split-Connection Approaches in Cellular Data Networks. PAM 2006

g  M. Mathis, J. Mahdavi, S. Floyd, A. Romanov. TCP selective acknowledgment options. RFC 2018, October 1996

g  K. Ramakrishnan, S. Floyd, D. Black. The Addition of Explicit Congestion Notification (ECN) to IP. RFC 3168, September 2001

g  B.S. Bakshi, P. Krishna, N.H. Vaidya, D.K. Pradhan. Improving Performance of TCP over Wireless Networks. ICDCS 1997

44

Real-Time Traffic in Wireless Networks

g  TCP i Reliable in-order delivery (no loss) i Delay-tolerant i Throughput optimization

g  Real-time traffic i Delay-sensitive i Loss-tolerant i Constant throughput requirements

g  We focus on VoIP i Represents the most demanding interactive real-time traffic

45

VoIP

g  Call establishment protocols i SIP, H.323, …

g  Transport protocols i RTP, RTCP, …

g  Audio (voice) codecs i ITU G.711, ITU G.722, ITU G.729, GSM, …

46

SIP: Session Initiation Protocol

g  SIP long-term vision: i All telephone calls, video conference calls take place over

Internet i People are identified by names or e-mail addresses, rather

than by phone numbers i You can reach callee, no matter where callee roams, no

matter what IP device callee is currently using

g  Note: technically SIP is an application layer protocol i However, provided functionality not too different from Mobile

IP or HIP

47

SIP Services

g  Setting up a call i Establishing a connection between caller and callee i Negotiation of media type, encoding i Call termination

g  Callee localization i Map mnemonic identifier to current IP address

g  Call management i Add new media streams during call i Change encoding during call i Invite others i Transfer, hold calls

48

Setting up a call to known IP address

g  Alice’s SIP invite message indicates her i  Port number i  IP address i  Preferred encoding to

receive (PCM µLaw)

g  Bob’s 200 OK message indicates his i  Port number i  IP address i  Preferred encoding

(GSM)

g  SIP messages can be sent over TCP or UDP i  Here sent over RTP/

UDP

49 time time

Bob'sterminal rings

Alice

167.180.112.24

Bob

193.64.210.89

port 5060

port 38060µ Law audio

GSMport 48753

INVITE bob@193.64.210.89c=IN IP4 167.180.112.24m=audio 38060 RTP/AVP 0port 5060

200 OKc=IN IP4 193.64.210.89

m=audio 48753 RTP/AVP 3

ACKport 5060

Setting up a call (more)

g  Codec negotiation i Bob can reject proposed codec with 606 Not Acceptable Reply and include a list of supported codecs

i Alice can then send new INVITE message, advertising different encoder

g  Rejecting a call i Bob can reject with replies “busy,” “gone,” “payment

required,” “forbidden”

g  Media can be sent over RTP or some other protocol

50

Name translation and user location

g  Caller knows only callee’s name or e-mail address g  Need to get IP address of callee’s current host

i User moves around, changing IP address i User has different IP devices (PC, PDA, car device)

g  Result can be based on i Time of day (work, home) i Caller (don’t want boss to call you at home) i Status of callee (calls sent to voicemail when callee is

already talking to someone)

g  Service provided by SIP servers i SIP registrar server i SIP proxy server

51

SIP Registrar

52

g  When Bob starts SIP client, client sends SIP REGISTER message to Bob’s registrar server

REGISTER sip:domain.com SIP/2.0 Via: SIP/2.0/UDP 193.64.210.89 From: sip:bob@domain.com To: sip:bob@domain.com Expires: 3600

Register Message:

SIP Proxy

g  Alice sends invite message to her proxy server i Contains address sip:bob@domain.com

g  Proxy responsible for routing SIP messages to callee i Possibly through multiple proxies

g  Callee sends response back through the same set of proxies.

g  Proxy returns SIP response message to Alice i Contains Bob’s IP address

g  Proxy analogous to local DNS server

53

Example Caller jim@umass.edu places a call to keith@upenn.edu (1) Jim sends INVITE message to umass SIP proxy (2) Proxy forwards request to upenn registrar server (3) upenn server returns redirect response, indicating that it should try keith@epfl.ch (4) umass proxy sends INVITE to epfl registrar (5) Epfl registrar forwards INVITE to 197.87.54.21 (keith’s SIP client) (6-8) SIP response sent back (9) media sent directly between clients. Note: there is also a SIP ack message, which is not shown

SIP client217.123.56.89

SIP client197.87.54.21

SIP proxyumass.edu

SIP registrarupenn.edu

SIPregistrareurecom.fr

1

2

3 4

5

6

7

8

9

54

epfl.ch

Comparison with H.323

g  H.323 is a signaling protocol for real-time interactive traffic i Alternative to SIP

g  H.323 is a complete, vertically integrated suite of protocols for multimedia conferencing: signaling, registration, admission control, transport, codecs

g  SIP is a single component. Works with RTP, but does not mandate it. Can be combined with other protocols, services

g  H.323 comes from the ITU (telephony). g  SIP comes from IETF: Borrows much of its concepts from HTTP

i SIP has Web flavor, whereas H.323 has telephony flavor. g  SIP uses the KISS principle: Keep it simple and stupid !

55

Real-Time Protocol (RTP)

g  RTP specifies packet structure for packets carrying audio, video data

g  RTP runs in end hosts g  RTP packets encapsulated in UDP

segments i RTP encapsulation is only seen at end

systems (not by intermediate routers) g  RTP does not provide any mechanism to

ensure timely data delivery or other QoS guarantees i Routers provide best-effort service,

making no special effort to ensure that RTP packets arrive at destination in timely matter

56

RTP Example

g  Consider sending 64 kbps PCM-encoded voice over RTP g  Application collects encoded data in chunks, e.g., every 20

msec = 160 bytes in a chunk. g  Audio chunk + RTP header form RTP packet, which is

encapsulated in UDP segment g  RTP header indicates type of audio encoding in each packet

i  Sender can change encoding during conference g  RTP header also contains sequence numbers, timestamps

57

Real-Time Control Protocol (RTCP)

g  Works in conjunction with RTP g  Each participant in RTP session periodically transmits

RTCP control packets to all other participants g  Each RTCP packet contains sender and/or receiver

reports about useful statistics i # packets sent i # packets lost i Inter-arrival jitter i …

g  Feedback can be used to control performance i Sender may modify its transmissions based on feedback

58

VoIP and the link layer

g  Micro-mobility support for VoIP i Efficient layer 2 handover (already covered)

g  Real-time traffic over the link layer i Cellular networks link layer designed with real-time traffic in

mind i We focus on real-time traffic over IEEE 802.11

59

VoIP over IEEE 802.11 DCF

g  DCF (Distributed Coordination Function) is a best-effort service i No QoS guarantees on channel access delay i Contention for the channel i Unlucky node can experience significant delays

60

t medium busy SIFS

PIFS DIFS DIFS

next frame contention

direct access if medium is free ≥ DIFS time slot

IEEE 802.11 DFC: VoIP only g  Many experimental and analytical evaluations

i 5 to tens of connections can be supported (depending on codec and voice chunk duration)

g  Example (AP handles VoIP connection only):

G.729: audio data compression algorithm

g  Rapid performance collapse with too many voice connections 61

Rat

io o

f pac

kets

dela

yed

>150

ms

Number of voice connections

Taken from [Cai06] Downlink traffic, IEEE 802.11b, rate 11Mbps, ns2 simulations

IEEE 802.11e

g  IEEE 802.11e defines Quality-of-Service (QoS) extensions to IEEE 802.11

g  Two new channel access methods: i Enhanced Distributed Channel Access (EDCA)

• Extension of DCF • 4 traffic classes with different priorities

i (Hybrid Coordination Function)-Controlled Channel Access (HCCA) • Similar to PCF

62

EDCA g  EDCA: Enhanced Distributed Channel Access g  EDCA defines 4 traffic classes with different priorities (listed

from highest to lowest priority) i Voice, Video, Best-effort, Background

g  Channel access method as in DCF g  Each class uses different values of parameters

i Arbitration Interframe Space (AIFS) i Backoff (BO) contention window size range (CWmin, CWmax)

63

t medium busy SIFS

PIFS AIFS[0]

next frame contention

AIFS[1]

AIFS[2] AIFS[3]

CW

EDCA

g  To prioritize traffic internally EDCA makes use of i Separate queue for

each class i A virtual collision

handler

64

Priority-based distribution

queue 3

Backoff AIFS[3] BO[3]

queue 1

Backoff AIFS[1] BO[1]

queue 2

Backoff AIFS[2] BO[2]

queue 0

Backoff AIFS[0] BO[0]

Virtual collision handler

Frame to transmit

Transmission attempt

IEEE 802.11e summary

g  Best-effort prioritizing of traffic g  Connections in the same class contend as with DCF

i Adding a few too many voice connections degrades the performance significantly for all nodes

g  Hence need for admission control i Prevents oversubscribing to a channel i Provides some control over latency i Challenge: overlapping BSSs

g  Security concerns i Misbehaving stations could attempt to assign highest priority

to their traffic

65

References

g  L.Cai, Y. Xiao, X.S. Shen, J.W. Mark. VoIP over WLAN: voice capacity, admission control, QoS, and MAC: Research Articles. International Journal of Communication Systems, Volume 19, Issue 4, May 2006

g  L.X. Cai, X. Shen, J.W. Mark, L. Cai, Y. Xiao. Voice capacity analysis of WLAN with unbalanced traffic. IEEE Transactions on Vehicular Technology vol. 55, no. 3, May 2006

g  J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, E. Schooler. SIP: Session Initiation Protocol. RFC 3261, June 2002

g  H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson. RTP: A Transport Protocol for Real-Time Applications. RFC 3550, July 2003

66

My Research Focus: Privacy Protection

67

g  Trends i More technology: more computing power, more bandwidth, more

collection of personal data i More wearable devices (including more lifestyle trackers) è

better feedback loop

Data mining, machine learning

Cookies, browser fingerprints, clicks, content of emails, data from OSN,… Heart rate, gaze, sounds, sweat,…

Optimized stimuli (ads) to maximize likelihood of purchase decision

A Few Ongoing Research Projects in my Group (LCA1)

g  Genome privacy g  Smart permission management in Android g  Location-based activity summary

68

69

Why  Protect  Genomic  Data?  

g  Genome  carries  informa-on  about  a  person’s  gene-c  condi-on  and  predisposi-ons  to  specific  diseases  i Leakage  of  such  informa-on  could  cause  

gene$c  discrimina$on  

i Denial  of  access  to  health  insurance,  mortgage,  educa-on,  and  employment  

70  

Things  are  Moving

g  CS  giants  start  proposing  genome-­‐related  services  

o  Google  Genomics  (API  to  store,  process,  explore,  and  share  DNA  data)  o  IBM  Research  (computa-onal  genomics)  o   MicrosoH  Research  (genomic  research  in  collabora-on  with  Sanger  

Center)  o  Amazon        

g  Global  Alliance  for  Genomics  &  Health  

o  Defini-on  of  a  common  framework  for  effec-ve,  responsible  and  secure  sharing  of  genomic  and  clinical  data  

o  Security  Working  Group:  security  infrastructure  policy  and  technology  hQp://genomicsandhealth.org/our-­‐work/working-­‐groups/security-­‐working-­‐group/work-­‐products    

71  

Ongoing  CollaboraBons  •  Swiss  HIV  Cohort  Study    hQp://www.shcs.ch/    

i Infrastructure  suppor-ng  mul--­‐center  (7  hospitals)    research  project  dealing  with  HIV  infected  adults  

i Our  contribu-on:  deployment  (next  month)  of  our  data  protec-on  soHware  on  their  system  

•  Lausanne  University  Hospital  (CHUV)  –  Biobank  hQp://www.chuv.ch/biobanque/bil_home/bil-­‐recherche.htm  i Clinical  and  environmental  data  i Genomic  data:  • 2.5M  SNPs  /  pa-ent  • 20’000  pa-ents  i Our  contribu-on:  protec-on  of  the  biobank  as  of  2016    

g  Sophia  Gene-cs  i hQp://www.sophiagene-cs.com  i Start-­‐up  company,  on  campus;  visualiza-on  of  genomic  data  i Successfully  closed  2nd  round  of  funding  (11MCHFrs):  Endeavour  Vision,  Invoke,…  i Our  contribu-on:  protec-on  of  raw  genomic  data  

g  Other  partners:  EPFL  School  of  Life  Science,  Cornell  Tech,    Craig  Venter  Ins-tute,  Vanderbilt  Univ.,…  

 72  

Smart Permissions (SmarPer)

g  Smartphones manage an increasing amount of private information

g  Android, the dominant mobile OS, relies on permissions to protect this sensitive information

g  Problem: permission model has several limitations i “All-or-nothing” i Coarse-grained i Context-oblivious i Difficult to understand i Abused by apps

Ø 1/3 apps request excessive permissions

app request

<f1, f2,..,fn> feature vector

SmarPer Overview

10

time location

phone status nearby devs

conn type

Context

App Info

ML Model

DB

decision & confidence

c>t

app request

Obfuscation

Interception

Processing

response

<f1, f2,..,fn> feature vector

yes

no

user prompt

ML Model

Update

1 2

3

4

5 6

9

12

14

13 user feedback

8

category status

downloads reviews

developer

7

app name req type params

SmarPer OverviewAudit

11

10

time location phone status nearby devs conn type

decision & confidence PROCESSI

NG

response

yes

no

1 2

3

4

5 6

9

13

14

12 user feedback

8

category status downloads reviews developer

7

app name req type params

11

INTERCEPTION

OBFUSCATION

CONTEXT

APP INFO

AUDIT

ML

MODEL UPDATE

DB

ML MODEL

c>t

ML Machine Learning c confidence t threshold optional step

§  Automatic permission decisions using machine learning•  Reduce user-burden (e.g., number of manual decisions)

§  Dynamic permission decisions based on context•  E.g., share location at a restaurant but not at the hospital

§  Better privacy vs. utility trade-offs•  Multi-level data obfuscation (e.g., approximate location, filtered contact info)

g  Activity-tracking applications are increasingly used

75

•  Current solution

Privacy: The online service can track the users’ locations

Security: users can cheat on their performance

We propose SecureRun

Privacy: The online service cannot track the users’ locations

Security: users cannot cheat on their performance

Location-based activity summaries

g  SecureRun guarantees location privacy and cheat-resilience i By providing lower bounds of activity summaries i Based on networks of access points

76

Location-based activity summaries

0

1000

2000

3000

4000

5000

6000D

ensi

ty o

f A

Ps

(AP

s/k

m2)

0

1000

2000

3000

4000

5000

6000

7000

8000

9000

Den

sity

of

acti

vit

ies

(act

ivit

ies/

km

2)

0

20

40

60

80

100

Brussels

London

ParisParis (2 O

p.)

accu

racy

[%

]Users’ concern levels regarding security

(left) and privacy (right) issues in activity-

tracking apps

Users’ satisfaction for various performance levels of SecureRun if the

actual distance is 10 miles

Distribution of FON access points (left) and Garmin activities (right) in Paris

Overall performance of SecureRun

SecureRun’s accuracy level

For Next Semester

g  Master’s Research Associate; if you are interested and you qualify, please email me: i Letter of motivation i CV i 2 or 3 references

g  Projects i Our project descriptions are online: semester projects,

optional projects, Master theses

77

New Course: CS-622 Privacy Protection

g  Doctoral course (6 ECTS credits), first instance in the fall 2014 g  Bridge between our research and our teaching activities g  Next instance: September – December 2015 g  Can be taken by Master’s students (half were Master’s students last year) g  Oral exam + mini-project (leading possibly to a publication; can be combined with

semester project / optional project) g  Content of the course

i  Part 1 - Preliminaries •  1.1 Introduction •  1.2 Economics and Incentives •  1.3 Crypto-Based Solutions

i  Part 2 - Data Privacy •  2.1 Hiding Data from the Database User •  2.2 – Hiding Access Patterns from the Database Owner

i  Part 3 - Privacy in Networks •  3.1 Privacy in the Internet •  3.2 Privacy in Mobile Networks

g  Lecturer: JP Hubaux, helped by post-docs and PhD students for the mini-projects g  Access to last year’s material:

i  http://moodle.epfl.ch/course/view.php?id=14215 i  Password for guest access from outside of the Intranet: key PriPro14

78

79