Overview of UMass Activities

Overview of UMass Activities D. Towsley W. Gong

Ongoing UMass MURI Research W. Gong, D. Towsley • Poisson counter driven stochastic differential Equation (PCSDE) models of • correlation attack (D. Towsley) • heavy tails (B. Jiang) • queues fed by heavy-tailed traffic • multipath • effects of heavy tails on performance (W. Wei) • graph sampling • how does graph structure affect sampling (D. Towsley) UMASS, MURI Workshop, Sep 9, 2009

On the Mitigation of Traffic Correlation Attacks on Router Queues Yan Cai, Patrick P. C. Lee, Weibo Gong, Don TowsleyUMASS MURI WorkshopSep 9, 2009

Correlation Attack • definition • adversary introduces traffic burstiness at routers • introduce correlation among multiple attack flows • degrades performance of normal flows • small buffers – more packet drops • large buffers – higher end-to-end transfer delay • why daunting? • low-rate: not to congest links • evade volume-based detection • can be launched using botnets UMASS, MURI Workshop, Sep 9, 2009

Contributions • analytical framework to study correlation attack, using PCSDE fluid models: • impact of inter-flow correlation on average queue lengths • impact of increased queue length on normal flows • defense strategy • two-stage pacing: ON-OFF pacing, rate-limiting UMASS, MURI Workshop, Sep 9, 2009

x1 v h1 x2 h2 … c hn xn Correlation-Attack Model Single-Queue Model Parameters • xi(t) = ON-OFF process of flow i, xi(t)  {0,1} • hi = capacity of access link i • c = capacity of outgoing link • v(t) = queue length of target router at time t UMASS, MURI Workshop, Sep 9, 2009

x1 v h1 x2 h2 … c hn xn Correlation-Attack Model Single-Queue Model • SDE for v(t) • if xi(t) is Markov ON-OFF process Ni1 = ON Poisson counter with rate λi1 Ni2 = OFF Poisson counter with rate λi2 UMASS, MURI Workshop, Sep 9, 2009

x1 v h1 x2 h2 … c hn xn Correlation-Attack Model Single-Queue Model Theorem: If hi > c > hiE[xi], inter-flow correlation UMASS, MURI Workshop, Sep 9, 2009

Evaluation of Correlation Attack • solution via numerical simulation from SDEs • three cases: • Independent: xi’s have independent ON/OFF transitions • Weakly correlated: xi’s have same ON transitions • Identical: xi’s have same ON/OFF transitions • results: • inter-flow correlation increases buffer’s average queue length • PCSDE models conform to ns2 simulation UMASS, MURI Workshop, Sep 9, 2009

P P P x1 h1 v x2 h2 … c hn xn Defense using Pacing • put pacers on upstream routers to de-correlate flows, reduce burstiness at target router UMASS, MURI Workshop, Sep 9, 2009

Two-Stage Pacing • rate-limiting: • limit peak rate using leaky bucket • Markov ON-OFF: • chop long bursts into small bursts • output bursts at random times vim hi zi є {0,1} Ni3 = ON Poisson counter Ni4 = OFF Poisson counter vir ci < hi ci hi UMASS, MURI Workshop, Sep 9, 2009

Two-Stage Pacing • two-stage pacing: combine above components vim vir ci hi hi Markov ON-OFF Rate-limiting • SDEs : UMASS, MURI Workshop, Sep 9, 2009

Preliminary Results Parameters: • n = 60, hi=0.4Mbps, • E[ON] = 1s, E[OFF] = 4s, • ci = 0.2Mbps, c = 10Mbps • Two-stage pacing better than each pacing component alone UMASS, MURI Workshop, Sep 9, 2009

Preliminary Results • Pacing in presence of correlation attack • Pacing removes delay spikes of normal flows RTTs of TCP packets (without pacing) RTTs of TCP packets (with 2-stage pacing) UMASS, MURI Workshop, Sep 9, 2009

Open issues • adaptive pacing? • ON-OFF pacing adds delay to normal traffic • pace only a subset of traffic classes? implementation? • impact of two-stage pacing on heavy-tailed bursts? UMASS, MURI Workshop, Sep 9, 2009

An SDE Model for Power Law Bo Jiang, Weibo Gong, Don TowsleyUMASS MURI WorkshopSep 9, 2009

From Lognormal to Power Law • , geometric Brownian motion • , standard Wiener process (Brownian motion) • lognormally distributed • independent of • has double Pareto distribution [Reed 2001] UMASS, MURI Workshop, Sep 9, 2009

SDE Model for Double Pareto • Consider following SDE W, standard Wiener process N, Poisson process with rate λ UMASS, MURI Workshop, Sep 9, 2009

Fokker-Planck Equation • Apply Itô’s rule to • Take expectation • Since is arbitary, density of evolves according to following Fokker-Planck equation UMASS, MURI Workshop, Sep 9, 2009

Steady-state Distribution • In steady state, where are roots of quadratic equation • If , degenerates to UMASS, MURI Workshop, Sep 9, 2009

Speed of Convergence • Let • characteristic function of • Apply Itô’s rule to and take expectation, • Solution is where • converges exponentially. exponential convergence UMASS, MURI Workshop, Sep 9, 2009

Future Work • Application as traffic model for fluid queueing system • Allows for power-law traffic rate • May degrade queueing performance • May have longer burst of output traffic • Pacing as potential mitigation mechanism • Cost vs. benefit • Expect overall performance improvement • Need detailed analysis and simulations UMASS, MURI Workshop, Sep 9, 2009

Can Multipath Mitigate Power Law Delays? Wei Wei, Bo Jiang, Patrick Lee, Weibo Gong, Don Towsley University of Massachusetts, Amherst

Outline • Motivation • Redundant routing • Split Routing • Conclusions • Future Work

Motivation - Outages Lead to Power Law Retransmissions • Packet Length L: • On-off Channel: A, U • N: # of transmissions needed to deliver a packet • If then • Jelenkovic & Tan, Infocom 2007 A1 U1 A2 U2 A3 U3 An L L L L L Light tail distributions Can lead to power law N

Can Multipath Mitigate Power Law Delays? • Given K i.i.d. channels • Redundant Routing • Duplicate packet and send over K channels • Split Routing • Split packet into K equal length pieces and send over K channels • Question • What is effect on number of transmissions? 1 1 2 2 3 3 K K

Redundant Routing • Given a packet, packet transmission succeeds if one channel succeeds • Given a packet, N = min{N1, N2, … , NK} • If then • Redundant routing does not mitigate power law retransmissions

Split Routing • Tradeoffs • Smaller packet in each channel (L/K) • For each packet, transmission succeeds iff when all channels succeed • Given a packet, N = max{N1,N2,…,NK} • Looks ugly, Taylor expansion? • General result? Or depends on F and G?

Split Routing – No General Results • Let , we have If • F, G both Pareto • F, G both Exponential • F, G both Weibull Different H(y) Different P(N>n)

Split Routing - Pareto and Exponential • Pareto • Exponential Rate Unchanged! Same as Redundant Better than Redundant

Split Routing - Weibull • b > 1, tail lighter than exponential • Rate better than exponential • 0 < b < 1, tail heavier than exponential • Rate worse than exponential

Split Routing – Exponential Tail • If • then • for split routing over K i.i.d. channels.

Conclusions • Power law retransmissions • Redundant routing • Does not mitigate power law retransmissions • Split Routing • Depends on distribution • Sometimes better than redundant routing • Sometimes same as redundant routing

Future Work • Complete analysis for split routing • More general distributions • Analysis on packet delivery delay • Different combinations of distributions • Independent but not identical channels

Thank you!

Network Characterization via Sampling B. Ribeiro, D. Towsley UMass-Amherst

Problem Given large, possibly dynamic, network, how does one efficiently sample/crawl to accurately characterize it? • degree distribution • assortativity • clustering coefficient • …

Motivation • understanding technological networks • Internet, wireless networks social networks • on-line social networks such as FaceBook, MySpace, Orkut, YouTube, … • where network dataset not available • size, lack of global view, dynamics

Sampling methods • random node sampling • unbiased • not always possible • limited entry points • high overhead • on-line social networks sparsely populated • breadth first, depth first crawling • snowball sampling – commonly used method • random walk

Random sampling, snowball sampling Orkut data set (Mislove 2007), 3M nodes, 200M edges CCDF CCDF True distribution Random node sampling 5000 samples Snowball sampling highly biased strong degree correlation

Random walk sampling • random walk (RW) • produces biased estimate iRW • v – vertex in undirected graph G • no. neighbors n(v ) P(v selected in RW)  n(v)  iRW i  i i = iRW avg. degree/i avg degree estimated during RW CCDF RW sampling ^

Sampling error – independent degrees degree distribution i, n samples • random sampling • random walk  head: GOOD tail: BAD • head: BAD • tail: GOOD Power-law tails easier to sample

Node sampling vs. RW: Orkut node sampling • node sampling better for low degree nodes • RW better for high degree nodes log(CCDF log(degree) random walk log(CCDF) log(degree)

Future work • hybrid sampling: node sampling, RW sampling) • budget of m samples • use m’ to sample nodes • use RW to sample m-m’ • example • 10000 node power law network • 100 samples • edge sampling – not feasible Frontier sampling MSE/AVG

Future work • adaptive sampling • combine node sampling, RW sampling • dynamically tradeoff accuracy • other statistics • how do graphs affect sampling efficiency • power law vs exponential tail • spatial correlation, independence vs. SRD vs. LRD • application to different networks • wireless, social, wireless/social

Overview of UMass Activities

Overview of UMass Activities

Presentation Transcript

Overview of USGS Calibration Activities

Overview of WMO Drought Activities

Overview of NRIAG Activities

Overview of IEEE Educational Activities

Overview of State Treasury’s Activities

Overview of Science Team Activities

An Overview of IHSA Activities

Overview of main IHTA activities

OVERVIEW OF EBU ACTIVITIES

Overview of activities in Thailand

ND280m Overview of the activities

Overview of the WP5.3 Activities

Overview of Activities

Overview of ADC activities (Committee)

Overview of the Fund’s activities

ACE – An overview of activities

Overview of IWVTA activities

Overview of Activities

Overview of activities and achievements

Overview of ARIES Engineering Activities

Overview Of Nazimgarh Activities.