1 / 26

WiFiProfiler: Cooperative Diagnosis in Wireless LANs

WiFiProfiler: Cooperative Diagnosis in Wireless LANs. Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research. Wireless Woes. Users often wonder why: “My machine says: wireless connection unavailable” “I get poor performance on wireless”

fedella
Download Presentation

WiFiProfiler: Cooperative Diagnosis in Wireless LANs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research

  2. Wireless Woes • Users often wonder why: • “My machine says: wireless connection unavailable” • “I get poor performance on wireless” • “My wireless card keeps trying to authenticate” • “Is it just me?”

  3. Wireless Woes • Users often wonder why: • “My machine says: wireless connection unavailable” • “I get poor performance on wireless” • “My wireless card keeps trying to authenticate” • “Is it just me?” • Many places have no/minimal network admin • Hotspots: cafes, airports • Transient networks: conferences, IETF meetings

  4. Prior Work: Operator View • Infrastructure-based monitoring (Aruba, DAIR) • Focuses on operator perspective (e.g., rogue APs) • Monitoring at clients (e.g., [Adya 2004]) • Fault diagnosis using infrastructure support • Also focuses on operator perspective • Correlate client observations at AP (MOJO) • Detect PHY level anomalies

  5. WiFiProfiler Goal: User View Enable clients to diagnose network failures without requiring admin/infrastructure support: • Reduce user frustration • Reduce load on admin, when there is one Help users help themselves

  6. State of the Art: Local Diagnosis • Wireless Connection Manager, WZC • Reasonable detection, Poor diagnosis Bad NIC MAC Filtering Bad WEP Key Cannot Associate Bad AP

  7. WiFiProfiler • Based on two key observations: • Clients form Information Plane with peers • Even when client cannot connect to AP • Extent of problem indicates cause Diagnose faults by correlating peers’ health

  8. WiFiProfiler Overview Healthy Client Req. Health Health Info. (WEP key info) Dissatisfied Machine (Cannot connect to WEP-enabled AP) Create Information Plane Access Point Health Info. (WEP key info) Req. Health Diagnose Problem: Same WEP key? Healthy Client Diagnose range of problems across layers!

  9. Faults and Some Causes Location No AP Detected H/w or s/w No Association Security DHCP Server No IP Address Firewall/proxy End-to-End Failure WAN Disconnect WAN congestion Poor Performance Wireless problem

  10. Outline • Introduction • WiFiProfiler Overview • WiFiProfiler Design • Evaluation • Summary

  11. WiFiProfiler Design Goals • Transparency: • Minimal user impact/involvement • Deployability: • Work with off-the-shelf cards and unmodified drivers • Scalability: • Work with a large number of clients • Security: • Prevent compromise of clients and AP

  12. WiFiProfiler Architecture • Sensing: What is monitored? • Communication: How is it shared? • Diagnosis: How are faults diagnosed?

  13. Sensing • Monitor health of client’s connectivity • Static info (e.g., NIC type) • Dynamic info (e.g., assoc. success/failure) Sensed Info Some Causes Fault NIC Model, Make, Driver version H/w or s/w No Association Auth/Encryption setting, key info Security

  14. Sensed Information • User-level service (daemon) polls various layers • Wireless: NIC, BSSID, RSSI, Beacon Loss, 1-way hash of key, Interface Queue • IP: IP Address, DHCP, DNS • Transport: Failed connections, Server Ports • Application: Web proxy settings • Snapshot obtained once every second • Summarized information < 1200 bytes

  15. Communication 802.11 NICs can connect to only one network at a time Challenges: • Discovery: How does H know that D needs help? • Parallelism: How does H send packets to D? Req. Health H D Sensed Info Establishing the Information Plane

  16. Discovery • D initiates ad hoc network with distinct SSID • Special SSID format denotes request for help • H receives beacon even when associated to AP SSID: Help:169.254.10.125:5000 D H 169.254.10.125 Port: 5000

  17. Parallelism using VirtualWiFi Details: Infocom ’04 Approach: Virtualize card, buffer packets, switch b/w networks Application Layer User-level Kernel-level TCP/IP, Network Stack VirtualWiFi Layer Virtual Interface 1 Virtual Interface 2 Virtual Interface 3 Wireless Card

  18. Communication Protocol • WiFiProfiler uses 2 (virtual) adapters: • Primary adapter activated in normal use • Helper adapter dedicated for WiFiProfiler • Activated only when needed SSID: Help:169.254.10.125:5000 D H Primary VNIC 169.254.10.125 Port: 5000 Helper VNIC Scalability and Security discussions in paper

  19. Diagnosis • Initiated by user • Correlate peers’ info and infer likely cause • Rule-based techniques instead of black-box • Suggest steps for problem resolution • Change configuration settings • e.g. local DNS server, web proxy, WEP key • Change location, contact admin • Diagnose faults across layers of network stack

  20. Diagnosing Association Failure If another peer has successfully associated with the AP: Similar card Associated? Is Sec. config Same? Is BLR much higher? YES NO NO YES YES NO Bad Sec. setting (Fix it) Bad signal (change location) MAC Filtering (contact admin) S/w or H/w config (change NIC or update driver)

  21. Diagnosis Features • Inherent uncertainty in some cases • Need info from AP to confirm MAC filtering • Conflicting info from peers • Used to eliminate branches in diagnosis procedure, e.g. NIC type • Vulnerability to bogus info from attackers • Use information from large number of peers • Susceptible to Sybil attack

  22. Outline • Introduction • WiFiProfiler Architecture • Sensing • Communication • Diagnosis • Evaluation • Summary

  23. Evaluation • Sensing: Low overhead • (used < 1% CPU on 1.33 GHz laptop) • Communication using VirtualWiFi: • Healthy clients spend < 2 sec sending info • Sick clients get information within 30 seconds • Much of the delay in discovery (scanning delays)

  24. Little Impact on Healthy Clients Extra 0.5 to 3 seconds!

  25. Effectiveness of WiFiProfiler Relevant diagnosis at all clients within 30 seconds!

  26. WiFiProfiler Summary • Enables cooperative diagnosis in WLANs • Without infrastructure support, low overhead • Working system on Windows XP • Future work: • Security: Privacy, Sybil Attacks, Passive Mode • Long-term Profiling

More Related