1 / 37

WLAN : QoS, Z-iteration, and Assertional Security Analysis

WLAN : QoS, Z-iteration, and Assertional Security Analysis. A.Udaya Shankar Computer Science Dept and UMIACS University of Maryland shankar@cs.umd.edu. Outline. QoS Z-iteration (performance evaluation) Assertional Security Analysis. Outline. QoS Compensating for “physical capture”

kordell
Download Presentation

WLAN : QoS, Z-iteration, and Assertional Security Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WLAN:QoS, Z-iteration, andAssertional Security Analysis A.Udaya Shankar Computer Science Dept and UMIACS University of Maryland shankar@cs.umd.edu

  2. Outline • QoS • Z-iteration (performance evaluation) • Assertional Security Analysis A.U.Shankar --- LTS

  3. Outline • QoS Compensating for “physical capture” effect in WLANs • Z-iteration (performance evaluation) • Assertional Security Analysis A.U.Shankar --- LTS

  4. QoS: Throughput fairness • Throughput fairness in 802.11 depends on • MAC access mechanism • Physical-layer characteristics • Most studies downplay physical-layer effect and focus on the MAC CSMA/CA/BEB • We discovered that physical-layer capture is the dominant factor in throughput fairness A.U.Shankar --- LTS

  5. Physical-layer capture effect • Physical-layer capture efffect: • When two frames collide at a receiver, the receiver can extract the stronger frame • Capture occurs consistently for even a few dBm difference in frame signal strengths • Capture occurs frequently in WLANs (due to multipath and fading). A.U.Shankar --- LTS

  6. Ad-hoc Mode Experiments source 1 source 2 sniffer • Sources broadcasting in ad-hoc mode • no beacons, ACKs, and retransmissions • MAC-layer effect minimized • Results • 8% of frames collided • 90% of collisions had capture • 8% higher throughput for stronger station A.U.Shankar --- LTS

  7. Ad-hoc Mode Experiments Signal strengths Throughputs A.U.Shankar --- LTS

  8. Infrastructure Mode Experimentswithout RTS/CTS source 1 source 2 AP sniffer sniffer sink • Results • Weaker station retransmitted 5% of frames • Stronger station retransmitted 0.5% of frames • Stronger station had 7% higher throughput A.U.Shankar --- LTS

  9. Infrastructure Mode Experimentswithout RTS/CTS Throughputs Signal strengths A.U.Shankar --- LTS

  10. Infrastructure Mode Experimentswith RTS/CTS source 1 source 2 AP sniffer sniffer sink • Results • Each station retransmitted under 0.1% data frames • Weaker station retransmitted 5% of RTS frames • Stronger station retransmitted 0.1% of RTS frames • Stronger station had 12% higher throughput A.U.Shankar --- LTS

  11. QoS: Compensating for Capture • Congestion control based on signal strength • Explicit control • Source controls its send rate based on its signal strength at AP • Implicit control • AP delays packets of stronger sources, thereby inciting transport layer congestion control to throttle down A.U.Shankar --- LTS

  12. QoS: Conclusions • Physical-layer capture is a major cause of MAC throughput unfairness. • Resulting unfairness as high as 12% in favor of station with stronger signal. • Any QoS scheme must account for differing signal strengths of sources. • Investigating explicit and implicit schemes. • Invention disclosure. A.U.Shankar --- LTS

  13. Outline • QoS • Z-iteration Fast evaluation of instantaneous peformance metrics of wireless/wireline networks • Assertional Security Analysis A.U.Shankar --- LTS

  14. Z-iteration: Introduction • Fast evaluation of heterogenous TCP/IP networks • Current evaluation methods are not adequate • analytical methods are inaccurate and coarse • packet-level simulators are slow (e.g. ns, opnet) • Do not capture real-world features • 802.11 rate-switching • Platform dependencies (timers, scheduling) • Goal: Evaluation method that is as accurate as packet-level simulation but much faster • Approach: Based on fast approximate solutions of time-dependent queuing models A.U.Shankar --- LTS

  15. Z-iteration Approach • TCP/IP networks modeled by a queuing network • Traffic modeled by time-dependent stochastic process • Time-dependency: natural modeling of adaptive control (congestion, routing, admission, link scheduling, ...) • Queuing differential equations solved rapidly using Z-iteration approximations • Obtain time evolution of instantaneous ensemble metrics at each link for each connection • average_queue_size(t), blocking(t), utilization(t), … • Validation against ns simulation A.U.Shankar --- LTS

  16. M(t)/M(t)/* Queuing Networks (t) (t) • Start from the flow equation • If we can express B(t) and U(t) in terms of N(t), we would have a single differential equation per queue • For anetwork of queues, each queue i has • So a network of n queues is modeled by n differential equations A.U.Shankar --- LTS

  17. M(t)/M(t)/* Queuing Networks A.U.Shankar --- LTS

  18. M(t)/M(t)/* Queuing Networks A.U.Shankar --- LTS

  19. TCP/IP Networks • Model link by variation of M(t)/M(t)/1/K equations • Model TCP sources by profiles. • Profile of a TCP source: function that describesinst. throughput versus inst. loss rate andinst. roundtrip time. A.U.Shankar --- LTS

  20. Drop-Tail Example 2: 30 nodes, mid-load A.U.Shankar --- LTS

  21. Drop-Tail Example 3&4: 100 nodes - topology A.U.Shankar --- LTS

  22. Drop-Tail Example 3: 100 nodes, mid-load Evaluation time: Z-iteration: 16 sec, ns: 71 - 930 sec A.U.Shankar --- LTS

  23. Drop-Tail Example 4: 100 nodes, high-load Evaluation time: Z-iteration: 29 sec,ns: 146 - 2150 sec A.U.Shankar --- LTS

  24. Summary • Fast accurate time evolution of performance metrics of time-dependent queuing networks • Straightforward modeling of adaptive control mechanisms • Short-term real-time prediction of network traffic • Profiles: natural way to model real-life sources • Extensions • RED, CBQ, ... • WLANs A.U.Shankar --- LTS

  25. Z-iteration for WLAN networks • Model 802.11 sources by profiles • Profile of a 802.11 source: Instantaneous throughput as function of • Number of active stations • Desired and achieved instantaneous rates of active stations • Signal strengths of active stations at AP A.U.Shankar --- LTS

  26. Profile: Experimental Setup source 1 .... sniffer AP/sink source N • Workload • UDP sources to preclude any control effects. • Sending rate keeps firmware queue full. A.U.Shankar --- LTS

  27. General Observations • Susceptible to severe capture-effect • Starvation occurs routinely for more than 8 stations • Rate Switching Algorithm • Station switches to lower transmission rate if there is a packet loss • AP is not bottleneck in processing A.U.Shankar --- LTS

  28. Specific Results • Maximum Instantaneous Throughput for single station is 6.45 Mbps, out of a bit rate of 11 Mbps • Due to DIFS + Backoff • Throughput falls rapidly with number of stations at high load • Susceptible to capture-effect A.U.Shankar --- LTS

  29. Profile of 802.11b (preliminary) N=2 N=3 N=4 Instantaneous Throughput Background Traffic A.U.Shankar --- LTS

  30. Clustering in 802.11 profiles Per-station inst. throughput (pkts/sec) Overall inst. throughput (pkts/sec) A.U.Shankar --- LTS

  31. Outline • QoS • Z-iteration • Assertional Security Analysis Framework for specification, verification, and testing of concurrent systems A.U.Shankar --- LTS

  32. Concurrent System: Cooks in a Kitchen A.U.Shankar --- LTS

  33. Example concurrent system executions • Single-process concurrent system execution • Two-process concurrent system execution A.U.Shankar --- LTS

  34. SESF (services and systems framework) • Systems and Services specified by programs • service defines acceptable sequences of interactions • service is executable, not constrained by platform • SESF program explicitly indicates • events: atomically-executed statements • externally-controlled events • progress expected (of platform/service) • Service satisfaction • composite program of system and service • Compositionality A.U.Shankar --- LTS

  35. Assertional Analysis and Testing • Analysis • Properties expressed by assertions • invariants, leads-to, • Assertions proved by proof rules or operational reasoning • Routing, transport, concurrency control • Testing • single process: threads and function calls • multi-process: distributed processes and RMI • Transport layer A.U.Shankar --- LTS

  36. Assertions of Security • confined(key, vset) • predicate: true iff value key is confined to variable set vset • vset models principals, systems, ... • handles authentication, confidentiality, ... • Proof rules • Hoare-triple: {predicate} statement {predicate} • {confined(k, v)} x := k {confined(k, v U {x})} • {confined(k, v)} one-way-func(k) {confined(k, v)} A.U.Shankar --- LTS

  37. Future Work • QoS • Control mech compensating for signal-strength • Z-iteration (performance evaluation) • 802.11b profiles • Evaluation of QoS mechanisms • Assertional Security Analysis • Assertions and proof system for security • 802.11 authentication, key distribution, ... A.U.Shankar --- LTS

More Related