1 / 13

Network Tomography for the Internet: Open Problems

Network Tomography for the Internet: Open Problems. D. Towsley U. Massachusetts. LOSS %. Delay. LOSS %. 1 2 3 4 5 6. 1 2 3 4 5 6. 4 5 6. Avg. Delay. 4 5 6. Infrastructure (NIMI). 6. 6. 1. 1. cross section view. composition of views. cross section view. ?. 2. 2. 4. 4.

sigourney-appleby
Download Presentation

Network Tomography for the Internet: Open Problems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Tomography for the Internet: Open Problems D. Towsley U. Massachusetts

  2. LOSS % Delay LOSS% 1 2 3 4 5 6 1 2 3 4 5 6 4 5 6 Avg. Delay 4 5 6 Infrastructure (NIMI) 6 6 1 1 cross section view composition of views cross section view ? 2 2 4 4 3 3 5 5 Avg. Delay LOSS % 1 2 3 1 2 3 Network Tomography: I Goal: obtain spatio-temporal picture of a network/internet from end-to-end views ?

  3. Rationale Why? • network management: bottlenecks/faults • agreement verification • adaptive applications: loss, delay, shared point of congestion Why not query routers? • 1000s of autonomous systems • 100,000s routers • need special privileges • router info not always complete

  4. a1 a2 a3 1 0 1 1 1 0 loss rates ^ ^ ^ a1, a2, a3 Example: MINC source Uses end-end observations to peer inside network • multicast probes • correlated performance observed by receivers • exploit correlation to estimate link behavior • loss rates • delay statistics receivers

  5. Inference Methodology (Losses) • model • known multicast tree topology • independent Bernoulli processes across all links with unknown loss prob. {ak } • methodology • maximum likelihood estimates for {ak} • extensions • link delays • topology inference

  6. Open Problems • data massaging • delay measurements exhibit many artifacts • scalability • robustness to missing data • layout/composition of views • use (partial) information from network Characteristic of any approach

  7. The Real Internet • most traffic is point-point • point-to-point behavior verydifferent frommulticast behavior Q: how to infer internal network behavior from point-to-point measurements? • introduce correlation • exploit correlation

  8. Network Tomography: II Goal: obtain detailed picture of end-end behavior from internal views • network design From internal observations, infer • end-end application-level behavior • traffic flows • workload characterization

  9. Traffic Analysis Many applications have well known protocol/port (in packet header) 21 - ftp, 23 - telnet, 80 - http Some dynamically select ports napster games denial of service attack

  10. Ftp Traffic courtesy of kc claffy@CAIDA

  11. Napster: until recently courtesy of kc claffy@CAIDA

  12. user 1 napster server trace collector user 2 Challenges • application signatures • napster • signaling/data transfer pattern? • games • denial of service attack signatures

  13. observations internal end-end views internal end-end Summary • theory needed to make this happen • correlation, correlation! • scalability, scalability! • robustness, robustness! Work with a networking specialist

More Related