credit-based network management
TRANSCRIPT
OutlineThe problem of Network ManagementThe Idea of Credit-based Network ManagementAn Implementation in Campus NetworkConclusions
Network management headachesWidespread security problemsDDoS attacksAddress spoofing, misconfigurationUnwanted trafficPoor QoSProblems brought up by new technologiesP2P, Wireless, mobility, IPv6
Behavioral problemsVery few real malicious guysA few youngsters try to be hackersMost problems caused by carelessness, exploited by other hackersLet’s consider a couple of common examples
DHCP SpoofingIn many networks, users get IP addresses from a DHCP serviceAn invalid DHCP server will cause problems to an entire LANE.g. some WLAN router enables DHCP service, which causes problem to the LAN it is connected to
DHCP RequestDHCP Request
10.1.1.1
Invalid DHCP ReplyInvalid DHCP Reply
aa-aa-aa-aa-aa-aa
10.1.1.3cc-cc-cc-cc-cc-cc dd-dd-dd-dd-dd-dd
XX
DHCP ReplyDHCP Reply
DHCP Server10.1.1.2bb-bb-bb-bb-bb-bb
ARP SpoofingIn an IP/Ethernet network, both hosts and routers use ARP protocol to map IP to physical addressesIt is easy for someone to spoof ARP replies, causing problems to some hosts or the entire LAN.
AIP:10.0.0.1
MAC:aa-aa-aa-aa-aa-aa
BIP:10.0.0.2
MAC:bb-bb-bb-bb-bb-bb
HackerIP:10.0.0.3
MAC:cc-cc-cc-cc-cc-cc
switch
IP MAC
10.0.0.2 bb-bb-bb-bb-bb-bb
ARP cache
IP MAC
10.0.0.1 aa-aa-aa-aa-aa-aa
ARP cache
Spoofed ARP replyIP:10.0.0.2
MAC:cc-cc-cc-cc-cc-ccS
poof
ed A
RP
repl
yIP
:10.
0.0.
2M
AC
:cc-
cc-c
c-cc
-cc-
cc
Spoofed ARP replyIP:10.0.0.2
MAC:cc-cc-cc-cc-cc-cc
AIP:10.0.0.1
MAC:aa-aa-aa-aa-aa-aa
BIP:10.0.0.2
MAC:bb-bb-bb-bb-bb-bb
HackerIP:10.0.0.3
MAC:cc-cc-cc-cc-cc-cc
switch
IP MAC
10.0.0.2 cc-cc-cc-cc-cc-cc
ARP cache
IP MAC
10.0.0.1 aa-aa-aa-aa-aa-aa
ARP cache
A’s cache is poisoned
AIP:10.0.0.1
MAC:aa-aa-aa-aa-aa-aa
BIP:10.0.0.2
MAC:bb-bb-bb-bb-bb-bb
HackerIP:10.0.0.3
MAC:cc-cc-cc-cc-cc-cc
switch
To: cc-cc-cc-cc-cc-ccSpoofed ARP reply
IP:1.2.3.4MAC:aa-aa-aa-aa-aa-aa
Spoo
fed
ARP
repl
yIP
:1.2
.3.4
MAC
:aa-
aa-a
a-aa
-aa-
aa
The switch will then think that aa-aa-aa-aa-aa-aa is
connected at this port
Rooted in network architectureOpen accessFavoring easy application developmentAllow/support anonymous access (privacy)Best-effort serviceDecentralized management for extensibilityManaged by many ISPsCooperate on “connectivity”Lack of cooperation on management
Current management practiceFocus is on infrastructure managementSetting up routers, access points, name service, email, web servers, routing policiesMonitoring network resources for reliabilitySetting up local security (e.g. user accounts) to protect usage of local resourcesResponding to security problems
Behavioral managementInternet is another human societyBehavioral problems can be dealt with using law enforcementToo heavy-weight for many scenariosCurrent practice is mostly passiveFilters, firewalls…Is there a middle ground – a light-weight approach to behavioral management?
What kind of mechanisms?Should be simple to implementShould have positive influence on user behavior, and effects should be cumulativeShould not negatively impact normal operationShould benefit both the ISPs as well as usersApply credit ratings to users and ISPs
Concrete examplesManaging a campus network:Allocate management resources according to user classificationAssign credit rating to users, and adjust service levels according to credit ratingsManaging peering relationshipsMonitor unwanted trafficMonitor QoS
General case – cascading effect
Backbone Access Net UserBehaviorassessment
ServiceassessmentSP
PeerBehaviorassessment
Thirdparty
Framework
Network behavioral measurementSPAM Virus DoSHijacking
Credit assessment and managementRecording Computing reportingAnalysis
Credit-based service differentiationServices Priority chargeSpeed limit
MethodologyCredit rating methods in financial scenariosUser classification methodologies based on machine learningNeed to consider structural/physical grouping, for ease of incentive applicationReputation and incentive mechanisms in social networks
Other considerationsReward good behaviorPunish bad behavior, but allow recoveringManual control (VIPs, over-rides)?Global cooperation, e.g. Sharing of credit informationStandardized credit ratings
Case study – a campus networkBehavioral problems increasing2006 and 2007 data on campus2006年处理案例分析图
20%
19%
2%55%
4%
Network Failure Connection Failure
System Failure User Problem
Other
2007年度处理案例分析图
13%
19%
2%63%
3%
Network Failure Connection Failure
System Failure User Problem
Other
Management difficultiesLarge user base (>50K), mobilityLimited manpower for network adminNew types of problems requirement more time and man powerCost for behavioral management is much higher than that of physical devices
User classificationAfter classification using selected attributes:Male undergraduates (especially 1st yr, or 4th yr)Specific departmentsFocused monitoring saves management resources
Physical attributesPhysical groupingStudents can be grouped by dorm buildingThey belong to same subnetsSignificant concentration with such groupingEase of management based on physical groupingUpdate equipment to prevent ARP spoofing first applied to more “dangerous” networks
Personal credit ratingRepeat problematic users7.1% of problematic users are repeat usersThey cause 14.3% of problemsThe distribution of such users is randomNeed targeted treatment
Experimental credit rating systemCredit rating valuesMinimum is 0; maximum is 100; >50 acceptableInitialization of credit ratingGenerously initialize (almost) all to 60Rating adjustmentsFirst offense: deduct 10*wDeduction for more offense = past*0.5 +10*wIncrement credit rating by 1 each month
Experimental resultsOver span of 1.5 years, the fluctuation of problem users and credit adjustments: