Inférence active de la neutralité des réseaux / Active inference of network neutrality

Ravaioli, Riccardo

13 July 2016

Durant la dernière décennie, des FAI ont été accusés de discriminer certainstypes de trafic utilisateur générés par des applications gourmandes en bandepassante (peer-to-peer, streaming vidéo) ou par des services concurrents(Voice-over-IP). La neutralité des réseaux, un principe selon lequel un réseaudevrait traiter tous les paquets entrants de la même manière, a été largementdébattue. Dans cette thèse, nous présentons ChkDiff, un nouvel outil pour ladétection de la différentiation du trafic dans le réseau d'accès. Contrairementaux travaux existants, notre méthode est agnostique à la fois vis-à-vis desapplications testées et des mécanismes de shaping déployés. ChkDiff comprenddeux phases dans lesquelles nous testons séparément le trafic montant etdescendant capturé auparavant dans la machine de l'utilisateur. Dans ladirection montante, ChkDiff rejoue le trafic sortant de la machine del'utilisateur avec une valeur TTL modifiée afin de pouvoir tester les routeursaux premiers sauts. En comparant les délais et les pertes des paquets des fluxqui ont traversé les mêmes routeurs et en analysant les résultats sur latopologie des routeurs traversés, nous montrons que nous pouvons détecter lescas de différentiation et localiser les shapers. Notre étude sur la réactivité desrouteurs aux sondes avec TTL limité consolide notre choix de mesures dansl'expérimentation sur le trafic montant. Dans la direction descendante, nousrejouons le trafic entrant dans la machine de l'utilisateur à partir d'un serveurde mesure et analysons pour chaque flux les délais unidirectionnels et lespertes, tout en tenant compte la possibilité de trajets multiples entre le serveuret l’utilisateur. Le long des chapitres de cette thèse, nous fournissons unedescription détaillée de notre méthodologie et une validation de notre outil. / In the last decade, some ISPs have been reported to discriminate againstspecific user traffic, especially if generated by bandwidth-hungry applications(e.g., peer-to-peer, video streaming) or competing services (e.g. Voice-over-IP).Network neutrality, a design principle according to which a network shouldtreat all incoming packets equally, has been widely debated ever since. In thisthesis we present ChkDiff, a novel tool for the detection of trafficdifferentiation at the Internet access. In contrast to existing work, our methodis agnostic to both the applications being tested and the shaping mechanismsdeployed by an ISP. The experiment comprises two parts, in which we check fordifferentiation separately on upstream and downstream traffic that wepreviously dump directly from the user. In the upstream direction, ChkDiffreplays the user's outgoing traffic with a modified TTL value in order to checkfor differentiation on routers at the first few hops from the user. By comparingthe resulting delays and losses of flows that traversed the same routers, andanalyzing the behaviour on the immediate router topology spawning from theuser end point, we manage to detect instances of traffic shaping and attempt tolocalize shapers. Our study on the responsiveness of routers to TTL-limitedprobes consolidates our choice of measurements in the upstream experiment.In the downstream experiment, we replay the user's incoming traffic from ameasurement server and analyze per-flow one-way delays and losses, whiletaking into account the possibility of multiple paths between the two endpoints.Along the chapters of this thesis, we provide a detailed description of ourmethodology and a validation of our tool.

Neutralité des réseaux

Mesures

Réseaux

Network neutrality

Internet measurements

Networks

Algorithms for Large-Scale Internet Measurements

Leonard, Derek Anthony

2010 December 1900

As the Internet has grown in size and importance to society, it has become increasingly difficult to generate global metrics of interest that can be used to verify proposed algorithms or monitor performance. This dissertation tackles the problem by proposing several novel algorithms designed to perform Internet-wide measurements using existing or inexpensive resources. We initially address distance estimation in the Internet, which is used by many distributed applications. We propose a new end-to-end measurement framework called Turbo King (T-King) that uses the existing DNS infrastructure and, when compared to its predecessor King, obtains delay samples without bias in the presence of distant authoritative servers and forwarders, consumes half the bandwidth, and reduces the impact on caches at remote servers by several orders of magnitude. Motivated by recent interest in the literature and our need to find remote DNS nameservers, we next address Internet-wide service discovery by developing IRLscanner, whose main design objectives have been to maximize politeness at remote networks, allow scanning rates that achieve coverage of the Internet in minutes/hours (rather than weeks/months), and significantly reduce administrator complaints. Using IRLscanner and 24-hour scan durations, we perform 20 Internet-wide experiments using 6 different protocols (i.e., DNS, HTTP, SMTP, EPMAP, ICMP and UDP ECHO). We analyze the feedback generated and suggest novel approaches for reducing the amount of blowback during similar studies, which should enable researchers to collect valuable experimental data in the future with significantly fewer hurdles. We finally turn our attention to Intrusion Detection Systems (IDS), which are often tasked with detecting scans and preventing them; however, it is currently unknown how likely an IDS is to detect a given Internet-wide scan pattern and whether there exist sufficiently fast stealth techniques that can remain virtually undetectable at large-scale. To address these questions, we propose a novel model for the windowexpiration rules of popular IDS tools (i.e., Snort and Bro), derive the probability that existing scan patterns (i.e., uniform and sequential) are detected by each of these tools, and prove the existence of stealth-optimal patterns.

Distance Estimation

Horizontal Scanning

Service Discovery

Intrusion Detection Systems

Internet Measurements

Can web-based statistic services be trusted? / Kan man lita på webb-baserade statistiktjänster?

Birkestedt, Sara, Hansson, Andreas

January 2004

A large number of statistic services exist today, which shows that there is a great interest in knowing more about the visitors on a web site. But how reliable is the result the services are giving? The hypothesis examined in the thesis is: Web-based statistic services do not show an accurate result The purpose of the thesis is to find out how accurate the web-based statistic services are regarding unique visitors and number of pages viewed. Our hope is that this thesis will bring more knowledge about the different statistic services that exists today and the problems surrounding them. We will also draw attention to the importance of knowing how your statistic software works to be able to interpret the results correctly. To investigate this, we chose to do practical tests on a selection of web-based statistic services. The services registered the traffic from the same web site during a test period. During the same period a control program registered the same things and stored the result in a database. In addition to the test, we have done an interview with a person working with web statistics. The investigation showed that there are big differences between the results from the web-based statistic services in the test and that none of them showed an accurate result, neither for the total number of page views nor unique visitors. This led us to the conclusion that web-based statistic services do not show an accurate result, which verifies our hypothesis. Also the interview confirmed that there is a problem with measuring web statistics. / Ett stort antal statistiksystem existerar idag för att ta reda på information om besökare på webbplatser. Men hur pålitliga är egentligen dessa tjänster? Syftet med uppsatsen är att ta reda på hur pålitliga de är när det gäller att visa antal unika besökare och totalt antal sidvisningar. Hypotesen vi har formulerat är: Webb-baserade statistiksystem visar inte ett korrekt resultat. För att testa detta har vi gjort praktiska tester av fem olika webb-baserade statistiktjänster som användes på samma webbplats under samma period. Informationen som dessa tjänster registrerade lagrade vi i en databas, samtidigt som vi använde ett eget kontrollprogram för att mäta samma uppgifter. Vi har också genomfört en intervju med en person som arbetar med webbstatistik på ett webbföretag. Undersökningen visar att resultatet mellan de olika tjänsterna skiljer sig mycket, både jämfört med varandra och med kontrollprogrammet. Detta gällde både antal sidvisningar och unika besökare. Detta leder till slutsatsen att systemen inte visar korrekta uppgifter, vilket gör att vi kan verifiera vår hypotes. Även intervjun som utfördes visade på de problem som finns med att mäta besökarstatistik.

Web statistics

Internet measurements

Web metrics

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

Myspeedtest: active and passive measurements of cellular data networks

Muckaden, Sachit

09 April 2013

As the number and diversity of applications available to mobile users increases, there is an increasing need for developers, network service providers, and users to understand how users perceive the network performance of these applications. MySpeedTest is a measurement tool that actively probes the network to determine not only TCP throughput and round trip time, but also the proximity to popular content providers, IP packet delay variation, and loss. It also records other metadata that could affect user experience, such as signal strength, service provider, connection type, battery state, device type, manufacturer, time of day, and location. The tool also takes passive measurements of the applications installed on the device and the network usage of these applications. My SpeedTest is available on the Google Play Store and currently has 1300+ active users. This thesis presents the design and implementation of MySpeedTest as well as effect of metrics like latency and IP packet delay variation on performance.

Android

Internet measurements

Mobile measurements

Cellular data networks

Cellular

Computer networks

Cell phones

Application software

Web applications

Disruption-free routing convergence : computing minimal link-state update sequences / Convergence du routage sans perturbation : calcul de séquences minimales de mises à jour d’états des liens

Clad, François

22 September 2014

Avec le développement des applications temps-réel sur Internet, telles que la télévision, la voix sur IP et les jeux en ligne, les fournisseurs d'accès à Internet doivent faire face à des contraintes de plus en plus fortes quant aux performances de leurs services. Cependant, après chaque changement topologique, les protocoles de routage à état des liens, utilisés dans les réseaux de cœur de ces opérateurs, entrent dans une période de convergence durant laquelle des boucles de routage peuvent apparaître. Ce phénomène dégrade les performances du réseau (latence, congestions, pertes de paquets) et peut durer plusieurs secondes. Dans le cadre de cette thèse, nous proposons de nouvelles solutions permettant de prévenir ces perturbations dans le cas de reconfigurations sur un lien ou un routeur. Notre approche a pour particularité de ne reposer que sur les mécanismes de base des protocoles de routage à état des liens, et d’être ainsi déployable de manière incrémentale dans n’importe quel réseau. Intuitivement, il s’agit de contrôler implicitement l’ordre de mise à jour des routeurs, à travers une modification progressive du poids d’un sous-ensemble de liens. Par exemple, l’augmentation du poids d’un lien aura pour effet de forcer les routeurs les plus éloignés de ce composant à se mettre à jour avant les routeurs plus proches. En adaptant finement l’amplitude de tels changements, il est alors possible de répartir la mise à jour de routeurs potentiellement impliqués dans une boucle sur plusieurs étapes. Cette opération peut ensuite être répétée jusqu’à ce que le composant ne soit plus utilisé pour acheminer des données dans le réseau, permettant un retrait sans impact sur le routage. / The use of real time media or mission critical applications over IP networks is making strong pressure on service providers to operate disruption free networks. However, after any topological change, link-state Interior Gateway Protocols (IGPs), such as IS-IS or OSPF, enter a convergence phase during which transient forwarding loops may occur. Such loops increase the network latency and cause packet losses for several seconds. In this thesis, we propose and evaluate innovative solutions to prevent these perturbations in case a planned modification on a link or a router. Our approach only relies on core functionalities of link-state routing protocols, thus being incrementally deployable in any network. Intuitively, it consists in implicitly controlling the routers update order through successive IGP weight reconfigurations on a subset of links. For example, progressively increasing the weight of a link forces farthest routers to update their routes first, before closest ones. Hence, finely tuning such changes may allow to spread the update of routers potentially implied in a loop across multiple steps. This operation can be repeated until the component to be removed is no longer used to forward traffic in the network, thus allowing its removal with no impact on the routing decisions.

Routage IP

Théorie des graphes

Boucles de routage

Mesures sur Internet

IP routing

Graph theory

Routing loops

Internet measurements

004.6

511.5