14,614 research outputs found
A Multi-perspective Analysis of Carrier-Grade NAT Deployment
As ISPs face IPv4 address scarcity they increasingly turn to network address
translation (NAT) to accommodate the address needs of their customers.
Recently, ISPs have moved beyond employing NATs only directly at individual
customers and instead begun deploying Carrier-Grade NATs (CGNs) to apply
address translation to many independent and disparate endpoints spanning
physical locations, a phenomenon that so far has received little in the way of
empirical assessment. In this work we present a broad and systematic study of
the deployment and behavior of these middleboxes. We develop a methodology to
detect the existence of hosts behind CGNs by extracting non-routable IP
addresses from peer lists we obtain by crawling the BitTorrent DHT. We
complement this approach with improvements to our Netalyzr troubleshooting
service, enabling us to determine a range of indicators of CGN presence as well
as detailed insights into key properties of CGNs. Combining the two data
sources we illustrate the scope of CGN deployment on today's Internet, and
report on characteristics of commonly deployed CGNs and their effect on end
users
Network Traffic Measurements, Applications to Internet Services and Security
The Internet has become along the years a pervasive network interconnecting billions of users and is now playing the role of collector for a multitude of tasks, ranging from professional activities to personal interactions. From a technical standpoint, novel architectures, e.g., cloud-based services and content delivery networks, innovative devices, e.g., smartphones and connected wearables, and security threats, e.g., DDoS attacks, are posing new challenges in understanding network dynamics.
In such complex scenario, network measurements play a central role to guide traffic management, improve network design, and evaluate application requirements. In addition, increasing importance is devoted to the quality of experience provided to final users, which requires thorough investigations on both the transport network and the design of Internet services.
In this thesis, we stress the importance of users’ centrality by focusing on the traffic they exchange with the network. To do so, we design methodologies complementing passive and active measurements, as well as post-processing techniques belonging to the machine learning and statistics domains. Traffic exchanged by Internet users can be classified in three macro-groups: (i) Outbound, produced by users’ devices and pushed to the network; (ii) unsolicited, part of malicious attacks threatening users’ security; and (iii) inbound, directed to users’ devices and retrieved from remote servers. For each of the above categories, we address specific research topics consisting in the benchmarking of personal cloud storage services, the automatic identification of Internet threats, and the assessment of quality of experience in the Web domain, respectively.
Results comprise several contributions in the scope of each research topic. In short, they shed light on (i) the interplay among design choices of cloud storage services, which severely impact the performance provided to end users; (ii) the feasibility of designing a general purpose classifier to detect malicious attacks, without chasing threat specificities; and (iii) the relevance of appropriate means to evaluate the perceived quality of Web pages delivery, strengthening the need of users’ feedbacks for a factual assessment
Informing protocol design through crowdsourcing measurements
MenciĂłn Internacional en el tĂtulo de doctorMiddleboxes, such as proxies, firewalls and NATs play an important role in the modern Internet
ecosystem. On one hand, they perform advanced functions, e.g. traffic shaping, security or enhancing application
performance. On the other hand, they turn the Internet into a hostile ecosystem for innovation,
as they limit the deviation from deployed protocols. It is therefore essential, when designing a new protocol,
to first understand its interaction with the elements of the path. The emerging area of crowdsourcing
solutions can help to shed light on this issue. Such approach allows us to reach large and different sets of
users and also different types of devices and networks to perform Internet measurements. In this thesis,
we show how to make informed protocol design choices by expanding the traditional crowdsourcing focus
from the human element and using crowdsourcing large scale measurement platforms.
We consider specific use cases, namely the case of pervasive encryption in the modern Internet, TCP
Fast Open and ECN++. We consider such use cases to advance the global understanding on whether wide
adoption of encryption is possible in today’s Internet or the adoption of encryption is necessary to guarantee
the proper functioning of HTTP/2. We target ECN and particularly ECN++, given its succession of
deployment problems. We then measured ECN deployment over mobile as well as fixed networks. In the
process, we discovered some bad news for the base ECN protocol—more than half the mobile carriers we
tested wipe the ECN field at the first upstream hop. This thesis also reports the good news that, wherever
ECN gets through, we found no deployment problems for the ECN++ enhancement. The thesis includes
the results of other more in-depth tests to check whether servers that claim to support ECN, actually respond
correctly to explicit congestion feedback, including some surprising congestion behaviour unrelated
to ECN.
This thesis also explores the possible causes that ossify the modern Internet and make difficult the
advancement of the innovation. Network Address Translators (NATs) are a commonplace in the Internet
nowadays. It is fair to say that most of the residential and mobile users are connected to the Internet
through one or more NATs. As any other technology, NAT presents upsides and downsides. Probably the
most acknowledged downside of the NAT technology is that it introduces additional difficulties for some
applications such as peer-to-peer applications, gaming and others to function properly. This is partially
due to the nature of the NAT technology but also due to the diversity of behaviors of the different NAT implementations
deployed in the Internet. Understanding the properties of the currently deployed NAT base
provides useful input for application and protocol developers regarding what to expect when deploying
new application in the Internet. We develop NATwatcher, a tool to test NAT boxes using a crowdsourcingbased
measurement methodology.
We also perform large scale active measurement campaigns to detect CGNs in fixed broadband networks
using NAT Revelio, a tool we have developed and validated. Revelio enables us to actively determine from within residential networks the type of upstream network address translation, namely NAT
at the home gateway (customer-grade NAT) or NAT in the ISP (Carrier Grade NAT). We deploy Revelio
in the FCC Measuring Broadband America testbed operated by SamKnows and also in the RIPE Atlas
testbed.
A part of this thesis focuses on characterizing CGNs in Mobile Network Operators (MNOs). We develop
a measuring tool, called CGNWatcher that executes a number of active tests to fully characterize CGN
deployments in MNOs. The CGNWatcher tool systematically tests more than 30 behavioural requirements
of NATs defined by the Internet Engineering Task Force (IETF) and also multiple CGN behavioural metrics.
We deploy CGNWatcher in MONROE and performed large measurement campaigns to characterize the
real CGN deployments of the MNOs serving the MONROE nodes.
We perform a large measurement campaign using the tools described above, recruiting over 6,000 users,
from 65 different countries and over 280 ISPs. We validate our results with the ISPs at the IP level and,
reported to the ground truth we collected. To the best of our knowledge, this represents the largest active
measurement study of (confirmed) NAT or CGN deployments at the IP level in fixed and mobile networks
to date.
As part of the thesis, we characterize roaming across Europe. The goal of the experiment was to try to
understand if the MNO changes CGN while roaming, for this reason, we run a series of measurements that
enable us to identify the roaming setup, infer the network configuration for the 16 MNOs that we measure
and quantify the end-user performance for the roaming configurations which we detect. We build a unique
roaming measurement platform deployed in six countries across Europe. Using this platform, we measure
different aspects of international roaming in 3G and 4G networks, including mobile network configuration,
performance characteristics, and content discrimination. We find that operators adopt common approaches
to implementing roaming, resulting in additional latency penalties of 60 ms or more, depending on geographical
distance. Considering content accessibility, roaming poses additional constraints that leads to
only minimal deviations when accessing content in the original country. However, geographical restrictions
in the visited country make the picture more complicated and less intuitive.
Results included in this thesis would provide useful input for application, protocol designers, ISPs and
researchers that aim to make their applications and protocols to work across the modern Internet.Programa de Doctorado en IngenierĂa Telemática por la Universidad Carlos III de MadridPresidente: Gonzalo Camarillo González.- Secretario: MarĂa Carmen Guerrero LĂłpez.- Vocal: AndrĂ©s GarcĂa Saavedr
Migrating the Internet to IPv6: An Exploration of the When and Why
The paper documents and to some extent elucidates the progress of IPv6 across major Internet stakeholders since its introduction in the mid 90’s. IPv6 offered an early solution to a well-understood and well-documented problem IPv4 was expected to encounter. In spite of early standardization and awareness of the issue, the Internet’s march to IPv6 has been anything but smooth, even if recent data point to an improvement. The paper documents this progression for several key Internet stakeholders using available measurement data, and identifies changes in the IPv6 ecosystem that may be in part responsible for how it has unfolded. The paper also develops a stylized model of IPv6 adoption across those stakeholders, and validates its qualitative predictive ability by comparing it to measurement data
Remote capacitive sensing in two-dimension quantum-dot arrays
We investigate gate-defined quantum dots in silicon on insulator nanowire
field-effect transistors fabricated using a foundry-compatible fully-depleted
silicon-on-insulator (FD-SOI) process. A series of split gates wrapped over the
silicon nanowire naturally produces a bilinear array of quantum
dots along a single nanowire. We begin by studying the capacitive coupling of
quantum dots within such a 22 array, and then show how such couplings
can be extended across two parallel silicon nanowires coupled together by
shared, electrically isolated, 'floating' electrodes. With one quantum dot
operating as a single-electron-box sensor, the floating gate serves to enhance
the charge sensitivity range, enabling it to detect charge state transitions in
a separate silicon nanowire. By comparing measurements from multiple devices we
illustrate the impact of the floating gate by quantifying both the charge
sensitivity decay as a function of dot-sensor separation and configuration
within the dual-nanowire structure.Comment: 9 pages, 3 figures, 35 cites and supplementar
Recommended from our members
Oncogenic R132 IDH1 Mutations Limit NADPH for De Novo Lipogenesis through (D)2-Hydroxyglutarate Production in Fibrosarcoma Sells.
Neomorphic mutations in NADP-dependent isocitrate dehydrogenases (IDH1 and IDH2) contribute to tumorigenesis in several cancers. Although significant research has focused on the hypermethylation phenotypes associated with (D)2-hydroxyglutarate (D2HG) accumulation, the metabolic consequences of these mutations may also provide therapeutic opportunities. Here we apply flux-based approaches to genetically engineered cell lines with an endogenous IDH1 mutation to examine the metabolic impacts of increased D2HG production and altered IDH flux as a function of IDH1 mutation or expression. D2HG synthesis in IDH1-mutant cells consumes NADPH at rates similar to de novo lipogenesis. IDH1-mutant cells exhibit increased dependence on exogenous lipid sources for in vitro growth, as removal of medium lipids slows growth more dramatically in IDH1-mutant cells compared with those expressing wild-type or enzymatically inactive alleles. NADPH regeneration may be limiting for lipogenesis and potentially redox homeostasis in IDH1-mutant cells, highlighting critical links between cellular biosynthesis and redox metabolism
Quantum Metropolitan Optical Network based on Wavelength Division Multiplexing
Quantum Key Distribution (QKD) is maturing quickly. However, the current
approaches to its application in optical networks make it an expensive
technology. QKD networks deployed to date are designed as a collection of
point-to-point, dedicated QKD links where non-neighboring nodes communicate
using the trusted repeater paradigm. We propose a novel optical network model
in which QKD systems share the communication infrastructure by wavelength
multiplexing their quantum and classical signals. The routing is done using
optical components within a metropolitan area which allows for a dynamically
any-to-any communication scheme. Moreover, it resembles a commercial telecom
network, takes advantage of existing infrastructure and utilizes commercial
components, allowing for an easy, cost-effective and reliable deployment.Comment: 23 pages, 8 figure
- …