4,425 research outputs found
CC-Fuzz: Genetic algorithm-based fuzzing for stress testing congestion control algorithms
Congestion control research has experienced a significant increase in
interest in the past few years, with many purpose-built algorithms being
designed with the needs of specific applications in mind. These algorithms
undergo limited testing before being deployed on the Internet, where they
interact with other congestion control algorithms and run across a variety of
network conditions. This often results in unforeseen performance issues in the
wild due to algorithmic inadequacies or implementation bugs, and these issues
are often hard to identify since packet traces are not available.
In this paper, we present CC-Fuzz, an automated congestion control testing
framework that uses a genetic search algorithm in order to stress test
congestion control algorithms by generating adversarial network traces and
traffic patterns. Initial results using this approach are promising - CC-Fuzz
automatically found a bug in BBR that causes it to stall permanently, and is
able to automatically discover the well-known low-rate TCP attack, among other
things.Comment: This version was submitted to Hotnets 202
Don't Repeat Yourself: Seamless Execution and Analysis of Extensive Network Experiments
This paper presents MACI, the first bespoke framework for the management, the
scalable execution, and the interactive analysis of a large number of network
experiments. Driven by the desire to avoid repetitive implementation of just a
few scripts for the execution and analysis of experiments, MACI emerged as a
generic framework for network experiments that significantly increases
efficiency and ensures reproducibility. To this end, MACI incorporates and
integrates established simulators and analysis tools to foster rapid but
systematic network experiments.
We found MACI indispensable in all phases of the research and development
process of various communication systems, such as i) an extensive DASH video
streaming study, ii) the systematic development and improvement of Multipath
TCP schedulers, and iii) research on a distributed topology graph pattern
matching algorithm. With this work, we make MACI publicly available to the
research community to advance efficient and reproducible network experiments
Analysis and Automated Discovery of Attacks in Transport Protocols
Transport protocols like TCP and QUIC are a crucial component of today’s Internet, underlying services as diverse as email, file transfer, web browsing, video conferencing, and instant messaging as well as infrastructure protocols like BGP and secure network protocols like TLS. Transport protocols provide a variety of important guarantees like reliability, in-order delivery, and congestion control to applications. As a result, the design and implementation of transport protocols is complex, with many components, special cases, interacting features, and efficiency considerations, leading to a high probability of bugs. Unfortunately, today the testing of transport protocols is mainly a manual, ad-hoc process. This lack of systematic testing has resulted in a steady stream of attacks compromising the availability, performance, or security of transport protocols, as seen in the literature. Given the importance of these protocols, we believe that there is a need for the development of automated systems to identify complex attacks in implementations of these protocols and for a better understanding of the types of attacks that will be faced by next generation transport protocols. In this dissertation, we focus on improving this situation, and the security of transport protocols, in three ways. First, we develop a system to automatically search for attacks that target the availability or performance of protocol connections on real transport protocol implementations. Second, we implement a model-based system to search for attacks against implementations of TCP congestion control. Finally, we examine QUIC, Google’s next generation encrypted transport protocol, and identify attacks on availability and performance
Validation of simulated real world TCP stacks
The TCP models in ns-2 have been validated and are widely used in network research. They are however not aimed at producing results consistent with a TCP implementation, they are rather designed to be a general model for TCP congestion control. The Network Simulation Cradle makes real world TCP implementations available to ns-2: Linux, FreeBSD and OpenBSD can all be simulated as easily as using the original simplified models. These simulated TCP implementations can be validated by directly comparing packet traces from simulations to traces measured from a real network. We describe the Network Simulation Cradle, present packet trace comparison results showing the high degree of accuracy possible when simulating with real TCP implementations and briefly show how this is reflected in a simulation study of TCP throughput
- …