Effective techniques for detecting and locating traffic differentiation in the internet

Orientador: Elias P. Duarte Jr.Coorientador: Luis C. E. BonaTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa : Curitiba, 24/09/2019Inclui referências: p. 115-126Área de concentração: Ciência da ComputaçãoResumo: A Neutralidade da Rede torna-se cada vez mais relevante conforme se intensifica o debate global e diversos governos implementam regulações. Este princípio diz que todo tráfego deve ser processado sem diferenciação, independentemente da origem, destino e/ou conteúdo. Práticas de diferenciação de tráfego (DT) devem ser transparentes, independentemente de regulações, pois afetam significativamente usuários finais. Assim, é essencial monitorar DT na Internet. Várias soluções já foram propostas para detectar DT. Essas soluções baseiam-se em medições de rede e inferência estatística. Porém, existem desafios em aberto. Esta tese tem três objetivos principais: (i) consolidar o estado da arte referente ao problema de detectar DT; (ii) investigar a DT em contextos ainda não explorados, especificamente a Internet das Coisas (IoT); e (iii) propor novas soluções para detecção de DT que solucionem alguns dos desafios em aberto, em particular localizar a fonte de DT. Primeiramente descrevemos o atual estado da arte, incluindo várias soluções de detecção de DT. Também propomos uma taxonomia para os diferentes tipos de DT e de detecção, e identificamos desafios em aberto. Em seguida, avaliamos o impacto da DT na IoT, simulando DT de diferentes padrões de tráfego IoT. Resultados mostram que mesmo uma priorização pequena pode ter um impacto significativo no desempenho de dispositivos de IoT. Propomos então uma solução para detectar DT na Internet, que baseia-se em uma nova estratégia que combina diversas métricas para detectar tipos diferente de DT. Resultados de simulação mostram que esta estratégia é capaz de detectar DT em diversas situações. Em seguida, propomos um modelo geral para monitoramento contínuo de DT na Internet, que se propõe a unificar as soluções atuais e futuras de detecção de DT, ao mesmo tempo que tira proveito de tecnologias atuais e emergentes. Neste contexto, uma nova solução para identificar a fonte de DT na Internet é proposta. O objetivo desta proposta é tanto viabilizar a implementação do nosso modelo geral quanto solucionar o problema de localizar DT. A proposta tira proveito de propriedades de roteamento da Internet para identificar em qual Sistema Autônomo (AS) DT acontece. Medições de vários pontos de vista são combinadas, e a fonte de DT é inferida com base nos caminhos em nível de AS entre os pontos de medição. Para avaliar esta proposta, primeiramente executamos experimentos para confirmar que rotas na Internet realmente apresentam as propriedades requeridas. Diversas simulações foram então executadas para avaliar a eficiência da proposta de localização de DT. Resultados mostram que em diversas situações, efetuar medições a partir de poucos nodos no núcleo da Internet obtém resultados similares a efetuar medições a partir de muitos nodos na borda. Palavras-chave: Neutralidade da Rede, Diferenciação de Tráfego, Medição de Rede.Abstract: Network Neutrality is becoming increasingly important as the global debate intensifies and governments worldwide implement and withdraw regulations. According to this principle, all traffic must be processed without differentiation, regardless of origin, destination and/or content. Traffic Differentiation (TD) practices should be transparent, regardless of regulations, since they can significantly affect end-users. It is thus essential to monitor TD in the Internet. Several solutions have been proposed to detect TD. These solutions are based on network measurements and statistical inference. However, there are still open challenges. This thesis has three main objectives: (i) to consolidate the state of the art regarding the problem of detecting TD; (ii) to investigate TD on contexts not yet explored, in particular the Internet of Things (IoT); and (iii) to propose new solutions regarding TD detection that address open challenges, in particular locating the source of TD. We first describe the current state of the art, including a description of multiple solutions for detecting TD. We also propose a taxonomy for the different types of TD and the different types of detection, and identify open challenges. Then, we evaluate the impact of TD on IoT, by simulating TD on different IoT traffic patterns. Results show that even a small prioritization may have a significant impact on the performance of IoT devices. Next, we propose a solution for detecting TD in the Internet. This solution relies on a new strategy of combining several metrics to detect different types of TD. Simulation results show that this strategy is capable of detecting TD under several conditions. We then propose a general model for continuously monitoring TD on the Internet, which aims at unifying current and future TD detection solutions, while taking advantage of current and emerging technologies. In this context, a new solution for locating the source of TD in the Internet is proposed. The goal of this proposal is to both enable the implementation of our general model and address the problem of locating TD. The proposal takes advantage of properties of Internet peering to identify in which Autonomous System (AS) TD occurs. Probes from multiple vantage points are combined, and the source of TD is inferred based on the AS-level routes between the measurement points. To evaluate this proposal, we first ran several experiments to confirm that indeed Internet routes do present the required properties. Then, several simulations were performed to assess the efficiency of the proposal for locating TD. The results show that for several different scenarios issuing probes from a few end-hosts in core Internet ASes achieves similar results than from numerous end-hosts on the edge. Keywords: Network Neutrality, Traffic Differentiation, Network Measurement

Testing for Traffic Differentiation with ChkDiff: The Downstream Case

International audienceIn the past decade it has been found that some Internet operators offer degraded service to selected user traffic by applying various differentiation techniques. If from a legal point of view many countries have discussed and approved laws in favor of Internet neutrality, confirmation with measuring tools for even an experienced user remains hard in practice. In this paper we extend and complete our tool ChkDiff, previously presented for the upstream case, by checking for shaping also on the user’s downstream traffic. After attempting to localize shapers at the access ISP on upstream traffic, we replay downstream traffic from a measurement server and analyze per-flow one-way delays and losses, while taking into account the possibility of multiple paths between the two endpoints. As opposed to other proposals in the literature, our methodology does not depend on any specific Internet application a user might want to test and it is robust to evolving differentiation techniques that alter delays or induce losses. We provide here a detailed description of the downstream tool and a validation in the wild for wired, wireless and 3G connections

A Study on the Characteristics of the Data Traffic of Online Social Networks

In the past few years, we have witnessed a flourish of online social network sites (OSNs). In this kind of websites, the users are not only information consumers, but also actively upload contents of their own to the OSNs. Being sharply different from the conventional sites, OSNs have attracted many studies recently. These studies, however, mainly focus on the social behaviors within OSNs, e.g., the user-user interaction, and the distribution of the time users spend on certain OSNs, etc. There are much fewer studies on the characteristics of the traffic patterns of OSNs upon the Internet infrastructure, even though it is important for the ISPs and the OSNs alike. One major difficulty is that it is not easy to obtain data from the private ISP backbone routers. In this paper, we collect data from two backbone routers of China Telecom and present the traffic patterns of several OSNs from the angle of the network layer. As well, we also compare the OSN traffic with three types of traditional websites like forums, search engines and news websites. We find that the traffic pattern in network layer is quite intuitively similar as what we can see in the application layer: users are the most active in OSNs, and are slightly less active in forums, and they are the least active in News websites. Besides that, we also can see that the traffic pattern in search engines is quite different from the other three.Department of ComputingRefereed conference pape

Network Neutrality Inference

When can we reason about the neutrality of a network based on external observations? We prove conditions under which it is possible to (a) detect neutrality violations and (b) localize them to specific links, based on external observations. Our insight is that, when we make external observations from different vantage points, these will most likely be inconsistent with each other if the network is not neutral. Where existing tomographic techniques try to form solvable systems of equations to infer network properties, we try to form unsolvable systems that reveal neutrality violations. We present an algorithm that relies on this idea to identify sets of non-neutral links based on external observations, and we show, through network emulation, that it achieves good accuracy for a variety of network conditions

Seamless virtual network for international business continuity in presence of intentional blocks

東京電機大学201

Application-Aware Analysis of Network Neutrality: A Scalable Real-Time Method

Internet access subscribers expect a satisfying quality of experience for any accessed service, independently from time, place, and service- and content-type. Besides the everincreasing amount of Internet data, the spectrum of video service platforms offering sharing and streaming also got significantly more comprehensive. Internet access providers try to avoid the exhaustion of network bandwidth by investing in network capacity or setting up higher-level resource management within their infrastructure. The primary question in this domain is how resource management constrains the subscriber to access an arbitrary service and experience good service quality.This question directly relates to network neutrality fundamentals. This paper presents a real-time full-reference objective method to assess network neutrality. It contributes three novelties to support user-centric analysis of potential restraints affecting Internet access quality: i) the proposal supports application-specific measurements and involves real content and real traffic, ii) the measured traffic originates from the content provider’s cloud infrastructure, iii) reference is created in real time. Accordingly, the proposal introduces a novel measurement layout. The key component is the emulated client that provides the real-time reference by emulating the access properties of the real client and accessing the same content simultaneously. We demonstrate the method’s feasibility with an applicationaware proof-of-concept use case: video streaming from a public VoD provider. We have validated the method against the emulated network parameters using an extensive series of laboratory measurements

Fiscalização da neutralidade da rede e seu impacto na evolução da internet

Orientador : Prof. Dr. Elias P. Duarte Jr.Coorientadora : Profa. Dra. Leticia Mara PeresTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa: Curitiba, 15/12/2017Inclui referências : f. 174-202Área de concentração : Ciência da computaçãoResumo: Desde 2002 temos presenciado um longo e controverso debate mundial sobre a Neutralidade da Rede, tema que envolve aspectos políticos, legais, econômicos, sociais, éticos, técnicos e de competitividade e inovação. A diversidade de aspectos considerados em torno deste tema leva a pontos de convergência e de divergência de opiniões, de acordo com os interesses dos agentes envolvidos. A Neutralidade da Rede refere-se à Internet aberta, na qual os usuários podem transitar de acordo com a sua liberdade de escolha. Em linhas gerais, a Neutralidade da Rede significa que os provedores de Internet, denominados ISPs (Internet Service Providers) não podem bloquear, estrangular, ou priorizar o conteúdo que trafega em suas redes. E, ainda, a Neutralidade da Rede significa que o ISP só pode cobrar do usuário final uma única vez pelo acesso à sua rede, e não pode cobrar dos provedores de conteúdo pelo conteúdo que trafega na sua rede. Nesta mesma senda, encontra-se o problema da violação ou da quebra da Neutralidade da Rede. Em traços largos, pode-se afirmar que ao longo deste tempo em que perdura o debate, os ISPs têm apresentado as mais diversas formas de violar a Neutralidade da Rede. Estas violações são detectadas e relatadas por usuários finais, ou por organizações, ou por membros da comunidade técnico-científica. Esta comunidade tem criado e utilizado mecanismos computacionais para monitorar o tráfego da Internet. Estes mecanismos computacionais têm por finalidade detectar alguma violação ou inconformidade com os preceitos da Neutralidade da Rede. Dentre as violações efetuadas pelos ISPs encontram-se os bloqueios de acesso a conteúdos, aplicações e portas; o estrangulamento e a diferenciação de tráfego; a velocidade ofertada abaixo da velocidade mínima contratada; a degradação do desempenho da rede; a oferta do serviço chamado de taxa zero, que discrimina e prioriza o tráfego; além de outras. Os ISPs, notadamente opositores à Neutralidade da Rede, continuam exercendo pressão junto às agências reguladoras e junto a políticos, a fim de impedir, retardar ou, até mesmo, modificar normatizações já instituídas. Isto comprova a permanência do debate, sem qualquer demonstração de previsão temporal em curto prazo para solucioná-lo. Como resultado de pesquisa, esta tese contribui para os avanços na área com a descrição de esforços mundiais de normatização bem como com o relato de diversos estudos de caso de violações nos cinco continentes. Esta tese também descreve ferramentas e estratégias desenvolvidas para detectar algum tipo de violação à Neutralidade da Rede. Além disso, é apresentado um estudo preliminar sobre uma possível correlação entre a regulação da Neutralidade da Rede e a evolução da infraestrutura da Internet no mundo. E, ainda, com o objetivo de contribuir de forma específica com o avanço deste tema no Brasil, apresenta um panorama dos agentes envolvidos neste contexto e o papel de cada um. E, finalmente, foi criado o Observatório da Neutralidade da Rede como uma ferramenta de controle social, para todos os aspectos inerentes à Neutralidade da Rede, a ser utilizada pela sociedade brasileira. Palavras-chave: Detecção de Violação à Neutralidade da Rede; Regulação da Neutralidade da Rede; Observatório de Neutralidade da Rede; Ferramentas computacionais para a Neutralidade da Rede.Abstract: Since 2002 we have witnessed a long and controversial debate around Net Neutrality, a subject that encompasses multiple aspects, not only technical but also political, legal, economic, social, ethical, and also those related to competitiveness and innovation. The diversity of aspects around this subject raises opinions that both converge and diverge, according to the interests of the parts involved. Net Neutrality refers to an Open Internet that does not restrict users, enforcing their free choice. According to Net Neutrality principles, Internet Service Providers (ISP) cannot block, throttle or create fast tracks for any kind of pick traffic on their network. Furthermore, Net Neutrality means that an ISP is only allowed to charge end users once for the access to its network, and cannot charge content providers for making their content available. The Net Neutrality debate involves not only what is required/wanted but also the issue of Net Neutrality violations. It is possible to say that since the debate has started, ISPs have been shown to violate multiple Net Neutrality principles. Violations have been detected and reported by end users, or by organizations or by the technical community. This community has also devised strategies to monitor Internet traffic with the purpose of detecting violations or any type of non-compliance with the basic Net Neutrality principles. The ISP violations that have been reported include: blocking access to specific content, applications or ports; throttling and traffic discrimination; offering a network speed that is lower than the minimum speed agreed with the user; delivering low network performance; offering zero-rate services which discriminate and prioritize the traffic; among many others. ISPs, notably Net Neutrality opponents, continue to exert pressure on regulators and politicians to prevent, delay or even modify existing regulations. This proves that the debate has continued, without any hint that it will be solved in the short term. One of the contributions of this thesis is a comprehensive description of global regulatory efforts including several case studies of Net Neutrality violations that have occurred across the five continents. This thesis also presents a comprehensive survey of tools and strategies developed to detect Net Neutrality violations. In addition, a preliminary study is presented on a possible correlation between the establishment of Net Neutrality regulations and the evolution of the Internet infrastructure worldwide. Another contribution that has the specific purpose of contributing to the advancement of this theme in Brazil is the description of the agents involved in enforcing Net Neutrality in the country. Finally, the Network Neutrality Observatory was created as a tool that can enable social control of all the aspects inherent to Network Neutrality in Brazil. Keywords: Detection of Net Neutrality violations; Net Neutrality Regulations; Net Neutrality Observatory; Net Neutrality Tools