Discovering Network Control Vulnerabilities and Policies in Evolving Networks

The range and number of new applications and services are growing at an unprecedented rate. Computer networks need to be able to provide connectivity for these services and meet their constantly changing demands. This requires not only support of new network protocols and security requirements, but often architectural redesigns for long-term improvements to efficiency, speed, throughput, cost, and security. Networks are now facing a drastic increase in size and are required to carry a constantly growing amount of heterogeneous traffic. Unfortunately such dynamism greatly complicates security of not only the end nodes in the network, but also of the nodes of the network itself. To make matters worse, just as applications are being developed at faster and faster rates, attacks are becoming more pervasive and complex. Networks need to be able to understand the impact of these attacks and protect against them. Network control devices, such as routers, firewalls, censorship devices, and base stations, are elements of the network that make decisions on how traffic is handled. Although network control devices are expected to act according to specifications, there can be various reasons why they do not in practice. Protocols could be flawed, ambiguous or incomplete, developers could introduce unintended bugs, or attackers may find vulnerabilities in the devices and exploit them. Malfunction could intentionally or unintentionally threaten the confidentiality, integrity, and availability of end nodes and the data that passes through the network. It can also impact the availability and performance of the control devices themselves and the security policies of the network. The fast-paced evolution and scalability of current and future networks create a dynamic environment for which it is difficult to develop automated tools for testing new protocols and components. At the same time, they make the function of such tools vital for discovering implementation flaws and protocol vulnerabilities as networks become larger and more complex, and as new and potentially unrefined architectures become adopted. This thesis will present the design, implementation, and evaluation of a set of tools designed for understanding implementation of network control nodes and how they react to changes in traffic characteristics as networks evolve. We will first introduce Firecycle, a test bed for analyzing the impact of large-scale attacks and Machine-to-Machine (M2M) traffic on the Long Term Evolution (LTE) network. We will then discuss Autosonda, a tool for automatically discovering rule implementation and finding triggering traffic features in censorship devices. This thesis provides the following contributions: 1. The design, implementation, and evaluation of two tools to discover models of network control nodes in two scenarios of evolving networks, mobile network and censored internet 2. First existing test bed for analysis of large-scale attacks and impact of traffic scalability on LTE mobile networks 3. First existing test bed for LTE networks that can be scaled to arbitrary size and that deploys traffic models based on real traffic traces taken from a tier-1 operator 4. An analysis of traffic models of various categories of Internet of Things (IoT) devices 5. First study demonstrating the impact of M2M scalability and signaling overload on the packet core of LTE mobile networks 6. A specification for modeling of censorship device decision models 7. A means for automating the discovery of features utilized in censorship device decision models, comparison of these models, and their rule discover

5GAuRA. D3.3: RAN Analytics Mechanisms and Performance Benchmarking of Video, Time Critical, and Social Applications

5GAuRA deliverable D3.3.This is the final deliverable of Work Package 3 (WP3) of the 5GAuRA project, providing a report on the project’s developments on the topics of Radio Access Network (RAN) analytics and application performance benchmarking. The focus of this deliverable is to extend and deepen the methods and results provided in the 5GAuRA deliverable D3.2 in the context of specific use scenarios of video, time critical, and social applications. In this respect, four major topics of WP3 of 5GAuRA – namely edge-cloud enhanced RAN architecture, machine learning assisted Random Access Channel (RACH) approach, Multi-access Edge Computing (MEC) content caching, and active queue management – are put forward. Specifically, this document provides a detailed discussion on the service level agreement between tenant and service provider in the context of network slicing in Fifth Generation (5G) communication networks. Network slicing is considered as a key enabler to 5G communication system. Legacy telecommunication networks have been providing various services to all kinds of customers through a single network infrastructure. In contrast, by deploying network slicing, operators are now able to partition one network into individual slices, each with its own configuration and Quality of Service (QoS) requirements. There are many applications across industry that open new business opportunities with new business models. Every application instance requires an independent slice with its own network functions and features, whereby every single slice needs an individual Service Level Agreement (SLA). In D3.3, we propose a comprehensive end-to-end structure of SLA between the tenant and the service provider of sliced 5G network, which balances the interests of both sides. The proposed SLA defines reliability, availability, and performance of delivered telecommunication services in order to ensure that right information is delivered to the right destination at right time, safely and securely. We also discuss the metrics of slicebased network SLA such as throughput, penalty, cost, revenue, profit, and QoS related metrics, which are, in the view of 5GAuRA, critical features of the agreement.Peer ReviewedPostprint (published version

Watts2Share: Energy-Aware Traffic Consolidation

Energy consumption is becoming the Achilles' heel of the mobile user quality of experience partly due to undisciplined use of the cellular (3G) transmissions by applications. The operator infrastructure is typically configured for peak performance, whereas during periods of underutilisation the handsets pay the price by staying in high energy states even if each application only uses a fraction of the maximum available bandwidth. In this paper we promote a bi-radio scenario where instead of independently using own cellular connections, several users share a single cellular link offered by one member of a coalition (a rotating aggregator). We present Watts2Share, an architecture for energy-aware traffic consolidation whereby group members' data flows transmitted through a second radio (e.g., WiFi) are aggregated by the aggregator and retransmitted through the cellular link. Through careful and repeatable studies we demonstrate that this scheme saves up to 68% of the total transmission energy in handsets compared to a pure 3G scenario. The studies are based on a wide range of real traffic traces and real cellular operator settings, and further illustrate that this scheme reduces the overall energy by reducing the signalling overhead, as well as extending the lifetime of all handsets

Prioritised Random Access Channel Protocols for Delay Critical M2M Communication over Cellular Networks

With the ever-increasing technological evolution, the current and future generation communication systems are geared towards accommodating Machine to Machine (M2M) communication as a necessary prerequisite for Internet of Things (IoT). Machine Type Communication (MTC) can sustain many promising applications through connecting a huge number of devices into one network. As current studies indicate, the number of devices is escalating at a high rate. Consequently, the network becomes congested because of its lower capacity, when the massive number of devices attempts simultaneous connection through the Random Access Channel (RACH). This results in RACH resource shortage, which can lead to high collision probability and massive access delay. Hence, it is critical to upgrade conventional Random Access (RA) techniques to support a massive number of Machine Type Communication (MTC) devices including Delay-Critical (DC) MTC. This thesis approaches to tackle this problem by modeling and optimising the access throughput and access delay performance of massive random access of M2M communications in Long-Term Evolution (LTE) networks. This thesis investigates the performance of different random access schemes in different scenarios. The study begins with the design and inspection of a group based 2-step Slotted-Aloha RACH (SA-RACH) scheme considering the coexistence of Human-to-Human (H2H) and M2M communication, the latter of which is categorised as: Delay-Critical user equipments (DC-UEs) and Non-Delay-Critical user equipments (NDC-UEs). Next, a novel RACH scheme termed the Priority-based Dynamic RACH (PD-RACH) model is proposed which utilises a coded preamble based collision probability model. Finally, being a key enabler of IoT, Machine Learning, i.e. a Q-learning based approach has been adopted, and a learning assisted Prioritised RACH scheme has been developed and investigated to prioritise a specific user group. In this work, the performance analysis of these novel RACH schemes show promising results compared to that of conventional RACH

Non-stationary service curves : model and estimation method with application to cellular sleep scheduling

In today’s computer networks, short-lived flows are predominant. Consequently, transient start-up effects such as the connection establishment in cellular networks have a significant impact on the performance. Although various solutions are derived in the fields of queuing theory, available bandwidths, and network calculus, the focus is, e.g., about the mean wake-up times, estimates of the available bandwidth, which consist either out of a single value or a stationary function and steady-state solutions for backlog and delay. Contrary, the analysis during transient phases presents fundamental challenges that have only been partially solved and is therefore understood to a much lesser extent. To better comprehend systems with transient characteristics and to explain their behavior, this thesis contributes a concept of non-stationary service curves that belong to the framework of stochastic network calculus. Thereby, we derive models of sleep scheduling including time-variant performance bounds for backlog and delay. We investigate the impact of arrival rates and different duration of wake-up times, where the metrics of interest are the transient overshoot and relaxation time. We compare a time-variant and a time-invariant description of the service with an exact solution. To avoid probabilistic and maybe unpredictable effects from random services, we first choose a deterministic description of the service and present results that illustrate that only the time-variant service curve can follow the progression of the exact solution. In contrast, the time-invariant service curve remains in the worst-case value. Since in real cellular networks, it is well known that the service and sleep scheduling procedure is random, we extend the theory to the stochastic case and derive a model with a non-stationary service curve based on regenerative processes. Further, the estimation of cellular network’s capacity/ available bandwidth from measurements is an important topic that attracts research, and several works exist that obtain an estimate from measurements. Assuming a system without any knowledge about its internals, we investigate existing measurement methods such as the prevalent rate scanning and the burst response method. We find fundamental limitations to estimate the service accurately in a time-variant way, which can be explained by the non-convexity of transient services and their super-additive network processes. In order to overcome these limitations, we derive a novel two-phase probing technique. In the first step, the shape of a minimal probe is identified, which we then use to obtain an accurate estimate of the unknown service. To demonstrate the minimal probing method’s applicability, we perform a comprehensive measurement campaign in cellular networks with sleep scheduling (2G, 3G, and 4G). Here, we observe significant transient backlogs and delay overshoots that persist for long relaxation times by sending constant-bit-rate traffic, which matches the findings from our theoretical model. Contrary, the minimal probing method shows another strength: sending the minimal probe eliminates the transient overshoots and relaxation times

Proceedings of the Second International Mobile Satellite Conference (IMSC 1990)

Presented here are the proceedings of the Second International Mobile Satellite Conference (IMSC), held June 17-20, 1990 in Ottawa, Canada. Topics covered include future mobile satellite communications concepts, aeronautical applications, modulation and coding, propagation and experimental systems, mobile terminal equipment, network architecture and control, regulatory and policy considerations, vehicle antennas, and speech compression