Receiver-Side TCP Countermeasure in Cellular Networks.

Cellular-based networks keep large buffers at base stations to smooth out the bursty data traffic, which has a negative impact on the user's Quality of Experience (QoE). With the boom of smart vehicles and phones, this has drawn growing attention. For this paper, we first conducted experiments to reveal the large delays, thus long flow completion time (FCT), caused by the large buffer in the cellular networks. Then, a receiver-side transmission control protocol (TCP) countermeasure named Delay-based Flow Control algorithm with Service Differentiation (DFCSD) was proposed to target interactive applications requiring high throughput and low delay in cellular networks by limiting the standing queue size and decreasing the amount of packets that are dropped in the eNodeB in Long Term Evolution (LTE). DFCSD stems from delay-based congestion control algorithms but works at the receiver side to avoid the performance degradation of the delay-based algorithms when competing with loss-based mechanisms. In addition, it is derived based on the TCP fluid model to maximize the network utility. Furthermore, DFCSD also takes service differentiation into consideration based on the size of competing flows to shorten their completion time, thus improving user QoE. Simulation results confirmed that DFCSD is compatible with existing TCP algorithms, significantly reduces the latency of TCP flows, and increases network throughput

Cyber Physical System Security — DoS Attacks on Synchrophasor Networks in the Smart Grid

With the rapid increase of network-enabled sensors, switches, and relays, cyber-physical system security in the smart grid has become important. The smart grid operation demands reliable communication. Existing encryption technologies ensures the authenticity of delivered messages. However, commonly applied technologies are not able to prevent the delay or drop of smart grid communication messages. In this dissertation, the author focuses on the network security vulnerabilities in synchrophasor network and their mitigation methods. Side-channel vulnerabilities of the synchrophasor network are identified. Synchrophasor network is one of the most important technologies in the smart grid transmission system. Experiments presented in this dissertation shows that a DoS attack that exploits the side-channel vulnerability against the synchrophasor network can lead to the power system in stability. Side-channel analysis extracts information by observing implementation artifacts without knowing the actual meaning of the information. Synchrophasor network consist of Phasor Measurement Units (PMUs) use synchrophasor protocol to transmit measurement data. Two side-channels are discovered in the synchrophasor protocol. Side-channel analysis based Denial of Service (DoS) attacks differentiate the source of multiple PMU data streams within an encrypted tunnel and only drop selected PMU data streams. Simulations on a power system shows that, without any countermeasure, a power system can be subverted after an attack. Then, mitigation methods from both the network and power grid perspectives are carried out. From the perspective of network security study, side-channel analysis, and protocol transformation has the potential to assist the PMU communication to evade attacks lead with protocol identifications. From the perspective of power grid control study, to mitigate PMU DoS attacks, Cellular Computational Network (CCN) prediction of PMU data is studied and used to implement a Virtual Synchrophasor Network (VSN), which learns and mimics the behaviors of an objective power grid. The data from VSN is used by the Automatic Generation Controllers (AGCs) when the PMU packets are disrupted by DoS attacks. Real-time experimental results show the CCN based VSN effectively inferred the missing data and mitigated the negative impacts of DoS attacks. In this study, industry-standard hardware PMUs and Real-Time Digital Power System Simulator (RTDS) are used to build experimental environments that are as close to actual production as possible for this research. The above-mentioned attack and mitigation methods are also tested on the Internet. Man-In-The-Middle (MITM) attack of PMU traffic is performed with Border Gateway Protocol (BGP) hijacking. A side-channel analysis based MITM attack detection method is also investigated. A game theory analysis is performed to give a broade

Satellite-3G Hybrid Networks: Impact of ACM and ARQ on TCP Performance

The adoption of satellite systems in providing broadband transmissions to mobile users such as trains, buses and vans is expected to be an interesting solution. The scenario we considered refers to a hybrid network architecture, where a geostationary satellite forward link and a terrestrial 3G return link are used in order to exploit both the high bandwidth of a satellite channel and the lower propagation delay of a terrestrial path. The resulting round-trip delay is much shorter than that one experienced by using both the forward and return link via satellite. This is particularly appealing for overcoming the TCP efficiency degradation in high delay-bandwidth product and error prone channels. In this hybrid scenario, we used simulation results to compare the goodput of four of the most popular TCP variants, in the presence of a GOOD-BAD satellite channel, as the one experienced by mobile users. We applied an Adaptive Coding and Modulation (ACM) technique as well, and studied its impact on TCP efficiency, when used both alone and in cooperation with an Automatic Repeat reQuest (ARQ) scheme of the Selective Repeat (SR) type with low persistency. Results obtained indicate that this hybrid architecture is advantageous for TCP transmissions in terms of average goodput, and that ACM is effective only if it is jointly used with ARQ schemes

무선 네트워크에서의 TCP 성능 향상 기법

학위논문 (박사)-- 서울대학교 대학원 : 전기·컴퓨터공학부, 2015. 8. 박세웅.TCP (Transmission Control Protocol), one of the most essential protocol for the Internet, has carried the most of the Internet traffic since its birth. With the deployment of various types of wireless networks and proliferation of smart devices, a rapid increase in mobile data traffic volume has been observed and TCP has still carried the majority of mobile traffic, thus leading to huge attention again on TCP performance in wireless networks. In this dissertation, we tackle three different problems that aim to improve TCP performance in wireless networks. Firstly, we dealt with the downstream bufferbloat problem in wireless access networks such as LTE and Wi-Fi. We clarify the downstream bufferbloat problem in resource competitive environments such as Wi-Fi, and design a receiver-side countermeasure for easy deployment that does not require any modification at the sender or intermediate routers. Exploiting TCP and AQM dynamics, our scheme competes for shared resource in a fair manner with conventional TCP flow control methods and prevents bufferbloat. We implement our scheme in commercial smart devices and verify its performance through real experiments in LTE and Wi-Fi networks. Secondly, we consider the upstream bufferbloat problem in LTE networks. We clarify that the upstream bufferbloat problem can significantly degrade multitasking users QoE in LTE networks and design a packet scheduler that aims to separate delay-sensitive packets from non delay-sensitive packets without computational overhead. We implement the proposed packet scheduler in commercial smart devices and evaluate the performance of our proposed scheme through real experiments in LTE networks. Lastly, we investigate the TCP fairness problem in low-power and lossy networks (LLNs). We confirm severe throughput unfairness among nodes with different hop counts and propose dynamic TX period adjustment scheme to enhance TCP fairness in LLNs. Through experiments on the testbed, we evaluate how much the proposed scheme enhances fairness index.1 Introduction 1 1.1 Motivation 1 1.2 Background and Related Work 3 1.3 Outline 7 2 Receiver-side TCP Countermeasure to Bufferbloat in Wireless Access Networks 8 2.1 Introduction 8 2.2 Dynamics of TCP and AQM 11 2.3 Receiver-side TCP Adaptive Queue Control 14 2.3.1 Receiver-side Window Control 15 2.3.2 Delay Measurement and Queue Length Estimation 17 2.3.3 Configuration of RTAC 19 2.4 Experimental Setup and Configuration 20 2.4.1 Receiver Measurement Errors and Configuration 21 2.5 Experimental Results 27 2.5.1 Bufferbloat in Wireless Access Networks 27 2.5.2 Prevention of Bufferbloat 31 2.5.3 Fairness of TCP Flows with Various Receiver Types 32 2.5.4 The Impact of TCP Variants 39 2.5.5 The Impact of Upload Bufferbloat 46 2.5.6 Coexistence with the Unlimited Sender 48 2.6 Summary 48 3 Dual Queue Approach for Improving User QoE in LTE Networks 51 3.1 Introduction 51 3.2 User QoE Degradation in Multitasking Scenarios 54 3.2.1 Unnecessary Large Upload Queueing delay 54 3.2.2 Negative Impact on Performance in Multitasking Scenarios 55 3.3 SOR based Packet Classification with Multiple Transmit Queue 58 3.3.1 Dual Transmit Queue 59 3.3.2 SOR based Packet Classification Algorithm 61 3.4 Experiment Results 63 3.4.1 Packet Classification Metric: Sendbuffer Occupancy Ratio (SOR) 64 3.4.2 Improving RTT performance of Interactive Applications 68 3.4.3 Improving Download Performance 69 3.4.4 Fairness among Competing Upload Flows 71 3.5 Summary 74 4 Uplink Congestion Control in Low-power and Lossy Networks 75 4.1 Introduction 75 4.2 System Model 78 4.3 Proposed Scheme 79 4.3.1 Tx Period 79 4.3.2 Dynamic TX Period Adjustment 80 4.4 Experimental Results 82 4.4.1 Experimental Setup 82 4.4.2 Throughput analysis vs. Measurement 84 4.4.3 TCP Performance in Low-power Lossy Networks 87 4.4.4 Fairness improvement of DTPA 89 4.5 Summary 92 5 Conclusion 93 5.1 Research Contributions 93 5.2 Future Research Directions 95Docto

xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs

In this paper we show how attackers can covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via the row of status LEDs that exists in networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device ('side-channel'), intentionally controlling the status LEDs to carry any type of data ('covert-channel') has never studied before. A malicious code is executed on the LAN switch or router, allowing full control of the status LEDs. Sensitive data can be encoded and modulated over the blinking of the LEDs. The generated signals can then be recorded by various types of remote cameras and optical sensors. We provide the technical background on the internal architecture of switches and routers (at both the hardware and software level) which enables this type of attack. We also present amplitude and frequency based modulation and encoding schemas, along with a simple transmission protocol. We implement a prototype of an exfiltration malware and discuss its design and implementation. We evaluate this method with a few routers and different types of LEDs. In addition, we tested various receivers including remote cameras, security cameras, smartphone cameras, and optical sensors, and also discuss different detection and prevention countermeasures. Our experiment shows that sensitive data can be covertly leaked via the status LEDs of switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per LED