Towards a General Solution for Detecting Traffic Differentiation At the Internet Access

International audienceIn recent years network neutrality has been widely debated from both technical and economic points of view. Its proponents advocate that all network traffic should be treated equally by Internet Service Providers (ISP's) and no discrimination should take place on origin, destination, content or load. Opponents on the other hand maintain that the components that constitute the Internet of today already apply some forms of preferential treatment at different levels, and it would be neither feasible nor desirable to enforce a purely egalitarian principle, also in light of emerging user needs. Nevertheless various cases of traffic differentiation at the Internet access have been reported throughout the last decade, in particular aimed at bandwidth consuming traffic flows and alternative competing services. In this paper we present a novel method for the detection of traffic differentiation, through which we are able to correctly identify where a shaper is located with respect to the user and evaluate whether it affected delays, packet losses or both. The tool we propose, ChkDiff, reuses the user's own traffic and replays it in order to target routers at the first few hops from the user. By comparing the resulting flow delays to the same router against one other, and analysing the behaviour on the immediate router topology spawning from the user end-point, ChkDiff manages to detect instances of traffic shaping and accurately locate them. We provide a detailed description of the design of the tool for the case of upstream traffic, the technical issues it overcomes and a validation in a controlled scenario

Quality of service assurance for the next generation Internet

The provisioning for multimedia applications has been of increasing interest among researchers and Internet Service Providers. Through the migration from resource-based to service-driven networks, it has become evident that the Internet model should be enhanced to provide support for a variety of differentiated services that match applications and customer requirements, and not stay limited under the flat best-effort service that is currently provided. In this paper, we describe and critically appraise the major achievements of the efforts to introduce Quality of Service (QoS) assurance and provisioning within the Internet model. We then propose a research path for the creation of a network services management architecture, through which we can move towards a QoS-enabled network environment, offering support for a variety of different services, based on traffic characteristics and user expectations

Asymmetry and Discrimination in Internet Peering Evidence from the LINX

Is the quality of interconnection between Internet operators affected by their asymmetry? While recent game theoretic literature provides contrasting answers to this question, there is a lack of empirical research. We introduce a novel dataset based on Internet routing policies, and study the interconnection decisions amongst the Internet Service Providers (ISPs) members of the London Internet Exchange Point (LINX). Our results show that interconnection quality degradation can be significantly explained by asymmetry between providers. We also show that Competition Authorities should focus more on the role played by the “centrality of an operatorâ€, rather than on its market share.Internet Peering, Two-sided Markets, Network Industries, Antitrust, Net Neutrality

Increasing resilience of ATM networks using traffic monitoring and automated anomaly analysis

Systematic network monitoring can be the cornerstone for the dependable operation of safety-critical distributed systems. In this paper, we present our vision for informed anomaly detection through network monitoring and resilience measurements to increase the operators' visibility of ATM communication networks. We raise the question of how to determine the optimal level of automation in this safety-critical context, and we present a novel passive network monitoring system that can reveal network utilisation trends and traffic patterns in diverse timescales. Using network measurements, we derive resilience metrics and visualisations to enhance the operators' knowledge of the network and traffic behaviour, and allow for network planning and provisioning based on informed what-if analysis

Data Leak Detection As a Service: Challenges and Solutions

We describe a network-based data-leak detection (DLD) technique, the main feature of which is that the detection does not require the data owner to reveal the content of the sensitive data. Instead, only a small amount of specialized digests are needed. Our technique – referred to as the fuzzy fingerprint – can be used to detect accidental data leaks due to human errors or application flaws. The privacy-preserving feature of our algorithms minimizes the exposure of sensitive data and enables the data owner to safely delegate the detection to others.We describe how cloud providers can offer their customers data-leak detection as an add-on service with strong privacy guarantees. We perform extensive experimental evaluation on the privacy, efficiency, accuracy and noise tolerance of our techniques. Our evaluation results under various data-leak scenarios and setups show that our method can support accurate detection with very small number of false alarms, even when the presentation of the data has been transformed. It also indicates that the detection accuracy does not degrade when partial digests are used. We further provide a quantifiable method to measure the privacy guarantee offered by our fuzzy fingerprint framework

Modelling & Improving Flow Establishment in RSVP

RSVP has developed as a key component for the evolving Internet, and in particular for the Integrated Services Architecture. Therefore, RSVP performance is crucially important; yet this has been little studied up till now. In this paper, we target one of the most important aspects of RSVP: its ability to establish flows. We first identify the factors influencing the performance of the protocol by modelling the establishment mechanism. Then, we propose a Fast Establishment Mechanism (FEM) aimed at speeding up the set-up procedure in RSVP. We analyse FEM by means of simulation, and show that it offers improvements to the performance of RSVP over a range of likely circumstances

ForChaos: Real Time Application DDoS detection using Forecasting and Chaos Theory in Smart Home IoT Network

Recently, D/DoS attacks have been launched by zombie IoT devices in smart home networks. They pose a great threat to to network systems with Application Layer DDoS attacks being especially hard to detect due to their stealth and seemingly legitimacy. In this paper, we propose we propose ForChaos, a lightweight detection algorithm for IoT devices, that is based on forecasting and chaos theory to identify flooding and DDoS attacks. For every time-series behaviour collected, a forecasting-technique prediction is generated, based on a number of features, and the error between the two values is calcualted. In order to assess the error of the forecasting from the actual value, the lyapunov exponent is used to detect potential malicious behaviour. In NS-3 we evaluate our detection algorithm through a series of experiments in Flooding and Slow-Rate DDoS attacks. The results are presented and discussed in detail and compared with related studies, demonstrating its effectiveness and robustness

Results and achievements of the ALLIANCE Project: New network solutions for 5G and beyond

Leaving the current 4th generation of mobile communications behind, 5G will represent a disruptive paradigm shift integrating 5G Radio Access Networks (RANs), ultra-high-capacity access/metro/core optical networks, and intra-datacentre (DC) network and computational resources into a single converged 5G network infrastructure. The present paper overviews the main achievements obtained in the ALLIANCE project. This project ambitiously aims at architecting a converged 5G-enabled network infrastructure satisfying those needs to effectively realise the envisioned upcoming Digital Society. In particular, we present two networking solutions for 5G and beyond 5G (B5G), such as Software Defined Networking/Network Function Virtualisation (SDN/NFV) on top of an ultra-high-capacity spatially and spectrally flexible all-optical network infrastructure, and the clean-slate Recursive Inter-Network Architecture (RINA) over packet networks, including access, metro, core and DC segments. The common umbrella of all these solutions is the Knowledge-Defined Networking (KDN)-based orchestration layer which, by implementing Artificial Intelligence (AI) techniques, enables an optimal end-to-end service provisioning. Finally, the cross-layer manager of the ALLIANCE architecture includes two novel elements, namely the monitoring element providing network and user data in real time to the KDN, and the blockchain-based trust element in charge of exchanging reliable and confident information with external domains.This work has been partially funded by the Spanish Ministry of Economy and Competitiveness under contract FEDER TEC2017-90034-C2 (ALLIANCE project) and by the Generalitat de Catalunya under contract 2017SGR-1037 and 2017SGR-605.Peer ReviewedPostprint (published version