The Challenges of Measuring Wireless Networks. David Kotz Dartmouth College August 2005

Similar documents
RAWDAD : A Wireless Data Archive for Researchers

The Changing Usage of a Mature Campus-wide Wireless Network

Simple, full featured and budgetary deployment of single AP or distributed APs Hot-Spot for small scale projects.

Wireless LAN Security (RM12/2002)

Computer Networks 52 (2008) Contents lists available at ScienceDirect. Computer Networks. journal homepage:

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

EnGenius Networks Singapore Pte Ltd M-Series Products Launch Oct., 2009

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

WLAN Security. Dr. Siwaruk Siwamogsatham. ThaiCERT, NECTEC

Wireless Network Security

Secure Mobility Challenges. Fat APs, Decentralized Risk. Physical Access. Business Requirements

Wireless technology Principles of Security

Wireless Network Security Fundamentals and Technologies

For the mobile people of. Oulu

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Wireless# Guide to Wireless Communications. Objectives

Wireless LAN Solutions

Wireless Router at Home

C H A P T E R Reports Note Cisco Prime Network Control System Configuration Guide OL

Detecting Protected Layer-3 Rogue APs

5 Tips to Fortify your Wireless Network

CSCD 433/533 Advanced Networking

IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

WLAN a-z 2010/02/15. (C) Herbert Haas

EnGenius M SeriesM M2000 M5000 M36 M35

Last Lecture: Data Link Layer

Assignment Project Whitepaper ITEC495-V1WW. Instructor: Wayne Smith. Jim Patterson

N o W i r e s. N o W a i t i n g

Tropos Technology Overview

Ruckus ZoneDirector 3450 WLAN Controller (up to 500 ZoneFlex Access Points)

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

CSC 4900 Computer Networks: Security Protocols (2)

Building a Secure Wireless Network. Use i and WPA to Protect the Channel and Authenticate Users. May, 2007

Faster, Better, and Cheaper? Building the SD-WAN Business Case

Wireless Network Infrastructure. Inscape Data Corporation January 10, 2006

Securing Wireless LANs with Certificate Services

Deploying Mobility using Wireless VoIP

Configuring a VAP on the WAP351, WAP131, and WAP371

Wireless KRACK attack client side workaround and detection

Traffic Types and Growth in Backbone Networks

Architecting the Network Part 2

Release Notes for Avaya WLAN 9100 AOS-Lite Operating System WAP9112 Release WAP9114 Release 8.1.0

New Windows build with WLAN access

Aruba Instant

Ruckus ZoneDirector 1106 WLAN Controller (up to 6 ZoneFlex Access Points)

Tracking the Internet s BGP Table

Wireless LAN Controller (WLC) Mobility Groups FAQ

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

TestsDumps. Latest Test Dumps for IT Exam Certification

Worldwide Release. Your world, Secured ND-IM005. Wi-Fi Interception System

Configuration of Access Points and Clients. Training materials for wireless trainers

Dartmouth Internet Security Testbed (DIST) building a campus-wide wireless testbed

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

Wednesday, May 16, 2018

What is Eavedropping?

Wireless Attacks and Countermeasures

Presenter: Besnik Bashi, ing. For CCTA Technical Training Session (July, 2014) In cooperation with our Caribbean VAR 7/8/2014 1

802.11n in the Outdoor Environment

Wireless Domain Services FAQ

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

NDSU Wireless. Bruce Curtis David Dahl Valerie Nordsletten

Customer Forum. Access to Data. Author, Department. 26 April 2018

D-Link AirPlus G DWL-G700AP

Wi-Fi Activity in Open Environments: Tools, Measurements, and Analyses. Thomas Claveirole Ph.D. Defense February 26, 2010

Using Trend Reports. Understanding Reporting Options CHAPTER

Security & Management for your wireless LANs. Bluesocket Wireless Gateways

The Wi-Fi Boom. Dr. Malik Audeh Tropos Networks March 13, 2004

Wireless and Mobile Networks Reading: Sections 2.8 and 4.2.5

Cisco Meraki Wireless Solution Comparison

2014 Bond Technology Update Progress of the Technology Network Infrastructure Upgrades Long Range Planning Committee March 4, 2015

Internetwork Expert s CCNP Bootcamp. Wireless LANs. WLANs replace Physical (layer 1) and Data Link (layer 2) transports with wireless

Syllabus Revised 01/03/2018

Exam : PW Title : Certified wireless security professional(cwsp) Version : DEMO

Standard For IIUM Wireless Networking

Abstract. Avaya Solution & Interoperability Test Lab

Inovatian Mesh Technology. InoMesh Specifications & System Performance Sheet

15-441: Computer Networking. Wireless Networking

Security SSID Selection: Broadcast SSID:

90 % of WAN decision makers cite their

Chapter 11: It s a Network. Introduction to Networking

Chapter 5 Advanced Configuration

CCNA Routing and Switching Courses. Scope and Sequence. Target Audience. Curriculum Overview. Last updated August 22, 2018

Network Security. Thierry Sans

Cisco Aironet 350 (DS) AP IOS Software

SYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS

Borderless Networks - Enabling the Borderless Organization. Michael Rau Vice President, CTO Worldwide Borderless Networks Sales

C H A P T E R Overview Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide OL

RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions

SIP security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, , Atlanta, GA (USA)

Fixed the internet can t connect when setting and enable Port Forwarding function.

The All-in-one Guest Access Solution of

Broadband Rate Design for Public Benefit

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Mesh Deployment Modes

Aruba ACMP. Aruba Certified Mobility Professional

How To Unify Your Wireless Architecture Without Limiting Performance or Flexibility

Karthik Pinnamaneni COEN 150 Wireless Network Security Dr. Joan Holliday 5/21/03

Wireless Networking (hosted at

Transcription:

The Challenges of Measuring Wireless Networks David Kotz Dartmouth College August 2005

Why measure? For better management Large WLANs need scalable management To manage you must monitor To monitor you must measure Where is there trouble... or trouble-makers? Where should your network grow? Where are your users? How and when do they move? What do they use the network for? How is it abused?

Why measure? For research and innovation To improve our understanding of user and network behavior. This understanding leads to better models. Better models are critical to innovation: network protocols distributed algorithms and applications deployment strategy

Wireless is not Wired Many inherent differences Wired medium: clear points of connection Wireless medium: physically dispersed Not everything is visible for measurement Mobility inspires new usage patterns Novel devices inspire new usage patterns 802.11 protocol inspires new attacks

Dartmouth s wireless network

Active cards per week Cards 5000 4500 4000 3500 3000 2500 2000 1500 1000 500 2001 trace 1706 cards 7134 cards 0 Apr01 Jul01 Nov01 Mar02 Jun02 Oct02 Feb03 Jun03 Sep03 Jan04 May04 Date 2003/4 trace

GB 14 12 10 8 6 4 2 0 Average hourly traffic, by hour Fall 2003 Winter 2004 Inbound Outbound 0 6 12 18 24

VoIP devices in use Fall 2003 Winter 2004 100 80 Cisco SoftPhone Wired Cisco VoIP phone Vocera VoIP badge Wireless Cisco VoIP phone Telesym PocketPC Softphone 60 40 20 0

1 0.1 VoIP call duration Fall 2003 Winter 2004 All VoIP calls are significantly shorter than non-voip calls Total Wired Wireless P[X>x] 0.01 0.001 Median wired call duration: 42 seconds Median wireless call duration: 31 seconds 0.0001 1 10 100 1000 10000 x = call duration (seconds)

Session diameter by device Fall 2003 Winter 2004 VoIP and PDA devices tend to move farther during a single wireless session 1 0.9 0.8 0.7 A B All devices Laptops PDAs VoIP devices 0.6 diameter = max inter-ap 0.5 0.4 0.3 E distance Median All: 15.3m Laptops: 14.0m PDAs: 17.5m VoIP devices: 27.8m C 0.2 0.1 D 0 0 100 200 300 400 500 600 700 800 distance (meters)

www.cs.dartmouth.edu/~map Security New attacks on the 802.11 or VoIP protocols Denial of Service = DoS Denial of Quality Service = DoQS Measure Analyze Protect

Measurement challenges

Measuring real networks: Practical challenges Lack of portable tools for collection, analysis Lack of information about network hardware Lack of common data formats Reluctance of network administrators Avoiding, identifying, and handling data holes

Capturing traffic: sniffing the wire One sniffer captures traffic from many APs to Internet But... Does not capture intra-ap traffic Does not capture 802.11 control frames Does not capture collisions, drops Sniffer Ethernet Switch AP AP AP

Capturing traffic: switched wireless to Internet Can capture nearly all MAC-layer traffic But... Needs explicit support from switch Today s switches are underpowered Sniffer Wireless Switch AP GRE tunnel AP AP

to Internet sniffing the air Ethernet Switch client Sniffer Sniffer client Sniffer AP client client

sniffing the air Can capture full MAC-layer traffic But... Need multiple radios, multiple locations Still might not capture all traffic Frames may be encrypted

Understanding traffic Encryption limits what we can see Identifying P2P traffic is hard Identifying VoIP traffic is hard WEP and WPA encrypt traffic in the air VPNs and other tunnels encrypt the wire Firewalls and NAT may block traffic

Correlating sources Hard to match data across sources syslog: device movements CDR: call detail records tcpdump or other packet traces RADIUS: authentication records SNMP: traffic counts (poor granularity)

Network structure Must know network structure and history location of all APs subnet structure switched wireless AP structure channel assignments, power levels?

Devices Tracking device movements syslog, SNMP: lack of common formats no clean way to identify device departure no clean way to tie cards to users no standards for localization Device type: laptop, palmtop, phone, psp...?

Human subjects Laws governing research and privacy For research in US universities, need approval of Institutional Review Board In any case, we must protect privacy: secure the collection infrastructure encrypt the data storage anonymize data where possible

Real user behavior Ultimately, it is hard to map observed network activity to real user behavior.

Mesh networks WiFi infrastructure network WiFi mesh network uses wireless backbone network serves mobile WiFi clients with fixed APs serves mobile WiFi clients with fixed APs How and where to collect the data? What, additionally, to monitor?

Modeling wireless networks

Building models Models should be derived from real data Then, how are the models validated? What is modeled, and what is assumed? Carefully define assumptions Clearly identify usable range of the model Is the model portable? translates to other places, other times, other sizes

Mobility models The MANET world is full of fake models! We need new models from real users Mobility model: the path of users in geographic space Association model: sequence of APs associated by a device

The needs of our community

We need... Data collection Standardized formats and interfaces Portable tools for data collection Portable tools for network mapping Documentation from network vendors

We need... Data processing Effective, portable tools for anonymization avoid data-mining attacks but don t lose the tail of the data Identifying holes and cleaning data

We need... Data analysis Portable tools for data analysis Precise definitions: e.g., session Standardized metrics: e.g., diameter, prevalence

We need... Wireless testbeds Ideal testbed should allow repeatable experiments be flexible to variety of experiments be remotely accessible represent indoor, outdoor, or both recognize its own limitations

We need... A scientific process Every wireless-network paper should clearly state its assumptions clearly state its experimental conditions identify how these assumptions and conditions limit the conclusions contribute its data to an archive make source code available

We need... Data sharing Archives of measurement data for research... and the tools to manage archives... and encourage contributions of new data... and staff to manage archives and tools

CRAWDAD.cs.dartmouth.edu Community Resource for Archiving Wireless Data At Dartmouth

CRAWDAD.cs.dartmouth.edu Archive of wireless-network traces Tools for trace collection and analysis Support for the research community Event calendar Bibliography Annual workshop at Mobicom Co-led by David Kotz and Tristan Henderson Hosted by the Center for Mobile Computing at Dartmouth College Funded by US National Science Foundation

Summary Large WLANs require scalable management Management requires monitoring Monitoring requires measurement Measurement is hard! We need better tools and data formats We need shared archives and testbeds Researchers and providers must cooperate

David Kotz Dartmouth College Center for Mobile Computing cmc.cs.dartmouth.edu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback