Assessing e-learning readiness of primary school teachers ...
Assessing Future Network Readiness for Malaysia...Assessing Future Network Readiness for Malaysia...
Transcript of Assessing Future Network Readiness for Malaysia...Assessing Future Network Readiness for Malaysia...
Assessing Future Network Readiness for MalaysiaAssessing Future Network Readiness for Malaysia
Javed I Khan, PhDProf. and Director
Networking and Media Communications Laboratiory, Kent State University, OH
Fulbright Senior Specialist Advisor to MCMC
Key Note, September 19, 2017Marriot, Cyberjaya, Malaysia
Javed I Khan, PhDProf. and Director
Networking and Media Communications Laboratiory, Kent State University, OH
Fulbright Senior Specialist Advisor to MCMC
Key Note, September 19, 2017Marriot, Cyberjaya, Malaysia
MEDIANET, 2017
BackgroundBackground
• This is a unique time in history, The emerging innovations are poised torevolutionize our way of life. Starting from telegraph, fixed and mobilephone, internet eras- we will be entering into a new age of ubiquitouscommunication and computation and networked society..
• Smart citizen & community, augmented reality, bots, autonomous cars,smart home, cloud, bitcoin..
• A Future Network for Malaysia towards becoming aSmart Digital Nation.
MEDIANET, 2017
What is Future Network?What is Future Network?
• Focused on 5 emergent components of FutureNetwork
• Next Generation Mobile- 5G• Data Center/Cloud/Big Data• Software Defined Network (SDN)• Internet of Things (IOT)• Smart Cities & Communities (SCC)
MEDIANET, 2017
Objective of the StudyObjective of the Study
Assess- Infrastructure and Readiness Challenge & Opportunities- Where are the gaps,
challenges as well new opportunities? Marching Forward Ideas- What MCMC can do to help
its stakeholders in this journey? Vision- Identify Elements of Future Network for
Malaysia to be a Smart Digital Nation.
MEDIANET, 2017
Select MCMC Focus GroupsSelect MCMC Focus Groups
• MMU Innov8 and Digital Home Lab• UTM-Innovation Center 5G• UPM-WiPNET• CELCOM• MAXIS• DIGI• TIME• TM• U-Mobile• MIMOS• MIGHT
Data Center/Cloud/Big DataData Center/Cloud/Big Data
MEDIANET, 2017
Cloud: Computing+Data is now Moving Into CoreCloud: Computing+Data is now Moving Into Core
• Content Delivery Network (CDN): Network provides content owners storage of data . So it can beplaced closer to downloaders. Faster speed of access.
• Infrastructure as a Service (IaaS). Cloud provides processor, storage, and networks. Theconsumer has control over operating systems, storage, and deployed applications; Lower HWCapex!
• Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloudinfrastructure consumer-created or acquired applications created using programming languages,libraries, services, and tools and the processor, storage, and network provided by the CloudProvider. Lowers HW+OS Capex!
• Software as a Service (SaaS): Cloud also provides full software service including the applicationrunning on a cloud infrastructure. The consumer does not manage network, servers, operatingsystems, storage, or even individual application capabilities, with the possible exception of limiteduser-specific application configuration settings; Lower HW+OS+SW Capex!
MEDIANET, 2017
Impact on NetworkImpact on Network
MEDIANET, 2017
Growth of Software as a ServiceGrowth of Software as a Service
MEDIANET, 2017
NAP of Americas: MiamiNAP of Americas: Miami
• The NAP of the Americas was huge beforehuge was cool. This massive TerremarkWorldwide data fortress in downtown Miami wascompleted in June 2001, offering 750,000square feet of data center footprint just as thedot-com bust was taking hold. The six-storyfacility not only survived the downturn, but hasbecome a key connectivity hub for theSoutheastern US and Latin America, providingcritical infrastructure to the U.S. military and theglobal domain name system. The NAP of theAmericas is built to withstand a Category 5hurricane, with its exterior protected by 7-inchthick steel-reinforced concrete panels. SixHitech rotary UPS systems support the powerinfrastructure. More than 160 networks convergeat the building, creating a major connectivityecosystem. The three large globes on the roof ofthe facility house two 16-meter satellite dishesand a 14-meter dish to provide backupconnectivity for mission-critical customersshould the facility ever lose its fiber feeds.
• 750 KSFT, Carrier Neutral, 80% of SouthAmerica Traffic passes through 180 carrieshouses.
MEDIANET, 2017
MEDIANET, 2017
Strength of Malaysian Network Infrastructure in the Eye of PingerStrength of Malaysian Network Infrastructure in the Eye of Pinger
MEDIANET, 2017
Acknowledgement: Pinger Project ParticipantsAcknowledgement: Pinger Project Participants
Design NCI for Future and Data is Big Part of It!Design NCI for Future and Data is Big Part of It!
Take away #1Take away #1
Software Defined Network:Own a Slice of Networking!Software Defined Network:Own a Slice of Networking!
MEDIANET, 2017
Controller
Protocol Stacks from Federated ControllersProtocol Stacks from Federated Controllers
TrustedProtocolServer
MEDIANET, 2017
Software Defined RoutingSoftware Defined Routing
INPUT ID INPUT PORT FORWARD TO10 1 PORT 322 2 PORT 732 1 PORT 5
Classical Routing
INPUT ID INPUT PORT ACTION10 1 FORWARD TO PORT 322 2 FORWARD TO PORT 732 1 FORWARD TO PORT 511 1 EXE CODE 201133 2 EXE CODE 202232 1 FORWARD TO FLOW TABLE 332 3 FORWARD TO FLOW TABLE 5
SDN Routing
MEDIANET, 2017
Controller
Slicing at Carrier Grade SpeedSlicing at Carrier Grade Speed
NGN SliceExchange
Bare Metal- Network Infrastructure
MEDIANET, 2017
NETRONOME NFP 4000: Scaleup: Massively parallelNETRONOME NFP 4000: Scaleup: Massively parallel
60+ processors eachcapable of supportingmultiple threads. 1 threadper packet
MEDIANET, 2017
Alternate Vision: VirtualizationAlternate Vision: Virtualization
What new forms of CommunicationsPossible?
Novel SDN Transports from our Lab
What new forms of CommunicationsPossible?
Novel SDN Transports from our Lab
MEDIANET, 2017
iTCP: MPEG2 Delay Guaranteed CommunicationiTCP: MPEG2 Delay Guaranteed Communication
0
1
2
3
4
5
6
7
0 50 100 150 200 250 300 350D
ATA
RAT
E (m
bps)
FRAME SEQUENCE LINE (FRAMES)
(b) 250 FRAMES (704x480), ENCODING RATE 4Mbps, DT=1.6 sec,XCODE=ON
MPEG2-GEN TCP ENVELOP
Tloss Tequal Tcritical
Relaxation period()
Critical delay period (d)
Frugal state rate (h)
Reaction delay ()
Generator Function g(t)
Window Function w(t)
timeTrecoveryTactual
MEDIANET, 2017
Router Router
BackboneNetwork
CorrespondingNode
Mobile Node
AP3
IP-Subnet 1 IP-Subnet 2
AP4AP1 AP2
Mobile Node Mobile Node
L2 HandoffL3 Handoff
Fast NativeIP Handoff in WiFi Network MIP vs. IPMNFast NativeIP Handoff in WiFi Network MIP vs. IPMN
TexasVirginiaLocalHandoff
MIPIPMNMIPIPMNMIPIPMN51359202586691141265410613318719324975106712410722909919522672106152411136352319577414111489451154416762003077212110081095
437691974290011214251110Avrg.
Handoff Latencies (in ms) of the first five handoffs
MEDIANET, 2017
Super Scaler Communication: Network SwarmSuper Scaler Communication: Network Swarm
The more a file is on demand the faster it downloads!Example: Super Scaler File Download with Bit Torrent
MEDIANET, 201731 /47
zqTCP: Zero Queue Delay Transport
MEDIANET, 2017
Benefits of Agile NCIBenefits of Agile NCI
• Major reduction in Capex equipment costs through consolidatingequipment infrastructure and exploiting the economies of scale of the ITindustry.
• Faster targeted service introduction based on geography or customer sets. Scaled up/down asrequired. In addition, improved service velocity by provisioning remotely in software without any site visitsrequired to install new hardware.
• Supporting multi-tenancy thereby allowing network operators to provide tailored services andconnectivity for multiple users, applications or other network operators, all co-existing on the samehardware with appropriate secure separation of administrative domains.
• Carrier grade resilience at low cost. Temporarily repair failures by automated re-configuration andmoving network workloads onto spare capacity with remote orchestration. Reduce the cost of 24/7operations by mitigating failures automatically.
MEDIANET, 2017
A New Eco System?A New Eco System?
• Opens up the eco-systems.It opens the virtualappliance market toTELCOs eager to innovateservice, academia, puresoftware entrants, smallplayers encouraging moreinnovation to bring newservices and new revenuestreams quickly at muchlower risk.
Design NCI for Future and Data is Big Part of It!Design NCI for Future and Data is Big Part of It!
Virtualize NCI for Affordably and also Agility!Virtualize NCI for Affordably and also Agility!
Take away #2Take away #2
MEDIANET, 2017
Emerging Applications: Smart HomeEmerging Applications: Smart Home
Smart Home:
Following parties will be involved inbusiness:
• Device manufacturers• Communication service
providers (Network Operators)• Smart home setup companies.• Smart home maintenance
service providers• Mobile Operators (to provide
remote access)• Application developers (Remote
control)• Research firms• Cloud computing and storage
providers• Multimedia content providers
(News, movies, etc.)
MEDIANET, 2017
Emerging Applications: Smart Grids:Emerging Applications: Smart Grids:
Smart Grids:Following parties will be involvedin business:
• Power generationcompanies
• Power transmission anddistribution companies
• End device manufacturers• Data Communication and
computing serviceprovider. (NetworkOperators)
• Data storage serviceprovider
• Research Firms• Software developers
MEDIANET, 2017
Emerging Applications: Smart City CorporationsEmerging Applications: Smart City Corporations
Smart City Corporation:
Following parties will be involved inbusiness:
• City corporation• End device and sensor
manufacturers• Network operators• City service providers (Road,
water, trash, waste managements)• Research firms• Data storage providers• Management and maintenance.• Software developers
If city corporation avail sensing data for third party service providers, many new private businesses will come in the market.
Smart waste management
Prepared CI Network ?Prepared CI Network ?
MEDIANET, 2017
Fitness Tracker LeakFitness Tracker Leak
• CITIZEN LAB(Uni. of Toronto)examined 17 fitness trackers
• Almost all of them leaks data• Sensor readings can be overridden• Real life incident:
• Not reported yet• Possible Privacy threats
• unwanted access to user workoutschedule,Blood pressure, pulse rate etc.
• Possible Safety threats• Assume
• Fitness tracker of User with asthma ishacked
• Tracker suggest higher pulse rate thenactual
• User takes inhalerFull Report : https://openeffect.ca/reports/Every_Step_You_Fake.pdf
Brand Wearable App
Apple AppleWatch
Watch 2.1
Basis BasisPeak
Basis Peak 1.14.0
Bellabeat BellabeatLeaf
LEAF 1.7.0
Fitbit FitbitChargeHR
Fitbit 2.10
Garmin GarminVivosmart
Garmin Connect2.13.2.1
Jawbone JawboneUp 2
Jawbone UP 4.7.0
Mio Mio Fuse Mio GO 2.4.4
Withings WithingsPulse O2
Withings HealthMate 2.09.00
Xiaomi Xiaomi MiBand
Mi Fit 1.6.122
MEDIANET, 2017
Cardiac Devices ControlCardiac Devices Control
News Source : http://money.cnn.com/2017/01/09/technology/fda-st-jude-cardiac-hack/
Hackable Cardiac Devices from St. Jude Hospital• Sept, 1 2017: The FDA issued the recall Tuesday for
465,000 pacemakers created by health company AbbottLaboratories (formerly St. Jude Medical).
• FDA confirmed about vulnerabilities• Hackers can control pacemakers & defibrillators
using its transmitter• Real life incident: Not reported yet• Possible Privacy threats
• unwanted access to critical patients info• Possible Safety threats
• False reading may lead to unwanteddefibrillators shock to heart attack patient
• Unnecessary defibrillators shock may kill patient
MEDIANET, 2017
Multiple Wearable Hack: Password CrackerMultiple Wearable Hack: Password Cracker
Source : https://www.stevens.edu/news/did-your-smart-watch-fitness-tracker-just-give-away-your-pin
• STEVENS Ins. Of Tech.developed Backward PIN-sequence Inference Algorithm.Uses accelerometers,gyroscopes &magnetometers and could crackPINS and passwords with 80%accuracy in just one try 90%after 3 try).
• Real life incident• Not reported yet
• Possible privacy & safety breach• Loosing all kind of secret
credentials
MEDIANET, 2017
Smart DVD player & Coffee Machine: Mirai Botnet Attack Dyn AttackSmart DVD player & Coffee Machine: Mirai Botnet Attack Dyn Attack
• Most severe DDoS attack of recent time. Used IoT based Botnets• Stopped huge portion of USA internet system for long time
• Twitter, the Guardian, Netflix, Reddit, and CNN was effected• Record 1 Terabit per second traffic• Traffic generated mainly from China & Vietnam
• Used common username-password pair to attack• DVD player, web cam & Coffee machine was main target
• After takeover one machine captured other machine• Source code is open sourced now• Origination time & source yet unknown• Newer versions of Mirai are coming• Possible privacy & safety breach
• what if the camera’s start transferring video!!
MEDIANET, 2017
Smart Light : Philips Hue/ Drone AttackSmart Light : Philips Hue/ Drone Attack
• Researcher hacked Philips Hue bulb using drone• Using Touchlink aspect of ZigBee Light Link system
• Bypassed built-in safeguards against remote access• Extracted global AES-CCM key for encrypt &
authenticate new firmware• Hacked from 350 meters distance• Real life incident:
• PoC by researchers• Possible Safety & Privacy threats
• Hackers can put bulbs on SOS mode• Stop lights at weekday office time
News source : https://www.engadget.com/2016/11/03/hackers-hijack-a-philips-hue-lights-with-a-drone/
MEDIANET, 2017
Information PathsInformation Paths
IoT Devices Hub / GW CLOUD
SensingPath
SensingPath
ActuationPath
ActuationPath
DATA on the way
MEDIANET, 2017
Emerging Unlicensed Spectrum IoT Communication StandardsEmerging Unlicensed Spectrum IoT Communication Standards
• For Short Range• Major standards are
• Zigbee• Bluetooth• WiFi
• Not own by any serviceprovider
• Low cost• Often compromise
security forLow energy
Summary for Zigbee, Wi Fi, BT
MEDIANET, 2017
Cellular IoT StandardsCellular IoT Standards
Image courtesy: 3GPP & Aricent technology
MEDIANET, 2017
ZigBee : Security RiskZigBee : Security Risk
• Zigbee security depends on 2 Keys• 128-bit Network key : distributed & shared among every device in network
to secure broadcast communication• 128-bit Link key: secure unicast communication on Application layer, &
shared between 2 devices• No protocol support for dynamic key replacement• Once Key is compromised whole network is compromised
• Possible attacks:• Physical attacks
• Connect to unsecured Zigbee device in the network & capture Network key• Sending noise on Zigbee channel Jam signals
• Key attacks:• Over the Air unencrypted key delivery & pre shared key Key hacked from sniffed packet
Any Zigbee mimicking device can get the key• Implementation in firmware
MEDIANET, 2017
Bluetooth: Security RiskBluetooth: Security Risk
• A wireless communication standard for short distance• Uses Low Energy• 4 Versions 1.x, 2.x, 3.x, 4.x• Possible attacks:
• General software vulnerabilities : each implementation has some kind of problem• Weak encryption, plain text password transmission etc
• Eavesdropping : Older versions(1.x to 3.x) are not secured enough• Without key pairing or pass key, weak encryption
• Hackers can continuously send packets quick battery discharge• Device can be found even when hidden using Hydra tool
• Bluetooth LE & older generation has these problem• https://arstechnica.com/information-technology/2016/09/hands-on-blue-hydra-can-expose-the-
all-too-unhidden-world-of-bluetooth/• BT 4 broadcasts packets with universally unique identifier (UUID)
• User location can be identified with received signal strength indicator (RSSI)
MEDIANET, 2017
WiFi: Security RiskWiFi: Security Risk
• WiFi long range than BT & Zigbee• Power requirement is also high• Strong encryption support• Possible attacks:
• Dictionary attack : Brute force attempt to break weak passwords• DDoS attack: Exhaust router buffer with large number of packet• General software vulnerabilities : each implementation has some kind of
problem• Example :
• Broadpwn : Security researcher at “Nitay Artenstein of Exodus Intelligence” found it• Broadcom’s Wi-Fi chipsets contains bug• Hackers can compromise the device• Can “execute arbitrary code on the Wi-Fi chip.”• https://www.usatoday.com/story/tech/talkingtech/2017/07/21/apple-issues-security-
updates-mac-and-ios-stop-potential-attack-through-wi-fi/500689001/
MEDIANET, 2017
EU Agency for Network & Information Security – Possible Threat SurfacesEU Agency for Network & Information Security – Possible Threat Surfaces
Source : Threat Landscape for Smart Homes - Enisa - Europa EU
MEDIANET, 2017
Smart Wearable : Possible Attack SurfacesSmart Wearable : Possible Attack Surfaces
Source : https://www.welivesecurity.com/2015/12/08/wearables-wheres-the-risk/
• Data Network = Information Network ??
We may have highly capable data networkbut quite unprepared Information Network Infrastrcture.
• Data Network = Information Network ??
We may have highly capable data networkbut quite unprepared Information Network Infrastrcture.
Design NCI for Future and Data is Big Part of It!Design NCI for Future and Data is Big Part of It!
Virtualize NCI for Affordably and also Agility!!Virtualize NCI for Affordably and also Agility!!
Ready NCI for Information Networking!!!Ready NCI for Information Networking!!!
The Three Takeaways of TodayThe Three Takeaways of Today
MEDIANET, 2017
PublicationsPublications
• Iftekharul Islam, & J. I. Khan, A Network Centric TCP for Video Delivery Networks, (Accepted), IEEE ICNP 2017,October 10, 2017. Toronto, Canada
• Javed I. Khan and Raid Y. Zaghal, Interactive Transparent Networking—Modeling Examples of Snoop and WTCPProtocols, Computer Communications, Vol. 28, Issue 6, pp. 702 – 711.
• Sandeep Davu, Raid Zaghal, and Javed Khan, An Infrastructureless End-to-End High Performance Mobility Protocolfor Connection Oriented Applications. IEEE International Conference on Electro Information Technology – EIT'05,Lincoln, NE, May 2005.
• Raid Zaghal, Sandeep Davu, and Javed Khan. An Interactive Transparent Protocol for Connection Oriented Mobility -Performance Analysis with Voice Traffic. Third International Symposium on Modeling and Optimization in Mobile, Ad-hoc and Wireless Networks – WiOpt'05, Riva Del Garda, Trentino, Italy. April 2005.
• Javed Khan and Raid Zaghal. Protocol Modeling with Transparent Networking. International Conference onComputing, Communications and Control Technologies - CCCT'04, Austin, TX, USA. August 2004. pp. 66 – 71, Vol.7.
• Javed Khan and Raid Zaghal. Jitter and Delay Reduction for Time Sensitive Elastic Traffic for TCP-Interactive BasedWorld Wide Video Streaming Over ABone. Proceedings of the 12th International Conference on ComputerCommunications and Networks 2003 - ICCCN'03, Dallas, TX, USA. October 2003. pp. 311 – 316.
• Javed Khan, Raid Zaghal, and Q. Gu. Dynamic QoS Adaptation for Time Sensitive Traffic with Transientware.Proceedings of the IASTED International Conference on Wireless and Optical Communications 2003 – WOC'03,Banff, Canada. July 2003. pp. 225 – 229.
• Javed Khan and Raid Zaghal. Symbiotic Streaming of Elastic Traffic on Interactive Transport. IEEE InternationalSymposium on Computers and Communications - ISCC'03, Antalya, Turkey. July 2003. pp. 1435 – 1440, Vol. 2.
• Javed Khan, Raid Zaghal, and Q. Gu. Rate Control in an MPEG-2 Video Rate Transcoder. International PacketvideoWorkshop - PV 2002, Pittsburgh, PA, USA. April 24 – 26, 2002.
ThanksThanks
Ideas? Suggestions? Question?
[email protected]: forjaved
Ideas? Suggestions? Question?
[email protected]: forjaved