CSIT 561: CSIT 561: Computer Networks“Computer Networks”
Transcript of CSIT 561: CSIT 561: Computer Networks“Computer Networks”
CSIT 561: “Computer Networks”CSIT 561: Computer Networks
Fall 2009HKUST
Introduction 1-1
Course InfoCourse Info
Instructors:InstructorsDr. Jogesh K. Muppala: http://www.cs.ust.hk/~muppala/ Dr. Qian Zhang: http://www.cs.ust.hk/~qianzh
Course web sitehttp://www.cse.ust.hk/~muppala/csit561/contains all notes, announcements, etc. Check it regularly!L t h d lLecture schedule
Track 15: (Wed 7:30 pm - 10:20 pm) Track 14: (Thurs 3:30 pm 6:20 pm)
Introduction 1-2
Track 14: (Thurs 3:30 pm - 6:20 pm)
Course InfoCourse Info
Textbook: James Kurose and Keith Ross Textbook James Kurose and Keith Ross Computer Networking: A Top Down Approach, 5th ed. Addison Wesley, 2009http://www.aw-bc.com/kurose_ross/ with useful resource material
The useful links and also the lab materials onlinematerials online
Introduction 1-3
Course InfoCourse Info
Grading schemegOption 1
• Homework (3) 45 points (15 points for each)• Mid-Term Exam 25 pointsMid-Term Exam 25 points• Final Exam 30 points
Option 2• Homework (2) 30 points• Homework (2) 30 points• Survey report (replace the last homework) 20 points• Mid-Term Exam 20 points• Final Exam 30 points• Final Exam 30 points
Examinations arrangement (to be confirmed)Mid-term (Oct. 10, 3:00-5:00 pm)
Introduction 1-4
Final exam (Dec. 10, 7:30-10:00 pm)
Course ScheduleCourse Schedule
I t d ti f t t ki (2 l t )Introduction of computer networking (2 lectures)
Application layer (4 lectures)
Transport layer (5 lectures)
Networking layer (5 lectures)g y ( )
Link Layer and Local Area Networks (3 lectures)
Mobile and wireless computing (4 lectures)Mobile and wireless computing (4 lectures)
Multimedia networking (3 lectures)
Introduction 1-5
Chapter 1Chapter 1Introduction
A note on the use of these ppt slides:The notes used in this course are substantially
Computer Networking: A Top Down Approach ,4th edition. Jim Kurose Keith Ross
The notes used in this course are substantially based on powerpoint slides developed and copyrighted by J.F. Kurose and K.W. Ross, 2007
Jim Kurose, Keith RossAddison-Wesley, July 2007.
Introduction 1-6
Chapter 1: IntroductionChapter 1 IntroductionOur goal:
G t “f l” d Overview:
Get “feel” and terminologyMore depth, detail
What’s the Internet?What’s a protocol?Network edge; hosts access
plater in courseApproach:
use Internet as
Network edge; hosts, access net, physical mediaNetwork core: packet/circuit use Internet as
examplep
switching, Internet structurePerformance: loss, delay, th h tthroughputSecurityProtocol layers service models
Introduction 1-7
Protocol layers, service modelsHistory
Chapter 1: roadmapChapter roadmap
1.1 What is the Internet?1.2 Network edge
End systems, access networks, links1.3 Network core
Circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-8
What’s the Internet: “nuts and bolts” view
Millions of connected computing devices:
Mobile network
Global ISP
PC
server mp ghosts = end systems
Running network H t k
Global ISPserver
wirelesslaptopcellular apps Home network
Regional ISP
cellular handheld
Communication linksFiber copper
Institutional networkwiredlinks
access points
Fiber, copper, radio, satelliteTransmission rate b d idth
router
= bandwidth
Routers: forward packets (chunks of data)
Introduction 1-9
router packets (chunks of data)
What’s the Internet: “nuts and bolts” view
Protocols control sending, receiving of msgs
Mobile network
Global ISPreceiving of msgsE.g., TCP, IP, HTTP, Skype, Ethernet
H t k
Global ISP
Internet: “network of networks”
Loosely hierarchical
Home networkRegional ISP
Loosely hierarchicalPublic Internet versus private intranet
Institutional network
Internet standardsRFC: Request for commentsIETF: Internet Engineering
Introduction 1-10
IETF: Internet Engineering Task Force
What’s the Internet: A Service ViewCommunication infrastructure enables infrastructure enables distributed applications:
Web, VoIP, email, games, f l he-commerce, file sharing
Communication services id d t provided to apps:
Reliable data delivery from source to destination“Best effort” (unreliable) data delivery
Introduction 1-11
What’s a Protocol?What s a Protocol?Human protocols:
“Wh t’ th ti ?”Network protocols:
M hi th th “What’s the time?”“I have a question”Introductions
Machines rather than humansAll communication Introductions
… specific msgs sent
All communication activity in Internet governed by protocols
… specific actions taken when msgs received, or other events
Protocols define format, order of msgs sent and
i d k or other events received among network entities, and actions
taken on msg
Introduction 1-12
transmission, receipt
What’s a Protocol?What s a Protocol?A human protocol and a computer network protocol:
Hi TCP connection
Hi
G h
TCP connectionrequest
TCP connectionGot thetime?
2:00
response
Get http://www.awl.com/kurose-ross
<file>time
Introduction 1-13
Q: Other human protocols?
Chapter 1: RoadmapChapter Roadmap
1.1 What is the Internet?1.2 Network edge
End systems, access networks, links1.3 Network core
Circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-14
A Closer Look at Network Structure:LNetwork edge:
li ti d h tapplications and hosts
Access networks, physical media:wired, wireless
i ti li kscommunication links
Network core:Interconnected routersNetwork of networks
Introduction 1-15
The Network Edge:The Network EdgeEnd systems (hosts):
Run application programsRun application programsE.g. Web, emailAt “edge of network” peer-peer
Client/server modelClient host requests, receives service from always on server
client/serverservice from always-on serverE.g. Web browser/server; email client/server
Peer-peer model:Minimal (or no) use of dedicated servers
Introduction 1-16
E.g. Skype, BitTorrent
Network Edge: Reliable Data Transfer ServiceService
Goal: data transfer TCP service [RFC 793]Goal: data transfer between end systemsHandshaking: setup ( f ) d
TCP service [RFC 793]Reliable, in-order byte-stream data transfer
(prepare for) data transfer ahead of time
Hello, hello back human
Loss: acknowledgements and retransmissions
Flow control:H o, h o ac human protocolSet up “state” in two communicating hosts
Flow controlSender won’t overwhelm receiver
Congestion control:mmu gTCP - Transmission Control Protocol
I ’ li bl d
Congestion control:Senders “slow down sending rate” when n t k n st d
Introduction 1-17
Internet’s reliable data transfer service
network congested
Network Edge: Best Effort (Unreliable) Data Transfer ServiceData Transfer Service
Goal: data transfer App’s using TCP:Goal: data transfer between end systems
same as before!DP D
App s using TCP:HTTP (Web), FTP (file transfer), Telnet ( l ) P UDP - User Datagram
Protocol [RFC 768]: Connectionless
(remote login), SMTP (email)
Connectionless Unreliable data transfer
App’s using UDP:streaming media
No flow controlNo congestion control
streaming media, teleconferencing, DNS, Internet telephony
Introduction 1-18
Access Networks and Physical Mediay
Q: How to connect end systems to edge router?systems to edge router?Residential access netsInstitutional access Institutional access networks (school, company)M bil t kMobile access networks
Keep in mind: B d id h (bi Bandwidth (bits per second) of access network?
Introduction 1-19
Shared or dedicated?
Residential Access: Point to Point Access
Dialup via modemD a up a mo mUp to 56Kbps direct access to router (often less)C ’t f d h t Can’t surf and phone at same time: can’t be “always on”
d l lDSL: digital subscriber linedeployment: telephone company (typically)up to 1 Mbps upstream (today typically < 256 kbps)up to 1 Mbps upstream (today typically < 256 kbps)up to 8 Mbps downstream (today typically < 1 Mbps)dedicated physical line to telephone central office
Introduction 1-20
p y p
Residential Access: Cable Modems
HFC: hybrid fiber coaxHFC: hybrid fiber coaxAsymmetric: up to 30Mbps downstream, 2 Mbps upstreamIs shared broadcast medium
Network of cable and fiber attaches homes to ISP tISP router
Homes share access to router Deployment: available via cable TV companiesDeployment: available via cable TV companies
Introduction 1-21
Company Access: Local Area Networksp y
Company/univ local area network (LAN) connects network (LAN) connects end system to edge routerEthernet:
10 Mbs, 100Mbps, 1Gbps, 10Gbps EthernetM d fi ti Modern configuration: end systems connect into Ethernet switch
LANs: chapter 5
Introduction 1-22
Wireless Access NetworksShared wireless access network connects end system network connects end system to router
Via base station aka “access p int”
router
point”Wireless LANs:
802.11b/g (WiFi): 11 or 54 Mbps
basestation
g ( ) pWider-area wireless access
Provided by telco operator1Mb ll l t ~1Mbps over cellular system
(EVDO, HSDPA)Next up (?): WiMAX (10’s Mbps)
id
mobilehosts
Introduction 1-23
over wide area
Wireless TechnologiesW g
WWAN (3G,4G?)
WMAN (Wi-Max)
BluetoothUWBRFID
coverage
WLAN (Wi-Fi)
WPAN
WMAN (Wi-Max)
WPAN
Introduction 1-24
Home NetworksTypical home network components:
ADSL or cable modemADSL or cable modemRouter/firewall/NATEthernetWireless access point
wirelesslaptops
/blto/from
wirelessaccess
router/firewall
cablemodem
to/fromcable
headend
Introduction 1-25
access pointEthernet
Physical Mediay
Bit: propagates betweenTwisted Pair (TP)
Two insulated copper p p gtransmitter/rcvr pairsPhysical link: what lies b t t s itt &
Two insulated copper wires
Category 3: traditional h i 10 Mb between transmitter &
receiverGuided media:
phone wires, 10 Mbps EthernetCategory 5: 100Mb Eth tGu ded med a
Signals propagate in solid media: copper, fiber, coax
Unguided media:
100Mbps Ethernet
Unguided media:Signals propagate freely, e.g., radio
Introduction 1-26
Physical Media: Coax, Fibery ,
Coaxial cable:T t i
Fiber optic cable:Glass fiber carrying light Two concentric copper
conductorsBidirectional
Glass fiber carrying light pulses, each pulse a bitHigh-speed operation:
Baseband:Single channel on cableLegacy Ethernet
High-speed point-to-point transmission (e.g., 10’s-100’s Gps)Legacy Ethernet
Broadband:Multiple channels on cable
Low error rate: repeaters spaced far apart ; immune to electromagnetic noisecable
HFCto electromagnetic noise
Introduction 1-27
Physical Media: Radioy
Signal carried in electromagnetic spectrumN h si l “ i ”No physical “wire”BidirectionalPropagation environment effects:Propagation environment effects:
Reflection Obstruction by objectsInterferenceInterference
Multipath propagation
Signal at Receiver
Introduction 1-28
Signal at Sender
Physical Media: Radioy
Radio link types:Radio link typesTerrestrial microwave
e.g. up to 45 Mbps channelsLAN (e.g., Wifi)
11Mbps, 54 MbpsWide area (e g cellular)Wide-area (e.g., cellular)
e.g. 3G: hundreds of kbpsSatellite
Kbps to 45Mbps channel (or multiple smaller channels)270 msec end-end delayGeosynchronous versus low altitude
Introduction 1-29
Geosynchronous versus low altitude
Chapter 1: roadmapChapter roadmap
1.1 What is the Internet?1.2 Network edge
End systems, access networks, links1.3 Network core
Circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-30
The Network CoreThe Network CoreMesh of interconnected routers
The fundamental question: how is data transferred through net?
Circuit switching:Circuit-switching:dedicated circuit per call: telephone netPacket-switching: data sent thru net in discrete “chunks”
Introduction 1-31
discrete chunks”
Network Core: Circuit Switchingg
End-end resources End end resources reserved for “call”Link bandwidth, switch capacityDedicated resources: no sharingsharingCircuit-like (guaranteed) performance
ll dCall setup required
Introduction 1-32
Network Core: Circuit SwitchinggNetwork resources
( b d idth) Dividing link bandwidth
“ ”(e.g., bandwidth) divided into “pieces”Pieces allocated to calls
into “pieces”Frequency divisionTime divisionPieces allocated to calls
Resource piece idle if not used by owning call
Time division
y g(no sharing)
Introduction 1-33
Circuit Switching: FDM and TDMC rcu t Sw tch ng FDM and DM
FDM 4 usersExample:
frequency
4 users
frequency
timeTDM
frequency
Introduction 1-34time
Network Core: Packet SwitchinggEach end-end data stream
divided into packetsResource contention:
A t divided into packetsUser A, B packets sharenetwork resources
Aggregate resource demand can exceed amount available
Each packet uses full link bandwidth R d d d
Congestion: packets queue, wait for link useSt d f d Resources used as needed Store and forward: packets move one hop at a time
Node receives complete packet before forwarding
Bandwidth division into “pieces”Dedicated allocationResource reservation
Introduction 1-35
Packet Switching: Statistical Multiplexingg p g
A C100 Mb/sEthernet statistical multiplexing
B1.5 Mb/s
p g
Bqueue of packetswaiting for output
link
D E
Sequence of A & B packets does not have fixed pattern, shared on demand statistical multiplexing
Introduction 1-36
TDM: each host gets same slot in revolving TDM frame
Packet-Switching: Store-and-Forwardg
R R RL
Takes L/R seconds to transmit (push out) packet
Example:L = 7 5 Mbits
R R R
transmit (push out) packet of L bits on to link or R bpsE ti k t t i
L 7.5 MbitsR = 1.5 Mbpsdelay = 15 sec
Entire packet must arrive at router before it can be transmitted on next link:
d f dstore and forwardDelay = 3L/R (assuming zero propagation delay) more on delay shortly …
Introduction 1-37
zero propagation delay)
Packet Switching versus Circuit Switchingg g
Is packet switching a “slam dunk winner?”
Great for bursty dataResource sharinggSimpler, no call setup
Excessive congestion: packet delay and lossProtocols needed for reliable data transfer, congestion control
Q: How to provide circuit like behavior?Q: How to provide circuit-like behavior?Bandwidth guarantees needed for audio/video appsStill an unsolved problem (chapter 7)
Introduction 1-38
Still an unsolved problem (chapter 7)
Internet Structure: Network of Networks
Roughly hierarchicalAt center: “tier-1” ISPs (e.g., Verizon, Sprint, AT&T, Cable and Wireless), national/international coverage
Treat each other as equalsTreat each other as equals
Ti 1 Tier 1 ISPTier-1 providers interconnect (peer)
Tier 1 ISP Tier 1 ISP(p )privately
Introduction 1-39
Tier-1 ISP: e.g., SprintT er ISP e.g., Spr nt
POP: point-of-presence
peering
to/from backbone
…peering….
to/from customers
………
Introduction 1-40
Internet Structure: Network of Networks
“Tier-2” ISPs: smaller (often regional) ISPsC i 1 I P ibl h i 2 I PConnect to one or more tier-1 ISPs, possibly other tier-2 ISPs
Tier-2 ISPTier-2 ISPTier-2 ISP pays tier-1 ISP for
Tier-2 ISPs also peer privately with
Tier 1 ISPtier 1 ISP for connectivity to rest of Internet
Tier-2 ISP is t f
each other.
Tier 1 ISP Tier 1 ISP
Tier-2 ISP Tier-2 ISP
Tier-2 ISPcustomer oftier-1 provider
Introduction 1-41
Tier 2 ISP Tier 2 ISP
Internet Structure: Network of Networks
“Tier-3” ISPs and local ISPs L h (“ ”) k ( l d )Last hop (“access”) network (closest to end systems)
local l llocalISP Tier 3
Tier-2 ISPTier-2 ISP
localISPlocal
ISPlocalISP
ISP Tier 3ISP
Local and tier-3 ISPs are
Tier 1 ISPcustomers ofhigher tier ISPsconnecting
Tier 1 ISP Tier 1 ISP
Tier-2 ISP Tier-2 ISP
Tier-2 ISPlocal
connecting them to rest of Internet
Introduction 1-42
Tier 2 ISP Tier 2 ISPlocalISP
localISP
localISP
ISP
Internet Structure: Network of Networks
A packet passes through many networks!
local l llocalISP Tier 3
Tier-2 ISPTier-2 ISP
localISPlocal
ISPlocalISP
ISP Tier 3ISP
Tier 1 ISP
Tier 1 ISP Tier 1 ISP
Tier-2 ISP Tier-2 ISP
Tier-2 ISPlocal
Introduction 1-43
Tier 2 ISP Tier 2 ISPlocalISP
localISP
localISP
ISP
Chapter 1: roadmapChapter roadmap
1.1 What is the Internet?1.2 Network edge
End systems, access networks, links1.3 Network core
Circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-44
How do Loss and Delay Occur?How do Loss and Delay Occur?Packets queue in router buffers
Packet arrival rate to link exceeds output link capacityPackets queue, wait for turn
A
packet being transmitted (delay)
A
Bpackets queueing (delay)
free (available) buffers: arriving packets
Introduction 1-45
free (available) buffers: arriving packets dropped (loss) if no free buffers
Four Sources of Packet DelayFour Sources of Packet Delay
1. Nodal processing: 2. Queueing1. Nodal processingCheck bit errorsDetermine output link
2. QueueingTime waiting at output link for transmission Depends on congestion Depends on congestion level of router
A
Bnodal
i i
Introduction 1-46
processing queueing
Delay in Packet-Switched NetworksDelay in Packet Switched Networks3. Transmission delay:
R li k b d idth (b )4. Propagation delay:
d l th f h i l li kR=link bandwidth (bps)L=packet length (bits)Time to send bits into
d = length of physical links = propagation speed in medium (~2x108 m/sec)Time to send bits into
link = L/Rmedium ( 2x10 m/sec)propagation delay = d/s
Note: s and R are very
transmission
Note: s and R are very different quantities!
Apropagation
A
B
Introduction 1-47
Bnodal
processing queueing
Caravan Analogy
t
100 km 100 km
Cars “propagate” at Time to “push” entire
toll booth
toll booth
ten-car caravan
Cars propagate at 100 km/hrToll booth takes 12 sec to
Time to push entire caravan through toll booth onto highway = 12*10 = 120 secservice a car
(transmission time)car~bit; caravan ~ packet
12*10 = 120 secTime for last car to propagate from 1st to car~bit; caravan ~ packet
Q: How long until caravan is lined up before 2nd toll
p p g2nd toll both: 100km/(100km/hr)= 1 hrA: 62 mi t s
Introduction 1-48
pbooth? A: 62 minutes
Caravan Analogy (more)
t
100 km 100 km
Yes! After 7 min 1st car
toll booth
toll booth
ten-car caravan
Cars now “propagate” at 1000 km/hrToll booth now takes 1
Yes! After 7 min, 1st car at 2nd booth and 3 cars still at 1st booth.1 bi f k Toll booth now takes 1
min to service a carQ: Will cars arrive to
1st bit of packet can arrive at 2nd router before packet is fully Q
2nd booth before all cars serviced at 1st booth?
p ytransmitted at 1st router!
See Ethernet applet at AWL Web site
Introduction 1-49
booth? Web site
Nodal DelayNodal Delay
proptransqueueprocnodal ddddd +++=
dproc = processing delay
proptransqueueprocnodal
proc p g yTypically a few microsecs or less
dqueue = queuing delayD d ti l l i th tDepends on congestion level in the router
dtrans = transmission delay= L/R, significant for low-speed links, g p
dprop = propagation delayA few microsecs to hundreds of msecs
Introduction 1-50
Queueing Delay (revisited)Queueing Delay (revisited)
R=link bandwidth (bps)R link bandwidth (bps)L=packet length (bits)a=average packet parrival rate
traffic intensity = La/Ry
La/R ~ 0: average queueing delay smallLa/R -> 1: delays become largeLa/R > 1: more “work” arriving than can be serviced average delay infinite!
Introduction 1-51
serviced, average delay infinite!
“Real” Internet Delays and RoutesD y
What do “real” Internet delay & loss look like? yTraceroute program: provides delay measurement from source to router along end-end I t t th t ds d sti ti F ll iInternet path towards destination. For all i:
Sends three packets that will reach router i on path towards destinationRouter i will return packets to senderSender times interval between transmission and reply
3 probes
3 probes
3 probes
Introduction 1-52
pr
Packet LossPacket Loss
Queue (aka buffer) preceding link in buffer Q ( ) p ghas finite capacityPacket arriving to full queue dropped (aka lost)g q pp ( )Lost packet may be retransmitted by previous node, by source end system, or not at all
Apacket being transmitted
buffer (waiting area)
Bpacket arriving to
Introduction 1-53
packet arriving tofull buffer is lost
ThroughputThroughputThroughput: rate (bits/time unit) at which bits transferred between sender/receiver
Instantaneous: rate at given point in timeA l ( ) i d f iAverage: rate over long(er) period of time
server, withfile of F bits
to send to client
link capacityRs bits/sec
link capacityRc bits/sec
pipe that can carryfluid at rateR bits/sec)
pipe that can carryfluid at rateR bits/sec)
server sends bits (fluid) into pipe
Introduction 1-54
to send to client Rs bits/sec) Rc bits/sec)
Throughput (more)Throughput (more)Rs < Rc What is average end-end throughput?
Rs bits/sec Rc bits/sec
Rs > Rc What is average end-end throughput?
Rs bits/sec Rc bits/sec
link on end end path that constrains end end throughputbottleneck link
Introduction 1-55
link on end-end path that constrains end-end throughput
Throughput: Internet ScenarioThroughput Internet Scenario
Rs
Rs
RsPer-connection end-end
R
end end throughput: min(Rc,Rs,R/10)
Rc
Rc
Rc
c s
In practice: Rc or Rs is often
10 connections (fairly) share
cbottleneck
Introduction 1-56
10 connections (fairly) share backbone bottleneck link R bits/sec
Chapter 1: roadmapChapter roadmap
1.1 What is the Internet?1.2 Network edge
End systems, access networks, links1.3 Network core
Circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-57
Protocol “Layers”Protocol LayersNetworks are complex!
M “ i ”Many “pieces”:HostsRouters
Question:Is th h f Routers
Links of various media
Is there any hope of organizing structure of
network?ApplicationsProtocols Or at least our discussion
f t k ?Hardware and software
of networks?
Introduction 1-58
Why Layering?Why Layer ng?Dealing with complex systems:
E l ll d f Explicit structure allows identification, relationship of complex system’s pieces
Layered reference model for discussionLayered reference model for discussionModularization eases maintenance, updating of system
Change of implementation of layer’s service transparent to rest of systemE g change in gate procedure doesn’t affect E.g., change in gate procedure doesn t affect rest of system
Layering considered harmful?
Introduction 1-59
y g
Internet Protocol StackInternet Protocol StackApplication: supporting network
li ti sapplicationsFTP, SMTP, HTTP
Transport: process-process data
application
transportp p ptransfer
TCP, UDPNetwork: routing of datagrams
transport
networkNetwork: routing of datagrams from source to destination
IP, routing protocolslink
Link: data transfer between neighboring network elements
PPP Ethernet
physical
Introduction 1-60
PPP, EthernetPhysical: bits “on the wire”
Chapter 1: roadmapChapter roadmap
1.1 What is the Internet?1.2 Network edge
End systems, access networks, links1.3 Network core
Circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-61
Network SecurityNetwork Secur tyAttacks on Internet infrastructure:
I f ti / tt ki h t l Infecting/attacking hosts: malware, spyware, worms, unauthorized access (data stealing, user accounts)Denial of service: deny access to resources (servers, link bandwidth)
ll d d h ( h) Internet not originally designed with (much) security in mind
Original vision: “a group of mutually trusting users Original vision: a group of mutually trusting users attached to a transparent network” ☺Internet protocol designers playing “catch-up”
Introduction 1-62
Security considerations in all layers!
What Can Bad Guys Do: Malware?W y D
Spyware: Worm:Infection by downloading web page with spywareRecords keystrokes, web
Infection by passively receiving object that gets itself executedy
sites visited, upload info to collection site
Virus
Self-replicating: propagates to other hosts, usersSapphire Worm: aggregate scans/secV rus
Infection by receiving object (e.g., e-mail attachment), actively
Sapphire Worm: aggregate scans/secin first 5 minutes of outbreak (CAIDA, UWisc data)
attachment), actively executingSelf-replicating: propagate itself to other
Introduction 1-63
propagate tself to other hosts, users
Denial of Service AttacksDen al of Serv ce AttacksAttackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming g ff y gresource with bogus traffic
1 S l t t t1. Select target2. Break into hosts
around the network around the network (see malware)
3. Send packets toward target
target from compromised hosts
Introduction 1-64
Sniff, Modify, Delete Your Packetsff, fy, DPacket sniffing:
B d d ( h d E h l )Broadcast media (shared Ethernet, wireless)Promiscuous network interface reads/records all packets (e g including passwords!) passing bypackets (e.g., including passwords!) passing by
A C
src:B dest:A payloadB
Ethereal software used for end-of-chapter labs i (f ) k t iff
Introduction 1-65
is a (free) packet-snifferMore on modification, deletion later
Masquerade as youMasquerade as youIP spoofing: send packet with false source address
A C
Bsrc:B dest:A payload
B
Introduction 1-66
Masquerade as youMasquerade as youIP spoofing: send packet with false source addressRecord-and-playback: sniff sensitive info (e.g., password), and use later
Password holder is that user from system point of Password holder is that user from system point of view
CA
C
B d t A B d f
B
src:B dest:A user: B; password: foo
Introduction 1-67
Masquerade as youMasquerade as youIP spoofing: send packet with false source addressRecord-and-playback: sniff sensitive info (e.g., password), and use later
Password holder is that user from system point of Password holder is that user from system point of view
later ….. CA
C
B d t A B d f
B
src:B dest:A user: B; password: foo
Introduction 1-68
Chapter 1: roadmapChapter roadmap
1.1 What is the Internet?1.2 Network edge
end systems, access networks, links1.3 Network core
circuit switching, packet switching, network structure1 4 Delay loss and throughput in packet-switched 1.4 Delay, loss and throughput in packet switched
networks1.5 Protocol layers, service models1.6 Networks under attack: security1.7 History
Introduction 1-69
Internet History
1961: Kleinrock
1961-1972: Early packet-switching principles
The first link in the1961: Kleinrock -queueing theory shows effectiveness of packet-switching
The first link in theInternet backbone
UCLA
SRI
crashpacket switching1964: Baran - packet-switching in military nets
UCLA
The first message: LO!nets1967: ARPAnet conceived by Advanced Research Projects
What was the first message ever sent on the Internet? (LOGIN)Research Projects
Agency1969: first ARPAnet node operational
sent on the Internet? (LOGIN)
We sent an “L” - did you get the “L”? YEP!We sent an “O” - did you get the “O”? YEP!W “G” d d h “G”
Introduction 1-70
node operational We sent a “G” - did you get the “G”?
Internet History
1972
1961-1972: Early packet-switching principles
The Internet is Born! 1972:ARPAnet public demonstration
The Internet is Born!at UCLA on October 29, 1969 demonstration
NCP (Network Control Protocol) first host-host
t l
What it looked like at the end of 1969
protocol First e-mail programARPAnet has 15 nodesARPAnet has 15 nodes
Introduction 1-71
Internet History
1970: ALOHAnet satellite Cerf and Kahn’s
1972-1980: Internetworking, new and proprietary nets97 LOH n t sat t
network in Hawaii1974: Cerf and Kahn -architecture for i t ti t k
Cerf and Kahn s internetworking principles:
minimalism, autonomy -no internal changes interconnecting networks
1976: Ethernet at Xerox PARCt 70’s: i t
no internal changes required to interconnect networksbest effort service
ate70’s: proprietary architectures: DECnet, SNA, XNAlate 70’s: switching fixed
modelstateless routersdecentralized controllate 70 s: switching fixed
length packets (ATM precursor)1979: ARPAnet has 200 nodes
define today’s Internet architecture
Introduction 1-72
Internet History
1983: d l t f N ti l
1980-1990: new protocols, a proliferation of networks
1983: deployment of TCP/IP1982: SMTP e-mail
New national networks: Csnet, BITnet, NSFnet, 98 SM ma
protocol defined 1983: DNS defined f t IP
Minitel100,000 hosts connected to for name-to-IP-
address translation1985: FTP protocol
connected to confederation of networks1985 FTP protocol
defined1988: TCP congestion
t l
Introduction 1-73
control
Internet History
Early 1990’s: ARPAnet L t 1990’ 2000’
1990, 2000’s: commercialization, the Web, new apps
Early 1990 s: ARPAnet decommissioned1991: NSF lifts restrictions on commercial use of NSFnet
Late 1990’s – 2000’s:More killer apps: instant messaging, P2P file sharing
commercial use of NSFnet (decommissioned, 1995)Early 1990s: Web
H t t [B h 1945
Network security to forefrontEst. 50 million host, 100
Hypertext [Bush 1945, Nelson 1960’s]HTML, HTTP: Berners-Lee
million+ usersBackbone links running at Gbps
1994: Mosaic, later NetscapeLate 1990’s: commercialization of the Web
p
Introduction 1-74
Internet History
2007:~500 million hostsVoice, Video over IPP2P li ti BitT t P2P applications: BitTorrent (file sharing), Skype (VoIP), PPLive (video)( )More applications: YouTube, gamingWi l bilitWireless, mobility
Introduction 1-75
Introduction: SummaryIntroduct on SummaryCovered a “ton” of material!
Internet overviewYou now have:
Internet overviewWhat’s a protocol?Network edge, core,
Context, overview, “feel” of networkingMore depth detail to g , ,
access networkPacket-switching versus circuit-switching
More depth, detail to follow!
circuit switchingInternet structure
Performance: loss, delay, th h tthroughputLayering, service modelsSecurity
Introduction 1-76
SecurityHistory