Changes between Version 5 and Version 6 of FirstGenBrooks


Ignore:
Timestamp:
02/08/12 17:58:45 (12 years ago)
Author:
kccamer@clemson.edu
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • FirstGenBrooks

    v5 v6  
    1616== Team Members ==
    1717
    18  * Prof. Richard R Brooks <rrb@acm.org>, principal investigator            [[Image(Brooks.jpg)]]
     18 * Prof. Richard R Brooks <rrb@acm.org>, principal investigator           
     19                    [[Image(Brooks.jpg)]]
    1920 * Prof. Kuang-Ching Wang <kwang@clemson.edu>, co-principal investigator
    2021 * Ilker Ozcelik <iozceli@g.clemson.edu>, PhD candidate
     
    3233Our WiMAX research involves analyzing the cross-layer affects of the system parameters used for the Bandwidth Contention Process. We are specifically looking at how these parameters affect a subscriber station's (SS) throughput, packet loss rates, and vulnerability to Distributed Denial of Service (DDoS) attacks. Software simulations using the NS-2 simulator manipulated three system parameters for a set of SS that included client and attacker SS's. The parameters, request retires, backoff start, and frame duration, were set to a low, medium, and high value within their respective range. All attacker SS's parameters were set to the same value and all client SS's parameters were set to same value, but the attacker and clients stations could differ. Seven replications of each combination of parameter settings were conducted and ANOVA analysis indicates that frame duration and request retries plays a significant role in SS's throughput. For software simulation results please see: [link]
    3334
    34 We are now using ORBIT, hosted by Rutgers University's WINLAB and part of the GENI network, to conduct hardware experiments using real WiMAX equipment. We are replicating the above software experiments to verify software simulation results, analyze the validity of the NS-2 WiMAX simulator, and gain further information about the cross layer affects of the system parameters used in the Bandwidth Contention Process. Currently our hardware experiments are configured with eight SS nodes, a sink node, and 1 base station (BS). In the future we hope to extend the number of SS used in our experiments. We are using the resource of sandbox 4 and the outdoor sandbox. The indoor sandbox creates a controlled environment for wireless experiments and outdoor consists of an outdoor BS and nodes that vary in geographical location. Are hardware experiments manipulate two system parameters, backoff start and backoff end. Frame duration is not considered, because all WiMAX equipment currently manufactured supports only 5ms frame duration. Data will be collected for two replications of each combination of parameter settings. When the data collection is complete, analysis will be carried out to determine the affect of system parameters on real Wihttp://groups.geni.net/geni/wikiMAX hardware.
     35We are now using ORBIT, hosted by Rutgers University's WINLAB and part of the GENI network, to conduct hardware experiments using real WiMAX equipment. We are replicating the above software experiments to verify software simulation results, analyze the validity of the NS-2 WiMAX simulator, and gain further information about the cross layer affects of the system parameters used in the Bandwidth Contention Process. Currently our hardware experiments are configured with eight SS nodes, a sink node, and 1 base station (BS). In the future we hope to extend the number of SS used in our experiments. We are using the resource of sandbox 4 and the outdoor sandbox. The indoor sandbox creates a controlled environment for wireless experiments and outdoor consists of an outdoor BS and nodes that vary in geographical location. Are hardware experiments manipulate two system parameters, backoff start and backoff end. Frame duration is not considered, because all WiMAX equipment currently manufactured supports only 5ms frame duration. Data will be collected for two replications of each combination of parameter settings. When the data collection is complete, analysis will be carried out to determine the affect of system parameters on real WiMAX hardware.
     36
     37== Performance Analysis of DDoS Detection Methods on Real Network ==
     38
     39DDoS attacks attempt to make a computer resource unavailable to its legitimate users. DDoS occurs when a set of nodes flood the network to consume the resources of the target. These nodes are compromised by an attacker and become zombie agents in a bot net. Most of the time the owners don’t know that they are part of a bot net. The  compromised systems send dummy traffic/requests to the target system after receiving a remote command. The distributed structure of the attack makes it difficult to distinguish attack traffic from the legitimate traffic. Thus it is not possible to identify the attack and react quickly, as a sudden increase of interest to a certain website may also give a similar effect; known as Slashdot effect.
     40 
     41                [[Image(Figure1.png)]]
     42                Figure 1 - DDoS Attack
     43
     44In addition to the complexity of the problem, the complexity of the Internet makes analysis even more challenging. We mostly verify theoretical studies using computer simulations and not by using the real Internet and its data. Unfortunately network traffic, one of the most important parameters which is used for DDoS detection routines, cannot be accurately generated because of its unpredictable characteristic.
     45
     46In this study, we propose and design an experiment setup to collect Internet traffic time-series and evaluate real performance of DDoS detection methods using real network and real Internet traffic without jeopardizing the original network. In our study, we use the same setup to collect time-series and test existing DDoS detection methods. The experiment setup is Figure 2.
     47
     48                [[Image(Figure2.png)]]
     49                Figure 2 - Experiment Setup
     50
     51Our experiment has two main goals. These are: collecting time-series from Internet traffic to use in the future experiments and verifying the performance of DDoS detection methods which are optimized by using computer simulations.
     52
     53''Data Collection''[[BR]]
     54In order to collect time-series from internet traffic, we use switch statistic request messages at the controller. Number of packets time-series collected from Clemson University campus network can be seen in Figure 3.
     55 
     56               [[Image(Figure3.png)]]
     57               Figure 3 - Clemson Uni Traffic
     58
    3559
    3660== Publications ==