transport layer over wireless networks + voice over ip...
TRANSCRIPT
Module F
Transport Layer over Wireless Networks + Voice over IP (VoIP)
JP Hubaux With help from P. Papadimitratos and M. Poturalski
Mobile Networks
http://mobnet.epfl.ch
Some slides addapted from Jochen H. Schiller, Nitin Vaidya, and James Kurose & Keith Ross
Reminder: Transmission Control Protocol (TCP)
g Reliable, in-order data delivery
g Flow control
g Congestion avoidance and control
g End-to-end semantics
Host A Host B
SYN, Seq_no = x
SYN, Seq_no = y, ACK, Ack_no = x+1
Seq_no = x+1, ACK, Ack_no = y+1
3
TCP basic operation
Send buffer
Segments
Receive buffer
Application writes bytes in send buffer
ACKs Sender Receiver
Application reads bytes from receive buffer
Application layer
Transport layer
Write 45 bytes Write 15 bytes Write 20 bytes
Read 40 bytes Read 40 bytes
Internet 4
TCP flow control
g Flow control is a speed-matching service i Sender adjusts the transmission rate to the receiver
g Receiver advertises the remaining buffer space (rwnd)to the sender
g The sender keeps unacknowledged data below rwnd LastByteSent – LastByteAcked ≤ rwnd
5
Congestion
Light traffic i Arrival Rate << R i Low delay i Can accommodate more
Congestion onset i Arrival rate approaches R i Delay increases rapidly i Throughput begins to saturate
Saturation i Arrival rate > R i Large delays, packet loss i Useful application throughput
drops
Thro
ughp
ut (b
ps)
Del
ay (s
ec)
R
R
Arrival Rate
Arrival Rate
6
TCP congestion control g Keeps TCP off the congestion collapse cliff
g Congestion window mechanism LastByteSent – LastByteAcked ≤ min{cwnd, rwnd}
g Slow Start phase i Increase congestion window size (cwnd) by one segment for each
received ACK i Congestion window increases exponentially
ACK
Segment
Time (expressed in RTTs)
cwnd
7
TCP congestion control
g Congestion Avoidance phase i Congestion threshold ssthresh i When cwnd > ssthresh,
increase cwnd slowly i cwnd++ per round-trip-time (RTT)
• Each time an ACK arrives, cwnd is increased by 1/cwnd
• In one RTT, cwnd segments are sent, so total increase in cwnd is cwnd x 1/cwnd = 1 • cwnd grows linearly
cwnd
ssthresh
8
Time (expressed in RTTs)
TCP congestion control g Congestion detection:
i Timeout or i Receipt of duplicate ACKs
(Fast Retransmit) g Assumption: current cwnd
corresponds to available bandwidth
g TCP Tahoe i ssthresh = ½ cwnd i cwnd = 1 i Go back to Slow Start
g Over several cycles expect to converge to ssthresh equal to about ½ the available bandwidth
Con
gest
ion
win
dow
0
Slow Start
Congestion Avoidance
Time-out
ssthresh
9 Time (expressed in RTTs)
TCP congestion control
g Fast Retransmit mechanism i If a segment is dropped,
subsequent segments trigger duplicate ACKs
i Sender retransmits segment instantly (without waiting for a timeout) when duplicate ACKs are received (typically 3)
g Improves performance i Faster reaction to packet loss
g Implemented in TCP-Reno (more recent than TCP-Tahoe)
SEQ=1 ACK=1
ACK=1 ACK=1 ACK=1
SEQ=2 SEQ=3 SEQ=4 SEQ=5
10
Wireless and Mobile Networks
Mobile Host (1) Access Point
Internet
Base Station
Mobile Host (2)
Wireline Communication
Wireless Communication
11
Wireless and Mobile Networks
Mobile Host (1) Access Point
Internet
g Wireless transmission errors i High Bit Error Rates i Packet (frame) loss
12
Wireless and Mobile Networks
Internet
Base Station (A) Mobile Host (2)
Base Station (B) Mobile Host (2)
g Mobility i Disconnection i Hand-offs i Delays 13
Challenge
g TCP i Assumptions for the Wire-line Internet
• Packet loss only due to congestion • Packet loss is rare
g Wireless and mobile networks i TCP assumptions are not valid
g Problem: TCP under-performs i TCP cannot distinguish between packet losses due to
congestion and transmission or disconnection errors i Reducing the congestion window when an error or a
disconnection occurs is not necessary i Throughput suffers
14
Questions
g What can we do about… i transmission errors? i errors due to mobility?
g Which part of the system functionality should we modify… i The sender? i The receiver? i An intermediate node? i Some or all of the above?
15
Directions
g Transmissions errors i Hide error losses from the sender
• If the sender is unaware of the packet losses due to errors, it does not reduce the congestion window
i Inform sender of packet loss cause • If the loss is due to an error, the congestion window is
not reduced
g Errors due to mobility i Hide mobility from the TCP sender i Make TCP adaptive to mobility
16
Solution classification
g Split-connection approaches i Split a TCP connection into two: the wire-line part and wire-
less part at a Base Station or Access Point (Foreign Agent)
g Link layer approaches i Improve link layer reliability
g End-to-end approaches i Modify TCP congestion control mechanism
g Hybrid approaches
17
Indirect TCP (I-TCP)
g Split the TCP connection at the AP into two parts i AP buffers and retransmits received segments i AP sends ACKs for the received segments
g Standard TCP on the wire-line link g On the wireless link:
i TCP optimized for wireless i Even standard TCP benefits from shorter RTT
• Shorter timeout • Faster retransmissions
Mobile Host Access Point (AP) Internet
“Wireless” TCP Standard TCP
19
I-TCP example
Mobile Host Correspondent Host Access Point
ack 1
segment 2
ack 2
segment 3
ack 3
segment 1
segment 1
ack 1
segment 2
segment 3
segment 2
segment 2 timeout
(short timeout thanks to short RTT)
ack 2
ack 3
20
I-TCP and mobility
g Moving to a new access point requires transfer of socket state i Including segments buffered at the FA
Mobile Host Access point (1)
Internet
Access Point (2)
Socket migration and state transfer
21
I-TCP summary
g I-TCP Advantages i No changes in the fixed network or hosts (TCP protocol), all current
TCP optimizations still work • Potentially no changes in mobile hosts
i Wireless transmission errors do not “propagate” to the wire-line network
g I-TCP Disadvantages i Loss of end-to-end semantics
• An ACK does not imply that the receiver got the segment • For mobility support, all FAs need to be I-TCP compatible, and the
state needs to be transferred to maintain end-to-end semantics i Higher end-to-end delays due to buffering and forwarding to a new
agent i Problem with security mechanisms, e.g. IPsec
• FA needs to spoof ACKs
22
Mobile TCP (M-TCP)
g Handling of long and frequent disconnections g Splits connection at FA as I-TCP does g Foreign agent
i No caching, no retransmission i Monitors all packets i If it detects a disconnection (no ACKs from MN for a while)
• Reports rwnd = 0 to sender • Sender automatically goes into “persist” mode: Does not
timeout or in any other way change the congestion window
Mobile Host Access Point (Foreign Agent) Internet
“Wireless” TCP Standard TCP
23
M-TCP summary
g M-TCP advantages i End-to-end semantics preserved i Moving to another FA does not require forwarding buffered
packets to new FA (since FA does no buffering)
g M-TCP disadvantages i Wireless link loss propagates to the wire-line network i Packets lost due to link errors need to be retransmitted by the
sender i Problems with security mechanisms (just like I-TCP)
g M-TCP handles mobility errors, not transmission errors
24
Snooping TCP
g “TCP-Aware Link Layer” g Splits connection like I-TCP and M-TCP
i FA buffers and retransmits segments (if necessary) i FA does not ACK buffered packets as I-TCP does
(preserves end-to-end semantics)
Internet
Buffering of data
End-to-end TCP connection
Local Retransmission Correspondent Host Foreign
Agent
Mobile Host
Snooping of ACKs
25
Snooping TCP: data transfer
g Data transfer to the Mobile Host i FA buffers a segment until it receives an ACK from the MH i FA detects segment loss via duplicate ACKs or a timeout
• FA timeout is shorter than the round-trip timeout (RTO) at the sender
i FA locally retransmits lost segments i FA drops duplicated ACKs from MH
• Prevents unnecessary retransmissions and congestion window reductions at the sender
• Does not violate end-to-end semantics: Even if the FA crashes before MH receives the segment, the sender will eventually detect the loss via a timeout and retransmit
26
Snooping TCP: data transfer
g Data transfer from the Mobile Host i FA detects segment loss on the
wireless link via missing sequence numbers
i FA triggers retransmission of lost segment at MH • E.g., with a NACK mechanism
i MH retransmits data with a much shorter delay
Mobile Host Foreign Agent
SEQ=1000
SEQ=1100
SEQ=1200
NACK=1100
SEQ=1100
27
Snooping TCP and mobility
g When the MH moves to a new FA, should the buffered segments be transferred from the old FA?
i Not necessary • Even if some of the buffered segments are lost in the
transition, the sender will eventually timeout and retransmit them
• This preserves end-to-end semantics
i Yet, this buffer transfer would improve performance because the timeout puts the sender into slow start phase
28
Snooping TCP summary
g Snooping TCP advantages i End-to-end semantics preserved i Transfer of buffered segments not necessary during handoff
• MH can move to FA without Snoop TCP support
g Snooping TCP disadvantages i Does not isolate wireless link failures as well as I-TCP does
• If FA takes too long to retransmit a segment, CH will timeout i Requires modifications at Mobile Host
• NACK or similar mechanism to force retransmission i Snooping cannot be done if TCP headers are encrypted (like in
IPsec EPS; application layer security, e.g. TLS, is compatible) i Dropping duplicate ACKs can break integrity
29
Performance enhancing proxies (PEP)
g Transport layer proxies i Local retransmissions and acknowledgements i Any of the approaches reviewed above qualifies
g Application layer proxies i HTTP, FTP, … i Content caching, filtering, compression, picture downscaling
g Big problem: breaks security end-to-end semantics i Disables use of IP security i Choose between PEP and security!
Mobile Host PEP Corr. Host wireless
Internet
Forward Error Correction (FEC)
g FEC: Introduce redundancy in the packet, allowing a receiver to correct a limited number of errors
g Increasingly popular in wireless standards i Repetition and Hamming codes in Bluetooth i Convolutional codes in IEEE 802.11a i Reed-Solomon + convolutional codes in WiMax i Turbo codes in HSDPA i LDPC in IEEE 802.11n and 802.11ac
g Helps to avoid retransmissions i Shorter and less variable transmission time
g Increases computational and bandwidth overhead i Less of a concern nowadays thanks to Moore’s law
32
Efficient link layer handoff: IEEE 802.11r
g Handoff without IEEE 802.11r 1. MH discovers new AP 2. MH authenticates with new AP 3. MH (re)associates with new AP 4. MH and new AP generate and confirm
shared temporal keys (based on PSK or IEEE 802.1X)
5. MH requests QoS resources 6. Data communication with new AP can
start
communication with old AP still possible
communication with old AP no longer possible
g IEEE 802.11r allows key generation and QoS resource allocation (steps 4 and 5) to take place prior or during (re)association (step 3)
33
Fast Retransmit and Fast Recovery
g Assumptions i Congestion causes many segments to
be dropped i If a single segment is dropped, but the
triggered duplicate ACKs are delivered, the network is probably not congested
g Hence i No need for drastic reduction of
congestion window (as in TCP Tahoe) i Fast Recovery phase
SEQ=1 ACK=1
ACK=1 ACK=1 ACK=1
SEQ=2 SEQ=3 SEQ=4 SEQ=5
35
TCP Tahoe vs TCP Reno
g 3 duplicate ACKs arrive i Fast Retransmit: instantly
retransmit 1st lost segment i ssthresh = ½ cwnd i cwnd = 1 i Enter Slow Start
g 3 duplicate ACKs arrive i Fast Retransmit: instantly
retransmit 1st lost segment i ssthresh = ½ cwnd i cwnd = ssthresh + 3 i Enter Fast Recovery
g Fast Recovery i Increase cwnd by 1 segment
for every duplicate ACK received
i When new ACK received • cwnd = ssthresh • Enter Congestion Avoidance
i If a timeout occurs • Reset cwnd to 1 • Enter Slow Start
36
Every duplicate ACK received indicates a delivered segment àA new segment can be transmitted
TCP Reno vs TCP new-Reno
g Fast Recovery i Increase cwnd by 1
segment for every duplicate ACK received
i When new ACK received • cwnd = ssthresh • Enter Congestion
Avoidance i If a timeout occurs
• Reset cwnd to 1 • Enter Slow Start
g Fast Recovery (FR) i Note last segment transmitted
before entering FR as n i Increase cwnd by 1 segment
for every duplicate ACK received
i When new partial ACK received (for k < n) • Retransmit 1st unacked
segment • Remain in Fast Recovery
i When ACK for n received • cwnd = ssthresh • Enter Congestion Avoidance
i If a timeout occurs • Reset cwnd to 1 • Enter Slow Start
37
Performance comparison of TCP variants
g With single packet lost in congestion window, TCP Reno and TCP new-Reno avoid Slow Start, and outperform TCP Tahoe i cwnd oscillates around the optimal
g With multiple packet lost per congestion window (not shown in the figure), TCP Reno underperforms severely; new-Reno introduced to resolve this i Bursty packet loss common in mobile networks
cwnd
10
5
15
20
0
Slow start
Congestion avoidance
Time-out
Triple duplicate ACK
38
Behavior of Reno and new-Reno
Time (expressed in RTTs)
Selective acknowledgment (SACK)
g TCP acknowledgements are cumulative i ACK n acknowledges correct and in-sequence receipt of
packets up to n i The sender only learns about the first lost segment
• What if more segments are lost? g Selective retransmission as one solution
i RFC2018 allows for acknowledgments of single packets, not only acknowledgments of in-sequence packet streams without gaps
i Sender can retransmit missing packets more efficiently g Advantage
i Higher efficiency g Disadvantage
i More complex software in the receiver, more buffer needed at the receiver (CPU-, memory- and power-constraint MH)
39
Long disconnections
g TCP doubles RTO (Retransmit Time Out) each time a timeout occurs i Can cause unnecessary idle time after longer disconnection
Mobile Host
Correspondent Host
MH disconnected
timeout
MH connected
connection idle
segment n+1
segment n+1
segment n+1
segment n+1
segment n+1
40
Long disconnections
g TCP doubles RTO each time a timeout occurs i Can cause unnecessary idle time after longer disconnection
g A Mobile Host aware of connection state can “wake up” the CH i Trigger fast retransmit with duplicate ACKs
g Simple solution i No changes at CH necessary i But TCP at MH needs to be aware of connectivity
Mobile Host
Correspondent Host
MH disconnected
timeout
MH connected
segment n+1
segment n+1
segment n+1
segment n+1
ack
n
segment n+1
Fast Retransmission triggered
41
Explicit notification approaches
g Explicit congestion notification i Instead of TCP indirectly inferring congestion, let routers
and/or other hosts inform the sender/receiver directly i Requires changes to TCP and the routing infrastructure
g Explicit bad state notification i Base Station/Access Point (FA) keeps track of wireless link
conditions i Bad link conditions are signal to the Correspondent Host i Correspondent Host reacts accordingly
• Reduces/freezes transmission rate • Resumes transmission at previous rate when good state
notification arrives i Requires using a FA and making changes to TCP at all
hosts 42
Conclusions
g Many proposed techniques g Different characteristics and requirements
g TCP used in more heterogeneous networks nowadays i Mobile networks i Over satellite links
g Can a single TCP protocol perform in these settings? g Or should we develop specialized TCP versions (and split TCP
connections when possible)?
43
References g H. Elaarg, Improving TCP Performance over Mobile Networks, ACM Computing
Surveys, Vol. 34, No. 3, September 2002 g Y. Tian, K. Xu, and N. Ansari. TCP in Wireless Environments: Problems and Solutions.
IEEE Radio Communications, March 2005 g J. Huang et al. Anatomizing Application Performance Differences on Smartphones.
ACM MobiSys 2010 g A. Bakre, B.R. Badrinath. I-TCP: Indirect TCP for Mobile Hosts. ICDCS 1995 g K. Fall, S. Floyd. Simulation-based comparisons of Tahoe, Reno and SACK TCP. ACM
Sigcomm 1996 g K. Brown, S. Singh. M-TCP: TCP for mobile cellular networks. ACM Sigcomm 1997 g H. Balakrishnan, S. Seshan , R. H. Katz. Improving reliable transport and handoff
performance in cellular wireless networks. Wireless Networks. Volume 1, Issue 4, 1995 (this is the reference addressing Snooping TCP)
g J. Border , M. Kojo , J. Griner , G. Montenegro , Z. Shelby. Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations. RFC 3135, June 2001
g W. Wei, C. Zhang, H. Zang, J. Kurose, and D. Towsley. Inference and Evaluation of Split-Connection Approaches in Cellular Data Networks. PAM 2006
g M. Mathis, J. Mahdavi, S. Floyd, A. Romanov. TCP selective acknowledgment options. RFC 2018, October 1996
g K. Ramakrishnan, S. Floyd, D. Black. The Addition of Explicit Congestion Notification (ECN) to IP. RFC 3168, September 2001
g B.S. Bakshi, P. Krishna, N.H. Vaidya, D.K. Pradhan. Improving Performance of TCP over Wireless Networks. ICDCS 1997
44
Real-Time Traffic in Wireless Networks
g TCP i Reliable in-order delivery (no loss) i Delay-tolerant i Throughput optimization
g Real-time traffic i Delay-sensitive i Loss-tolerant i Constant throughput requirements
g We focus on VoIP i Represents the most demanding interactive real-time traffic
45
VoIP
g Call establishment protocols i SIP, H.323, …
g Transport protocols i RTP, RTCP, …
g Audio (voice) codecs i ITU G.711, ITU G.722, ITU G.729, GSM, …
46
SIP: Session Initiation Protocol
g SIP long-term vision: i All telephone calls, video conference calls take place over
Internet i People are identified by names or e-mail addresses, rather
than by phone numbers i You can reach callee, no matter where callee roams, no
matter what IP device callee is currently using
g Note: technically SIP is an application layer protocol i However, provided functionality not too different from Mobile
IP or HIP
47
SIP Services
g Setting up a call i Establishing a connection between caller and callee i Negotiation of media type, encoding i Call termination
g Callee localization i Map mnemonic identifier to current IP address
g Call management i Add new media streams during call i Change encoding during call i Invite others i Transfer, hold calls
48
Setting up a call to known IP address
g Alice’s SIP invite message indicates her i Port number i IP address i Preferred encoding to
receive (PCM µLaw)
g Bob’s 200 OK message indicates his i Port number i IP address i Preferred encoding
(GSM)
g SIP messages can be sent over TCP or UDP i Here sent over RTP/
UDP
49 time time
Bob'sterminal rings
Alice
167.180.112.24
Bob
193.64.210.89
port 5060
port 38060µ Law audio
GSMport 48753
INVITE [email protected]=IN IP4 167.180.112.24m=audio 38060 RTP/AVP 0port 5060
200 OKc=IN IP4 193.64.210.89
m=audio 48753 RTP/AVP 3
ACKport 5060
Setting up a call (more)
g Codec negotiation i Bob can reject proposed codec with 606 Not Acceptable Reply and include a list of supported codecs
i Alice can then send new INVITE message, advertising different encoder
g Rejecting a call i Bob can reject with replies “busy,” “gone,” “payment
required,” “forbidden”
g Media can be sent over RTP or some other protocol
50
Name translation and user location
g Caller knows only callee’s name or e-mail address g Need to get IP address of callee’s current host
i User moves around, changing IP address i User has different IP devices (PC, PDA, car device)
g Result can be based on i Time of day (work, home) i Caller (don’t want boss to call you at home) i Status of callee (calls sent to voicemail when callee is
already talking to someone)
g Service provided by SIP servers i SIP registrar server i SIP proxy server
51
SIP Registrar
52
g When Bob starts SIP client, client sends SIP REGISTER message to Bob’s registrar server
REGISTER sip:domain.com SIP/2.0 Via: SIP/2.0/UDP 193.64.210.89 From: sip:[email protected] To: sip:[email protected] Expires: 3600
Register Message:
SIP Proxy
g Alice sends invite message to her proxy server i Contains address sip:[email protected]
g Proxy responsible for routing SIP messages to callee i Possibly through multiple proxies
g Callee sends response back through the same set of proxies.
g Proxy returns SIP response message to Alice i Contains Bob’s IP address
g Proxy analogous to local DNS server
53
Example Caller [email protected] places a call to [email protected] (1) Jim sends INVITE message to umass SIP proxy (2) Proxy forwards request to upenn registrar server (3) upenn server returns redirect response, indicating that it should try [email protected] (4) umass proxy sends INVITE to epfl registrar (5) Epfl registrar forwards INVITE to 197.87.54.21 (keith’s SIP client) (6-8) SIP response sent back (9) media sent directly between clients. Note: there is also a SIP ack message, which is not shown
SIP client217.123.56.89
SIP client197.87.54.21
SIP proxyumass.edu
SIP registrarupenn.edu
SIPregistrareurecom.fr
1
2
3 4
5
6
7
8
9
54
epfl.ch
Comparison with H.323
g H.323 is a signaling protocol for real-time interactive traffic i Alternative to SIP
g H.323 is a complete, vertically integrated suite of protocols for multimedia conferencing: signaling, registration, admission control, transport, codecs
g SIP is a single component. Works with RTP, but does not mandate it. Can be combined with other protocols, services
g H.323 comes from the ITU (telephony). g SIP comes from IETF: Borrows much of its concepts from HTTP
i SIP has Web flavor, whereas H.323 has telephony flavor. g SIP uses the KISS principle: Keep it simple and stupid !
55
Real-Time Protocol (RTP)
g RTP specifies packet structure for packets carrying audio, video data
g RTP runs in end hosts g RTP packets encapsulated in UDP
segments i RTP encapsulation is only seen at end
systems (not by intermediate routers) g RTP does not provide any mechanism to
ensure timely data delivery or other QoS guarantees i Routers provide best-effort service,
making no special effort to ensure that RTP packets arrive at destination in timely matter
56
RTP Example
g Consider sending 64 kbps PCM-encoded voice over RTP g Application collects encoded data in chunks, e.g., every 20
msec = 160 bytes in a chunk. g Audio chunk + RTP header form RTP packet, which is
encapsulated in UDP segment g RTP header indicates type of audio encoding in each packet
i Sender can change encoding during conference g RTP header also contains sequence numbers, timestamps
57
Real-Time Control Protocol (RTCP)
g Works in conjunction with RTP g Each participant in RTP session periodically transmits
RTCP control packets to all other participants g Each RTCP packet contains sender and/or receiver
reports about useful statistics i # packets sent i # packets lost i Inter-arrival jitter i …
g Feedback can be used to control performance i Sender may modify its transmissions based on feedback
58
VoIP and the link layer
g Micro-mobility support for VoIP i Efficient layer 2 handover (already covered)
g Real-time traffic over the link layer i Cellular networks link layer designed with real-time traffic in
mind i We focus on real-time traffic over IEEE 802.11
59
VoIP over IEEE 802.11 DCF
g DCF (Distributed Coordination Function) is a best-effort service i No QoS guarantees on channel access delay i Contention for the channel i Unlucky node can experience significant delays
60
t medium busy SIFS
PIFS DIFS DIFS
next frame contention
direct access if medium is free ≥ DIFS time slot
IEEE 802.11 DFC: VoIP only g Many experimental and analytical evaluations
i 5 to tens of connections can be supported (depending on codec and voice chunk duration)
g Example (AP handles VoIP connection only):
G.729: audio data compression algorithm
g Rapid performance collapse with too many voice connections 61
Rat
io o
f pac
kets
dela
yed
>150
ms
Number of voice connections
Taken from [Cai06] Downlink traffic, IEEE 802.11b, rate 11Mbps, ns2 simulations
IEEE 802.11e
g IEEE 802.11e defines Quality-of-Service (QoS) extensions to IEEE 802.11
g Two new channel access methods: i Enhanced Distributed Channel Access (EDCA)
• Extension of DCF • 4 traffic classes with different priorities
i (Hybrid Coordination Function)-Controlled Channel Access (HCCA) • Similar to PCF
62
EDCA g EDCA: Enhanced Distributed Channel Access g EDCA defines 4 traffic classes with different priorities (listed
from highest to lowest priority) i Voice, Video, Best-effort, Background
g Channel access method as in DCF g Each class uses different values of parameters
i Arbitration Interframe Space (AIFS) i Backoff (BO) contention window size range (CWmin, CWmax)
63
t medium busy SIFS
PIFS AIFS[0]
next frame contention
AIFS[1]
AIFS[2] AIFS[3]
CW
EDCA
g To prioritize traffic internally EDCA makes use of i Separate queue for
each class i A virtual collision
handler
64
Priority-based distribution
queue 3
Backoff AIFS[3] BO[3]
queue 1
Backoff AIFS[1] BO[1]
queue 2
Backoff AIFS[2] BO[2]
queue 0
Backoff AIFS[0] BO[0]
Virtual collision handler
Frame to transmit
Transmission attempt
IEEE 802.11e summary
g Best-effort prioritizing of traffic g Connections in the same class contend as with DCF
i Adding a few too many voice connections degrades the performance significantly for all nodes
g Hence need for admission control i Prevents oversubscribing to a channel i Provides some control over latency i Challenge: overlapping BSSs
g Security concerns i Misbehaving stations could attempt to assign highest priority
to their traffic
65
References
g L.Cai, Y. Xiao, X.S. Shen, J.W. Mark. VoIP over WLAN: voice capacity, admission control, QoS, and MAC: Research Articles. International Journal of Communication Systems, Volume 19, Issue 4, May 2006
g L.X. Cai, X. Shen, J.W. Mark, L. Cai, Y. Xiao. Voice capacity analysis of WLAN with unbalanced traffic. IEEE Transactions on Vehicular Technology vol. 55, no. 3, May 2006
g J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, E. Schooler. SIP: Session Initiation Protocol. RFC 3261, June 2002
g H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson. RTP: A Transport Protocol for Real-Time Applications. RFC 3550, July 2003
66
My Research Focus: Privacy Protection
67
g Trends i More technology: more computing power, more bandwidth, more
collection of personal data i More wearable devices (including more lifestyle trackers) è
better feedback loop
Data mining, machine learning
Cookies, browser fingerprints, clicks, content of emails, data from OSN,… Heart rate, gaze, sounds, sweat,…
Optimized stimuli (ads) to maximize likelihood of purchase decision
A Few Ongoing Research Projects in my Group (LCA1)
g Genome privacy g Smart permission management in Android g Location-based activity summary
68
Why Protect Genomic Data?
g Genome carries informa-on about a person’s gene-c condi-on and predisposi-ons to specific diseases i Leakage of such informa-on could cause
gene$c discrimina$on
i Denial of access to health insurance, mortgage, educa-on, and employment
70
Things are Moving
g CS giants start proposing genome-‐related services
o Google Genomics (API to store, process, explore, and share DNA data) o IBM Research (computa-onal genomics) o MicrosoH Research (genomic research in collabora-on with Sanger
Center) o Amazon
g Global Alliance for Genomics & Health
o Defini-on of a common framework for effec-ve, responsible and secure sharing of genomic and clinical data
o Security Working Group: security infrastructure policy and technology hQp://genomicsandhealth.org/our-‐work/working-‐groups/security-‐working-‐group/work-‐products
71
Ongoing CollaboraBons • Swiss HIV Cohort Study hQp://www.shcs.ch/
i Infrastructure suppor-ng mul--‐center (7 hospitals) research project dealing with HIV infected adults
i Our contribu-on: deployment (next month) of our data protec-on soHware on their system
• Lausanne University Hospital (CHUV) – Biobank hQp://www.chuv.ch/biobanque/bil_home/bil-‐recherche.htm i Clinical and environmental data i Genomic data: • 2.5M SNPs / pa-ent • 20’000 pa-ents i Our contribu-on: protec-on of the biobank as of 2016
g Sophia Gene-cs i hQp://www.sophiagene-cs.com i Start-‐up company, on campus; visualiza-on of genomic data i Successfully closed 2nd round of funding (11MCHFrs): Endeavour Vision, Invoke,… i Our contribu-on: protec-on of raw genomic data
g Other partners: EPFL School of Life Science, Cornell Tech, Craig Venter Ins-tute, Vanderbilt Univ.,…
72
Smart Permissions (SmarPer)
g Smartphones manage an increasing amount of private information
g Android, the dominant mobile OS, relies on permissions to protect this sensitive information
g Problem: permission model has several limitations i “All-or-nothing” i Coarse-grained i Context-oblivious i Difficult to understand i Abused by apps
Ø 1/3 apps request excessive permissions
app request
<f1, f2,..,fn> feature vector
SmarPer Overview
10
time location
phone status nearby devs
conn type
Context
App Info
ML Model
DB
decision & confidence
c>t
app request
Obfuscation
Interception
Processing
response
<f1, f2,..,fn> feature vector
yes
no
user prompt
ML Model
Update
1 2
3
4
5 6
9
12
14
13 user feedback
8
category status
downloads reviews
developer
7
app name req type params
SmarPer OverviewAudit
11
10
time location phone status nearby devs conn type
decision & confidence PROCESSI
NG
response
yes
no
1 2
3
4
5 6
9
13
14
12 user feedback
8
category status downloads reviews developer
7
app name req type params
11
INTERCEPTION
OBFUSCATION
CONTEXT
APP INFO
AUDIT
ML
MODEL UPDATE
DB
ML MODEL
c>t
ML Machine Learning c confidence t threshold optional step
§ Automatic permission decisions using machine learning• Reduce user-burden (e.g., number of manual decisions)
§ Dynamic permission decisions based on context• E.g., share location at a restaurant but not at the hospital
§ Better privacy vs. utility trade-offs• Multi-level data obfuscation (e.g., approximate location, filtered contact info)
g Activity-tracking applications are increasingly used
75
• Current solution
Privacy: The online service can track the users’ locations
Security: users can cheat on their performance
We propose SecureRun
Privacy: The online service cannot track the users’ locations
Security: users cannot cheat on their performance
Location-based activity summaries
g SecureRun guarantees location privacy and cheat-resilience i By providing lower bounds of activity summaries i Based on networks of access points
76
Location-based activity summaries
0
1000
2000
3000
4000
5000
6000D
ensi
ty o
f A
Ps
(AP
s/k
m2)
0
1000
2000
3000
4000
5000
6000
7000
8000
9000
Den
sity
of
acti
vit
ies
(act
ivit
ies/
km
2)
0
20
40
60
80
100
Brussels
London
ParisParis (2 O
p.)
accu
racy
[%
]Users’ concern levels regarding security
(left) and privacy (right) issues in activity-
tracking apps
Users’ satisfaction for various performance levels of SecureRun if the
actual distance is 10 miles
Distribution of FON access points (left) and Garmin activities (right) in Paris
Overall performance of SecureRun
SecureRun’s accuracy level
For Next Semester
g Master’s Research Associate; if you are interested and you qualify, please email me: i Letter of motivation i CV i 2 or 3 references
g Projects i Our project descriptions are online: semester projects,
optional projects, Master theses
77
New Course: CS-622 Privacy Protection
g Doctoral course (6 ECTS credits), first instance in the fall 2014 g Bridge between our research and our teaching activities g Next instance: September – December 2015 g Can be taken by Master’s students (half were Master’s students last year) g Oral exam + mini-project (leading possibly to a publication; can be combined with
semester project / optional project) g Content of the course
i Part 1 - Preliminaries • 1.1 Introduction • 1.2 Economics and Incentives • 1.3 Crypto-Based Solutions
i Part 2 - Data Privacy • 2.1 Hiding Data from the Database User • 2.2 – Hiding Access Patterns from the Database Owner
i Part 3 - Privacy in Networks • 3.1 Privacy in the Internet • 3.2 Privacy in Mobile Networks
g Lecturer: JP Hubaux, helped by post-docs and PhD students for the mini-projects g Access to last year’s material:
i http://moodle.epfl.ch/course/view.php?id=14215 i Password for guest access from outside of the Intranet: key PriPro14
78