wifiprofiler: cooperative diagnosis in wireless lans ranveer chandra, venkat padmanabhan, ming zhang...
TRANSCRIPT
![Page 1: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/1.jpg)
WiFiProfiler: Cooperative Diagnosis in Wireless LANs
Ranveer Chandra, Venkat Padmanabhan, Ming Zhang
Microsoft Research
![Page 2: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/2.jpg)
2
Wireless Woes
• Users often wonder why:
– “My machine says: wireless connection unavailable”
– “I get poor performance on wireless”
– “My wireless card keeps trying to authenticate”
– “Is it just me?”
![Page 3: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/3.jpg)
3
Wireless Woes
• Users often wonder why:
– “My machine says: wireless connection unavailable”
– “I get poor performance on wireless”
– “My wireless card keeps trying to authenticate”
– “Is it just me?”
• Many places have no/minimal network admin
– Hotspots: cafes, airports
– Transient networks: conferences, IETF meetings
![Page 4: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/4.jpg)
4
Prior Work: Operator View
• Infrastructure-based monitoring (Aruba, DAIR)
– Focuses on operator perspective (e.g., rogue APs)
• Monitoring at clients (e.g., [Adya 2004])– Fault diagnosis using infrastructure support– Also focuses on operator perspective
• Correlate client observations at AP (MOJO)– Detect PHY level anomalies
![Page 5: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/5.jpg)
5
WiFiProfiler Goal: User View
Enable clients to diagnose network failures
without requiring admin/infrastructure support:
– Reduce user frustration
– Reduce load on admin, when there is one
Help users help themselves
![Page 6: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/6.jpg)
6
State of the Art: Local DiagnosisWireless Connection Manager, WZC
• Reasonable detection, Poor diagnosis
Cannot Associate
MACFiltering
Bad AP
Bad WEPKey
Bad NIC
![Page 7: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/7.jpg)
7
WiFiProfiler
• Based on two key observations:
– Clients form Information Plane with peers• Even when client cannot connect to AP
– Extent of problem indicates cause
Diagnose faults by correlating peers’ health
![Page 8: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/8.jpg)
8
WiFiProfiler Overview
Create Information Plane
Dissatisfied Machine
(Cannot connect to WEP-enabled AP)
Req. Health
Req. Health
Health Info.
(WEP key info)
Diagnose Problem:Same WEP key?
Access Point
Healthy Client
Health In
fo.
(WEP key in
fo)
Healthy Client
Diagnose range of problems across layers!
![Page 9: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/9.jpg)
9
Faults and Some Causes
No IP Address
Security
H/w or s/w
DHCP Server
No Association
No AP DetectedLocation
WAN congestion
Wireless problem
Poor Performance
End-to-End Failure
Firewall/proxy
WAN Disconnect
![Page 10: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/10.jpg)
10
Outline
• Introduction
• WiFiProfiler Overview
• WiFiProfiler Design
• Evaluation
• Summary
![Page 11: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/11.jpg)
11
WiFiProfiler Design Goals
• Transparency: – Minimal user impact/involvement
• Deployability: – Work with off-the-shelf cards and unmodified drivers
• Scalability:– Work with a large number of clients
• Security:– Prevent compromise of clients and AP
![Page 12: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/12.jpg)
12
WiFiProfiler Architecture
• Sensing: What is monitored?
• Communication: How is it shared?
• Diagnosis: How are faults diagnosed?
![Page 13: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/13.jpg)
13
Sensing
• Monitor health of client’s connectivity– Static info (e.g., NIC type)
– Dynamic info (e.g., assoc. success/failure)
H/w or s/wNo Association
Fault Some Causes Sensed Info
NIC Model, Make,Driver version
Auth/Encryption setting, key info
Security
![Page 14: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/14.jpg)
14
Sensed Information
• User-level service (daemon) polls various layers
– Wireless: NIC, BSSID, RSSI, Beacon Loss, 1-way
hash of key, Interface Queue
– IP: IP Address, DHCP, DNS
– Transport: Failed connections, Server Ports
– Application: Web proxy settings
• Snapshot obtained once every second
– Summarized information < 1200 bytes
![Page 15: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/15.jpg)
15
Communication
802.11 NICs can connect to only one network at a time
Challenges:
– Discovery: How does H know that D needs help?
– Parallelism: How does H send packets to D?
Req. Health
Sensed Info
DH
Establishing the Information Plane
![Page 16: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/16.jpg)
16
Discovery
• D initiates ad hoc network with distinct SSID– Special SSID format denotes request for help
– H receives beacon even when associated to AP
D
169.254.10.125Port: 5000
SSID: Help:169.254.10.125:5000
H
![Page 17: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/17.jpg)
17
VirtualWiFi Layer
Virtual Interface 3
TCP/IP, Network Stack
Virtual Interface 2
Application LayerUser-level
Kernel-level
Approach: Virtualize card, buffer packets, switch b/w networks
Virtual Interface 1
Wireless Card
Parallelism using VirtualWiFiDetails: Infocom ’04
![Page 18: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/18.jpg)
18
Communication Protocol• WiFiProfiler uses 2 (virtual) adapters:
– Primary adapter activated in normal use
– Helper adapter dedicated for WiFiProfiler• Activated only when needed
DH
169.254.10.125Port: 5000
SSID: Help:169.254.10.125:5000
Primary VNIC
Helper VNIC
Scalability and Security discussions in paper
![Page 19: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/19.jpg)
19
Diagnosis
• Initiated by user
• Correlate peers’ info and infer likely cause
– Rule-based techniques instead of black-box
• Suggest steps for problem resolution
– Change configuration settings• e.g. local DNS server, web proxy, WEP key
– Change location, contact admin
• Diagnose faults across layers of network stack
![Page 20: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/20.jpg)
20
NOYES
Diagnosing Association Failure
Is Sec.configSame?
Bad Sec. setting(Fix it)
NO
Is BLRmuch
higher?
Bad signal(change location)
Similar cardAssociated?
YES
If another peer has successfully associated with the AP:
YES
MAC Filtering(contact admin)
NO
S/w or H/w config(change NIC or update driver)
![Page 21: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/21.jpg)
21
Diagnosis Features
• Inherent uncertainty in some cases– Need info from AP to confirm MAC filtering
• Conflicting info from peers– Used to eliminate branches in diagnosis procedure,
e.g. NIC type
• Vulnerability to bogus info from attackers– Use information from large number of peers
– Susceptible to Sybil attack
![Page 22: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/22.jpg)
22
Outline
• Introduction
• WiFiProfiler Architecture
– Sensing
– Communication
– Diagnosis
• Evaluation
• Summary
![Page 23: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/23.jpg)
23
Evaluation
• Sensing: Low overhead
– (used < 1% CPU on 1.33 GHz laptop)
• Communication using VirtualWiFi:
– Healthy clients spend < 2 sec sending info
– Sick clients get information within 30 seconds
• Much of the delay in discovery (scanning delays)
![Page 24: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/24.jpg)
24
Little Impact on Healthy Clients
0
5
10
15
20
25
10K 100K 1M
Download Size (in bytes)
Tim
e (i
n s
eco
nd
s)Download while Helping
Download when not Helping
Extra 0.5 to 3 seconds!
![Page 25: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/25.jpg)
25
Port blockedMAC Filtering
Too far from AP
Access Point
Port blocked Port blocked
Effectiveness of WiFiProfiler
Relevant diagnosis at all clients within 30 seconds!
![Page 26: WiFiProfiler: Cooperative Diagnosis in Wireless LANs Ranveer Chandra, Venkat Padmanabhan, Ming Zhang Microsoft Research](https://reader035.vdocument.in/reader035/viewer/2022062321/56649e6b5503460f94b6970b/html5/thumbnails/26.jpg)
26
WiFiProfiler Summary
• Enables cooperative diagnosis in WLANs
– Without infrastructure support, low overhead
• Working system on Windows XP
• Future work:
– Security: Privacy, Sybil Attacks, Passive Mode
– Long-term Profiling