Your SlideShare is downloading. ×
0
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
irt2006.ppt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

irt2006.ppt

763

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
763
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. The Internet Real-Time Laboratory Prof. Henning Schulzrinne Feb 2006 http://www.cs.columbia.edu/IRT
  • 2. Current members
    • IRT lab: 1 faculty, 1 post-doc, 13 PhD, 6 MS GRAs, 2 visitors and a researcher: total 24
    • China, Germany, Hong Kong, India, Italy, Israel, Japan, Korea, Pakistan, USA
  • 3. Sponsors Equipment grants and student support: past and present
  • 4. Research topics
    • Internet Real-Time Systems
    Security Multimedia collaboration 911 calls on Internet Reliability and scalability Peer-to-peer systems Ubiquitous computing Service discovery Mobile and ad hoc Wireless telephony presence Programmable services Enterprise IP telephony
  • 5. Global service discovery The problem
    • Current protocols:
      • Local network (not Internet)
      • Limited description or query -- attribute-value or interface matching
    • We need:
      • A global service discovery architecture
      • Scalable (avoid central dependency)
      • Robust and self adjusting
      • Use modern description logic (OWL)
    Knarig Arabshian
  • 6. Global service discovery GloServ: Hierarchical P2P Global Service Discovery Architecture
    • Classify services using OWL
    • Use service classification to map ontology to a hierarchical P2P network (using CAN for p2p)
    • Bootstrap servers using information in ontology
    • Intelligent registration and querying
    Knarig Arabshian 4) Send the query to the closest high-level server that is known Service Restaurant Travel Medical Communication Destination Flights Agencies Hotel Bed&Breakfast domain: hotel.destination.service 2) Map the word “ inn” to “hotel” 1) Query for “inn” is issued 3) Look up the domain of the equivalent server or closely related server in the primitive skeleton ontology 1 3 4 2 Hotel hostel inn rooming lodging motel
  • 7. Global service discovery GloServ: Hierarchical P2P Global Service Discovery Architecture Knarig Arabshian (CampGround) 3 3 (Sightseeing) (Hotel) 20 hasActivity <1,2> <3,2> <1,3> <3,3> <2,1> <2,2> . . . <2,3> <10,2> <10,3> hasAccommodation (Budget) 2 1 (Sports) 2 (Adventure) CAN DHT distribution of properties CAN DHT CAN DHT CAN DHT CAN DHT
  • 8. 7DS The problem and overview of 7DS
    • The opportunity
      • Wireless infrastructure slow to emerge (3G $$$)
      • 802.11b cheap and simple to deploy
      • Mobile devices spread data in densely populated areas (e.g., NYC)
    • What is 7DS?
      • Content-independent: works for any web object
      • Uses standard caching mechanism
      • After 25’, 90% of interested users have data
      • Also, data upload:
    Wing Yuen (Andy)
  • 9. 7DS Overview of the networks
    • Two nodes communicate when they are in proximity
    • Small transmit power
      • Optimal # neighbor ≈1
    • Large end-to-end throughput
    • Trade off capacity with delay
    • Ad hoc network; example:
    Wing Yuen (Andy) Mobile node path
  • 10. 7DS Email upload application
    • Objective: purge message replicas
    • Time-based scheme
      • Purge message when TTL expires
    • Hop-based scheme
      • Decrement b in each node encounter
      • Purge message when b=0
    • Evaluate storage and storage-time cost
    • Optimal depth=2, select breadth such that prob. delivery =1
    Wing Yuen (Andy) depth=4 breadth=2
  • 11. 7DS for mobile platforms Source: ARCChart – Developing for Mobile Environments Derek
  • 12. Wireless VoIP Overview of the network and problems Sangho Shin Andrea Forte R1 AP2 AP1 Internet Access-point Router Subnet A Subnet B R2 Layer 2 handoff Layer 3 handoff Handoff delay (Layer 2 and Layer 3) Limited capacity Call admission control
  • 13. Wireless VoIP Problems and solutions
    • Layer 2 (MAC) & Layer 3 (IP) Handoff
      • Selective Scanning & Caching
      • Fast L3 Handoff using temp IP
      • Cooperative handoff
    • Limited capacity
      • Dynamic PCF (DPCF)
      • Adaptive Priority Control (APC)
    • Call admission control
      • Virtual Traffic Generation
    • Improving VoIP capacity
    • Bandwidth
      • IEEE 802.11a/b/g : 11~ 54 Mb/s
    • Actual throughput
      • Except overhead: 2~20 Mb/s
    • Ethernet (100-1000 Mb/s) >> WLANs
    • Need to improve Capacity for VoIP.
    Sangho Shin Andrea Forte
    • Too many clients or, simultaneous calls in an AP  deterioration of QoS
    • Need Call Admission Control (CAC)
  • 14. Wireless VoIP Passive DAD (1/2)
    • Duplicate Address Detection (DAD) Before the DHCP server decides to assign an IP address, it has to be sure that such address is not already in use. In order to do this, the DHCP server sends ICMP Echo requests and waits for ICMP Echo replies.
    The delay introduced by DAD is in the order of seconds!
    • Passive DAD (P-DAD) We introduce a new agent, namely Address Usage Collector (AUC), which collects information about the IP addresses in use in its subnet. The AUC will then inform the DHCP server about IP addresses already in use in a particular subnet.
    Sangho Shin Andrea Forte
  • 15. Wireless VoIP Passive DAD (2/2)
    • AUC builds DUID:MAC pair table (DHCP traffic only).
    • AUC builds IP:MAC pair table (broadcast and ARP traffic).
    • Whenever a new pair is added to the table or if a potential unauthorized IP is detected, the AUC sends the pair to the DHCP server.
    • DHCP server checks if the pair is correct or not and it records the IP address as in use .
    Address Usage Collector (AUC) DHCP server Router/relay agent SUBNET Broadcast-ARP/DHCP
    • ARP checking
      • AUC scans unused IPs using ARP query periodically.
      • Silent nodes can be detected.
    TCP Connection Sangho Shin Andrea Forte IP MAC Expire IP1 MAC1 570 IP2 MAC2 580 IP3 MAC3 590 IP4 DUID4 Client ID MAC DUID1 MAC1 DUID2 MAC2 DUID3 MAC3
  • 16. Wireless VoIP Problems of the current DAD
    • In wireless networks , it takes long time to get ICMP echo response, or even the response can be lost when the channel is very congested.
    • Windows XP SP2 activates the firewall, and the firewall blocks incoming ICMP echo by default.
    • ISC DHCP software has a bug in the DAD timer, and the timer value is decided between 0 ~ 1 sec randomly.
    Sangho Shin Andrea Forte
  • 17. VoIP real world app. Training air traffic controllers at FAA
    • Existing communication system
      • Voice communications network
        • Analog, fixed point-to-point connections
      • Fast Ethernet data network
      • Video network
      • Depends on analog, hard-wired communication systems that use obsolete parts no longer available without custom manufacture
    • What the project is?
      • Simulate a FAA classroom
      • Classroom has student, pilot and an instructor workstation
      • Student plays the role of an ATC, who is trained by the pilot.
      • Student and pilot communicate to each other, via a notion of frequency (unicast) and facility (multicast)
    • What am I doing?
      • Feature enhancements
      • Get the project successfully deployed on-site
      • Development of robust audio tool on Windows platform
    Venkata S. Malladi Anurag Chakravarti
  • 18. Session peering for multimedia and VoIP interconnect
    • Motivation: expenses, overhead, flexibility of end-to-end IP-based services.
    • How it is done: switch fabric, rules and regulations that manage sending and receiving data among one another.
    • Challenges: Architecture, QoS, Security, Operations Support Services, Reliability, Protocol Interoperability, Call routing, ENUM, etc.
    Charles Shen IP Phone IP Phone SIP based Network PSTN PSTN (telephone) SIP based Network Existing architecture Direct Peering
  • 19. ENUM Marriage of Internet and telephone numbering
    • Bridges traditional telephony with Internet capabilities into a platform for new services and applications.
    Charles Shen SIP Proxy SIP Proxy Enum Server [1] Caller dials callee’s normal phone number 212-939-7040 [2] Caller’s proxy queries Enum for 0.4.0.7.9.3.9.2.1.2.1.e164.arpa and gets response sip:irt@cs.columbia.edu [3] Caller’s proxy receives response sip:irt@cs.columbia.edu and proceed to set up call with the callee Caller Callee
  • 20. Session peering and ENUM Status quo and our work
    • WGs in standardization bodies such as IETF SPEERMINT, ENUM WG and SIPForum technical WG are working on requirements and architecture details for a Session Peering for Multimedia Interconnect architecture.
    • I am currently involved in ENUM server performance investigation and expected to contribute to other parts of the peering architecture as well.
    • Also related: SIP Scalability Performance Study.
    Charles Shen
  • 21. NG 9-1-1 Overview of the NG911 project
    • Traditional 9-1-1 system
      • Does not work well for calls from Internet phones!
    • Two (related) fundamental problems
      • Where is the caller?
      • To which PSAP (call center) should the call go?
    • Other problems
      • Going beyond the traditional 9-1-1 functionalities
        • Multimedia (audio + video + text)
        • Sending instructional video on CPR
    • Project Participants
      • Columbia University, Texas A&M University, University of Virginia
      • NENA, Cisco, Nortel
      • Funded by NTIA and SIPquest
    Jong Yul Kim Wonsang Song
  • 22. NG 9-1-1 Solution and status
    • Location Determination
    • Current status
      • SIP-based prototype system
      • NENA requirements for IP-capable PSAPs
      • IETF ECRIT WG Proposals to solutions for fundamental problems
      • On-going preparations for testing in live PSAP in College Station, Texas
    Jong Yul Kim Wonsang Song When all else fails Outdoors In organizations where computers are fixed in one place In organizations that use Cisco devices Useful Situation
    • No guarantee of timely update
    • Prone to human error
    • GPS does not work indoors or when a significant portion of the sky is blocked from view.
    • No good for wireless connections
    • Administrators have to enter machine – location mapping for each machine
    • Only works with Cisco switches and access points
    • Administrators have to enter switch – location mapping
    Drawbacks
    • Is always a backup method
    • Delivers precise location
    • No work for administrators
    • DHCP is ubiquitous
    • Applicable to both SIP UA and SIP proxy
    • Cisco devices are ubiquitous
    • Less burden for administrators than DHCP
    Merits Manual Entry GPS DHCP CDP
  • 23. VoIP security Denial of Service (DoS) attacks: the problem
    • DoS attacks are still prevalent in the Internet
    • Telephony services are exposed as they move to the IP network
    • The E911 service is specifically vulnerable
    • How to distinguish between a human and machine request?
    • Detection and Mitigation
    Eilon Yardeni
  • 24. VoIP security Taxonomy of DoS attacks: vulnerability attacks
    • Implementation flaws
    • Application specific attacks
      • Session Initiation Protocol (SIP)
        • Session tear down – spoofed “BYE”s
        • Modify media sessions – spoofed re-INVITEs
    • Flooding
      • Flood with “INVITE” or “REGISTER”
      • Access links congestion
    • Attack on E911
      • 911 calls do not require authentication
      • Attacker can target:
        • Call takers
        • Call routing
        • Mapping service
      • Physical location spoofing
    Eilon Yardeni
  • 25. VoIP security Defense against DoS attacks
    • Fake location
      • Signed location
      • Location verification
    • First level filtering heuristics
      • IP-to-geo location comparison
      • List of legitimate subnets
    Eilon Yardeni
  • 26. VoIP security Trust path discovery for SPAM detection
    • Motivation : option for sender filtering against spam (SPIT/SPIM)
      • Determine whether to accept communication’s requests, e.g., emails, calls, instant messages from a “stranger”
      • Based on reputation of that stranger
    • Challenge : how to get the stranger’s reputation
    • Approach
      • Gathering trustworthy opinions on individuals and their domains from trust paths
      • Opinions : based on trust indicators which represent one’s trust on receiving messages
      • Trust paths : chains of trust relationships; among individuals, among domains and between an individual and a domain
      • IETF draft-ono-trust-path-discovery-01
    Kumiko Ono Alice Dave A third party reputation system i.e., a server of social network 2. Query his reputation 1. Receive communication request Related Work 1. Receive communication request Alice Dave Trust paths i.e., buddy-list, call-log 2. Query his reputation Our Approach
  • 27. Presence System Overview
    • Presence
      • Ability and willingness to communicate.
      • Rules about how and what part of presence info can be accessed
      • More detailed information includes location, preferred communication mode, current mood and activity
    • Presentity
      • Represents a user or a group of users or a program
      • Source of presence information
    • Watcher
      • Requester of presence information about a presentity
    Vishal Singh Bob’s Presentity Bob is busy right now. He is on 42 nd ,Broadway . U can reach him after 4.00 p.m . on his office line .
  • 28. Presence Presentity and Watchers Bob’s status, location Available , Busy , Somewhat available , Invisible wife son colleague external world PUBLISH SUBSCRIBE NOTIFY Bob’s Presentity Bob’s Presence User Agents (PUA) PC-IM Client R u there ? Cell Phone BUZZ PUBLISH Bob’s Filters (Rules), PIDF Presence Server Vishal Singh Watchers Watchers Watchers
  • 29. Presence Deployment: Cross-domain SIP NOTIFY SIP SUBSCRIBE Presence Database Broadband IP Network (VoIP, Internet) IM Vishal Singh Presence Server Presence Server Presence Server Watchers/Buddies for one presentity Presence Server Presence Server Watchers/Buddies for one presentity PSTN SCP Wireless Network SIP PUBLISH SIP PUBLISH SIP PUBLISH SIP Phone TV
  • 30. Presence Services
    • Determining communication status
      • Dial tone no longer enough, Decide based on
        • Presentity’s Location, Activity (Sleeping, Driving, etc.), Mood (angry, happy etc.,)
        • Presentity’s preferred mode of communication (e.g., text , audio device, landline phone)
    • Location based services
      • Fleet management
    Vishal Singh
  • 31. VoIP infrastructure CINEMA: multi-platform multimedia collaboration
    • Beyond voice: video, text, IM, presence, screen sharing, shared web browsing, …
    • Beyond SIP phone: regular telephone, email, web, …
    • Beyond synchronous communication: offline mails, discussion forum, file sharing, …
    Kundan Singh Program Call routing SIP SAP RSVP RTCP RTP Media G.711 MPEG RTSP Signaling Quality of service Media transport Internet Telephony Internet Radio/TV Messaging and Presence Interactive voice response Unified messaging Video conferencing Physical layer Link layer Network (IPv4, IPv6) Transport (TCP, UDP) Application layer Voice XML DTMF Mixing Speech/ text SDP Program Call routing SIP SAP RSVP RTCP RTP Media G.711 MPEG RTSP Signaling Quality of service Media transport Internet Telephony Internet Radio/TV Messaging and Presence Interactive voice response Unified messaging Video conferencing Physical layer Link layer Network (IPv4, IPv6) Transport (TCP, UDP) Application layer Physical layer Link layer Network (IPv4, IPv6) Transport (TCP, UDP) Application layer Voice XML DTMF Mixing Speech/ text SDP
  • 32. VoIP infrastructure Reliability and scalability
    • Failover: redundancy
    • Load sharing: scalability
    Kundan Singh REGISTER INVITE P1 P2 P3 a-h i-q r-z Use DNS
    • Combine the two in a two stage architecture
    • Infinite scalability (linear with #servers)
    • High availability
  • 33. Peer-to-peer P2P Internet telephony using SIP
    • Server-based
      • Maintenance and configuration cost : dedicated administrator
      • Central point of failures: catastrophic failures
      • Depends on controlled infrastructure (e.g., DNS)
    • Peer-to-peer
      • Self adjusting, robust against catastrophic failures, highly scalable, and no configurations
      • Call setup and user search latency is higher: O(log(N))
      • Security: how to handle malicious peers? Identity protection?
    • Our P2P-SIP
      • Hybrid architecture: works with both P2P and server-based
      • Built-in P2P network: acts as a service node for proxy, registrar, presence, offline storage, and media relay
      • External P2P network: managed and trusted peer nodes
      • Identity protection: Email identifier == SIP identifier
    Kundan Singh
  • 34. Peer-to-peer Analysis of the Skype peer-to-peer VoIP application Salman Abdul Baset Process priority Memory usage 10 109 ms Normal Normal 13 MB, 13 MB 9 MB, 9 MB 1.0.0.80 G-Talk 16 184 ms Normal Normal 34 MB, 31 MB 25 MB, 22 MB 7.5 MSN 12 152 ms Normal Normal 43 MB, 42 MB 38 MB, 34 MB 7.0.0.437 Yahoo 4 96 ms High Normal 21 MB, 27 MB 19 MB, 19 MB 1.4.0.84 Skype Latency Standard Deviation Mouth-to-ear latency during call before call during call (caller, callee) before call (caller, callee) Application version Application
  • 35. Peer-to-peer Churn in small scale p2p networks
    • Small scale: nodes count 5 to 1000
    • Churn: node arrival/departure rate
    • Office: high churn at 9:00am and 5:00pm
    • Is distributed hash table (DHT) better than flooding?
    • Correlated and un-correlated failures
    Salman Abdul Baset
  • 36. Summary
    • Internet Real-Time Systems
      • Service discovery, 7DS, wireless VoIP, Security, NG 911, reliability, scalability, peer-to-peer
      • Other projects: SIP user agent, CPL/sip-cgi/LESS scripts, session mobility, DotSlash, …
    • Questions?

×