DistOS-2011W Attribution: Difference between revisions
Line 36: | Line 36: | ||
*ABSTRACT | *ABSTRACT | ||
<i>The ability to accurately identify the network traffic associated with different P2P applications is important to a broad range of network operations including application-specific traffic engineering, capacity planning, provisioning, service differentiation,etc. However, traditional traffic to higher-level application mapping techniques such as default server TCP or UDP network-port baseddisambiguation is highly inaccurate for some P2P applications.In this paper, we provide an efficient approach for identifying the P2P application traffic through application level signatures. We firstidentify the application level signatures by examining some available documentations, and packet-level traces. We then utilize the identified signatures to develop online filters that can efficiently and accurately track the P2P traffic even on high-speed network links.We examine the performance of our application-level identification approach using five popular P2P protocols. Our measurements show thatour technique achieves less than 5% false positive and false negative ratios in most cases. We also show that our approach only requires the examination of the very first few packets (less than 10packets) to identify a P2P connection, which makes our approach highly scalable. Our technique can significantly improve the P2P traffic volume estimates over what pure network port based approaches provide. For instance, we were able to identify 3 times as much traffic for the popular Kazaa P2P protocol, compared to the traditional port-based approach.</i> | <i>The ability to accurately identify the network traffic associated with different P2P applications is important to a broad range of network operations including application-specific traffic engineering, capacity planning, provisioning, service differentiation,etc. However, traditional traffic to higher-level application mapping techniques such as default server TCP or UDP network-port baseddisambiguation is highly inaccurate for some P2P applications.In this paper, we provide an efficient approach for identifying the P2P application traffic through application level signatures. We firstidentify the application level signatures by examining some available documentations, and packet-level traces. We then utilize the identified signatures to develop online filters that can efficiently and accurately track the P2P traffic even on high-speed network links.We examine the performance of our application-level identification approach using five popular P2P protocols. Our measurements show thatour technique achieves less than 5% false positive and false negative ratios in most cases. We also show that our approach only requires the examination of the very first few packets (less than 10packets) to identify a P2P connection, which makes our approach highly scalable. Our technique can significantly improve the P2P traffic volume estimates over what pure network port based approaches provide. For instance, we were able to identify 3 times as much traffic for the popular Kazaa P2P protocol, compared to the traditional port-based approach.</i> | ||
[3] Roger Clarke, Human Identification in Information Systems: Management Challenges and Public Policy Issues [http://www.emeraldinsight.com/journals.htm?articleid=883434&show=abstract PDF/HTML] | [3] Roger Clarke, Human Identification in Information Systems: Management Challenges and Public Policy Issues [http://www.emeraldinsight.com/journals.htm?articleid=883434&show=abstract PDF/HTML] |
Revision as of 15:54, 10 March 2011
Members
- Abdelrahman Abdou
- Raghad Al-Awwad
- Omi Iyamu
- Rakhim Davletkaliyev
Meeting Briefings
Tuesday, March 1st
After 20 minutes of brainstorming, we agreed on:
- Current internet infrastructure lacks the ability of achieving highly scalable and efficient attribution mechanism.
- Attribution must be implemented in a distributed manner and must be automated and not owned.
- Threats that should be addressed include (but not limited to):
- Computers, individuals and applications impersonation
- All types of electronic spoofing.
- The skeleton of our project will constitute four main aspects:
- Tracing/Tracking: baseline for attribution.
- Human identification: a MUST to include!
- Machine identification: to be dissolved with human identification.
- Storage: how and where to store data traces and the identification stamps.
Thursday, March 3rd
Coming Soon!
Surveyed Papers
[1]Marco Gruteser, Suman Banerjee, Marco Gruteser, Vladimir Barik, Wireless device identification with radiometric signatures, University of Wisconsin at Madison, Madison, WI, USA, 2008. PDF
- ABSTRACT
We design, implement, and evaluate a technique to identify the source network interface card (NIC) of an IEEE 802.11 frame through passive radio-frequency analysis. This technique, called PARADIS, leverages minute imperfections of transmitter hardware that are acquired at manufacture and are present even in otherwise identical NICs. These imperfections are transmitter-specific and manifest themselves as artifacts of the emitted signals. In PARADIS, we measure differentiating artifacts of individual wireless frames in the modulation domain, apply suitable machine-learning classification tools to achieve significantly higher degrees of NIC identification accuracy than prior best known schemes. We experimentally demonstrate effectiveness of PARADIS in differentiating between more than 130 identical 802.11 NICs with accuracy in excess of 99%. Our results also show that the accuracy of PARADIS is resilient against ambient noise and fluctuations of the wireless channel. Although our implementation deals exclusively with IEEE 802.11, the approach itself is general and will work with any digital modulation scheme.
[2] Subhabrata Sen, Oliver Spatscheck, Dongmei Wang, Accurate, scalable in-network identification of p2p traffic using application signatures, AT&T Labs-Research, Florham Park, NJ, 2004. PDF
- ABSTRACT
The ability to accurately identify the network traffic associated with different P2P applications is important to a broad range of network operations including application-specific traffic engineering, capacity planning, provisioning, service differentiation,etc. However, traditional traffic to higher-level application mapping techniques such as default server TCP or UDP network-port baseddisambiguation is highly inaccurate for some P2P applications.In this paper, we provide an efficient approach for identifying the P2P application traffic through application level signatures. We firstidentify the application level signatures by examining some available documentations, and packet-level traces. We then utilize the identified signatures to develop online filters that can efficiently and accurately track the P2P traffic even on high-speed network links.We examine the performance of our application-level identification approach using five popular P2P protocols. Our measurements show thatour technique achieves less than 5% false positive and false negative ratios in most cases. We also show that our approach only requires the examination of the very first few packets (less than 10packets) to identify a P2P connection, which makes our approach highly scalable. Our technique can significantly improve the P2P traffic volume estimates over what pure network port based approaches provide. For instance, we were able to identify 3 times as much traffic for the popular Kazaa P2P protocol, compared to the traditional port-based approach.
[3] Roger Clarke, Human Identification in Information Systems: Management Challenges and Public Policy Issues PDF/HTML
- ABSTRACT
Many information systems involve data about people. In order reliably to associate data with particular individuals, it is necessary that an effective and efficient identification scheme be established and maintained. There is remarkably little in the information technology literature concerning human identification. Seeks to overcome that deficiency by undertaking a survey of human identity and human identification. Discusses techniques including names, codes, knowledge-based and token-based identification, and biometrics. Identifies the key challenge to management as being to devise a scheme which is practicable and economic, and of sufficiently high integrity to address the risks the organization confronts in its dealings with people. Proposes that much greater use be made of schemes which are designed to afford people anonymity, or which enable them to use multiple identities or pseudonyms, while at the same time protecting the organization's own interest. Describes multi-purpose and inhabitant registration schemes, and notes the recurrence of proposals to implement and extend them. Identifies public policy issues. Of especial concern is the threat to personal privacy that the general-purpose use of an inhabitant registrant scheme represents. Speculates that, where such schemes are pursued energetically, the reaction may be strong enough to threaten the social fabric.
Milestones
(Under Construction)
- Problem definition
- Literature review
- ??
Project Progress
Coming Soon!
Requirements
- incremental deployability
- privacy
Readings
really hard to find anything not from psychology