Performance and Security Problems in Today’s Networks
Abstract
The demand for bandwidth is elevating in today’s networks. However, security threats and attacks are increasing as well. We study how to maximize throughput and maintain secu- rity in (I) wireless and (II) wired communication networks. For throughput maximization, (I) we investigate the cases where applying Network Coding (NC) in a careless manner, could cause significant throughput degradation in multi-rate environments. Via extensive experiments and an analysis, we characterize the regimes where NC offers throughput ben- efits and those where it does not. We design PACE, a policy-aware coding enforcement logic, which allows a router to switch between NC and store-and-forward modes depending on link qualities. Our evaluations show that PACE could potentially offer network-wide throughput improvements of up to 350%. (II) we propose a standards agnostic framework BOLT, that helps realize the throughput potential of Power Line Communication (PLC) to serve as a viable backhaul for local network connectivity. The design of BOLT is based on a comprehensive measurement study that provides many insights with regards to PLC net- work characteristics and dynamics. We implement BOLT on three different testbeds using off-the-shelf PLC adapters and showcase its ability to effectively manage flows, delivering several folds throughput improvement over state-of-the-art solutions.
To maintain security, (I) We propose JIMS, a jamming interference mitigation scheme, using which, transceivers can identify subcarriers that are relatively unaffected by jamming and utilize them for communications. Prior approaches can only alleviate jamming interference to a limited extent; they are especially vulnerable to a reactive jammer, i.e., a jammer that injects noise upon sensing a legitimate transmission or wideband jamming.
We show that JIMS restores throughput up to 75% on our WARP testbed. (II) We study VM migration as an effective countermeasure against an attempt at malicious co-residency. We first undertake an experimental study on Amazon EC2 to obtain an in-depth understanding of the side-channels attack. Here, we identify a new set of stealthy side-channel attacks and show that migration limits the co-residency time with a victim VM to about 1% of the time with bandwidth costs of a few MB.