CSE Seminars/Conferences

Colloquia, Seminars and Conference News

Title : Inferring Hidden Network Properties in Wired and Wireless Networks

Date : October 12, 2007. (2:00 pm) Tea starts half an hour before each seminar

Location: ITEB 336

Speaker : Dr. Wei Wei

Abstract:

In this talk, I propose several inference techniques to discover hidden network properties in wired and wireless networks from active and passive measurements. These techniques are used to classify the access network type of an end host, determine the fraction of wireless traffic within a large network, and promptly detect rogue (unauthorized) access points in a large network.

I first propose a simple and efficient end-to-end scheme to classify an access network into one of three categories: Ethernet, wireless LAN and low-bandwidth connection. This scheme leverages off intrinsic characteristics of the various access networks and utilizes the median and entropy of packet pair inter-arrival times. Extensive experiments show that our scheme obtains accurate classification results within 2 seconds.

Next, I propose a classification scheme to differentiate Ethernet and WLAN TCP flows based on measurements collected passively at the edge of a large network. This classifier computes the fraction of wireless TCP flows, and the degree of belief that a TCP flow traverses a WLAN inside the network. The core of this classifier is an iterative Bayesian inference algorithm developed to obtain the maximum likelihood estimate (MLE) of these quantities. We have validated our approach using extensive simulation and applied it to various traces collected at the edge of a university campus network.

Last, I propose two passive online detection schemes to promptly detect rogue access points based on real time measurements at the edge of a large network. Both schemes detect rogue access points by detecting wireless hosts using sequential hypothesis testing. They both exploit the fundamental properties of the 802.11 CSMA/CA MAC protocol and the half duplex nature of wireless channels to differentiate wired and wireless LAN TCP traffic. We have built a system for online rogue access point detection using these schemes and deployed it at a university gateway router. Extensive experiments in various scenarios have demonstrated that our approach is prompt, robust, and extremely accurate.

Bio: Dr. Wei Wei is currently a senior research scientist at the United Technologies Research Center. He received his B.S. degree in Applied Mathematics from Beijing University, China in 1992, and M.S. degree in Statistics from Texas A & M University in 2000. He then received M.S. degrees in Computer Science and Applied Mathematics, and a Ph.D. in Computer Science from the University of Massachusetts, Amherst in 2004, 2004, and 2006 respectively. His research interests include network measurement, network inference, network security, network modeling, and performance evaluation.

[Back]


Computer Science & Engineering Department 371 Fairfield Road Unit 2155 Storrs, CT 06269-2155 Phone: (860) 486-3719 Fax: (860) 486-4817	Colloquia, Seminars and Conference News Title : Inferring Hidden Network Properties in Wired and Wireless Networks Date : October 12, 2007. (2:00 pm) Tea starts half an hour before each seminar Location: ITEB 336 Speaker : Dr. Wei Wei Abstract: In this talk, I propose several inference techniques to discover hidden network properties in wired and wireless networks from active and passive measurements. These techniques are used to classify the access network type of an end host, determine the fraction of wireless traffic within a large network, and promptly detect rogue (unauthorized) access points in a large network. I first propose a simple and efficient end-to-end scheme to classify an access network into one of three categories: Ethernet, wireless LAN and low-bandwidth connection. This scheme leverages off intrinsic characteristics of the various access networks and utilizes the median and entropy of packet pair inter-arrival times. Extensive experiments show that our scheme obtains accurate classification results within 2 seconds. Next, I propose a classification scheme to differentiate Ethernet and WLAN TCP flows based on measurements collected passively at the edge of a large network. This classifier computes the fraction of wireless TCP flows, and the degree of belief that a TCP flow traverses a WLAN inside the network. The core of this classifier is an iterative Bayesian inference algorithm developed to obtain the maximum likelihood estimate (MLE) of these quantities. We have validated our approach using extensive simulation and applied it to various traces collected at the edge of a university campus network. Last, I propose two passive online detection schemes to promptly detect rogue access points based on real time measurements at the edge of a large network. Both schemes detect rogue access points by detecting wireless hosts using sequential hypothesis testing. They both exploit the fundamental properties of the 802.11 CSMA/CA MAC protocol and the half duplex nature of wireless channels to differentiate wired and wireless LAN TCP traffic. We have built a system for online rogue access point detection using these schemes and deployed it at a university gateway router. Extensive experiments in various scenarios have demonstrated that our approach is prompt, robust, and extremely accurate. Bio: Dr. Wei Wei is currently a senior research scientist at the United Technologies Research Center. He received his B.S. degree in Applied Mathematics from Beijing University, China in 1992, and M.S. degree in Statistics from Texas A & M University in 2000. He then received M.S. degrees in Computer Science and Applied Mathematics, and a Ph.D. in Computer Science from the University of Massachusetts, Amherst in 2004, 2004, and 2006 respectively. His research interests include network measurement, network inference, network security, network modeling, and performance evaluation. [Back] Print \| Email