WLAN: QoS, Ziteration, and Assertional Security Analysis

1
WLANQoS, Z-iteration, andAssertional Security
Analysis

• A.Udaya Shankar
• Computer Science Dept and UMIACS
• University of Maryland
• shankar_at_cs.umd.edu

2
Outline

• QoS
• Z-iteration (performance evaluation)
• Assertional Security Analysis

3
Outline

• QoS
• Compensating for physical capture
• effect in WLANs
• Z-iteration (performance evaluation)
• Assertional Security Analysis

4
QoS Throughput fairness

• Throughput fairness in 802.11 depends on
• MAC access mechanism
• Physical-layer characteristics
• Most studies downplay physical-layer effect and
  focus on the MAC CSMA/CA/BEB
• We discovered that physical-layer capture is the
  dominant factor in throughput fairness

5
Physical-layer capture effect

• Physical-layer capture efffect
• When two frames collide at a receiver, the
  receiver can extract the stronger frame
• Capture occurs consistently for even a few dBm
  difference in frame signal strengths
• Capture occurs frequently in WLANs (due to
  multipath and fading).

6
Ad-hoc Mode Experiments

• source 1 source 2 sniffer
• Sources broadcasting in ad-hoc mode
• no beacons, ACKs, and retransmissions
• MAC-layer effect minimized
• Results
• 8 of frames collided
• 90 of collisions had capture
• 8 higher throughput for stronger station

7
Ad-hoc Mode Experiments
Signal strengths
Throughputs
8
Infrastructure Mode Experiments without RTS/CTS

• source 1 source 2 AP
• sniffer sniffer sink
• Results
• Weaker station retransmitted 5 of frames
• Stronger station retransmitted 0.5 of frames
• Stronger station had 7 higher throughput

9
Infrastructure Mode Experiments without RTS/CTS
Throughputs
Signal strengths
10
Infrastructure Mode Experiments with RTS/CTS

• source 1 source 2 AP
• sniffer sniffer sink
• Results
• Each station retransmitted under 0.1 data frames
• Weaker station retransmitted 5 of RTS frames
• Stronger station retransmitted 0.1 of RTS frames
• Stronger station had 12 higher throughput

11
QoS Compensating for Capture

• Congestion control based on signal strength
• Explicit control
• Source controls its send rate based on its signal
  strength at AP
• Implicit control
• AP delays packets of stronger sources, thereby
  inciting transport layer congestion control to
  throttle down

12
QoS Conclusions

• Physical-layer capture is a major cause of MAC
  throughput unfairness.
• Resulting unfairness as high as 12 in favor of
  station with stronger signal.
• Any QoS scheme must account for differing signal
  strengths of sources.
• Investigating explicit and implicit schemes.
• Invention disclosure.

13
Outline

• QoS
• Z-iteration
• Fast evaluation of instantaneous peformance
  metrics of wireless/wireline networks
• Assertional Security Analysis

14
Z-iteration Introduction

• Fast evaluation of heterogenous TCP/IP networks
• Current evaluation methods are not adequate
• analytical methods are inaccurate and coarse
• packet-level simulators are slow (e.g. ns, opnet)
• Do not capture real-world features
• 802.11 rate-switching
• Platform dependencies (timers, scheduling)
• Goal Evaluation method that is as accurate as
  packet-level simulation but much faster
• Approach Based on fast approximate solutions of
  time-dependent queuing models

15
Z-iteration Approach

• TCP/IP networks modeled by a queuing network
• Traffic modeled by time-dependent stochastic
  process
• Time-dependency natural modeling of adaptive
  control (congestion, routing, admission, link
  scheduling, ...)
• Queuing differential equations solved rapidly
  using Z-iteration approximations
• Obtain time evolution of instantaneous ensemble
  metrics at each link for each connection
• average_queue_size(t), blocking(t),
  utilization(t),
• Validation against ns simulation

16
M(t)/M(t)/ Queuing Networks

• Start from the flow equation
• If we can express B(t) and U(t) in terms of N(t),
  we would have a single differential equation per
  queue
• For a network of queues, each queue i has
• So a network of n queues is modeled by n
  differential equations

17
M(t)/M(t)/ Queuing Networks
18
M(t)/M(t)/ Queuing Networks
19
TCP/IP Networks

• Model link by variation of M(t)/M(t)/1/K
  equations
• Model TCP sources by profiles.
• Profile of a TCP source
• function that describesinst. throughput versus
• inst. loss rate andinst. roundtrip time.

20
Drop-Tail Example 2 30 nodes, mid-load
21
Drop-Tail Example 34 100 nodes - topology
22
Drop-Tail Example 3 100 nodes, mid-load
Evaluation time Z-iteration 16 sec, ns 71 -
930 sec
23
Drop-Tail Example 4 100 nodes, high-load
Evaluation time Z-iteration 29 sec, ns 146 -
2150 sec
24
Summary

• Fast accurate time evolution of performance
  metrics of time-dependent queuing networks
• Straightforward modeling of adaptive control
  mechanisms
• Short-term real-time prediction of network
  traffic
• Profiles natural way to model real-life sources
• Extensions
• RED, CBQ, ...
• WLANs

25
Z-iteration for WLAN networks

• Model 802.11 sources by profiles
• Profile of a 802.11 source
• Instantaneous throughput as function of
• Number of active stations
• Desired and achieved instantaneous rates of
  active stations
• Signal strengths of active stations at AP

26
Profile Experimental Setup

• source 1
• .... sniffer AP/sink
• source N
• Workload
• UDP sources to preclude any control effects.
• Sending rate keeps firmware queue full.

27
General Observations

• Susceptible to severe capture-effect
• Starvation occurs routinely for more than 8
  stations
• Rate Switching Algorithm
• Station switches to lower transmission rate if
  there is a packet loss
• AP is not bottleneck in processing

28
Specific Results

• Maximum Instantaneous Throughput for single
  station is 6.45 Mbps, out of a bit rate of 11
  Mbps
• Due to DIFS Backoff
• Throughput falls rapidly with number of stations
  at high load
• Susceptible to capture-effect

29
Profile of 802.11b (preliminary)
N2
N3
N4
Instantaneous Throughput
Background Traffic
30
Clustering in 802.11 profiles
Per-station inst. throughput (pkts/sec)
Overall inst. throughput (pkts/sec)
31
Outline

• QoS
• Z-iteration
• Assertional Security Analysis
• Framework for specification, verification, and
  testing of concurrent systems

32
Concurrent System Cooks in a Kitchen
33
Example concurrent system executions

• Single-process concurrent system execution
• Two-process concurrent system execution

34
SESF (services and systems framework)

• Systems and Services specified by programs
• service defines acceptable sequences of
  interactions
• service is executable, not constrained by
  platform
• SESF program explicitly indicates
• events atomically-executed statements
• externally-controlled events
• progress expected (of platform/service)
• Service satisfaction
• composite program of system and service
• Compositionality

35
Assertional Analysis and Testing

• Analysis
• Properties expressed by assertions
• invariants, leads-to,
• Assertions proved by proof rules or operational
  reasoning
• Routing, transport, concurrency control
• Testing
• single process threads and function calls
• multi-process distributed processes and RMI
• Transport layer

36
Assertions of Security

• confined(key, vset)
• predicate true iff value key is confined to
  variable set vset
• vset models principals, systems, ...
• handles authentication, confidentiality, ...
• Proof rules
• Hoare-triple predicate statement predicate
• confined(k, v) x k confined(k, v U x)
• confined(k, v) one-way-func(k) confined(k,
  v)

37
Future Work

• QoS
• Control mech compensating for signal-strength
• Z-iteration (performance evaluation)
• 802.11b profiles
• Evaluation of QoS mechanisms
• Assertional Security Analysis
• Assertions and proof system for security
• 802.11 authentication, key distribution, ...