A system simulation imitates the workings or operations of a real system so that it can be studied and improved upon. The paper "Describing and Simulating Internet Routes" by J. Leguay, T. Friedman, and K. Salamatian [1] adds a new approach to simulating Internet routes. The authors argue that the present models of Internet routes are still far from being a realistic representation of the actual system. They believe that their new model presents a closer representation of the statistical properties of the Internet.
According to the paper [1], there are three approaches to simulating routes: The first is the use of the shortest path model. A second approach is to explicitly model the actual network and separately simulate the public networks (WAN) and the intra network (LAN). The third approach is to use the actual route maps generated by network softwares like traceroute or skitter. The paper cites the study of Paxton [2] to show that actual network routing does not use really use the shortest path method most of the time. Another study [3] cited by the paper shows that routing policies at the autonomous systems level may have priorities other than the shortest path. The second approach is also limited by man's ability to obtain all the characteristics of the system, and that simulating inter and intra networks is, at best, a very difficult task. The third approach is also inapplicable if a large number of sources or nodes are to be simulated. As of now, the current tracing softwares can only employ a few hundred sources. For example, the skitter program can only map the route of thirty sources. Given the limitations of the three approaches, most prefer to use the shortest path model despite its limitations.
The new approach proposed by the paper [1] suggests using actual measured graphs of the network topology. Sources and destinations can be chosen at random. A model produces artificial routes that closely resemble statistically the actual routes. The two models tested are the random deviation model and the node degree model. According to the paper [2], the random deviation model is based on the notion that the router usually follows the shortest path method, but might at times deviate from it . The node degree model uses the node degrees from the source and destination to determine the shortest path.
Another contribution of the paper is an update of familiar statistical properties of actual routes which are the path length and hop direction. Path length is the sum of the paths from the source to the destination node. The proposed model aims to produce routes of the same length as the real routes Hop direction refers to the direction and distance taken by a packet as it travels from one router to another (hop). It may hop closer or farther from the source, but in general, the packet should increase the distance from the source and shorten the distance towards its destination.
Lastly, the paper introduces a new statistical property called the evolution of degree along the route. This refer to the probabilities of passing from a lower to a higher degree node or vice-versa as the packet passes to the next on the way to its destination. The evolution of degree and path length are utilized in the generation of artificial routes to produce a one that is closest to the real route that a packet actually goes through in the real network.
The paper impressed me by its methodology. In a situation where it is impossible to know the actual route that will be taken by packets in an a real network, the authors employ probability and statistics to predict the actual route thereby providing a better simulation of the system.
References:
[1] J. Leguay, T. Friedman, K. Salmatian. Describing and Simulating Internet Routes, 2004
[2] V. Paxton. "End-to-End Routing Behavior in the Internet", In Proc. ACM SIGCOMM, 1996
[3] H. Tangmumarunkit, et al. " Network Topology generators: Degree-based vs. structural", In Proc. ACM SIGCOMM, 2002
Saturday, June 21, 2008
GAME THEORY AND POLITICAL REALITY
The paper, "The Israel-Palestine Question- A Case For Application of Neutrosophic Game Theory" by Dr. S. Bhattacharya, Dr. F. Smarandache, and Dr. M. Khosnevisan [1] proposes the application of a particular kind of game theory to a specific political/social situation. I always considered political and social situations as complex, dynamic, and, in the long term, unpredictable. But this paper is a revelation that social complexity can be described and analyzed using mathematical tools.
Game theory, as defined in Wikipedia [2], is a branch of applied mathematics which tries to describe behavior in important situations wherein an individual's success in making choices depends on the choices of other individuals. Game theory is applied to the social sciences, including computer science and political science. In political science, Game Theory is used to identify the choices available to each party and to evaluate what each of them is trying to achieve. In short, Game Theory is used to simplify a complex and dynamic political situation so that it can be fully understood.
The paper [1] argues that the normal form game( a zero sum game) applied by Plessner [3] is inadequate because it lends to static and well defined variables. The Israeli-Palestinian conflict, on the other hand, is characterized by changing strategies and ambiguities at particular points in time. At one particular point, the players are playing a cooperative game and a non-cooperative game. When Israeli and Palestinian authorities commit and support their peace agreements, they are playing a cooperative game. When Israeli forces unilaterally attack Gaza with tanks and Hamas paramilitaries fire rockets at Jewish civilian settlements, they are playing non-cooperative games. The authors propose that a neusotrophic game theory is better equipped to study these class of dynamic situations.
Wikipedia defines a zero sum game as a theory where in all contending parties do not really gain anything at the end of the game. The gain and losses of one player is offset by the gains and losses of other players. When the total gains are added with the total losses, the sum is zero. This could describe a scenario were particular parties may gain certain successes and concede certain losses but in the end everyone wins, nobody really has a grater advantage over the other. A neutrosophic game is similar to the zero sum game in the sense that it seeks a win-win solution to contentions. The only difference is that it has a component to address the changes and ambiguities that may be present to a situation, like what calculus is to algebra. The paper [1] defines Neusotrophy as a new branch of philosophy which studies neutralities and their interaction with various types of social ideas or ideologies.
References:
[1] S. Bhattacharya, F. Smarandache, M. Khosnevisan. "The Israel-Palestine Question - A Case for Application of Neutrosophic Game Theory", Computational Modeling in Applied Problems: collected papers on econoetrics, operations research, game theory and simulation, pp. 50 - 60
[2] Wikipedia.org, http://www.wikipedia.org
[3] Plessner, Yakir. "The conflict Between Israel and the Palestinian: A Rational Analysis", Jerusalem Letters/Viewpoints, No. 448, 22 Shvat 5761, 15, February 2001
Game theory, as defined in Wikipedia [2], is a branch of applied mathematics which tries to describe behavior in important situations wherein an individual's success in making choices depends on the choices of other individuals. Game theory is applied to the social sciences, including computer science and political science. In political science, Game Theory is used to identify the choices available to each party and to evaluate what each of them is trying to achieve. In short, Game Theory is used to simplify a complex and dynamic political situation so that it can be fully understood.
The paper [1] argues that the normal form game( a zero sum game) applied by Plessner [3] is inadequate because it lends to static and well defined variables. The Israeli-Palestinian conflict, on the other hand, is characterized by changing strategies and ambiguities at particular points in time. At one particular point, the players are playing a cooperative game and a non-cooperative game. When Israeli and Palestinian authorities commit and support their peace agreements, they are playing a cooperative game. When Israeli forces unilaterally attack Gaza with tanks and Hamas paramilitaries fire rockets at Jewish civilian settlements, they are playing non-cooperative games. The authors propose that a neusotrophic game theory is better equipped to study these class of dynamic situations.
Wikipedia defines a zero sum game as a theory where in all contending parties do not really gain anything at the end of the game. The gain and losses of one player is offset by the gains and losses of other players. When the total gains are added with the total losses, the sum is zero. This could describe a scenario were particular parties may gain certain successes and concede certain losses but in the end everyone wins, nobody really has a grater advantage over the other. A neutrosophic game is similar to the zero sum game in the sense that it seeks a win-win solution to contentions. The only difference is that it has a component to address the changes and ambiguities that may be present to a situation, like what calculus is to algebra. The paper [1] defines Neusotrophy as a new branch of philosophy which studies neutralities and their interaction with various types of social ideas or ideologies.
References:
[1] S. Bhattacharya, F. Smarandache, M. Khosnevisan. "The Israel-Palestine Question - A Case for Application of Neutrosophic Game Theory", Computational Modeling in Applied Problems: collected papers on econoetrics, operations research, game theory and simulation, pp. 50 - 60
[2] Wikipedia.org, http://www.wikipedia.org
[3] Plessner, Yakir. "The conflict Between Israel and the Palestinian: A Rational Analysis", Jerusalem Letters/Viewpoints, No. 448, 22 Shvat 5761, 15, February 2001
SPAM OVER INTERNET TELEPHONY: THE DARK SIDE OF VoIP
Technology is always a two-edged sword. On one hand, it can be beneficial to mankind; on the other, it can be intentionally used to cause harm or inconvenience, in the least. The research paper of Dr. Andreas U. Schmidt, Nicolai Kuntze, and Rachid El Khayari titled, "Spam Over Internet Telephony and How to Deal with It" is a case in point. It studies the phenomenon and methodology of propagating unsolicited, bulk calls over the Internet phone.
Wikipedia [1] defines Internet Telephony as the use of the Internet infrastructure to send phone calls either to phones connected to computers or to land line or mobile phones. The actual technical term used is Voice Over Internet Protocol or VoIP. The advantages of VoIP are outlined in [2] and these are low cost, simplicity, and “multimedia functionality”. When a company decides to provide the standard telephone service, it has to construct and spend for its own infrastructure or telephone network. Obviously, the capital infusion will be tremendous and makes the phone services expensive. However, if the company uses VoIP technology, it can use the existing infrastructure of the Internet, saving the company time and money. This brings the cost of calls down. VoIP is simple because it uses the existing network protocols. The protocols that define VoIP is called the Session Initiation Protocol (SIP). According to Wikipedia, SIP sits in the Session Layer of the OSI model and uses the existing transport protocols whether it is TCP, UDP or STCP, and the other protocols used in Network, Data Link and Physical layers. It is like a module which you plug into a running system and uses the other existing modules in the system. Lastly, since VoIP uses the Internet, it can avail of the existing Internet technologies to make a richer mix of services such as video conferencing, data and video downloads and others.
However, while VoIP has leveraged a lot of advantages by using the Internet, it has also inherited some of the problems that continue to plague this network. Sipera System's VIPER Lab, a Texas research company that specializes in VoIP, has identified the security problems in 2008 of which SPAM is one of these[3]. The paper [2] defines SPAM as unsolicited and, mostly, bulk email. They coin the word SPIT or SPAM over Internet Telephony to differentiate email from VoIP SPAM. The authors are obviously concerned about SPIT because SPAM comprises 80 to 90 percent of email traffic. They are afraid that the same will eventually happen to SPIT thereby clogging the network with unwanted traffic.
SPAM and SPIT share a similarity in the sense that these are unsolicited (and annoying) communication. But aside from this, they differ in the way each operates. SPAM mails are automatically received by mail servers before they can be accessed by the recipient. This allows the server to detect and filter out SPAM before it reaches the victim. On the other hand, SIP is a connection-oriented protocol which requires that a communication session be established before the message is delivered. This means that the phone has already rung and the call accepted before the recipient realizes it is SPIT. By then, the damage has been done- the victim has already been disturbed and the SPIT message delivered. It is for this reason that the paper [2] considers SPIT more difficult and challenging than SPAM.
The paper [2] studied and analyzed the cutting-edge SPIT countermeasures. It came up with the following categories: device fingerprinting, using white list or blacklists, reputation systems, Turing Test and computational puzzles, payment at risk, and intrusion detection mechanisms and honey phones. Device fingerprinting compares some features of the device used to make the call (User Agent), specifically the order and appearance of SIP headers, with those of "standard" devices. Those that fail to conform are rejected. This is done during session handshaking. White lists consist of acceptable callers while the black list is its opposite. Reputation systems let the recipient assign a grade to callers which identifies them as SPIT or otherwise. In the next attempt at handshaking, the grades determine whether a connection is allowed to be established. The Turing Test distinguishes human callers from web robots or bots. Since most SPAM and SPIT are delivered by bots, it is a way of identifying SPIT . Intrusion detection systems usually counts the number of calls a particular telephone address or Uniform Resource Identifier (URI) makes over a period of time and compares it with the average calls over time. A URI which makes 100 calls in an hour will most likely be sending SPIT.
However all the countermeasures enumerated above also contain weaknesses which allow these to be circumvented. For example, the finger print of of a software User Agent can be modified to appear like normal SIP headers. The paper calls it fingerprint spoofing. Or in the case of Turing Test, the call can be forwarded to a human call agent who will solve the test. To defeat the Intrusion Detection mechanism, the SPITter can minimize the average call per time to mimic the normal average. All in all, the paper [2] concludes that more research should be done to counter SPIT.
It is interesting to note that given the 3 phases of the SPIT cycle (gathering URI addresses, establishing a session, and delivery of the message [2]), most of the current SPIT countermeasures are done only during the phase when SPITters attempt to establish communication session with their intended victims. Come to think of it, the initial phase of gathering URIs is crucial because without the phone addresses, SPIT can not be sent to a target. If there is a way to protect the VoIP proxy servers from scanners, it may help limit SPIT to a manageable level .
The greater question for me is will VoIP ever be made safe or impervious to attacks or misuse?
I don't think so, for however man strive to improve technology, there will always be talented people who will be drawn to the dark side of technology, always be looking for weaknesses to exploit, and ways to misuse technology.
Philosophically, the paper only underscores the dialectical nature of technology. It will always have a Yin and a Yang. This should not mean that man shrink from the pursuit of innovation, rather it emphasizes the point that the struggle of change and the ascending spiral of creation and destruction will be as eternal as the struggle between good and evil.
References
[1] Wikipedia, http://www.wikipedia.org
[2] Dr. A. Schmidt, N. Kuntze, R. El Khayari. Spam over Internet Telephony and How to Deal with It, 2008
[3] J. Higdon. The Top 5 VoIP Security Threats in 2008, Jan. 24, 2008. VOIP-News
Wikipedia [1] defines Internet Telephony as the use of the Internet infrastructure to send phone calls either to phones connected to computers or to land line or mobile phones. The actual technical term used is Voice Over Internet Protocol or VoIP. The advantages of VoIP are outlined in [2] and these are low cost, simplicity, and “multimedia functionality”. When a company decides to provide the standard telephone service, it has to construct and spend for its own infrastructure or telephone network. Obviously, the capital infusion will be tremendous and makes the phone services expensive. However, if the company uses VoIP technology, it can use the existing infrastructure of the Internet, saving the company time and money. This brings the cost of calls down. VoIP is simple because it uses the existing network protocols. The protocols that define VoIP is called the Session Initiation Protocol (SIP). According to Wikipedia, SIP sits in the Session Layer of the OSI model and uses the existing transport protocols whether it is TCP, UDP or STCP, and the other protocols used in Network, Data Link and Physical layers. It is like a module which you plug into a running system and uses the other existing modules in the system. Lastly, since VoIP uses the Internet, it can avail of the existing Internet technologies to make a richer mix of services such as video conferencing, data and video downloads and others.
However, while VoIP has leveraged a lot of advantages by using the Internet, it has also inherited some of the problems that continue to plague this network. Sipera System's VIPER Lab, a Texas research company that specializes in VoIP, has identified the security problems in 2008 of which SPAM is one of these[3]. The paper [2] defines SPAM as unsolicited and, mostly, bulk email. They coin the word SPIT or SPAM over Internet Telephony to differentiate email from VoIP SPAM. The authors are obviously concerned about SPIT because SPAM comprises 80 to 90 percent of email traffic. They are afraid that the same will eventually happen to SPIT thereby clogging the network with unwanted traffic.
SPAM and SPIT share a similarity in the sense that these are unsolicited (and annoying) communication. But aside from this, they differ in the way each operates. SPAM mails are automatically received by mail servers before they can be accessed by the recipient. This allows the server to detect and filter out SPAM before it reaches the victim. On the other hand, SIP is a connection-oriented protocol which requires that a communication session be established before the message is delivered. This means that the phone has already rung and the call accepted before the recipient realizes it is SPIT. By then, the damage has been done- the victim has already been disturbed and the SPIT message delivered. It is for this reason that the paper [2] considers SPIT more difficult and challenging than SPAM.
The paper [2] studied and analyzed the cutting-edge SPIT countermeasures. It came up with the following categories: device fingerprinting, using white list or blacklists, reputation systems, Turing Test and computational puzzles, payment at risk, and intrusion detection mechanisms and honey phones. Device fingerprinting compares some features of the device used to make the call (User Agent), specifically the order and appearance of SIP headers, with those of "standard" devices. Those that fail to conform are rejected. This is done during session handshaking. White lists consist of acceptable callers while the black list is its opposite. Reputation systems let the recipient assign a grade to callers which identifies them as SPIT or otherwise. In the next attempt at handshaking, the grades determine whether a connection is allowed to be established. The Turing Test distinguishes human callers from web robots or bots. Since most SPAM and SPIT are delivered by bots, it is a way of identifying SPIT . Intrusion detection systems usually counts the number of calls a particular telephone address or Uniform Resource Identifier (URI) makes over a period of time and compares it with the average calls over time. A URI which makes 100 calls in an hour will most likely be sending SPIT.
However all the countermeasures enumerated above also contain weaknesses which allow these to be circumvented. For example, the finger print of of a software User Agent can be modified to appear like normal SIP headers. The paper calls it fingerprint spoofing. Or in the case of Turing Test, the call can be forwarded to a human call agent who will solve the test. To defeat the Intrusion Detection mechanism, the SPITter can minimize the average call per time to mimic the normal average. All in all, the paper [2] concludes that more research should be done to counter SPIT.
It is interesting to note that given the 3 phases of the SPIT cycle (gathering URI addresses, establishing a session, and delivery of the message [2]), most of the current SPIT countermeasures are done only during the phase when SPITters attempt to establish communication session with their intended victims. Come to think of it, the initial phase of gathering URIs is crucial because without the phone addresses, SPIT can not be sent to a target. If there is a way to protect the VoIP proxy servers from scanners, it may help limit SPIT to a manageable level .
The greater question for me is will VoIP ever be made safe or impervious to attacks or misuse?
I don't think so, for however man strive to improve technology, there will always be talented people who will be drawn to the dark side of technology, always be looking for weaknesses to exploit, and ways to misuse technology.
Philosophically, the paper only underscores the dialectical nature of technology. It will always have a Yin and a Yang. This should not mean that man shrink from the pursuit of innovation, rather it emphasizes the point that the struggle of change and the ascending spiral of creation and destruction will be as eternal as the struggle between good and evil.
References
[1] Wikipedia, http://www.wikipedia.org
[2] Dr. A. Schmidt, N. Kuntze, R. El Khayari. Spam over Internet Telephony and How to Deal with It, 2008
[3] J. Higdon. The Top 5 VoIP Security Threats in 2008, Jan. 24, 2008. VOIP-News
Subscribe to:
Posts (Atom)