research-article

An untold story of middleboxes in cellular networks

Authors:

Zhaoguang Wang,

Ming ZhangAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 41, Issue 4

Pages 374 - 385

https://doi.org/10.1145/2043164.2018479

Published: 15 August 2011 Publication History

Abstract

The use of cellular data networks is increasingly popular as network coverage becomes more ubiquitous and many diverse user-contributed mobile applications become available. The growing cellular traffic demand means that cellular network carriers are facing greater challenges to provide users with good network performance and energy efficiency, while protecting networks from potential attacks. To better utilize their limited network resources while securing the network and protecting client devices the carriers have already deployed various network policies that influence traffic behavior. Today, these policies are mostly opaque, though they directly impact application designs and may even introduce network vulnerabilities.

We present NetPiculet, the first tool that unveils carriers' NAT and firewall policies by conducting intelligent measurement. By running NetPiculet on the major U.S. cellular providers as well as deploying it as a smartphone application in the wild covering more than 100 cellular ISPs, we identified the key NAT and firewall policies which have direct implications on performance, energy, and security. For example, NAT boxes and firewalls set timeouts for idle TCP connections, which sometimes cause significant energy waste on mobile devices. Although most carriers today deploy sophisticated firewalls, they are still vulnerable to various attacks such as battery draining and denial of service. These findings can inform developers in optimizing the interaction between mobile applications and cellular networks and also guide carriers in improving their network configurations.

Supplementary Material

JPG File (sigcomm_11_3.jpg)

Download
15.17 KB

MP4 File (sigcomm_11_3.mp4)

Download
182.68 MB

References

[1]

Allot: Video streaming dominated mobile data traffic in first half 2010. http://www.indiatelecomtracker.com/archives/2669.

[2]

Apple Push Notification Service. http://en.wikipedia.org/wiki/Apple_Push_Notification_Service.

[3]

Building Push Applications for Android. http://dl.google.com/googleio/2010/android-push-applications-android.pdf.

[4]

Cisco Mobile Exchange. http://docstore.mik.ua/univercd/cc/td/doc/product/wireless/moblwrls/cmx/mmg_sg/cmxdesc.htm.

[5]

Fring. http://www.fring.com.

[6]

Tango. http://tango.me.

[7]

tcp(7) - Linux man page. http://linux.die.net/man/7/tcp.

[8]

WindRider: A Mobile Network Neutrality Monitoring System. http://www.cs.northwestern.edu/~ict992/mobile.htm.

[9]

Cisco GGSN Release. http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6947/ps5413/prod_bulletin0900aecd802e0859.html, 2005.

[10]

TCP Out-of-Order Packet Support for Cisco IOS Firewall and Cisco IOS IPS. http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_ooop.html, 2006.

[11]

Interworking between the Public Land Mobile Network (PLMN) supporting packet based services and Packet Data Networks (PDN). 3GPP TS 29.061 V6.15.0, 2008.

[12]

Improving TCP's Robustness to Blind In-Window Attacks. http://tools.ietf.org/html/rfc5961, 2010.

[13]

M. Allman. On the Performance of Middleboxes. In Proc. ACM SIGCOMM IMC, 2003.

Digital Library

[14]

R. Beverly, A. Berger, Y. Hyun, and k claffy. Understanding the Efficacy of Deployed Internet Source Address Validation Filtering. In Proc. ACM SIGCOMM IMC, 2009.

Digital Library

[15]

A. Biggadike, D. Ferullo, G. Wilson, and A. Perrig. NATBLASTER: Establishing TCP Connections Between Hosts Behind NATs. In Proc. of ACM SIGCOMM ASIA Workshop, 2005.

[16]

Z. Cao, Z. Wang, and E. Zegura. Performance of HashingnBased Schemes for Internet Load Balancing. In INFOCOM, 2000.

[17]

M. Casado and M. J. Freedman. Peering through the shroud: The effect of edge opacity on IP-based client identification. In Proc. Symposium on Networked Systems Design and Implementation, 2007.

Digital Library

[18]

J. L. Eppinger. TCP Connections for P2P Apps: A Software Approach to Solving the NAT Problem. http://reports-archive.adm.cs.cmu.edu/anon/isri2005/Carnegie Mellon University-ISRI-05-104.pdf.

[19]

H. Falaki, R. Mahajan, S. Kandula, D. Lymberopoulos, R. Govindan, and D. Estrin. Diversity in Smartphone Usage. In Proc. ACM MOBISYS, 2010.

Digital Library

[20]

B. Ford, P. Srisuresh, and D. Kegel. Peer-to-Peer Communication Across Network Address Translators. In Proc. of the USENIX Annual Technical Conference, 2005.

Digital Library

[21]

S. Guha and P. Francis. Characterization and Measurement of TCP Traversal through NATs and Firewalls. In Proc. ACM SIGCOMM IMC, 2005.

Digital Library

[22]

S. Guha, Y. Takeda, and P. Francis. NUTSS: A SIP-based Approach to UDP and TCP Network Connectivity. In Proc. of SIGCOMM'04 Workshop, 2004.

Digital Library

[23]

J. Huang, Q. Xu, B. Tiwana, Z. M. Mao, M. Zhang, and P. Bahl. Anatomizing Application Performance Differences on Smartphones. In Proc. ACM MOBISYS, 2010.

Digital Library

[24]

V. Jacobson, R. Braden, and D. Borman. TCP Extensions for High Performance. http://tools.ietf.org/html/rfc1323, 1992.

Digital Library

[25]

P. P. Lee, T. Bu, and T. Woo. On the Detection of Signaling DoS Attacks on 3G Wireless Networks. In Proc. IEEE INFOCOM, 2007.

Digital Library

[26]

P. P. C. Lee, T. Bu, and T. Woo. On the Detection of Signaling DoS Attacks on 3G Wireless Networks. In Proc. IEEE INFOCOM, 2007.

Digital Library

[27]

D. MacDonald and B. Lowekamp. NAT Behavior Discovery Using STUN. http://tools.ietf.org/html/draft-ietf-behave-nat-behavior-discovery-08.

[28]

L. Makinen and J. K. Nurminen. Measurements on the Feasibility of TCP NAT Traversal in Cellular Networks. In Proc. of the 4th EURO-NGI Conference on Next Generation Internet Networks, 2008.

[29]

A. Medina, M. Allman, and S. Floyd. Measuring Interactions Between Transport Protocols and Middleboxes. In Proc. ACM SIGCOMM IMC, 2004.

Digital Library

[30]

P. Porras, H. Saidi, and V. Yegneswaran. An Analysis of the iKee.B iPhone Botnet. In Proc. of International ICST Conference on Security and Privacy in Mobile Information and Communication Systems, 2010.

[31]

F. Qian, Z. Wang, A. Gerber, Z. M. Mao, S. Sen, and O. Spatscheck. Characterizing Radio Resource Allocation for 3G Networks. In Proc. ACM SIGCOMM IMC, 2010.

Digital Library

[32]

R. Racic, D. Ma, and H. Chen. Exploiting mms vulnerabilities to stealthily exhaust mobile phone's battery. In Proc. of SecureComm, 2006.

[33]

P. Sarolahti and M. Kojo. Forward RTO-Recovery (F-RTO): An Algorithm for Detecting Spurious Retransmission Timeouts with TCP and the Stream Control Transmission Protocol (SCTP). http://tools.ietf.org/html/rfc4138, 2005.

[34]

J. Serror. Impact of paging channel overloads or attacks on a cellular network. In Proceedings of the 5th ACM workshop on Wireless security, WiSe, 2006.

Digital Library

[35]

U. Shankar and V. Paxson. Active Mapping: Resisting NIDS Evasion Without Altering Traffic. In Proc. IEEE Symposium on Security and Privacy, 2003.

Digital Library

[36]

P. Traynor, P. McDaniel, and T. La Porta. On Attack Causality in Internet-connected Cellular Networks. In Proc. of 16th USENIX Security Symposium, 2007.

Digital Library

Cited By

Hill LRotsos CEdwards CHutchison D(2024)Katoptron: Efficient State Mirroring for Middlebox ResilienceNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575815(1-9)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575815
Hill LRotsos CEdwards CHutchison D(2024)REMEDIATE: Improving Network and Middlebox Resilience With VirtualisationInternational Journal of Network Management10.1002/nem.231735:1Online publication date: 3-Dec-2024
https://doi.org/10.1002/nem.2317
Varvello MZaki Y(2023)A Worldwide Look Into Mobile Access Networks Through the Eyes of AmiGos2023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10198920(1-10)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10198920
Show More Cited By

Index Terms

An untold story of middleboxes in cellular networks
1. Networks
  1. Network services

Recommendations

An untold story of middleboxes in cellular networks
SIGCOMM '11: Proceedings of the ACM SIGCOMM 2011 conference

The use of cellular data networks is increasingly popular as network coverage becomes more ubiquitous and many diverse user-contributed mobile applications become available. The growing cellular traffic demand means that cellular network carriers are ...
SIP mobility and IPv4/IPv6 dual-stack supports in 3G IP multimedia subsystem: Research Articles
Mobile IP

In the Universal Mobile Telecommunications System (UMTS), session initiation protocol (SIP) and IPv6 are the default protocols for IP multimedia core network subsystem (IMS). However, a user equipment (UE) may not be allowed to roam or hand off from ...
Improving TCP performance over mobile networks

Transmission Control Protocol (TCP) is the most commonly used transport protocol on the Internet. All indications assure that mobile computers and their wireless communication links will be an integral part of the future internetworks. In this paper, we ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 41, Issue 4

SIGCOMM '11

August 2011

480 pages

ISSN:0146-4833

DOI:10.1145/2043164

Issue’s Table of Contents

SIGCOMM '11: Proceedings of the ACM SIGCOMM 2011 conference
August 2011
502 pages
ISBN:9781450307970
DOI:10.1145/2018436
General Chairs:
Srinivasan Keshav
University of Waterloo, Canada
,
Jörg Liebeherr
University of Toronto, Canada
,
Program Chairs:
John Byers
Boston University, USA
,
Jeffrey Mogul
HP Labs, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 August 2011

Published in SIGCOMM-CCR Volume 41, Issue 4

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

159
Total Citations
View Citations
1,404
Total Downloads

Downloads (Last 12 months)127
Downloads (Last 6 weeks)20

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hill LRotsos CEdwards CHutchison D(2024)Katoptron: Efficient State Mirroring for Middlebox ResilienceNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575815(1-9)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575815
Hill LRotsos CEdwards CHutchison D(2024)REMEDIATE: Improving Network and Middlebox Resilience With VirtualisationInternational Journal of Network Management10.1002/nem.231735:1Online publication date: 3-Dec-2024
https://doi.org/10.1002/nem.2317
Varvello MZaki Y(2023)A Worldwide Look Into Mobile Access Networks Through the Eyes of AmiGos2023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10198920(1-10)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10198920
Hilal FGasser O(2023)Yarrpbox: Detecting Middleboxes at Internet-ScaleProceedings of the ACM on Networking10.1145/35952901:CoNEXT1(1-23)Online publication date: 5-Jul-2023
https://dl.acm.org/doi/10.1145/3595290
Jose MLazri KFrançois JFestor O(2023)Stateful InREC: Stateful In-Network Real Number Computation With Recursive FunctionsIEEE Transactions on Network and Service Management10.1109/TNSM.2022.319800820:1(830-845)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1109/TNSM.2022.3198008
Rao SChen HAura T(2023)Threat modeling framework for mobile communication systemsComputers & Security10.1016/j.cose.2022.103047125(103047)Online publication date: Feb-2023
https://doi.org/10.1016/j.cose.2022.103047
Jose MLazri KFrancois JFestor O(2022)NetREC: Network-wide in-network REal-value Computation2022 IEEE 8th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft54395.2022.9844118(189-197)Online publication date: 27-Jun-2022
https://doi.org/10.1109/NetSoft54395.2022.9844118
Kühlewind MCarlander-Reuterfelt MIhlar MWesterlund M(2021)Evaluation of QUIC-based MASQUE proxyingProceedings of the 2021 Workshop on Evolution, Performance and Interoperability of QUIC10.1145/3488660.3493806(29-34)Online publication date: 7-Dec-2021
https://dl.acm.org/doi/10.1145/3488660.3493806
Rochet FAssogba EPiraux MEdeline KDonnet BBonaventure OCarle GOtt J(2021)TCPLSProceedings of the 17th International Conference on emerging Networking EXperiments and Technologies10.1145/3485983.3494865(45-59)Online publication date: 2-Dec-2021
https://dl.acm.org/doi/10.1145/3485983.3494865
Kattadige CMuramudalige SChoi KJourjon GWang HJayasumana AThilakarathna K(2021)VideoTrain: A Generative Adversarial Framework for Synthetic Video Traffic Generation2021 IEEE 22nd International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM)10.1109/WoWMoM51794.2021.00034(209-218)Online publication date: Jun-2021
https://doi.org/10.1109/WoWMoM51794.2021.00034
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents