Chapter 1 Introduction

A note on the use of these ppt slides:

Were making these slides freely available to all (faculty, students, readers). Theyre in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, wed like people to use our book!) If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and enjoy! JFK/KWR All material copyright 1996-2009 J.F Kurose and K.W. Ross, All Rights Reserved

Computer Networking: A Top Down Approach ,

5th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Introduction

1-1

Chapter 1: Introduction
Our goal:
get feel and terminology more depth, detail later in course approach: use Internet as example

Overview:
whats the Internet? whats a protocol? network edge; hosts, access net, physical media network core: packet/circuit switching, Internet structure performance: loss, delay, throughput security protocol layers, service models history
Introduction 1-2

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-3

Whats the Internet: nuts and bolts view

PC server wireless laptop cellular handheld

Hng triu thit b tnh ton c ni mng:

Mobile network Global ISP

hosts = end systems chy cc ng dng mng communication links

fiber, copper, radio, satellite transmission rate = bandwidth routers: Chuyn cc packets (gi tin)

Home network Regional ISP

access points wired links

Institutional network

router

Introduction

1-4

Cool internet appliances

Web-enabled toaster + weather forecaster IP picture frame http://www.ceiva.com/

Worlds smallest web server http://www-ccs.cs.umass.edu/~shri/iPic.html

Internet phones
Introduction 1-5

Whats the Internet: nuts and bolts view

protocols (giao thc) iu
khin vic gi/nhn cc msg
e.g., TCP, IP, HTTP, Skype, Ethernet
Home network Regional ISP Mobile network Global ISP

Internet: mng ca cc
mng
loosely hierarchical public Internet versus private intranet

Institutional network

Cc tiu chun Internet

RFC: Request for comments IETF: Internet Engineering Task Force
Introduction 1-6

Whats the Internet: a service view

H tng truyn thng (communication infrastructure) cho php cc ng dng phn b: Web, VoIP, email, games, e-commerce, file sharing Cc ng dng s dng cc dch v truyn thng (communication services) Truyn d liu bo m t my ngun n my ch Truyn d liu thng (ko bo m)
Introduction 1-7

Whats a protocol?
human protocols: My gi ri? Cho ti hi gii thiu gi i mt thng ip nht nh mt hnh ng nht nh c thc hin khi nhn c thng ip, hoc khi c 1 s kin khc network protocols: My tnh, ko phi ngi Tt c cc hot ng truyn thng trn Internet phi tun th cc protocols

protocols define format, order of msgs sent and received among network entities, and actions taken on msg transmission, receipt
Introduction 1-8

Whats a protocol?
a human protocol and a computer network protocol:

Xin cho Xin cho

Cho hi my gi ri?

TCP connection request TCP connection response

Get http://www.awl.com/kurose-ross

2:00 Thi gian Q: Other human protocols?

<file>

Introduction

1-9

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-10

A closer look at network structure:

network edge: ng dng v cc my tnh (hosts) access networks, physical media: wired, wireless communication links network core:
interconnected routers network of networks

Introduction

1-11

The network edge:

end systems (hosts):
Chy cc C trnh ng dng e.g. Web, email ng bin ca mng peer-peer

client/server model
Client yu cu v nhn cc dch v t cc server client/server e.g. Web browser/server; email client/server Dng t hoc ko dng cc server dnh ring e.g. Skype, BitTorrent
Introduction 1-12

peer-peer model:

Access networks and physical media

Q: Kt ni cc host vo cc edge router ra sao?
Qua mng truy cp thng trc Mng truy cp ca t chc (trng hc, cty) Mng truy cp khng dy

Nh :
Kh nng truyn (bandwidth, bits per second) ca mng truy cp? Dng chung hay dnh ring?
Introduction 1-13

Dial-up Modem
Vn phng trung tm telephone network Internet

My tnh gia nh

home dial-up modem

ISP modem (e.g., AOL)

S dng h tng mng in thoi ang c My tnh gia nh c kt ni vo vn phng trung tm Tc truy cp trc tip n cc router ln ti 56Kbps Ko th va lt web, va nghe in thoi cng lc

Digital Subscriber Line (DSL)

home phone
Existing phone line: 0-4KHz phone; 4-50KHz upstream data; 50KHz-1MHz downstream data

Internet

DSLAM

splitter DSL modem home PC central office

telephone network

Cng s dng h tng in thoi ang c Tc upstream ln ti 1Mbps (hin gi < 256 Kbps) Tc downstream ln ti 8Mbps (hin gi < 1 Mbps) S dng ng truyn vt l dnh ring ni n vn phng trung tm.

Residential access: cable modems

Khng s dng h tng in thoi
S dng h tng mng truyn hnh cp

HFC: hybrid fiber coax Bt i xng: 30Mbps downstream, 2 Mbps upstream Mng li cp ng v cp quang ni tng h gia nh n router ca ISP Cc h gia nh chia s truy cp (share access) ti router Khng nh DSL, k thut dedicated access
Introduction 1-16

Residential access: cable modems

Diagram: http://www.cabledatacomnews.com/cmic/diagram.html

Introduction

1-17

Cable Network Architecture: Overview

Typically 500 to 5,000 homes

cable headend cable distribution network (simplified) home

Introduction

1-18

Cable Network Architecture: Overview

server(s)

cable headend cable distribution network home

Introduction

1-19

Cable Network Architecture: Overview

cable headend cable distribution network (simplified) home

Introduction

1-20

Cable Network Architecture: Overview

FDM (more shortly):
V I D E O 1 V I D E O 2 V I D E O 3 V I D E O 4 V I D E O 5 V I D E O 6 D A T A 7 D A T A 8 C O N T R O L 9

Channels

cable headend cable distribution network home

Introduction

1-21

Fiber to the Home

ONT Internet optical fiber optical fibers ONT

OLT
central office

optical splitter ONT

S dng ng cp quang ni n nh S dng 2 k thut cp quang cnh tranh:

Passive Optical network (PON) Active Optical Network (PAN)

Tc truy cp Internet cao hn, cho php TV v in thoi.

Ethernet Internet access

100 Mbps Ethernet switch 100 Mbps Institutional router To Institutions ISP

1 Gbps 100 Mbps

server

c dng ph bin trong cc Cty, trng hc, 10 Mbs, 100Mbps, 1Gbps, 10Gbps Ethernet Hin thi, cc host c ni trc tip n cc Ethernet switch

Wireless access networks

Kt ni host n router qua cc mng truy cp khng dy (wireless) dng chung
Qua cc base station (hoc access point)

router

wireless LANs:
802.11b/g (WiFi): 11 or 54 Mbps

base station

wider-area wireless access

provided by telco operator ~1Mbps over cellular system (EVDO, HSDPA) next up (?): WiMAX (10s Mbps) over wide area

mobile hosts

Introduction

1-24

Home networks
Cc thnh phn tiu biu ca home network DSL or cable modem router/firewall/NAT Ethernet wireless access point
to/from cable headend cable modem router/ firewall Ethernet wireless access point
Introduction 1-25

wireless laptops

Physical Media
Bit: propagates between transmitter/rcvr pairs physical link: what lies between transmitter & receiver Phng tin truyn dn (guided media):
signals propagate in solid media: copper, fiber, coax

Twisted Pair (TP) two insulated copper wires

Category 3: traditional phone wires, 10 Mbps Ethernet Category 5: 100Mbps Ethernet

unguided media:
signals propagate freely, e.g., radio
Introduction 1-26

Physical Media: coax, fiber

Coaxial cable:
Hai dy dn ng trc Hai hng baseband:
Mt knh truyn trn cp legacy Ethernet

Fiber optic cable:

Si quang mang xung nh sng, mi xung biu din 1 bit Lm vic tc cao:
high-speed point-to-point transmission (e.g., 10s-100s Gps)

broadband:
Nhiu knh truyn trn cp HFC

t li, min nhiu in t

Introduction

1-27

Physical media: radio

signal carried in electromagnetic spectrum no physical wire bidirectional propagation environment effects:
reflection obstruction by objects interference

Radio link types:

terrestrial microwave
e.g. up to 45 Mbps channels

LAN (e.g., Wifi)

11Mbps, 54 Mbps

wide-area (e.g., cellular)

3G cellular: ~ 1 Mbps

satellite
Kbps to 45Mbps channel (or multiple smaller channels) 270 msec end-end delay geosynchronous versus low altitude
Introduction 1-28

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-29

The Network Core

Mng li cc router c ni kt nhau Cu hi cn bn: d liu c truyn dn qua mng ny nh th no? circuit switching: dedicated circuit per call: telephone net packet-switching: data sent thru net in discrete chunks
Introduction 1-30

Network Core: Circuit Switching

End-end resources reserved for call
link bandwidth, switch capacity dedicated resources: no sharing circuit-like (guaranteed) performance call setup required

Introduction

1-31

Network Core: Circuit Switching

network resources (e.g., bandwidth) divided into pieces
pieces allocated to calls resource piece idle if not used by owning call (no dividing link bandwidth into pieces frequency division time division

sharing)

Introduction

1-32

Circuit Switching: FDM and TDM

Example: FDM 4 users frequency time TDM

frequency time

Introduction

1-33

Numerical example
Gi 1 file 640,000 bits, t host A n host B qua mng circuit-switched mt bao lu?
Tc ng truyn 1.536 Mbps Mi ng truyn s dng TDM vi 24 slots/sec Cn 500 msec thit lp mch ni 2 im

Introduction

1-34

Network Core: Packet Switching

Dng d liu c chia thnh cc gi tin (packets) user A, B packets share network resources each packet uses full link bandwidth resources used as needed
Bandwidth division into pieces Dedicated allocation Resource reservation

Tranh chp ti nguyn: Tng nhu cu ti nguyn yu cu c th vt qu kh nng ti nguyn ang c Tc nghn: hng i gi tin, ch s dng ng truyn store and forward: packets move one hop at a time
Node receives complete packet before forwarding
Introduction 1-35

Packet Switching: Statistical Multiplexing

A B
100 Mb/s Ethernet

statistical multiplexing
1.5 Mb/s

queue of packets waiting for output link

Sequence of A & B packets does not have fixed pattern, bandwidth shared on demand statistical multiplexing. TDM: each host gets same slot in revolving TDM frame.
Introduction 1-36

Packet-switching: store-and-forward
L R R R

Cn L/R giy truyn ht gi tin L bit ln ng truyn vi tc R bps store and forward: ton b gi tin phi n router trc khi c th c truyn trn nhnh mng k tip. tr (delay) = 3 L/R (gi s ko c tr trn ng truyn)

Example: L = 7.5 Mbits R = 1.5 Mbps transmission delay = 15 sec

more on delay shortly

Introduction 1-37

Packet switching versus circuit switching*

Packet switching cho php nhiu user hn dng mng
1 Mb/s link Mi user:
100 kb/s khi active active 10% of time

N users

circuit-switching:
10 users

1 Mbps link

packet switching:
Vi 35 users, xc sut nhiu hn 10 user active cng lc < .0004 Q: Tnh nh th no ra 0.0004?

Introduction

1-38

Packet switching versus circuit switching

Is packet switching a slam dunk winner? Tt cho trng hp truyn d liu hng lot resource sharing simpler, no call setup S n tt qu mc: chm tr v mt gi tin Cn c protocol m bo vic truyn d liu, kim sot vic n tt. Q: How to provide circuit-like behavior? Cn c c ch m bo tc truyn ti thiu cho cc ng dng video/audio Vn cn l vn nan gii (chng 7)
Q: human analogies of reserved resources (circuit switching) versus on-demand allocation (packet-switching)?
Introduction 1-39

Internet structure: network of networks

C cu trc phn cp trung tm: cc nh cung cp dch v Internet cp 1 tier-1 ISPs (e.g., Verizon, Sprint, AT&T, Cable and Wireless), c tm bao ph quc gia/quc t treat each other as equals
Tier-1 providers interconnect (peer) privately

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP

Introduction

1-40

Tier-1 ISP: e.g., Sprint

POP: point-of-presence

to/from backbone peering

to/from customers

Introduction

1-41

Internet structure: network of networks

Nh cung cp dch v cp 2 (Tier-2 ISPs): nh hn, bao ph cp vng
Kt ni n 1 hoc nhiu ISP cp 1, cng c th vi cc ISP cp 2 khc
Tier-2 ISP pays tier-1 ISP for connectivity to rest of Internet tier-2 ISP is customer of tier-1 provider Tier-2 ISP Tier-2 ISPs also peer privately with each other.

Tier-2 ISP

Tier 1 ISP

Tier 1 ISP
Tier-2 ISP

Tier 1 ISP
Tier-2 ISP

Tier-2 ISP

Introduction

1-42

Internet structure: network of networks

ISP cp 3 (Tier-3 ISPs) v cc ISP a phng
last hop (access) network (closest to end systems)
local ISP Local and tier3 ISPs are customers of higher tier ISPs connecting them to rest of Internet Tier 3 ISP Tier-2 ISP local ISP

local ISP

local ISP Tier-2 ISP

Tier 1 ISP

Tier 1 ISP

Tier 1 ISP
Tier-2 ISP local ISP

Tier-2 ISP local ISP

Introduction 1-43

Tier-2 ISP local local ISP ISP

Internet structure: network of networks

Mt gi tin i xuyn qua nhiu mng!
local ISP

Tier 3 ISP Tier-2 ISP

local ISP

local ISP Tier-2 ISP

local ISP

Tier 1 ISP

Tier 1 ISP
Tier-2 ISP local local ISP ISP

Tier 1 ISP
Tier-2 ISP local ISP

Tier-2 ISP local ISP

Introduction 1-44

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-45

How do loss and delay occur?

packets queue in router buffers
packet arrival rate to link exceeds output link capacity packets queue, wait for turn
packet being transmitted (delay)

A B
packets queueing (delay) free (available) buffers: arriving packets dropped (loss) if no free buffers

Introduction

1-46

Four sources of packet delay

1. nodal processing:
check bit errors determine output link

2. queueing
time waiting at output link for transmission depends on congestion level of router

A B

transmission propagation

nodal processing

queueing
Introduction 1-47

Delay in packet-switched networks

3. Transmission delay: R=link bandwidth (bps) L=packet length (bits) time to send bits into link = L/R 4. Propagation delay: d = length of physical link s = propagation speed in medium (~2x108 m/sec) propagation delay = d/s Note: s and R are very different quantities!
propagation

A B

transmission

nodal processing

queueing

Introduction

1-48

Caravan analogy
100 km on caravan gm 10 xe Trm thu ph 1 Trm thu ph 2 100 km

Cc xe hi lan truyn vn tc 100 km/h Trm thu ph phc v mi xe mt 12 giy (transmission time) Xe t~bit; caravan ~ packet Q: Thi gian cn on caravan lm xong th tc trm thu ph 1 v tp kt n trm thu ph th 2?

Thi gian trm thu ph y ton on caravan ln ng = 12*10=120 giy Thi gian chic xe sau cng i t trm 1 n trm 2: 100km/(100km/h)= 1 h A: 62 pht
Introduction 1-49

Caravan analogy (more)

100 km on caravan gm 10 xe Trm thu ph 1 Trm thu ph 2 100 km

Cc xe lan truyn vi tc 1000km/h Trm thu ph phc v 1 xe mt 1 pht Q: Cc xe s n trm th 2 trc khi tt c cc xe c phc v xong trm 1?

ng vy! Sau 7 pht, xe th nht n trm thu ph 2, v 3 xe vn cn trm 1 Bit u tin ca gi tin c th n router th 2 trc khi gi tin c truyn i ht router th 1!
See Ethernet applet at AWL Web site
Introduction 1-50

Nodal delay
d nodal = d proc + d queue + d trans + d prop
dproc = processing delay
typically a few microsecs or less

dqueue = queuing delay

depends on congestion

dtrans = transmission delay

= L/R, significant for low-speed links

dprop = propagation delay

a few microsecs to hundreds of msecs

Introduction

1-51

Queueing delay (revisited)

R=tc truyn cho php ca ng truyn (bps) L=chiu di gi tin (bits) a=tc trung bnh ca gi tin = traffic intensity = La/R Delay = 1 /(1-) La/R ~ 0: ch (trung bnh hng i) nh La/R -> 1: ch (trung bnh hng i) ln La/R > 1: ch c th rt ln!
Introduction 1-52

Real Internet delays and routes

What do real Internet delay & loss look like? Traceroute program: o tr t my ngun n router, dc theo ng n my ch. Vi mi i:
gi 3 gi tin n router th i nm trn con ng n ch router i s gi cc gi tin v my ngun My ngun s tnh c thi gian gi tin i-v

3 probes 3 probes

3 probes

Introduction

1-53

Real Internet delays and routes

traceroute: gaia.cs.umass.edu to www.eurecom.fr
Three delay measurements from gaia.cs.umass.edu to cs-gw.cs.umass.edu
1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms 2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms 3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms 4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms 5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms 6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms 7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms trans-oceanic 8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms link 9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms 10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms 11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms 12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms 13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms 14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms 15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms 16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms 17 * * * * means no response (probe lost, router not replying) 18 * * * 19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms
Introduction 1-54

Packet loss
Hng i (queue) trc ng truyn c kch thc c hn Cc gi tin n mt hng i y s b mt Cc gi tin b mt c th c truyn li, hoc khng
A B
buffer (waiting area) packet being transmitted

packet arriving to full buffer is lost

Introduction 1-55

Throughput
Thng lng (throughput) : s bit truyn
gia bn truyn v nhn trong mt n v thi gian
Tc thi: tnh mt thi im. Trung bnh: tnh trong 1 khong thi gian di.

link capacity server, with server sends bits pipe that can carry Rs bits/sec fluid at rate file into pipe (fluid) of F bits Rs bits/sec) to send to client

link capacity pipe that can carry Rfluid at rate c bits/sec Rc bits/sec)
Introduction 1-56

Throughput (more)
Rs < Rc What is average end-end throughput?
Rs bits/sec Rc bits/sec

Rs > Rc What is average end-end throughput?

Rs bits/sec Rc bits/sec

bottleneck link
link on end-end path that constrains end-end throughput
Introduction 1-57

Throughput: Internet scenario

per-connection endend throughput: min(Rc,Rs,R/10) in practice: Rc or Rs is often bottleneck
Rs Rs R Rc Rc Rc Rs

10 connections (fairly) share backbone bottleneck link R bits/sec

Introduction 1-58

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-59

Protocol Layers
Mng vn phc tp! Gm nhiu th: hosts routers links of various media applications protocols hardware, software

Question:
C cch g t chc cu trc ca mng khng?

Introduction

1-60

Organization of air travel

Quy v (mua v) Hnh l (giao) gates (cht hng) Ct cnh iu khin bay iu khin bay Quy v (than phin) Hnh l (nhn) gates (d hng) H H cnh iu khin bay

Mt chui gm nhiu buc

Introduction 1-61

Layering of airline functionality

ticket (purchase) baggage (check) gates (load) runway (takeoff) airplane routing
departure airport

ticket (complain) baggage (claim gates (unload) runway (land) airplane routing airplane routing airplane routing
arrival airport

ticket baggage gate takeoff/landing airplane routing

intermediate air-traffic control centers

Layers: mi tng (layer) ci t mt dch v (service) Nh chnh nhng hnh ng ngay tng Nh nhng dch v c cung cp bi cc tng bn di n.
Introduction 1-62

Why layering?
i ph vi cc h thng phc tp:
Cu trc r rng cho php nh danh, mi quan h phc tp gia cc thnh phn h thng phc tp M hnh tham kho c phn tng Module ha gip d bo tr v cp nht h thng Vic thay i cch ci ct dch v ca mt tng khng nh hng n phn cn li ca h thng

Introduction

1-63

Internet protocol stack

application: cung cp cc ng dng mng
FTP, SMTP, HTTP

application transport network link physical

transport: truyn d liu gia cc tin trnh (process)

TCP, UDP

network: hng (nh tuyn) cc datagrams i t ngun n ch

IP, routing protocols

link: truyn d liu gia cc phn t mng lng ging nhau

PPP, Ethernet

physical: truyn dng bits trn dy

Introduction

1-64

ISO/OSI reference model

presentation: cho php cc ng dng to ra cc biu din li d liu, e.g., m ha d liu, nn d liu, session: ng b ha, checkpointing, khi phc cc phin trao i d liu Chng giao thc Internet thiu cc tng ny! Cc dch v ny, nu cn, phi uc ci t trong ng dng Cn khng? application presentation session transport network link physical

Introduction

1-65

source
message segment
Ht M M M M

datagram Hn Ht frame Hl Hn Ht

application transport network link physical

Encapsulation

link physical switch

destination
M Ht Hn Ht Hl Hn Ht M M M

application transport network link physical

Hn Ht Hl Hn Ht

M M

network link physical

Hn Ht

router

Introduction

1-66

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-67

Network Security
An ninh mng nhm nghin cu v:
Cch thc k xu tn cng vo MMT Cch thc bo v MMT khi cc t tn cng Cch thc thit k mng khng vi cc t tn cng

Ban u, Internet khng c thit k vi cc nh an ninh

original vision: a group of mutually trusting users
attacked to a transparent network An ninh mng cn c xem xt tt c cc tng!

Introduction

1-68

Bad guys can put malware into hosts via Internet

Malware c th xm nhp my tnh t virus, worm, hoc trojan horse Spyware malware c th ghi nhn bn phm, ving thm website, ti thng tin ln cc site Cc my tnh b ly nhim c th c kt np vo mt botnet, c s dng cho cc tn cng spam hoc DDoS. Malware thng c kh nng t nhn bn (selfreplicating): t mt my tnh b ly nhim, tm kim cc my tnh khc ly nhim tip. Introduction

1-69

Bad guys can put malware into hosts via Internet

Trojan horse
Phn n ca mt vi phn mm c ch. Hin ti: di dng cc Active-X, plugin t cc trang Web

Worm:
Gy ly nhim bng vic tn cng vo cc l hng bo mt, ko cn ngi kch hot T nhn bn: t ly lan chnh n n cc my tnh khc
Sapphire Worm: aggregate scans/sec in first 5 minutes of outbreak (CAIDA, UWisc data)

Virus
Gy ly nhim nh vic con ngi kch hot ng dng. T nhn bn: t ly lan chnh n n cc file khc trong cng my

Introduction

1-70

Bad guys can attack servers and network infrastructure

Tn cng t chi dch v (Denial of service -DoS): k tn cng s dng mt s lung ln cc truy cp hp l lm cn kit ti nguyn mng (Server, bng thng)
1.

Chn ch tn cng tnh khc t mng

2. Xm nhp cc my

3. Huy ng cc my tnh

b xm nhp, ng lot gi cc gi tin n my b tn cng

target

Introduction

1-71

The bad guys can sniff packets

Packet sniffing:
broadcast media (shared Ethernet, wireless) promiscuous network interface reads/records all packets (e.g., including passwords!) passing by A C

src:B dest:A

payload

B Wireshark software used for end-of-chapter labs is a (free) packet-sniffer

Introduction 1-72

The bad guys can use false source addresses

IP spoofing: send packet with false source address
A
src:B dest:A payload

Introduction

1-73

The bad guys can record and playback

record-and-playback: sniff sensitive info (e.g.,
password), and use later password holder is that user from system point of view C A
src:B dest:A user: B; password: foo

B
Introduction 1-74

Network Security
more throughout this course chapter 8: focus on security crypographic techniques: obvious uses and not so obvious uses

Introduction

1-75

Chapter 1: roadmap
1.1 What is the Internet? 1.2 Network edge
end systems, access networks, links

1.3 Network core

circuit switching, packet switching, network structure

1.4 Delay, loss and throughput in packet-switched networks 1.5 Protocol layers, service models 1.6 Networks under attack: security 1.7 History
Introduction 1-76

Internet History
1961-1972: Early packet-switching principles
1961: Kleinrock - queueing theory shows effectiveness of packet-switching 1964: Baran - packetswitching in military nets 1967: ARPAnet conceived by Advanced Research Projects Agency 1969: first ARPAnet node operational 1972: ARPAnet public demonstration NCP (Network Control Protocol) first host-host protocol first e-mail program ARPAnet has 15 nodes

Introduction

1-77

Internet History
1972-1980: Internetworking, new and proprietary nets
1970: ALOHAnet satellite network in Hawaii 1974: Cerf and Kahn architecture for interconnecting networks 1976: Ethernet at Xerox PARC ate70s: proprietary architectures: DECnet, SNA, XNA late 70s: switching fixed length packets (ATM precursor) 1979: ARPAnet has 200 nodes
Cerf and Kahns internetworking principles: minimalism, autonomy - no internal changes required to interconnect networks best effort service model stateless routers decentralized control define todays Internet architecture

Introduction

1-78

Internet History
1980-1990: new protocols, a proliferation of networks
1983: deployment of TCP/IP 1982: smtp e-mail protocol defined 1983: DNS defined for name-to-IP-address translation 1985: ftp protocol defined 1988: TCP congestion control new national networks: Csnet, BITnet, NSFnet, Minitel 100,000 hosts connected to confederation of networks

Introduction

1-79

Internet History
1990, 2000s: commercialization, the Web, new apps
Early 1990s: ARPAnet decommissioned 1991: NSF lifts restrictions on commercial use of NSFnet (decommissioned, 1995) early 1990s: Web hypertext [Bush 1945, Nelson 1960s] HTML, HTTP: Berners-Lee 1994: Mosaic, later Netscape late 1990s: commercialization
of the Web

Late 1990s 2000s:

more killer apps: instant messaging, P2P file sharing network security to forefront est. 50 million host, 100 million+ users backbone links running at Gbps

Introduction

1-80

Internet History
2007: ~500 million hosts Voice, Video over IP P2P applications: BitTorrent (file sharing) Skype (VoIP), PPLive (video) more applications: YouTube, gaming wireless, mobility

Introduction

1-81

Introduction: Summary
Covered a ton of material! Internet overview whats a protocol? network edge, core, access network packet-switching versus circuit-switching Internet structure performance: loss, delay, throughput layering, service models security history You now have: context, overview, feel of networking more depth, detail to

follow!

Introduction

1-82