An untold story of middleboxes in cellular networks
作者: Zhaoguang Wang , Zhiyun Qian , Qiang Xu , Zhuoqing Mao , Ming Zhang
关键词:
摘要: The use of cellular data networks is increasingly popular as network coverage becomes more ubiquitous and many diverse user-contributed mobile applications become available. growing traffic demand means that carriers are facing greater challenges to provide users with good performance energy efficiency, while protecting from potential attacks. To better utilize their limited resources securing the client devices have already deployed various policies influence behavior. Today, these mostly opaque, though they directly impact application designs may even introduce vulnerabilities.We present NetPiculet, first tool unveils carriers' NAT firewall by conducting intelligent measurement. By running NetPiculet on major U.S. providers well deploying it a smartphone in wild covering than 100 ISPs, we identified key which direct implications performance, energy, security. For example, boxes firewalls set timeouts for idle TCP connections, sometimes cause significant waste devices. Although most today deploy sophisticated firewalls, still vulnerable attacks such battery draining denial service. These findings can inform developers optimizing interaction between also guide improving configurations.
core.ac.uk
acm.org
sigcomm.org 
columbia.edu 
journalistsresource.org 参考文章(25)
Jeffrey L Eppinger, TCP Connections for P2P Apps: A Software Approach to Solving the NAT Problem ,(2005)
Adrian Perrig, Daniel Ferullo, Andrew Biggadike, Geoffrey Wilson, NATBLASTER: Establishing TCP Connections Between Hosts Behind NATs ∗ ,(2005)
Phillip Porras, Hassen Saïdi, Vinod Yegneswaran, An Analysis of the iKee.B iPhone Botnet security and privacy in mobile information and communication systems. pp. 141- 152 ,(2010) , 10.1007/978-3-642-17502-2_12
Thomas La Porta, Patrick McDaniel, Patrick Traynor, On attack causality in internet-connected cellular networks usenix security symposium. pp. 21- ,(2007)
Michael J. Freedman, Martin Casado, Peering through the shroud: the effect of edge opacity on ip-based client identification networked systems design and implementation. pp. 13- 13 ,(2007)
Dan Kegel, Bryan Ford, Pyda Srisuresh, Peer-to-peer communication across network address translators usenix annual technical conference. pp. 13- 13 ,(2005)
V. Jacobson, D. Borman, R. Braden, TCP Extensions for High Performance TCP Extensions for High Performance. ,vol. 1323, pp. 1- 37 ,(1992)
Pasi Sarolahti, Markku Kojo, Forward RTO-Recovery (F-RTO): An Algorithm for Detecting Spurious Retransmission Timeouts with TCP and the Stream Control Transmission Protocol (SCTP) RFC. ,vol. 4138, pp. 1- 23 ,(2005)
Paul Francis, Saikat Guha, Characterization and measurement of TCP traversal through NATs and firewalls internet measurement conference. pp. 18- 18 ,(2005) , 10.5555/1251086.1251104
Alberto Medina, Mark Allman, Sally Floyd, Measuring interactions between transport protocols and middleboxes Proceedings of the 4th ACM SIGCOMM conference on Internet measurement - IMC '04. pp. 336- 341 ,(2004) , 10.1145/1028788.1028835