Zhaoguang Wang
Abstract
The use of cellular data networks is increasingly popular as network coverage becomes more ubiquitous and many diverse user-contributed mobile applications become available. The growing cellular traffic demand means that cellular network carriers are facing greater challenges to provide users with good network performance and energy efficiency, while protecting networks from potential attacks. To better utilize their limited network resources while securing the network and protecting client devices the carriers have already deployed various network policies that influence traffic behavior. Today, these policies are mostly opaque, though they directly impact application designs and may even introduce network vulnerabilities.
We present NetPiculet, the first tool that unveils carriers' NAT and firewall policies by conducting intelligent measurement. By running NetPiculet on the major U.S. cellular providers as well as deploying it as a smartphone application in the wild covering more than 100 cellular ISPs, we identified the key NAT and firewall policies which have direct implications on performance, energy, and security. For example, NAT boxes and firewalls set timeouts for idle TCP connections, which sometimes cause significant energy waste on mobile devices. Although most carriers today deploy sophisticated firewalls, they are still vulnerable to various attacks such as battery draining and denial of service. These findings can inform developers in optimizing the interaction between mobile applications and cellular networks and also guide carriers in improving their network configurations.
Supplemental Material
- Allot: Video streaming dominated mobile data traffic in first half 2010. http://www.indiatelecomtracker.com/archives/2669.Google Scholar
- Apple Push Notification Service. http://en.wikipedia.org/wiki/Apple_Push_Notification_Service.Google Scholar
- Building Push Applications for Android. http://dl.google.com/googleio/2010/android-push-applications-android.pdf.Google Scholar
- Cisco Mobile Exchange. http://docstore.mik.ua/univercd/cc/td/doc/product/wireless/moblwrls/cmx/mmg_sg/cmxdesc.htm.Google Scholar
- Fring. http://www.fring.com.Google Scholar
- Tango. http://tango.me.Google Scholar
- tcp(7) - Linux man page. http://linux.die.net/man/7/tcp.Google Scholar
- WindRider: A Mobile Network Neutrality Monitoring System. http://www.cs.northwestern.edu/~ict992/mobile.htm.Google Scholar
- Cisco GGSN Release. http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6947/ps5413/prod_bulletin0900aecd802e0859.html, 2005.Google Scholar
- TCP Out-of-Order Packet Support for Cisco IOS Firewall and Cisco IOS IPS. http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_ooop.html, 2006.Google Scholar
- Interworking between the Public Land Mobile Network (PLMN) supporting packet based services and Packet Data Networks (PDN). 3GPP TS 29.061 V6.15.0, 2008.Google Scholar
- Improving TCP's Robustness to Blind In-Window Attacks. http://tools.ietf.org/html/rfc5961, 2010.Google Scholar
- M. Allman. On the Performance of Middleboxes. In Proc. ACM SIGCOMM IMC, 2003. Google ScholarDigital Library
- R. Beverly, A. Berger, Y. Hyun, and k claffy. Understanding the Efficacy of Deployed Internet Source Address Validation Filtering. In Proc. ACM SIGCOMM IMC, 2009. Google ScholarDigital Library
- A. Biggadike, D. Ferullo, G. Wilson, and A. Perrig. NATBLASTER: Establishing TCP Connections Between Hosts Behind NATs. In Proc. of ACM SIGCOMM ASIA Workshop, 2005.Google Scholar
- Z. Cao, Z. Wang, and E. Zegura. Performance of HashingnBased Schemes for Internet Load Balancing. In INFOCOM, 2000.Google Scholar
- M. Casado and M. J. Freedman. Peering through the shroud: The effect of edge opacity on IP-based client identification. In Proc. Symposium on Networked Systems Design and Implementation, 2007. Google ScholarDigital Library
- J. L. Eppinger. TCP Connections for P2P Apps: A Software Approach to Solving the NAT Problem. http://reports-archive.adm.cs.cmu.edu/anon/isri2005/Carnegie Mellon University-ISRI-05-104.pdf.Google Scholar
- H. Falaki, R. Mahajan, S. Kandula, D. Lymberopoulos, R. Govindan, and D. Estrin. Diversity in Smartphone Usage. In Proc. ACM MOBISYS, 2010. Google ScholarDigital Library
- B. Ford, P. Srisuresh, and D. Kegel. Peer-to-Peer Communication Across Network Address Translators. In Proc. of the USENIX Annual Technical Conference, 2005. Google ScholarDigital Library
- S. Guha and P. Francis. Characterization and Measurement of TCP Traversal through NATs and Firewalls. In Proc. ACM SIGCOMM IMC, 2005. Google ScholarDigital Library
- S. Guha, Y. Takeda, and P. Francis. NUTSS: A SIP-based Approach to UDP and TCP Network Connectivity. In Proc. of SIGCOMM'04 Workshop, 2004. Google ScholarDigital Library
- J. Huang, Q. Xu, B. Tiwana, Z. M. Mao, M. Zhang, and P. Bahl. Anatomizing Application Performance Differences on Smartphones. In Proc. ACM MOBISYS, 2010. Google ScholarDigital Library
- V. Jacobson, R. Braden, and D. Borman. TCP Extensions for High Performance. http://tools.ietf.org/html/rfc1323, 1992. Google ScholarDigital Library
- P. P. Lee, T. Bu, and T. Woo. On the Detection of Signaling DoS Attacks on 3G Wireless Networks. In Proc. IEEE INFOCOM, 2007.Google ScholarDigital Library
- P. P. C. Lee, T. Bu, and T. Woo. On the Detection of Signaling DoS Attacks on 3G Wireless Networks. In Proc. IEEE INFOCOM, 2007.Google ScholarDigital Library
- D. MacDonald and B. Lowekamp. NAT Behavior Discovery Using STUN. http://tools.ietf.org/html/draft-ietf-behave-nat-behavior-discovery-08.Google Scholar
- L. Makinen and J. K. Nurminen. Measurements on the Feasibility of TCP NAT Traversal in Cellular Networks. In Proc. of the 4th EURO-NGI Conference on Next Generation Internet Networks, 2008.Google ScholarCross Ref
- A. Medina, M. Allman, and S. Floyd. Measuring Interactions Between Transport Protocols and Middleboxes. In Proc. ACM SIGCOMM IMC, 2004. Google ScholarDigital Library
- P. Porras, H. Saidi, and V. Yegneswaran. An Analysis of the iKee.B iPhone Botnet. In Proc. of International ICST Conference on Security and Privacy in Mobile Information and Communication Systems, 2010.Google ScholarCross Ref
- F. Qian, Z. Wang, A. Gerber, Z. M. Mao, S. Sen, and O. Spatscheck. Characterizing Radio Resource Allocation for 3G Networks. In Proc. ACM SIGCOMM IMC, 2010. Google ScholarDigital Library
- R. Racic, D. Ma, and H. Chen. Exploiting mms vulnerabilities to stealthily exhaust mobile phone's battery. In Proc. of SecureComm, 2006.Google ScholarCross Ref
- P. Sarolahti and M. Kojo. Forward RTO-Recovery (F-RTO): An Algorithm for Detecting Spurious Retransmission Timeouts with TCP and the Stream Control Transmission Protocol (SCTP). http://tools.ietf.org/html/rfc4138, 2005.Google Scholar
- J. Serror. Impact of paging channel overloads or attacks on a cellular network. In Proceedings of the 5th ACM workshop on Wireless security, WiSe, 2006. Google ScholarDigital Library
- U. Shankar and V. Paxson. Active Mapping: Resisting NIDS Evasion Without Altering Traffic. In Proc. IEEE Symposium on Security and Privacy, 2003. Google ScholarDigital Library
- P. Traynor, P. McDaniel, and T. La Porta. On Attack Causality in Internet-connected Cellular Networks. In Proc. of 16th USENIX Security Symposium, 2007. Google ScholarDigital Library
Index Terms
- An untold story of middleboxes in cellular networks
Recommendations
An untold story of middleboxes in cellular networks
SIGCOMM '11: Proceedings of the ACM SIGCOMM 2011 conferenceThe use of cellular data networks is increasingly popular as network coverage becomes more ubiquitous and many diverse user-contributed mobile applications become available. The growing cellular traffic demand means that cellular network carriers are ...
SIP mobility and IPv4/IPv6 dual-stack supports in 3G IP multimedia subsystem: Research Articles
Mobile IPIn the Universal Mobile Telecommunications System (UMTS), session initiation protocol (SIP) and IPv6 are the default protocols for IP multimedia core network subsystem (IMS). However, a user equipment (UE) may not be allowed to roam or hand off from ...
Improving TCP performance over mobile networks
Transmission Control Protocol (TCP) is the most commonly used transport protocol on the Internet. All indications assure that mobile computers and their wireless communication links will be an integral part of the future internetworks. In this paper, we ...
Comments