Internet applications, performance and security
Transcript of Internet applications, performance and security
![Page 1: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/1.jpg)
Internet applications,
performance and security
Maria Kihl
![Page 2: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/2.jpg)
2
Book chapters
Forouzan 4th: 21.2, 24.2, 25.1-4, 27, 31.1
Forouzan 5th: 18.3, 19.2, 25.1, 26.1, 26.6, 31
Kihl: 8.8, 10.2, 11.2
![Page 3: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/3.jpg)
Application layer paradigms
There are two basic user paradigms for Internet
applications:
• Client-server paradigm
• For example WWW, Online games, Web TV, Facebook
• Peer-to-peer paradigm
• For example BitTorrent, Voddler, Skype
• Some applications use both paradigms, for example
Spotify.
3
![Page 4: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/4.jpg)
Client-server paradigm
4
![Page 5: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/5.jpg)
Peer-to-peer paradigm
5 25.5
![Page 6: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/6.jpg)
Example of application: WWW
• The idea of the World Wide Web (WWW) was
first proposed by Tim Berners-Lee in 1989 at
CERN, the European Organization for Nuclear
Research, to allow several researchers at different
locations throughout Europe to access each
others’ researches.
• The commercial Web started in the early 1990s.
6
![Page 7: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/7.jpg)
Basic concept of WWW
WWW is based on three basic parts:
• Web documents (pages)
• HyperTextMarkup Language (HTML) is used for static web
documents
• Dynamic web documents are created with script languages (JSP,
CGI, ASP, etc.)
• Universal Resource Locator (URL)
• Standardized way to identify the location of web documents
• HyperText Transfer Protocol (HTTP)
• Protocol for access of web documents on a web server 7
![Page 8: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/8.jpg)
Universal Resource Locator (URL)
A web document has four identifiers: Protocol, Host,
Port and Path. An URL is defined as:
protocol://host:port/path
When standard HTTP port 80 is used it is omitted, for
example:
http://www.mhhe.com/compsci/forouzan
8
![Page 9: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/9.jpg)
Basic document retrieval process
9
![Page 10: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/10.jpg)
HTTP
• HTTP is a text-based protocol with two basic types
of messages: Requests and Responses.
• HTTP sets up and uses a TCP connection
• HTTP 1.1 uses persistent connections which means that all
parts of the web document use the same TCP
connection.
10
![Page 11: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/11.jpg)
Basic operation of HTTP 1.1
11
![Page 12: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/12.jpg)
Formats of Requests and Responses
12
![Page 13: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/13.jpg)
Cookies
• The original WWW was stateless, which means that
each request/response message is treated separately,
with no history of other messages.
• Cookies were introduced to be able to store
information about the client.
• Cookies introduces the concept of a user session.
• The creation and storage of cookies depend on the
implementation, but the concept is the same.
13
![Page 14: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/14.jpg)
Example of cookies
14
![Page 15: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/15.jpg)
Mapping from host name to IP address
• Application protocols use host names (for example
www.lth.se).
• However, TCP/IP uses IP addresses.
• The mapping from host name to IP addresses is
performed by Domain Name System (DNS).
15
![Page 16: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/16.jpg)
Basic operation of DNS
16
![Page 17: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/17.jpg)
17
Domain Name space
• DNS uses a hierarchical name space and the whole Internet is divided into domains and subdomains.
• A domain name is a sequence of labels separated with dots, e.g. www.telecom.lth.se.
![Page 18: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/18.jpg)
18
Domain name space in DNS
root
![Page 19: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/19.jpg)
Example of labels and domains
19
![Page 20: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/20.jpg)
Domains and subdomains
20
![Page 21: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/21.jpg)
21
Domain types
The domain name space is divided into three different
sections.
![Page 22: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/22.jpg)
22
Generic domains
![Page 23: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/23.jpg)
23
Country domains
![Page 24: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/24.jpg)
24
Domain Name Servers
The domain name space is stored in special DNS servers. The
servers are distributed and each domain or subdomain have
their own servers.
![Page 25: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/25.jpg)
25
From name to address (1)
angel2.angelnet.se
angel1.heavennet.se
1. angel2.angelnet.se ?
ns.heavennet.se
![Page 26: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/26.jpg)
26
From name to address (2)
angel1.heavennet.se
angel2.angelnet.se
ns.heavennet.se sunic.sunet.se
2. angel2.angelnet.se ?
3. Ask ns.angelnet.se
![Page 27: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/27.jpg)
27
From name to address (3)
angel1.heavennet.se
angel2.angelnet.se
ns.heavennet.se
ns.angelnet.se
4. angel2.angelnet.se ?
5. IP = 194.52.54.47
![Page 28: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/28.jpg)
Network Performance
A good network performance is crucial for most
applications. Two factors of a network or system that
influence the performance are:
Delay
Throughput
Both these factors are dependent on the load on the
network or system.
![Page 29: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/29.jpg)
Congestion
Congestion (Overload) occurs when the number of
packets sent to a system is greater than the number of
packets the system can handle.
System Arrivals (packets/sec)
Capacity (packets/sec)
Arrivals > Capacity Congestion (Overload)
![Page 30: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/30.jpg)
Queuing delay
All routers and servers have buffers where jobs are stored in
wait for service. When the load increases, the buffers fill up,
and the queuing delay increases. Finally, packets will be
dropped due to full buffers.
![Page 31: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/31.jpg)
Delay as a function of load
The delay will increase exponentially to the load.
This can be shown with queuing theory.
![Page 32: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/32.jpg)
Throughput as a function of load
During overload, the throughput declines sharply.
Long delays casues retries from hosts or routers. All
dropped packets also cost capacity.
![Page 33: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/33.jpg)
Internet Control Message Protocol
(ICMP)
The IP protocol has no error-reporting or error-
correcting mechanism. The IP protocol also lacks a
mechanism for host and management queries.
The Internet Control Message Protocol (ICMP) has
been designed to compensate for the above two
deficiencies.
It is a companion to the IP protocol.
![Page 34: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/34.jpg)
ICMP in the TCP/IP stack
![Page 35: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/35.jpg)
ICMP message
Two types of messages:
Error-reporting messages
Query messages
![Page 36: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/36.jpg)
Encapsulation
The ICMP message is encapsulated in an IP datagram:
![Page 37: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/37.jpg)
Error-reporting
When an error in the IP datagram delivery is detected, ICMP
reports the error to the source of the IP datagram. The error
message includes the IP header and first 8 bytes of the original
datagram.
![Page 38: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/38.jpg)
Some Error reporting messages
Destination unreachable: A router cannot route a datagram or a host cannot deliver a datagram.
Source quench: A datagram is discarded due to congestion.
Time exceeded: A datagram has been discarded since its TTL value has reached 0.
Redirection: A host has the wrong default router, and needs to update its routing table.
![Page 39: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/39.jpg)
Some ICMP Query messages
Echo-request and Reply: Is used to determine if two systems
(hosts or routers) have connection on the IP level.
Timestamp request and reply: Is used to determine the
round-trip time (RTT) between two systems.
Router-Solicitation and Advertisment: Is used by a host to
find the routers that are connected to its network.
![Page 40: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/40.jpg)
Debugging Tools
There are several tools that can be used in the Internet
for debugging. Some of them are:
Ping
Traceroute
![Page 41: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/41.jpg)
Ping
The Ping program uses ICMP echo-request and reply
messages to find information about a destination.
![Page 42: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/42.jpg)
Traceroute
Traceroute (in UNIX) or Tracert (in Windows) can be
used to trace the route of a packet from the source to
the destination.
It manipulates the TTL field in the IP header and uses
two ICMP messages: Time Exceeded and Destination
Unreachable to find the route of a packet.
![Page 43: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/43.jpg)
Traceroute, example
![Page 44: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/44.jpg)
Network Security
There are five concepts that relates to network
security:
![Page 45: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/45.jpg)
Message confidentiality (Privacy)
Message confidentiality (or privacy) means that the
transmitted message must make sense to only the
intended receiver. To all others, the message must be
unreadable.
Privacy is usually achieved by encryption of the
message.
![Page 46: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/46.jpg)
Encryption, example
![Page 47: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/47.jpg)
Message Integrity
Message Integrity means that the message must arrive
at the receiver exactly as it was sent. There must be no
changes during the transmission, neither accidently nor
maliciously.
Message Integrity can be achieved with message
digests.
![Page 48: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/48.jpg)
Message digest
![Page 49: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/49.jpg)
Message Authentication
In message authentication the receiver needs to be
sure of the sender’s identity and that an imposter has
not sent the message.
Message authentication can be achieved with a keyed
hash function that constructs an encrypted message
digest, also called a digital signature.
![Page 50: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/50.jpg)
Digital signature
![Page 51: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/51.jpg)
Message Nonrepudiation
Message nonrepudiation means that a sender must not
be able to deny sending a message that he or she, in
fact, did send.
Message nonrepudiation can be solved with a trusted
third party and the use of digital signatures.
![Page 52: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/52.jpg)
Trusted center for nonrepudiation
![Page 53: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/53.jpg)
Entity Authentication
Entity authentication is a technique designed to let one
party prove the identity of another party. An entity can
be a person, a process, a client, or a server.
The simplest solution is to use passwords. Another
solution is a so called challenge-response
authentication.
![Page 54: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/54.jpg)
Challenge-response authentication
Rb = Random bit sequence (Nonce)
![Page 55: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/55.jpg)
Internet security protocols
The following three security protocols ensure
Authentication and Confidentality on different layers:
IPSec: Security for IP.
SSL/TLS: Security for TCP.
PGP: Security for Email (SMTP).
These protocols will be studied in the course Internet Protocols.
![Page 56: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/56.jpg)
Some bonus material: Research on Internet
user behavior and traffic volumes
• In collaboration with Acreo AB, we are involved in
European Research projects related to Internet
traffic monitoring and modelling.
• We have published some papers on Internet user
behavior patterns and generated traffic volumes.
56
![Page 57: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/57.jpg)
Investigated network
57
Residential network in Sweden with about 2600 households
(FTTH and DSL). The measurements shown were performed
in 2007, 2009, and 2012.
![Page 58: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/58.jpg)
Total traffic volumes
58
![Page 59: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/59.jpg)
Traffic volume ratios
59
![Page 60: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/60.jpg)
WWW usage
60
Which types of web sites are people using the most?
![Page 61: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/61.jpg)
Major changes since 2007
• More video streaming.
• Less BitTorrent (but still much!)
• Facebook has increased the ratio for social media
sites.
61
![Page 62: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/62.jpg)
World of Warcraft traffic pattern
62
![Page 63: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/63.jpg)
WoW session lengths
63 Longest session identfied was 28 hours...
![Page 64: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/64.jpg)
Some results on Facebook
• Recently, I supervised a master project that analysed
Facebook user behavior.
• The objective was to analyse how users
upload/download pictures, and ”like” patterns.
• Measurements during 6 days in the network shown
before (May 2012).
64
![Page 65: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/65.jpg)
Ranking of downloaded pictures
65
The graph shows a ranking of the pictures downloaded by
users at least 50 times.
![Page 66: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/66.jpg)
Popularity ranking
Identification and ranking of the Facebook users that
are most downloaded by other users.
66 There are a few users with a huge amount of followers.
![Page 67: Internet applications, performance and security](https://reader031.fdocuments.in/reader031/viewer/2022012011/613d536d736caf36b75bff6b/html5/thumbnails/67.jpg)
Ranking of Likes
There are a few users that are heavy ”like”-users. The
most active user ”liked” 760 times in the measurement
period.
67