Northwestern Networks Group Research Projects

Endpoint User Profile Control

It is not a secret that almost every browsing click we make is collected by one or more of numerous information trackers and aggregators associated with various online services. Necessarily, users are deeply concerned by the increasing levels in which their personal information is collected, stored, and used in various online personalization contexts. We propose endpoint user profile control as a comprehensive approach to the above personalization-induced problems. In our approach, the user has the ability and means, which this project develops, to explicitly define and implicitly control its profile at all possible trackers at once by leaving synthetic controlled online footprints.

Kickass - Deployable Router Assisted Congestion Control

Kickass is a methodology for enabling explicit-rate congestion control mechanisms in the Internet. Kickass does so through the use of IP packet fragmentation to enable communication between routers and endpoints. Our measurements show that Kickass improves performance up to an order of magnitude over TCP and effectively avoids many of its pitfalls.

Auditing Internet Content for Credibility, Fairness, and Privacy

This project focuses on building a set of methodologies and tools capable of (i) enabling auditing mechanisms for the Web advertising domain, (ii) monitoring search engines' services and revealing their neutrality, and (iii) independently determining a Web site's popularity and checking for the truthfulness of advertised popularity.

Mobile Network Neutrality

The primary goal of this project is not to take sides in the emerging net neutrality debate, but rather to design a system capable of making the Mobile Internet more transparent. Our system runs on the Measurement Lab, an open platform founded by Google Inc., the New America Foundation's Open Technology Institute, and the Planet Lab Consortium.

Internet Audit

A fundamental question in the net neutrality debate is the extent to which network operators should be allowed to discriminate among Internet packet streams. The primary goal of this project is not to take sides in the emerging net neutrality debate, but rather to design a system capable of making the Internet more transparent.

Measuring Congestion in the Internet

The Internet is a great success that has changed our society in a spectacular way. We are interested in understanding how it functions and how it evolves. In this particular project, our goal is to accurately detect congestion events in the Internet and reveal their spatial (where they happen) and temporal (how long they last) properties.

Resilience to Pollution and Poisoning DoS Attacks

Internet DoS attacks are increasingly moving away from pure resource floods to more sophisticated techniques. Just as it takes a small amount of contamination to create toxic air or water, DoS attackers are capable of injecting malicious packets or launching requests that can instantly collapse Internet protocols or reduce viability of vital resources. The goal of this project is to address these issues on a broad front: (i) by developing and studying a new generation of large-scale poisoning and pollution attacks against the Internet infrastructure, and (ii) by designing, implementing, and deploying appropriate counter-DoS mechanisms.

Building Network Services Based on CDNs' Redirections

Many large-scale distributed systems would benefit from a common information plane that provides accurate information about up-to-date network characteristics. The key idea behind this project is that much of this information is already being collected by operational CDNs (e.g.), Akamai, and implicitly published via DNS. The goal of this project is to build novel network services by reusing these measurements in a transparent manner. Measurement data sets are available here.

Congestion Control in Heterogeneous Environments

Skewed flow-size distributions can cause significant problems to TCP congestion control. In particular, while long flows can be successfully controlled, this is hardly the case for short flows, which dominate in today's Internet. The goal of this project is to fully understand the impact that the above phenomenon can have on network performance, and to d esign network protocols capable of succesfully addressing such problems.

Older projects:

Low-Rate Denial of Service Attacks

Denial of Service attacks are presenting an increasing threat to the global internetworking infrastructure. Hosts with the divergent or malicious interests can readily subvert the protocols and infrastructure that Internet depends on. While TCP's congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a well-known vulnerability by high-rate non-responsive flows. However, little is known about low-rate denial of service attacks. We have discovered that low-rate attacks can be as harmful as the high-rate ones, yet even more dangerous due to the fact that they are difficult for routers and counter-DoS mechanisms to detect.

TCP Low Priority (TCP-LP)

Service prioritization among different traffic classes is an important goal for the future Internet. Conventional approaches to solving this problem consider the existing best-effort class as the low-priority class, and attempt to develop mechanisms that provide ``better-than-best-effort" service. We explore the opposite approach, and devise a new distributed algorithm to realize a low-priority service (as compared to the existing best effort) from the network endpoints. To this end, we develop TCP Low Priority (TCP-LP), a distributed algorithm whose goal is to utilize only the excess network bandwidth as compared to the ``fair share" of bandwidth as targeted by TCP. The key mechanisms unique to TCP-LP congestion control are the use of one-way packet delays for congestion indications and a TCP-transparent congestion avoidance policy. TCP-LP has become a part of the Linux kernel; the official patch is avilable here.