CS 447: NETWORKS AND DATA COMMUNICATIONS

Spring 2012 – TR 3:30-4:45 PM – EB 0012

Course DescriptionConcepts of networks and data

communications. Networking protocols and architecture; data encoding and transmission; network management;

and distributed applications.

PrerequisitesCS 314 and CS 340, both with a

minimum grade of C.

Textbook

CHAPTER 1: COMPUTER NETWORKS AND THE INTERNET

• Introduction• The Internet• Client-Server Systems• Access Networks• Circuit & Packet

Switching• Network Delays• Protocol Layers• Security Issues

HISTORY OF THE INTERNET

Page 3Chapter 1CS 447

1961•Packet

Switching

1969•ARPANET

1972• Internet

Assigned Numbers Authority

1976•X.25

1980•Ethernet

1982•TCP/IP

1983•Domain

Name System

1988•OSI

Reference Model

1990• Internet

Movie Database

1991•World-

Wide Web

1993•Mosaic

1995• IPv6

Proposal

1995•Amazon

1995•eBay

1995•Craigslist

1996• Internet

Corporation for Assigned Names and Numbers

1998•Google

Search

1999•Napster

1999• IEEE

802.11b Wireless Networking

1999• Internet2

2001• Wikipedia

2001•Code Red

Computer Worm

2003• LinkedIn

2003•Myspace

2003• Skype

2003• iTunes

Store

2004• Facebook

2004•Podcast

2004• Flickr

2005•YouTube

2005• Google

Earth

2006•Twitter

INTERNET COMPONENTS

Page 4Chapter 1CS 447

CLIENT-SERVER VS. PEER-TO-PEER SYSTEMS

Page 5Chapter 1CS 447

There are two basic models for conducting networked applications.

Client-Server Systems Peer-to-Peer SystemsTasks are partitioned between the requesters of the service

(the clients) and the providers of the service (the

servers).

Computers pool their resources (memory,

processing power, bandwidth) without any centralized

coordination.

Centralization lends itself to easier maintenance,

upgrading, and security, as well as better ease-of-use.

P2P systems are impacted less by machine failures and

actually benefit from expansion due to increased

resources.

CLIENT-SERVER VS. PEER-TO-PEER APPLICATIONS

Page 6Chapter 1CS 447

Client-Server: E-Mail, Web Service,

Database Access, File Processing,

Facebook

Peer-to-Peer: Content

Delivery, File Sharing, Skype

ACCESS NETWORKS: DIAL-UP CONNECTION

Page 7Chapter 1CS 447

Dial-up Internet connections utilize modems (modulators/demodulators) to convert digital data into analog

transmissions across telephone lines, and then back to digital signals at the receiver.

• Requires no infrastructure except a telephone network• Uses handshaking protocol to

establish connection prior to data transfer• Low bandwidth (56 kbit/sec)

inhibits use for streaming, on-line gaming, etc.

NetZero combats the bandwidth problem by prefetching data, compressing text files, and

exploiting the user’s cache to prevent redownloading.

ACCESS NETWORKS: DIGITAL SUBSCRIBER LINE

Page 8Chapter 1CS 447

DSL uses standard telephone lines to provide large throughput downstream (to the customer) for Internet data and small throughput

upstream (from the customer) for voice.• Their lack of symmetry causes most

DSL connections to be called Asymmetric DSL (ADSL)• A higher frequency band (>25kHz) is

used for the subscriber line, while a lower frequency band (<5kHz) is still used for POTS (Plain Old Telephone Service: voice, fax, analog modems)

In May 2011, AT&T instituted a 150GB use cap for its DSL service, penalizing customers who consume “a

disproportionate amount of bandwidth”.

ACCESS NETWORKS: CABLE MODEM

Page 9Chapter 1CS 447

Extra bandwidth on cable television systems may also be exploited to provide Internet access.

• Television channels require 6MHz bands; downstream channels are allocated 6MHz as well (with upstream channelsallocated only 2 MHz)

• Such cable systems are usually Hybrid Fiber-Coaxial (HFC), especially if they provide on-demand service.

ACCESS NETWORKS: FIBER-TO-THE-HOME

Page 10Chapter 1CS 447

Instead of using legacy coax systems to support broadband Internet access, FTTH systems provide fiber optic cable connections to

individual residences.• Active Optical

Networks route signals directly to the intended customer, and buffer signals coming from the customer.

• Passive Optical Networks broadcast the same signal to multiple users, using encryption to prevent eavesdropping, while some multiple access protocol is used to deal with signals coming from customers.

ACCESS NETWORKS: ETHERNET

Page 11Chapter 1CS 447

Local area networks are typically used to connect end stations to an edge router, which, in turn, connects them to the Internet.

• Ethernet, developed by Xerox in the late 1970s, is the most common LAN technology

• Ethernet uses CSMA/CD:o Carrier Sense (CS) – Each end

station “listens” for incoming messages, and for conflicting traffic whenever it wants to transmit

o Multiple Access (MA) – A single bus is used to carry all messages

o Collision Detection (CD) – When a station determines that its outgoing message has collided with that of another station, both stations wait a random amount of time and then retransmit

ACCESS NETWORKS: WIFI

Page 12Chapter 1CS 447

Wireless Internet access occurs via wireless local area networks or via wide area cellular networks.

• In a WLAN, users transmit to and receive from an access point which is wired to the Internet.

• A single WAP can usually handle about 30 end systems within a 100-meter radius.

• Cellular systems process messages through base stations in cell towers, which forward the wired signals through switching centers to the Internet.

• Greater distances, more sources of interference, and larger numbers of users complicate this approach.

ACCESS NETWORKS: WIMAX

Page 13Chapter 1CS 447

WiMAX (Worldwide Interoperability for Microwave Access) is being developed as a wireless alternative to DSL and cable modems for

“last mile” broadband access.• While WiFi provides Internet access via

an intervening WLAN, WiMAX provides direct Internet access.

• WiMAX is sometimes called a 4G technology, but it fails to meet the 1Gbps requirement of 4G (although the planned WiMAX 2 does).

• Similarly, WiMAX’s European counterpart, LTE (long Term Expansion) does not currently meet 4G specifications, but its next iteration, LTE Advanced, should.

CIRCUIT SWITCHING

Page 14Chapter 1CS 447

Traditional telephone networks use switching technologies based on dedicated circuits between communicating end stations, with

potential wasted bandwidth, but with guaranteed capacity and consistent delays.

Frequency-Division Multiplexing: Better line utilization via

simultaneous sub-band channels

Time-Division Multiplexing: Better line utilization via

sequential channels based on time slices

PACKET SWITCHING

Page 15Chapter 1CS 447

To make better use of communication lines, most modern protocols have transmitting stations break messages down into manageable

“packets” that are forwarded through the network and reassembled at the destination stations.

Datagram Packet Switching (used in IP)

allows each packet to find its own path to the

destination

Virtual Circuit Packet Switching (used in ATM)

sets up a single route for all packets in the message to

follow

NETWORK DELAYS

Page 16Chapter 1CS 447

Without the dedicated lines associated with circuit switching, packet-switched communication experiences inherent delays.

Processing DelayRouters need time to process the packet headers(encryption, error-checking, address translation)

Queuing DelayPackets must await their turn to be transmitted(one packet at a time; limited buffer capacity)

Transmission DelayPushing the packet’s bits onto the link takes time(switches store packets before forwarding them)

Propagation DelayTime it takes to traverse the links to the destination(directly proportional to the end-to-end distance)

DELAY COMPARISON

Page 17Chapter 1CS 447

How do the four components of delay compare?

Local Area Networks

Wide Area Networks

Lightly LoadedProcessing Delay <

Propagation Delay <Queuing Delay <

Transmission Delay

Heavily LoadedProcessing Delay <

Propagation Delay <Transmission Delay <

Queuing Delay

Lightly LoadedProcessing Delay <

Transmission Delay <Queuing Delay <Propagation Delay

Heavily LoadedProcessing Delay <

Transmission Delay <Propagation Delay <

Queuing Delay

PACKET LOSS: CAUSE & EFFECT

Page 18Chapter 1CS 447

One potentially serious source of delay is packet loss, where an expected packet fails to arrive at the destination.

CausesBuffer Overflow Causes Packet

Discard

EffectsDisplacement of Streaming Signal Data

Can Result in Jitter

Signal Degradation Causes Packet Corruption

Retransmission or Interpolated Recovery of Lost Packets Can

Exacerbate Existing Performance Problems in VoIP, Online Gaming,

Videoconferencing, Etc.

PROTOCOL LAYERS

Page 19Chapter 1CS 447

In an effort to simplify network analysis, networks are often modeled as layered hierarchies of protocols, with hardware-intensive protocols

on bottom and user applications on top.

Physical Medium

The network end stations communicate directly via the highest protocol layers

End stations communicate directly with network routers (and routers communicate directly with each other) via the mid-level

protocol layers

All network nodes communicate with those with which they are physically connected via the lowest protocol layers

TRANSMITTING VIA LAYERS

Page 20Chapter 1CS 447

Network nodes only communicate directly at the lowest (physical) layer, but the transmission source inserts certain relevant data as

headers and trailers prior to sending.

Physical Medium

message

messagerh rt

msgarha rtamsgbrhb rtbmsgcrhc rtcmsgarha rtamsgbrhb rtbmsgcrhc rtc

btabtbbtc

bhabhbbhc

msgarha rtamsgbrhb rtbmsgcrhc rtc

btabtbbtc

bhabhbbhc

ctactbctc

chachbchc

msgarha rtamsgbrhb rtbmsgcrhc rtc

btabtbbtc

bhabhbbhc

ctactbctc

chachbchc

ghaghbghc

gtagtbgtc

Headers and trailers are added at each layer to facilitate that layer’s functionality.

Packet size restrictions may compel messages to be split at some layers.

At some layers, headers and trailers may contain routing and priority data...

...while at others, they may contain error checking and sequencing data.

At the lowest layer, the packets are physically transmitted.

The end station prepares a message to be sent, using its currently active application.

RELAYING THE MESSAGE

Page 21Chapter 1CS 447

Intermediate network nodes receive incoming packets, perform the appropriate functions at their active protocol layers, and then prepare

the packets for forwarding.

Physical Medium

msgarha rtamsgbrhb rtbmsgcrhc rtc

btabtbbtc

bhabhbbhc

ctactbctc

chachbchc

msgarha rta btabha ctachagha gtamsgbrhb rtb btbbhb ctbchbghb gtbmsgcrhc rtc btcbhc ctcchcghc gtc

Headers and trailers at higher layers are merely treated as part of the message, which is irrelevant to the low-level network node.

At the lower layers, the headers and trailers are examined and replaced.

The revised packets are then sent closer to their destination.

cta’ctb’ctc’

cha’chb’chc’

msgarha rta btabha cta’cha’msgbrhb rtb btbbhb ctb’chb’msgcrhc rtc btcbhc ctc’chc’

gha’ghb’ghc’

gta’gtb’gtc’

THE MESSAGE IS RECEIVED

Page 22Chapter 1CS 447

The receiving end station processes all of the headers and trailers at all of the protocol layers and, after reassembling the original

message, applies the application to it.

Physical Medium

message

messagerhw rtw

msgarhaw rtaw

msgbrhbw rtbw

msgcrhcw rtcw

msgarhaw rtaw

msgbrhbw rtbw

msgcrhcw rtcw

btax

btbx

btcx

bhax

bhbx

bhcx

msgarhaw rtaw

msgbrhbw rtbw

msgcrhcw rtcw

btax

btbx

btcx

bhax

bhbx

bhcx

ctay

ctby

ctcy

chay

chby

chcy

msgarhaw rtaw

msgbrhbw rtbw

msgcrhcw rtcw

btax

btbx

btcx

bhax

bhbx

bhcx

ctay

ctby

ctcy

chay

chby

chcy

ghaz

ghbz

ghcz

gtaz

gtbz

gtcz

When necessary, packets are reassembled into larger messages.

In some cases, problems may be corrected by the receiver without requiring retransmission.

Problems with any headers or trailers are addressed, possibly via retransmission.

At each layer, the headers and trailers are removed and checked.

Packets physically arrive, with modified headers and trailers.

After dealing with headers & trailers, the receiver uses its application on the reassembled message.

OPEN SYSTEMS INTERCONNECTION

Page 23Chapter 1CS 447

The International Organization for Standardization developed a seven-layer model for communication systems.

• End-user protocols, e.g., e-mail, file transfer, Web browsing, network management, videoconferencing.

Application Layer

• Format data according to syntactical and semantic negotiations between source and destination; encrypt and decrypt messages.

Presentation Layer

• Establish, maintain, and discontinue dialogues between a source and a destination; synchronize data transfer via checkpointsSession Layer

• Detect and handle end-to-end transmission errors; alter transmission rate when too much congestion is encountered.Transport Layer

• Route messages from their source to their destination; take measures to reroute traffic when congestion is encountered.Network Layer

• Detect and handle transmission errors between consecutive network nodes; control access to the shared transmission medium.Data Link Layer

• Transmit bits across physical medium; determine frequencies and amplitudes to use when transmitting; specify role of connector pins.Physical Layer

TCP/IP

Page 24Chapter 1CS 447

The Defense Advanced Research Projects Agency developed the five-layer predecessor to OSI in the

1970s.• Higher layer protocols such as FTP, SMTP, and HTTP, as well as libraries to provide the equivalent of OSI’s Presentation and Session functionality.

Application Protocols

• TCP (and its less reliable, connectionless counterpart, UDP) is responsible for providing end-to-end message transfer capabilities.

Transmission Control Protocol

• IP deals with two major tasks, host addressing and identification, and routing packets to their destination

Internet Protocol

• Also known as the Network Access Layer, these protocols specify the networking scope of the local network to which a host is connected.

Link Protocols

• TCP/IP does not provide hardware specifications, instead assuming that it can be implemented in a hardware-independent manner.

Physical Protocols

SECURITY ISSUES: MALWARE

Page 25Chapter 1CS 447

Various types of malicious software has been designed to disrupt operations or gather private information.

Trojan Horse; 69.99

Computer Virus; 16.32

ComputerWorm,7.77

Adware,2.27 Backdoor,

1.89

Spyware,0.08

Types of Malware

Trojan HorseDisguised as innocuous software, but concealing a

harmful payload when downloadedComputer Virus

A program that copies itself, infects a system, and then infects other systems via network access

Computer WormSelf-replicating software that spreads on a network without human intervention or attaching to other

softwareAdware

Software that automatically downloads and displays advertisements

BackdoorA method for bypassing normal authentication to

remotely access a computer

SpywareUndetected software that collects information about

users without their knowledge

SECURITY ISSUES:DENIAL OF SERVICE ATTACKS

Page 26Chapter 1CS 447

A DoS attack is designed to make a computer resource unavailable to its intended users,

typically by saturating the resources with

external communication

requests.

• The attacker contacts compromised “handler” machines.

• The handlers then contact pre-infected “zombie” agents..

• The zombies proceed to bombard the target server..

SECURITY ISSUES:PACKET SNIFFING

Page 27Chapter 1CS 447

Packet analyzer software is used to intercept and log traffic passing through

a network.Originally developed as a

means for network administrators to monitor system usage, diagnose

problems, and detect intrusion or misuse, this

software can itself be misused to spy on other

network users and to collect sensitive

information such as passwords or e-mail

messages.

SECURITY ISSUES: SPOOFING

Page 28Chapter 1CS 447

Because many TCP/IP protocols have no mechanism for authenticating source or destination information, it is possible for

someone to falsify data and masquerade as someone else, potentially accessing data illegitimately.

To determine how to send a message to destination B, source A sends a request

containing B’s IP address to a server, which broadcasts the request.

Hacker C responds to the server’s request, and the server naively associates B’s IP address with C’s location, so source A communicates with C,

thinking that it is B.

SECURITY ISSUES:MAN-IN-THE-MIDDLE ATTACKS

Page 29Chapter 1CS 447

An extension of the spoofing attack has the hacker pretending to the client to be the server, as well as pretending to the server to be the

client.

This not only permits the hacker to intercept messages between the client and the server, but also to inject false

messages of its own.