Available
Projects for Midterm and Final
General
Information
You
have to make a decision by Oct. 14 for the midterm project.
You will be given 3 weeks to complete the project starting Oct. 14.
Each project has two phases - you can chose any phase for your midterm
and/or final projects. For each of the phases you are allowed to form
teams of up to 3 people but you have to notify me in advance. Multiple
teams or individuals are allowed to sign up for the same project.
In that case, the work has to be done independently according to both
the Computer Science Department's Policies
and Procedures Regarding Academic Honesty and Columbia's Engineering
School general Policy
on Conduct.
The expectations from each phase will be approximately proportional
to the size of the team.
Make sure that you select you teams wisely:
You will not be able break a team or to obtain individual grades for
a team project.
Please contact
me if you have any questions, proposals or comments for the projects.
Project 1: Estimation of Network Path Capacity.
For this project, you will have to compare known tools such
as pchar, pathrate, pathneck to measure the network link capacity
of different network topologies.
Phase 1:
The first set of experiments will assume an FCFS model or queuing
for the routers and no cross traffic. The second set of experiments
will be more realistic allowing cross traffic generated from other
clients connected on various points in the constructed network.
Phase 2:
The third set of experiments, will investigate how changes in the
routing policy can affect the measurements produced in cases 1 and
2. For all the experiments, the data collected from the tools will
have to be analyzed and justified based on the current TCP and Queuing
models we have available.
Related bibliography:
Locating
Internet Bottlenecks: Algorithms, Measurements, and Implications
Ningning Hu, Li Erran Li, Zhuoqing Morley Mao, Peter Steenkiste, Jia
Wang.
CapProbe: A Simple and Accurate Capacity Estimation Technique
Rohit Kapoor (Qualcomm), Ling-Jyh Chen (UCLA), Li Lao (UCLA), Mario
Gerla (UCLA), M. Y. Sanadidi (UCLA)
Packet
dispersion techniques and a capacity estimation methodology.
Constantinos Dovrolis, Parameswaran Ramanathan, David Moore.
Tools:
http://www.cs.cmu.edu/~hnn/pathneck/
http://freshmeat.net/projects/pchar/
Project
2: Securing
Networks and Communications.
(VPN and Firewall configuration setup
and requirements
for various end host Operating Systems and Network Configurations.)
The goal of this project is to make you proficient
with the current VPN and Firewall technologies for different operating
systems and their level of compatibility. Part of the project is literature
and man page research for the implementation and setup of the mechanisms
currently used for VPN and Firewall in modern operating systems such
as Microsoft Windows, Linux, and/or *BSD.
All of the necessary software will be provided by the instructor.
Phase 1:
For this phase you will have to document, install and test VPN and
Firewall configurations among Microsoft Windows machines including
Windows XP and Windows 2000 (or Windows 2003) server. You will have
to test each machine both as a client and as a server and to document
your steps. For each setup you will have to provide traffic measurements
and show that the constructed link is indeed encrypted.
Phase 2:
Installation of Firewall and VPN client-server software for Unix systems
(Linux or *BSD). You will start by using the same operating system
as client and server. After successfully creating a VPN link in the
homogeneous, you will use a Linux server and a Windows Client and
vice versa and you will again document any problems and issues. Using
a *BSD system instead of Linux is also an option.
Related bibliography:
TBD
Project
3: Resilience
of network equipment and hosts against Denial of Service Attacks.
For this project we will measure the resilience and
the behavior of routers, switches and end hosts against Denial of
Service (DoS) attacks. The attacks can be of any type: network level
attacks (Packet fragmentation, source address spoofing etc.) or Application
level attacks: (Routing protocol attacks, CDP attacks etc.)
Phase 1:
We will examine the resilience of network equipment such as routers
and switches against Denial of Service attacks. For the switches you
will have to use ARP Poisoning attacks to make the switch act as a
hub. For the routers, you will install a traffic generator in the
end host machines and with the use of that you will measure the resilience
of the router to packet fragmentation and address spoofing as we increase
the attackers bandwidth.
Phase 2:
For this phase, you will have to craft Application level
attacks for the routers such as BGP attacks. These attacks can take
the form of malformed, malicious or excessive messages. You will have
to do some bibliography research on the Application level vulnerabilities
and attack models and measure the resilience of the router to such
attacks and the impact on legitimate traffic.
Related bibliography:
TBD
Project
4:Graphical Network Monitoring and Configuration Tool
using SNMP.
Design and Implementation of a Graphical Tool to configure
and monitor Routers and End Hosts using SNMP.
Phase 1:
Study how SNMP Mibs work and create a program to use SNMP to collect
data from routers and end hosts that run the SNMPD service. For this
first phase, we are interested in monitoring the routers and end hosts
and depicting the data using a graphical tool. For example, you can
collect bandwidth utilization data and plot them for different time
scales (e.g. minute(s), hour(s), day(s) ).
Phase 2:
Use the same tool to send SNMP messages that will configure
the routers and the end hosts. At the beginning of this phase we will
establish the scope of this configuration parameters to be specific
to the interfaces of the Cisco 2600 routers we have in the lab. You
can also use the Cisco 7000 series routers we have in case you want
to expand the type of interfaces you want to configure using the tool.
Related bibliography:
TBD
Project
5: BGP route view data analysis and trends.
This project is for students who are interested in analyzing
how BGP operates in practice. AS-level BGP messages will be collected
from various vantage points or we will utilize some already existing
e.g. from routeviews. The goal is to understand how BGP operates under
normal circumstances and when there is a network problem such as a
virus outbreak, a wrong prefix announcement etc. Extensive statistical
treatment of the data will be required to find the emerging behavioral
patterns and, if possible, to create an early warning tool for the
operators upon detection of problems or deviations from "normal".
Phase 1:
To be decided upon selection of the project. This project is more
open-ended and requires more effort and knowledge of the networking
material, especially BGP.
Phase 2:
TBD
Related bibliography:
Route views project
NANOG
Potaroo
BGP reports from Potaroo
Project 6: Analysis of stability and convergence
for routing protocols RIP, OSPF and BGP.
For this project you will have to measure the stability and time of
convergence for the widely used routing protocols. You will have to
setup different network topologies such as line, star, etc. and peering
relationships. Then you will inject artificial faults into the network
(link and router failures) and you will measure:
a) the effect to the end-to-end connectivity and reachability for
all the nodes participating in the network.
b) the time required for the routing protocol to converge to a stable
routing state.
c) the resource consumption on the routers: the number of messages
exchanged and cpu load during the instability.
Phase 1:
For this phase you will have to examine RIP and some OSPF topologies
including line and star topologies. The topologies will be easy to
setup but you have to setup also clients to test the end-to-end connectivity.
Phase 2:
BGP stability and convergence with various topologies
and peering relations. Also, we will see the effect of BGP instabilities
on intra-domain routing (OSPF).
Related bibliography:
Timothy G. Griffin and Brian J. Premore: An Experimental Analysis
of BGP Convergence Time. Proceedings of the 9th International Conference
on Network Protocols (ICNP 2001), November 2001.
Z.M. Mao and R. Govindan and G. Varghese and R. Katz: Route Flap Damping
Exacerbates Internet Routing Convergence, {Proceedings of ACM SIGCOMM
2002}, August 2002. [pdf]
Project
7: Kernel Network Support for P2P and Overlay networks.
Most of the modern overlay networks provide services either for the
participants of the overlay or for users that use the overlay as an
indirection infrastracture to achieve better network characteristics
such as low latency, high bandwidth etc. Since most of the overlays
are running on the Application layer, they have an inherent overhead
for the packet processing. The goal of this project is to minimize
that overhead by implementing "overlay" sockets that will
allow the userspace programs to instruct the kernel to redirect, forward
or drop packets depending on their source without having to traverse
the full stack. This project requires Linux (or *BSD) Kernel skills
since you will have to provide that service as a Loadable Kernel Module.
Phase 1:
Design of the module, basic redirection capabilities using netfilter.
Simple netfilter programs and the necessary hooks for Linux kernel
2.6 will be provided to the team.
Phase 2:
Allow packet capabilities to be included as part of the
kernel. Different application will be able to use the overlay and
impose different metrics.
Related bibliography:
Netfilter Project
Packet
Filter How-to
Project
8: Your Project?
Send me a detailed report of what you plan to do and the resources
required. Please be specific both in what your end goal is and how
this is related to the Networking Laboratory Class. In addition, send
me the names of the people that want to participate in this project
and if it is a large one the descriptions for both phases.
