Showing 1–4 of 4 results for author: Koral, Y

High-Fidelity Cellular Network Control-Plane Traffic Generation without Domain Knowledge

Authors: Z. Jonny Kong, Nathan Hu, Y. Charlie Hu, Jiayi Meng, Yaron Koral

Abstract: With rapid evolution of mobile core network (MCN) architectures, large-scale control-plane traffic (CPT) traces are critical to studying MCN design and performance optimization by the R&D community. The prior-art control-plane traffic generator SMM heavily relies on domain knowledge which requires re-design as the domain evolves. In this work, we study the feasibility of developing a high-fidelity… ▽ More With rapid evolution of mobile core network (MCN) architectures, large-scale control-plane traffic (CPT) traces are critical to studying MCN design and performance optimization by the R&D community. The prior-art control-plane traffic generator SMM heavily relies on domain knowledge which requires re-design as the domain evolves. In this work, we study the feasibility of developing a high-fidelity MCN control plane traffic generator by leveraging generative ML models. We identify key challenges in synthesizing high-fidelity CPT including generic (to data-plane) requirements such as multimodality feature relationships and unique requirements such as stateful semantics and long-term (time-of-day) data variations. We show state-of-the-art, generative adversarial network (GAN)-based approaches shown to work well for data-plane traffic cannot meet these fidelity requirements of CPT, and develop a transformer-based model, CPT-GPT, that accurately captures complex dependencies among the samples in each traffic stream (control events by the same UE) without the need for GAN. Our evaluation of CPT-GPT on a large-scale control-plane traffic trace shows that (1) it does not rely on domain knowledge yet synthesizes control-plane traffic with comparable fidelity as SMM; (2) compared to the prior-art GAN-based approach, it reduces the fraction of streams that violate stateful semantics by two orders of magnitude, the max y-distance of sojourn time distributions of streams by 16.0%, and the transfer learning time in deriving new hourly models by 3.36x. △ Less

Submitted 11 November, 2024; originally announced November 2024.

Navigating Connected Car Cybersecurity: Location Anomaly Detection with RAN Data

Authors: Feng Wang, Yaron Koral, Kenichi Futamura

Abstract: The cybersecurity of connected cars, integral to the broader Internet of Things (IoT) landscape, has become of paramount concern. Cyber-attacks, including hijacking and spoofing, pose significant threats to these technological advancements, potentially leading to unauthorized control over vehicular networks or creating deceptive identities. Given the difficulty of deploying comprehensive defensive… ▽ More The cybersecurity of connected cars, integral to the broader Internet of Things (IoT) landscape, has become of paramount concern. Cyber-attacks, including hijacking and spoofing, pose significant threats to these technological advancements, potentially leading to unauthorized control over vehicular networks or creating deceptive identities. Given the difficulty of deploying comprehensive defensive logic across all vehicles, this paper presents a novel approach for identifying potential attacks through Radio Access Network (RAN) event monitoring. The major contribution of this paper is a location anomaly detection module that identifies aberrant devices that appear in multiple locations simultaneously - a potential indicator of a hijacking attack. We demonstrate how RAN-event based location anomaly detection is effective in combating malicious activity targeting connected cars. Using RAN data generated by tens of millions of connected cars, we developed a fast and efficient method for identifying potential malicious or rogue devices. The implications of this research are far-reaching. By increasing the security of connected cars, we can enhance the safety of users, provide robust defenses for the automotive industry, and improve overall cybersecurity practices for IoT devices. △ Less

Submitted 2 July, 2024; originally announced July 2024.

Comments: Accepted by VTC2024-Spring

Characterizing and Modeling Control-Plane Traffic for Mobile Core Network

Authors: Jiayi Meng, Jingqi Huang, Y. Charlie Hu, Yaron Koral, Xiaojun Lin, Muhammad Shahbaz, Abhigyan Sharma

Abstract: In this paper, we first carry out to our knowledge the first in-depth characterization of control-plane traffic, using a real-world control-plane trace for 37,325 UEs sampled at a real-world LTE Mobile Core Network (MCN). Our analysis shows that control events exhibit significant diversity in device types and time-of-day among UEs. Second, we study whether traditional probability distributions tha… ▽ More In this paper, we first carry out to our knowledge the first in-depth characterization of control-plane traffic, using a real-world control-plane trace for 37,325 UEs sampled at a real-world LTE Mobile Core Network (MCN). Our analysis shows that control events exhibit significant diversity in device types and time-of-day among UEs. Second, we study whether traditional probability distributions that have been widely adopted for modeling Internet traffic can model the control-plane traffic originated from individual UEs. Our analysis shows that the inter-arrival time of the control events as well as the sojourn time in the UE states of EMM and ECM for the cellular network cannot be modeled as Poisson processes or other traditional probability distributions. We further show that the reasons that these models fail to capture the control-plane traffic are due to its higher burstiness and longer tails in the cumulative distribution than the traditional models. Third, we propose a two-level hierarchical state-machine-based traffic model for UE clusters derived from our adaptive clustering scheme based on the Semi-Markov Model to capture key characteristics of mobile network control-plane traffic -- in particular, the dependence among events generated by each UE, and the diversity in device types and time-of-day among UEs. Finally, we show how our model can be easily adjusted from LTE to 5G to support modeling 5G control-plane traffic, when the sizable control-plane trace for 5G UEs becomes available to train the adjusted model. The developed control-plane traffic generator for LTE/5G networks is open-sourced to the research community to support high-performance MCN architecture design R&D. △ Less

Submitted 26 December, 2022; originally announced December 2022.

SNAP: Stateful Network-Wide Abstractions for Packet Processing

Authors: Mina Tahmasbi Arashloo, Yaron Koral, Michael Greenberg, Jennifer Rexford, David Walker

Abstract: Early programming languages for software-defined networking (SDN) were built on top of the simple match-action paradigm offered by OpenFlow 1.0. However, emerging hardware and software switches offer much more sophisticated support for persistent state in the data plane, without involving a central controller. Nevertheless, managing stateful, distributed systems efficiently and correctly is known… ▽ More Early programming languages for software-defined networking (SDN) were built on top of the simple match-action paradigm offered by OpenFlow 1.0. However, emerging hardware and software switches offer much more sophisticated support for persistent state in the data plane, without involving a central controller. Nevertheless, managing stateful, distributed systems efficiently and correctly is known to be one of the most challenging programming problems. To simplify this new SDN problem, we introduce SNAP. SNAP offers a simpler "centralized" stateful programming model, by allowing programmers to develop programs on top of one big switch rather than many. These programs may contain reads and writes to global, persistent arrays, and as a result, programmers can implement a broad range of applications, from stateful firewalls to fine-grained traffic monitoring. The SNAP compiler relieves programmers of having to worry about how to distribute, place, and optimize access to these stateful arrays by doing it all for them. More specifically, the compiler discovers read/write dependencies between arrays and translates one-big-switch programs into an efficient internal representation based on a novel variant of binary decision diagrams. This internal representation is used to construct a mixed-integer linear program, which jointly optimizes the placement of state and the routing of traffic across the underlying physical topology. We have implemented a prototype compiler and applied it to about 20 SNAP programs over various topologies to demonstrate our techniques' scalability. △ Less

Submitted 4 July, 2016; v1 submitted 2 December, 2015; originally announced December 2015.