An Untold Story of Middleboxes in Cellular Networks

August 29, 2011

An Untold Story of Middleboxes in Cellular Networks (PDF)
Source: University of Michigan and Microsoft Research

The use of cellular data networks is increasingly popular as network coverage becomes more ubiquitous and many diverse usercontributed mobile applications are available. The growing cellular traffic demand means that cellular network carriers are facing greater challenges to provide users with good network performance and energy ef?ciency, while protecting networks from potential attacks. To better utilize their limited network resources while securing the network and protecting client devices, the carriers have already deployed various network policies that influence traffic behavior. Today, these policies are mostly opaque, though they directly impact application designs and may even introduce network vulnerabilities.

We present NetPiculet, the first tool that unveils carriers’ NAT and firewall policies by conducting intelligent measurement. By running NetPiculet in the major U.S. cellular providers as well as deploying it as a smartphone application in the wild in more than 100 cellular ISPs, we identified the key NAT and firewall policies which have direct implications on performance, energy, and security. For example, NAT boxes and firewalls set timeouts for idle TCP connections, which sometimes cause significant energy waste on mobile devices. Although most carriers today deploy sophisticated firewalls, they are still vulnerable to various attacks such as battery draining and denial of service. These findings can inform developers in optimizing the interaction between mobile applications and cellular networks and also guide carriers in improving their network con?gurations.

About these ads
Follow

Get every new post delivered to your Inbox.

Join 929 other followers

%d bloggers like this: