Mathematics Colloquia and Seminars

Return to Colloquia & Seminar listing

Description

As the Internet becomes an essential part of our everyday life, it has grown to a complex distributed networked system that is hard to characterize. This talk highlights the needs to develop the foundations for measuring and validating the system behavior of the Internet. For example, how does one measure, predict, or validate end-to-end reachability or security property between two points in the network? The first part of the talk focuses on characterizing service availability of IP-networks, an important metric that captures transient routing dynamics and reflects user-perceived network performance. We illustrates how graph-theoretic properties like node degree or network diameter) fails predict service availability, making it imperative to use our new metrics for comparing topologies and network design. The second part of the talk discusses a methodology for validating end-to-end reachability of packets, which requires the knowledge of not only the physical network topology, but also the software configuration of various components along the way, such as routers, firewalls, and NATs. The concatenation of the configuration rules of routers, firewalls, NATs, can be viewed as a specialized software program. In our initial work, we applied static analysis to examine firewall rules for policy violations and inconsistencies at different levels: intra-firewall, inter-firewall, and cross-path. The results are promising, paving a new direction to extend theories of single-machine computation to predict and/or validate end-to-end behavior of large, complex networks.