Browse files

Merge branch 'master' of

  • Loading branch information...
2 parents e487f40 + 20e53d2 commit fd0b849359e2da02dff990a5773b0ea0967371a6 uberj committed Mar 8, 2012
@@ -0,0 +1 @@
+,uberj,,07.03.2012 16:04,file:///nfs/milo/u1/uberj/;
Binary file not shown.
@@ -0,0 +1,299 @@
+Tor is a popular Anonymity network. To use the network users setup an Onion
+Proxy (OP). Users then download a list of Onion Routers (OR) from a directory
+servers. The user selects, usually, three ORs to construct a circuit. Then, the user
+establishes an encrypted connection to the first OR through it's OP. The user
+then builds another connection to the second OR through the connection it
+build with the first OR. Using its OP and the first OR, the user then builds a
+similar connection between the second and third OR. The user can now use this
+circuit to use the internet anonamasly.
+The majority of users experience delay when using Tor. Users that experience
+too much delay will choose not to use Tor which consequently will make Tor
+less effective tool.
+Connection - A node to node connection is defined as a TCP/TLS connection
+between two nodes on the network.
+Circuit - A circuit exists within a connection. Multiple circuits can exists over
+a single connection.
+Cell - One 512K data unit in the Tor network.
+Ingress - Refers to the entry point of a network.
+(TCP) Socket Buffer - A TCP connection has two sides. The TCP socket buffer is
+where packets are stored while they wait to be sent or wait to processed after
+being received.
+Uptime - The uninterrupted time period a computer has spent in a functional state.
+Any breaks (like turning off) causes the uptime to be reset.
+Bulk Transfer - Transferring large files using a protocol like BitTorrent, FTP,
+SFTP, etc...
+Stock Tor - The default version of Tor officially released by the Tor Project.
+Sliding Window - A sliding windows ensures that the sending side of a
+connection does not send too many packets without confirmation that at least
+some of the packets have been received. TCP uses a sliding window.
+RTT - The Round Trip Time is the length of time for a signal to be sent plus
+the amount of time it takes to receive confirmation of signal being received.
+Chaabane, A., Manils, P., and Kaafar, M.A. “Digging into Anonymous Traffic: A Deep Analysis of the Tor
+Anonymizing Network.” Network and System Security (NSS), 2010 4th International Conference on. 2010,
+167 –174.
+Chaabane et al. investigated which applications were using the Tor network and
+what effect did those applications have on network performance?
+Data was collected twice, once during December 2009 and again in January 2010.
+The two data sets displayed similar trends and were in aggregate format to
+ensure no user IP addresses were stored. The researchers were very careful not
+to break privacy laws or infringe on the privacy of the users. OpenDPI, an
+open source deep packet inspection tool, was used to classify network traffic.
+Which protocols use the most bandwidth and what type of content does a user
+interact with while using Tor? There were two answers to this questions.
+First, BitTorrent traffic was disproportionally the top contributer to
+bandwidth usage. Reinforcing this, one quarter of the recorded traffic was
+unidentifiable by DPI techniques. The researchers were able to confirm with
+certainty that this traffic was encrypted BitTorrent. Using torrent infohashes
+it was determined that copyrighted movies, games, and T.V. shows were the most
+commonly torrented content type.
+Second, HTTP is responsible for the majority of the connections being made
+over the Tor network. Popular content included (in order from most popular to
+least popular): Search Engine/Portals, Pornography, Computer/Internet, Social
+Networking, and Blogs/Web Communication.
+It was also found that many users use Tor as an easy way to set up a SOCKS
+proxy and that the use of non-encrypted protocols is minimal. Seventy percent
+of clients that connected to the controlled entry nodes originated from only
+10 countries.
+The authors hope that the data that they collected would help later
+researchers identify and fix problems in Tor.
+Dhungel, P., Steiner, M., Rimac, I., Hilt, V., and Ross, K.W. “Waiting for Anonymity: Understanding Delays
+in the Tor Overlay.” Peer-to-Peer Computing (P2P), 2010 IEEE Tenth International Conference on. 2010, 1 –4.
+Primary Research Question
+Dhungel et al. focused on the causes of delay in the Tor network. They ran
+their experiments on the actual Tor network from August 2009 to March 2010.
+The researchers used 4 nodes, three of which they controlled, to isolate an
+Onion Router. They broke the observed delay into two types: router delay,
+which is caused by queuing and processing data cells, and latency, which is
+caused by delays in the connection median.
+The main question being investigated was whether router delay or latency
+was a larger issue for performance on the Tor network.
+Experiments were conducted in the actual Tor network and trends in collected
+data was consistent over multiple trials of the experiment. It was shown that
+when there is a delay of greater than one second it is probably caused by
+router delay. Different routers can cause varying delays, but the majority of
+routers introduced less than 100ms of delay.
+Experimental results showed fluctuation in router delay. The authors reason
+that either the Tor router selection algorithm is causing the fluctuations or
+the machine that is running the router is using bandwidth elsewhere to server
+other applications.
+By isolating a router in a lab environment, it was discovered that most router
+delay was caused by a bottle neck in the TCP output socket write buffer. This
+deemed a common situation when the router was handling large amounts of
+It was also shown that total delay caused by a router does not have any
+correlation with it's advertised bandwidth.
+The paper concludes by recommending modification to Tor's path selection
+algorithm and cell scheduling algorithm.
+Moore, W. Brad, Wacek, Chris, and Sherr, Micah. “Exploring the potential benefits of expanded rate limiting
+in Tor: slow and steady wins the race with Tortoise.” Proceedings of the 27th Annual Computer Security
+Applications Conference. ACSAC ’11. New York, NY, USA: ACM, 2011, 207–216.
+Primary Research Question
+Moor et al. propose introducing a universal rate limit to improve the
+performance of web traffic in Tor.
+The idea of blocking all BitTorrent by using DPI was explored and rejected on
+the grounds that doing so would run contrary to Tor's purpose: to provide
+users with unfiltered access to the internet. Furthermore, users could bypass
+DPI by disguising their traffic (by compression or encryption) to render DPI
+The authors propose an incentive based strategy called Tortoise that would
+encourage users to run their own relays. Tortoise would impose a universal
+rate limit on all users at the ingress of the Tor network. Internal nodes in
+the network will not be filtered and it is theorized that this will motivate
+users who use high amounts of bandwidth to set up their own relay Onion
+Routers to bypass the universal rate limit. It is not intended that all users
+run relays, especially the users that are connecting from countries who's
+internet is filtered.
+By simulating a 1000 node Tor network that was running Torties, webclients
+only saw a %15 decrease in transfer speed while bulk transfer users
+experienced a %31 decrease in available bandwidth. This decrease in available
+bandwidth was considered to be enough to motivate high bandwidth users to run
+their own relays, causing improvements to network performance.
+Tortoise would require that a relay be listed as 'STABLE' and 'FAST' by the
+Tor directory service (these labels are only given to relays that have had
+stable uptime for two weeks). This would prevent users from quickly setting up
+a temporary relay and easily bypassing the rate limit. The reliance on
+accurate directories is noted as a necessary deficiency. Also, advanced users
+could circumvent Tortoies. Tortoise may decrease trade anonymity for higher
+performance because higher bandwidth connections can easily be identified as
+users who are preforming bulk transfer.
+Tortoies can cause and increase in CPU usage on an edge router because it has
+to apply the universal rate limit to all traffic that is sees. Tortoies is not
+compatible with Tor's bridge relays. It is also possible to launch an attack
+where a client achieves high bandwidth by spreading his connection over many
+Tor circuits. Tortoies has not been tried on the actual Tor network.
+Tang, Can and Goldberg, Ian. “An improved algorithm for tor circuit scheduling.” Proceedings of the 17th
+ACM conference on Computer and communications security. CCS ’10. New York, NY, USA: ACM, 2010, 329–
+Primary Research Question
+Tang et al. aimed to give to circuits that contain latency sensitive traffic
+priority other circuits that contain bulk transfer protocols. By prioritizing
+they hoped to make interactive content appear to load faster while not hurting
+the overall performance of bulk transfer protocols.
+EWMA (Estimated Weighted Moving Average), sometimes referred to as the "rolling
+average", is an algorithm to remove the influence of data collected in the
+past and reflects recent trends in data set. TCP uses a similar weighted
+average when calculating RTT (Round Trip Times) when calibrating it's sliding
+window. EWMA was used to estimate how active a circuit was (cells per second).
+Circuits that were on average less active were given higher priority over
+circuits that had a higher cells-per-second average.
+Experiments were conducted to test the effectiveness of using a EWMA
+method. The first experiment consisted of isolating three Onion Routers and
+three clients and having the clients build circuits through the same
+connection. Two of the clients preformed bulk transfer over their circuit and
+the third client attempted to download a small 300KB file (similar to the size of
+webpage). Timing data was collected with the stock Tor and then all three ORs
+were enabled with EWMA and data was again collected. Results showed an
+performance boost of 2.17 seconds when downloading the small file.
+A second experiment was set up exactly like the first and explored whether
+enabling EWMA on some routers and not others had any affect on performance.
+The results found that the effectiveness of EWMA depends on severity of
+congestion within the network.
+A third experiment asked, where does a cell spends most of it's time
+when traveling through an Onion Router? This experiment was run locally on a
+single router. Timing data was collected at three points: when a cell entered
+a circuit queue, when the cell moved from the circuit queue to the TCP socket
+output buffer, and when the cell finally left the TCP socket buffer. The results
+proved that a cell spends most of it's time waiting to be flushed out of the
+circuit queue into the TCP socket buffer. When the EWMA algorithm was enabled the
+observed time a cell spent in the circuit queue was dramatically reduced from
+653 milliseconds to 115 milliseconds.
+The negative effect felt by bulk transfer protocols when the EWMA algorithm
+was enabled was negligible. Also, overhead caused by the calculations required
+to carry out EWMA were also negligible. It is fair to assume that enabling an
+EWMA algorithm to schedule Tor traffic improves the performance of latency
+sensitive protocols on the Tor network.
+Tschorsch, Florian and Scheuermann, Bjorn. “Tor is unfair: And what to do about it.” Local Computer
+Networks (LCN), 2011 IEEE 36th Conference on. 2011, 432 –440.
+Primary Research Question
+Tschorsch et al. focused on what changes to Tor's scheduling algorithm could
+make fairness between circuits possible and consequently improve performance
+of interactive protocols like HTTP.
+The authors define 'fair' as being able to use resources freely when they are
+available but not over using them when a router is overloaded with traffic. As
+an example, if two circuits exist on a connection and both are allocated 1/2
+of the bandwidth, one of the circuits may use more than half of the bandwidth
+while the other circuit is idle. But, if both circuits are saturated with
+traffic, no one circuit will use more than it's share of the bandwidth.
+The goal of modifying the scheduling algorithm was to allow no circuit to
+over use it's bandwidth allocation while not imposing new communication
+overhead between between routers.
+Instead of scheduling traffic for individual circuits, Tor's current scheduler
+services connections in a round robin fashion. When a node is at it's
+bandwidth limit it evenly divides bandwidth between all outgoing connections
+leaving a connection with two circuits getting the same bandwidth allocation
+as a connection containing one circuit; two circuits will get 1/4 of the
+bandwidth while the other gets 1/2, this is not fair.
+The authors proposed two changes to the scheduler. The first change was to
+switch to scheduling circuits instead of connections. Second, the researchers
+suggest a modified version of a min-max fairness algorithm be implemented.
+This algorithm would ensure greedy circuits do not over use their
+bandwidth allocation while also allowing a circuit to contribute their
+unused bandwidth to other circuits.
+Tor's sliding window (a mechanism that is very similar to TCP's sliding
+window) is too large and is end-to-end (end-to-end meaning there is one window
+that spans the entire circuit and all connections that circuit travels). The
+researchers made separate windows exist between each router and reduced the
+maximum size of the window. A faster response to network congestion was
+observed under the new design.
+The researchers combined their new scheduler design with the modifications to
+the sliding window and observed major improvements to fairness and network
+latency in lab results.
+They recommend that their implementation be tested on the actual Tor network.
+AlSabah, Mashael, Bauer, Kevin, Goldberg, Ian, Grunwald, Dirk, McCoy, Damon, Savage, Stefan, and
+Voelker, Geoffrey M. “DefenestraTor: throwing out windows in Tor.” Proceedings of the 11th international
+conference on Privacy enhancing technologies. PETS’11. Berlin, Heidelberg: Springer-Verlag, 2011, 134–154.
+AlSahah et al. wanted improve congestion by modifying Tor's window policy.
+A router running stock Tor has no way of notifying an upstream router that it
+is experiencing congestion. The authors propose using a strategy found in ATM
+networks called N23. N23 would require modifying the logic on all routers that
+comprise Tor. N23 would cause overloaded routers to notify upstream routers
+that they were experiencing bandwidth overload. In N23 a hard upper bound is
+set on how many packets can be buffered at each router along a given circuit.
+Another approach would be to either reduce the static windows size, or make
+the windows size dynamic. This solution is preferable only entry and
+exit routers would need to be modified.
+Testing was done in a simulated network. The data suggested that strategies
+that relay on modifying windows sizes improve webpage response times by up to
+%65 but leave large portions of bandwidth unused and actually harm average
+time it takes to download a webpage.
+N23 ensured a steady flow of packets from entry to edge router. Also, N23 was
+able to respond to congestion quickly, specifically one in RTT.
+The authors conclude their finding by recommending the adoption of N23 within
+the Tor network.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
@@ -0,0 +1 @@
+The process of Lean design can be used in the manufacturing field. The purpose of Lean is to reduce waste in a system to make it more effective. It was found that the definition of Lean is drifting but Lean is generally applicable to product development processes. The review questions whether or not Lean can be used in 'white collar' areas. Lean has traditionally been used in manufacturing. To incorporate Lean into product development, the entire process must be re-engineered to be better understood. To apply Lean there will have to be strong leadership and further research on applying Lean design to product design.
@@ -0,0 +1,60 @@
+Writing a summary is a process:
+Step 1.
+ Read the article... more than once.
+ First time:
+ Read for a general sense of what is there and what it is about
+ Don't worry about taking notes
+ Don't re-read stuff
+Step 2.
+ Read it again. and again and again.
+ Write notes, highlight, highlight
+ Looking for :
+ General Topic - What is it about?
+ Main idea - Authors arguments, what are they trying to communicate
+ * specific examples of these ideas
+Step 3.
+ Write a one sentence summary of each paragraph in order.
+Step 4.
+ Write a once sentence summary of the whole document. (a.k.a A Thesis Statement)
+Step 5.
+ Write 1st draft.
+ Format
+ ++++++
+ Thesis
+ ...
+ (Sentances written in Step 3)
+ ...
+ Add connective tissue.
+Step 6.
+ Check summary against the original.
+Step 7.
+ Revise and proof read. (Two very different things)
+ Revision
+ --------
+ Re-thinking, seeing things again, maybe starting again.
+ Proof Read
+ ----------
+What must we know?
+* General Topic
+* Background content
+ * Define Lean
+ * Explain manufacturing usage
+ * Example: Toyota manufacturing system
+* Research Question
+* Scope and Methodology
+* Findings
+* Issues
+* Conclusion/Recommendataions
+Summary length
+600 to 1000 words per article. *Comprehensive*

0 comments on commit fd0b849

Please sign in to comment.