1、Can We Pay for What We Get in 3G Data Access?,ACM MOBICOM 2012 Istanbul, Turkey,Chunyi Peng, Guan-Hua Tu, Chi-Yu Li, Songwu Lu University of California, Los Angeles,Mobile Data Access is Popular,Internet,Core Cellular Network,62% US broadband users with wireless data plans; 1.2 billion global users
2、for mobile web.,C PENG (UCLA) MOBICOM12,2,Mobile Data Accounting,Internet,Cellular Network,$,C PENG (UCLA) MOBICOM12,3,Accounting in 3G Networks,Internet,3G Cellular Network,BS,UE,VOP_RAW,VOP,Alice,Policy,C PENG (UCLA) MOBICOM12,4,Accounting done at SGSN/GGSN Accounting policy defined by carriers,2
3、Issues in 3G Accounting,VUE,VOP,C PENG (UCLA) MOBICOM12,5,Contributions,First work to assess mobile data accounting Largely successful, but pathological cases do exist Study accounting discrepancy between the operators log and the users record Identify 2 extreme cases WE PAY FOR WHAT WE DO NOT GET W
4、E GET WHAT WE DO NOT PAY FOR Explore root causes limitation in accounting architecture Loopholes in policy practice Suggest remedies,C PENG (UCLA) MOBICOM12,6,Methodology,Conduct experiments over 2 US carriers Partial validation with 3rd US carrier and 2 operators in China and Taiwan Both extreme an
5、d common cases Use Android phones for mobile data access in various test scenarios Accessing accounting records VOP from operators #1: Dial-in for the remaining monthly data usage #2: Online itemized data usage BillAudit: logging usage VUE smartphones,C PENG (UCLA) MOBICOM12,7,The Rest of Talk,“Over
6、charging” Extreme cases Average cases Root cause: limitation in 3G accounting architecture “Undercharging” Root cause: Loopholes in policy enforcement “Gray” areas Discussion and summary,C PENG (UCLA) MOBICOM12,8,WE PAY FOR WHAT WE DO NOT GET,9,Extreme Case: No Signal,DL-NS experiment over UDP,(1) I
7、ssue a UDP-based service,(3) UDP traffic for t mins (rate: s),VUE,VOP,VSR,Result: s = 50Kbps, t = 10 minsVOP VSR= 50K x10 x 60/8 = 3.75MBVUE 0UEs PAY FOR WHAT THEY DO NOT GET.,C PENG (UCLA) MOBICOM12,10,How Bad the Gap Can Be?,Gap = VOP VUE S T UDP source S: 50Kbps 8Mbps Duration T: 1min 6 hourslast
8、s at least three hours! Observed gap reaches 450MB (t = 1h, s = 1Mbps)!,Operator-I, t = 1min,Source Rate (Mbps),C PENG (UCLA) MOBICOM12,11,Root Cause,VUE -,VOP,3G accounting decision takes local view at SGSN/GGSN, w/o using feedback from end-host.,C PENG (UCLA) MOBICOM12,12,Still-Bad Case: Even With
9、 Signals,DL-NS experiments with different signal strength,(1) Issue a UDP-based service,(3) UDP traffic for t mins (rate: s),VUE,VOP,VSR,(2) Stay in different zones,Server,3G Network,C PENG (UCLA) MOBICOM12,13,Gap Exists Even With Signals!,S , Gap RSSI , Gap Cause: Packet drops over radio link.,Sour
10、ce Rate (Kbps),UEs PAY FOR WHAT THEY DO NOT GET, though wireless link exists!,(Kbps),C PENG (UCLA) MOBICOM12,14,Still-Bad Case: Intermittent Signals,When users lose signals for a while but recover them shortlyThe gap exists with transient lost links Buffering and retransmission over radio links may
11、reduce the gap (see the paper) UEs PAY FOR WHAT THEY DO NOT GET, when they temporarily (10+ seconds) lose wireless links!,C PENG (UCLA) MOBICOM12,15,So Terrible In Reality?,Good news: Probably not!,TCP/App control will teardown it (adjust its incoming rate),Gap for DL-NS over TCP: 2.9 50KB,VOP-,C PE
12、NG (UCLA) MOBICOM12,16,Application Behaviors,DL-NS tests with 5 applications: Web, Skype, YouTube, PPS streaming, VLC streaming over VPN,Mobile accounting is largely successful in practice. Users may occasionally be overcharged,It depends on when and how app control works.,C PENG (UCLA) MOBICOM12,17
13、,Real User Performance,Two-week usage for 7 users,C PENG (UCLA) MOBICOM12,18,3 Views on “Overcharging”,Optimistic view: not too bad in reality, no fix Built-in TCP/application control is sufficientAlternative (Operators) view: not to intend to account the data volume to end-hosts, but the one traver
14、sing the core network, no need to fix Security: What if that the data is not what users want? Audit: How to guarantee that inside accounting is correct?Conservative view: need to fix it Users should pay for what they get 3G accounting architecture should not depend on external control,C PENG (UCLA)
15、MOBICOM12,19,Proposals,Exploit feedback from devices in accounting decision E.g., using info already collected by cellular networks,VRNC_unsent,VOPVOP - VRNC_unsent,Packet drops,C PENG (UCLA) MOBICOM12,20,WE GET WHAT WE DO NOT PAY FOR,21,Loopholes in Accounting Policy Practice,Policy: Free DNS Servi
16、ce,VOP (DNS) = 0,Loophole: A DNS flow should be identified by five tuples (src_addr, dest_addr, src_port, dest_port, protocol ID)But only dest_port (+ protocol ID) is used in practice,Policy + Loophole any fake DNS message, or any real data packet using DNS port (53), can be free of charge!,VOP (ANY
17、-over-DNS) = 0,C PENG (UCLA) MOBICOM12,22,Our Findings,Free DNS policy enforcement Operator-I: Packets via port 53 are free Operator-II: Packets via UDP+Port 53 are freeExploit “DNS tunneling” for free data access Proxy server (outside 3G network) relays packets to/from UE via Port-53 Observed: Free
18、 data access 200MB, VOP = 0 No sign to limit “free” data volume,C PENG (UCLA) MOBICOM12,23,More on Operator Policy,Other carriers 3rd US carrier: free DNS by June 2012, no free after July China/Taiwan carriers: no free DNS service at all Accounting policy is operator specificOther free or differenti
19、al-pricing policies Free Internet access to a given website Hack: web redirection for free Internet access Free access via a specific Access Point Name (APN) Hack: use this APN, not the default APN Unlimited plans/discounts for Facebook access Similar to web redirection if we can evade Facebook (pro
20、bably not),C PENG (UCLA) MOBICOM12,24,Discussion and Proposals,Operators have freedom to define their own policy Flexibility to compete in the market Gap between policy and policy enforcement Should be conflict free Otherwise, policy may open loopholes unanticipatedSimplest fix: stop free DNS servic
21、e Negligible DNS traffic volume in normal cases Other options: DNS server authentication Quota Message integrity check,Policy,C PENG (UCLA) MOBICOM12,25,“GRAY” ACCOUNTING AREAS,26,Effect of Middle-boxes,Middle-boxes lead to inconsistent accounting views at the core network and the end host Pay for t
22、he uplink to a non-existing host due to FTP/HTTP proxy,Invalid link,VOP 0,Middle-box,C PENG (UCLA) MOBICOM12,27,Packet Drops over the Internet,Misbehaviors over the Internet can incur extra mobile data charging Packet drops over the internet increases volume within cellular networks,28,Packet drops,
23、VOP ,TCP ReTX,C PENG (UCLA) MOBICOM12,28,Overhead for Wanted Content,VOP covers protocol overhead and app. signaling HTTP redirection: #redirection , VOP Email: significant protocol overhead for sending a short email Skype: significant protocol management overheadVOP covers Ads, or whatever users ma
24、y not expect Hidden cost for free-version applications with more Ads? Security issue?Content-centric charging?,C PENG (UCLA) MOBICOM12,29,Beyond Accounting,Revisit charging/accounting design principles Cooperate with Internet? Segmented charging for one data service? Who should pay?Receiver-based, s
25、ender-based, or both (current practice)? For what?Volume? Content? Part of content? What if using different pricing schemes?,C PENG (UCLA) MOBICOM12,30,Discussion and Future Work,Revisit accounting architecture What failures and losses should be handled? What mechanisms are indispensable for given f
26、ailures? When and how does the end host report delivery losses? How to ensure that the feedback information is secure and trustworthy?How many mechanisms should be placed into the future cellular network standards? Policy and policy enforcement,C PENG (UCLA) MOBICOM12,31,Summary,First assessment of
27、mobile data accounting system over operational 3G networks Largely successful, but also exceptions Accounting discrepancy between the operators log and the users record Identify two extreme cases: WE PAY FOR WHAT WE DO NOT GET WE GET WHAT WE DO NOT PAY FOR Explore root cause in accounting architecture & policy Propose remedy suggestions Many research issues ahead e.g., security, auditing, pricing, ,C PENG (UCLA) MOBICOM12,32,
