All Slides

Design and Basic Evaluation of Virtual IPv4 based CYPHONIC adapter

埋め込みコード

iframe
<iframe src="https://www.ren510.dev/slides/embed/design-and-basic-evaluation-of-virtual-ipv4-based-cyphonic-adapter/" title="Design and Basic Evaluation of Virtual IPv4 based CYPHONIC adapter" width="100%" style="aspect-ratio:1.778" frameborder="0" allowfullscreen></iframe>
script タグ
<script defer class="ren510-slide-embed" data-slug="design-and-basic-evaluation-of-virtual-ipv4-based-cyphonic-adapter" data-ratio="1.7777777777777777" src="https://www.ren510.dev/static/slides/embed.js"></script>
🤖 AI による要約 ✨
  1. P.1Title slide. "Design and Basic Evaluation of Virtual IPv4 based CYPHONIC adapter" presented at IMCIC 2022
  2. P.2Presentation outline covering network security, CYPHONIC concept, issues, objective, proposed system, evaluation, and conclusions
  3. P.3Comparison of perimeter security model and zero-trust security model. Cloud and IoT spread drives demand for zero-trust
  4. P.4Requirements for zero-trust security model. Direct device connection needed for secure end-to-end communication across diverse network environments
  5. P.5Concept of CYPHONIC (CYber PHysical Overlay Network over Internet Communication). Supports inter-connectivity, seamless mobility, and secure authentication
  6. P.6Issues of conventional CYPHONIC. General nodes like IoT and embedded devices cannot install CYPHONIC programs
  7. P.7Objective: Proposal of virtual IPv4 based CYPHONIC adapter to perform CYPHONIC communication on behalf of general nodes
  8. P.8Components of CYPHONIC: CYPHONIC Node, Authentication Service (AS), Node Management Service (NMS), and Tunnel Relay Service (TRS)
  9. P.9Processing functions in CYPHONIC node: Signaling Module, CYPHONIC Resolver Module, and Packet Handling Module
  10. P.10System model of CYPHONIC node showing data flow between application, CYPHONIC Daemon, virtual/real interfaces, and the Internet
  11. P.11Concept of CYPHONIC adapter. Extends CYPHONIC Daemon to perform communication on behalf of general nodes and manage their information
  12. P.12Processing functions in CYPHONIC adapter: Signaling, Packet Handling, General Node Management, Address Configuration, and Interface Handling Modules
  13. P.13System model of CYPHONIC adapter showing Adapter Daemon with management and communication functions connected via two real interfaces
  14. P.14Sequence diagram for getting general node information: authentication, registration, and information retrieval from AS and NMS
  15. P.15Sequence of general node configuration: virtual IPv4 address assignment via DHCPv4, authentication, and registration for general nodes
  16. P.16Sequence of overlay network communication: route selection, tunnel establishment, ARP process, and data communication
  17. P.17Basic evaluation setup. Measuring adapter processing time and communication performance using Raspberry Pi 4 and MacBook Air
  18. P.18Detailed evaluation process: DNS response time and ARP response time measurement during initial communication
  19. P.19Results of initial communication delay. General node: 28.00ms total. Route selection is the dominant factor in processing time
  20. P.20Communication performance results. General node via adapter achieves 30+ Mbps throughput with minimal overhead compared to CYPHONIC node
  21. P.21Conclusions. Proposed system provides CYPHONIC communication capabilities to general nodes without significant overhead
  22. P.22Question & Answer slide
  23. P.23Appendix: UDP throughput of general node. Bidirectional measurements from 10-50 Mbps with loss rate details
  24. P.24Appendix: UDP throughput of CYPHONIC node. Measurements from 10-50 Mbps showing minimal packet loss
  25. P.25Appendix: DNS packet processing in CYPHONIC adapter. Domain filtering and virtual IP resolution via Local DNS Server and Signaling Module
  26. P.26Appendix: Difference in processing methods between CYPHONIC node (dual virtual interfaces) and CYPHONIC adapter (single interface with classifier)
  27. P.27Appendix: Detailed system model of CYPHONIC node showing DNS resolver, domain filter, mobility management, and packet handling
  28. P.28Appendix: Detailed system model of CYPHONIC adapter showing Daemon functions, adapter functions, and dual real interfaces
  29. P.29Appendix: Comparison of conventional technologies (STUN, ICE, Mobile IPv4, DSMIPv6) with CYPHONIC for inter-connectivity and mobility
  30. P.30Appendix: Overview of CYPHONIC architecture with AS, NMS, TRS components enabling secure end-to-end communication via overlay network
  31. P.31Appendix: CYPHONIC layer model showing how the overlay network adds a unique CYPHONIC layer between transport and network layers
  32. P.32Appendix: PDU flow in CYPHONIC. CYPHONIC Daemon encapsulates virtual IP packets with UDP and sends via real interface
  33. P.33Appendix: Authentication process sequence. MN authenticates with AS via SSL/TLS, generates common key for NMS communication
  34. P.34Appendix: Registration process sequence. MN sends network information to NMS and receives virtual IP address
  35. P.35Appendix: Route selection process. MN requests communication path to NMS, which distributes route direction and Tunnel Key to both nodes
  36. P.36Appendix: Route selection process via TRS. Adds Temp Key mechanism for relay scenarios where TRS must not obtain End Key
  37. P.37Appendix: Tunnel establishment process. MN generates End Key, exchanges with CN via Tunnel Request/Response encrypted with Tunnel Key
  38. P.38Appendix: Tunnel establishment process via TRS. End Key encrypted with Temp Key to prevent TRS from obtaining it during relay