UDP Transmission Simulation
By Indra Dewaji, part of assignment of Computer Architecture and Mobile Networks, University of York, September 2021
Last updated
By Indra Dewaji, part of assignment of Computer Architecture and Mobile Networks, University of York, September 2021
Last updated
The main functionality of the program is to transmit the data from the sender to the receiver using the User Datagram Protocol (UDP). The transmission of the packet is sent by using “Stop and Wait” method and “Go Back N” method. The program is built using Java (Liberica JDK 11). Java is acknowledged as one of the programming languages with reliable capabilities for networking [1]. Java is a platform independence programming language that provides libraries that include security, sending and receiving data, and other networking tools, which makes programming networking in Java is much easier compared to other programming languages [1].
The program is divided into Sender and Receiver programs. The sender uses a generic method for both methods, differentiated by the parameter of the sliding windows. The Stop and Wait will use sliding windows size 1, while Go Back N method is using sliding windows size 5. On the receiver side, the method is also used as a generic method to accept and send an acknowledgment to the sender. To transmit the packet, the sender program is using dataTransmission method, while accepting and receiving the packet in the receiver program is using TransmissionReceiver method. The program structure explains in Appendix A and the program test result is captured in Appendix B. The generic method for sending and receiving covered both methods which are explained below.
Stop and wait method on UDP data transfer, is a method to send data packets in a block, and then receive by the receiver. If the negative acknowledgment is sent by the receiver, the transmitter should retransmit the same packet [2]. As an illustration, figure 1 describes how the program works.
The logic for the Stop and Wait method is implemented in the below steps:
a. The sender starts by sending the packet reads from the file, each packet concatenates with the sequence identifier as header.
b. The ACK sent by the receiver for the successfully packet and NAK for the incorrect packet received, it’s limited only if the packet is blank, but can be improved in the future enhancement with the byte checks for any corrupted data.
c. After sending NAK, the receiver will discard the packet and wait for the same packet to be resent by the sender.
d. If the re-transmit is successfully accepted, the receiver will add the packet into the ArrayList in the sequence.
e. The sender sends an “end” packet as an identifier that the packets are complete.
f. After receiving an “end” packet from the sender, the receiver combines all the received packets in re-arrange into the fully arranged data and displays it on the screen.
Figure 1. Stop and Wait [3, p.248]
In the Go-Back-N (GBN) protocol, multiple data packets are transmitted without waiting for the acknowledgment, but it’s limited to a maximum number [3]. Figure 2 visualizes the scenario of GBN Protocol.
The logic for Go-Back-N (GBN) Protocol implemented in the below steps:
a. The sender starts by sending the packet read from the file, each packet concatenates with the sequence identifier as header.
b. After the pre-defined Sliding Windows packet is sent, the acknowledgment is requested. The ACK was sent by the receiver for the successfully received packet and NAK for the incorrect packet.
c. For any NAK sent, the next sequence of packets received by the receiver is discarded and request the sender to re-transmit the NAK packet within the new sliding windows sequence.
d. The packet that was successfully received is inserted into the ArrayList and combined all after receiving the “end” identifier packet into readable data, then displays on the screen.
Figure 2. Go-Back-N Protocol [7]
In the transportation layer routing, User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) are the two protocols largely used. The characteristic of User Datagram Protocol (UDP) is connectionless, which means that it does not require a handshake when sending a message, only provides best efforts service from end-to-end delivery [4]. Data handling in these two protocols use different methods. TCP is used connection-oriented, guarantees the delivery of the message, with error handling to make sure the packet reaches the destination [6]. UDP uses a simple transport method, connectionless, and simple error handling [6]. Table 1. shows the comparison between TCP and UDP.
TCP
UDP
Make sure the transmission is successful and the lost packet is re-sent
Lost packet is not tracked
The sequence number used and re-order packet that sent in wrong order
No checking in the packet when reaching the destination
Additional functionality added which has the implication of slowness of the transmission
No additional functionality added which has resulted in a better time of transmission
The OS needs to keep track of the transmission which needs additional resources
Simple transmission and fewer resources require
Sample program and service use in TCP:
- HTTP
- HTTPS
- FTP
Sample program and service use in UDP:
- DNS
- IP Telephony
- DHCP
- Video Streaming
Table 1. Comparison between TCP and UDP [6]
From the table above, we can see there are typical issues in UDP such as lost packets are not tracked and no checking in the packet when reaching the destination. Other typical issues stated by Kurose and Rose are no congestion control and no message continuation [3, p231]. TCP has reliable transmission over the network. It helps to determine specific computer should be connected in the network, providing how the data should be transmitted, addressed, packetized, routed, and received [8]. But TCP has more overhead since additional functionality was added which has the implication of slowness of the transmission.
UDP is suitable for fast transmission but does not rely on the accuracy of the packet. As an example, the video streaming application usually will transmit large data but requires fast transmission. The security aspect is not really considered, and data packet loss is accepted to some extent. With the typical UDP using a simple transmission with less additional packet check, this could be a benefit over the TCP approach.
Many applications are using UDP, such as DNS, IP Telephony, DHCP, Video Streaming, or even a Multiplayer game. The data packet loss during data exchange is not a concern when UDP is used. Also, a handshake during data exchange is not required.
However, there are some identified security issues on the data exchange with UDP. One of them is sniffing or Denial of Service (DoS). Sniffing is the process to capture and decode data packets transmitted over the network with the sniffer application [9]. The methods in the sniffing attack are divided into promiscuous and non-promiscuous. The promiscuous attack is linked to the method that the sniffer steals the information from the traffic passing over all the network, while a non-promiscuous attack steals the information between sender and receiver [9]. The sniffing attack is either executed manually or using sniffing tools which are nowadays available as an open-source application.
There is also another potential security risk is in the Simple Network Management Protocol (SNMP) using UDP. The message was sent as plain text through SNMP. The attacker will pretend like the real requester and send false SNMP responses. The message would easily be decoded by the attacker since it’s just plain text without any encryption [10]. SNMP is an application-layer protocol to monitor and control between server and managed devices [3, p.452].
Domain Name Server (DNS) attack is the other common attack over UDP. The translation between hostnames and IP address is the method used in DNS [10]. Fake reply with the wrong IP address commonly used by an attacker. It’s re-routed the packet sent by the sender to the fake requester which the attacker managed.
Currently, the authentication method is used to secure the DNS. DNS Security Extension (DNSSec) is one of the methods to secure the DNS. The security feature added into DNSSec such as Resource Record Signature, Next Secure, Delegation Signer, and DNS Public Key [11]. Common attack into origin authentication of the DNS, or attack into data integrity, or the method of authenticated denial of existence, protected by DNSSec [11].
To mitigate the attacks above, we can use a protocol built on top of UDP such as Datagram Transport Layer Security (DTLS). DTLS can run in unreliable protocols such as UDP [14, p.1]. Even though UDP doesn’t require any handshake, DTLS has the mechanism of a handshake between sender and receiver. The handshake protocol is responsible to identify the session identifier, an optional peer certificate, the method of compression, a chipper suite that helps secure the connection, a secret key, and a Boolean value as a state of the session can be resumed [14, p.5]. The handshake flow can be identify in the below steps as explained by Claeys, T. et al:
a. Peers agree on data exchange the compression method includes the encryption algorithm.
b. The peers will exchange the encryption key parameter and also perform mutual authentication.
c. The server sends the Server Certificate message depending on the authentication method and the cipher suite used, a method to secure the network connection. DTLS supports a root Raw Public Key (RPK) authentication, Certificate Authority Key (CA), and Pre-Shared Key (PSK).
d. The server requests mutual authentication through a Client Certificate request.
e. The final stage of the handshake protocol, the client sends ChangeCipherSpec message to indicate that the key session was successfully installed. The last steps allow both peers to acknowledge that the handshake process were successful.
As discussed in the previous section, sniffing is one security thread. But the sniffing method is also used to monitor the network. One of the popular tools is Wireshark which can run on multiple platforms under GNU General Public License [12, p.2]. Wireshark has the capability to capture, view, and analyze data packets that can help administrators to track the issues which affected the network performance, connectivity, or other problems [12.p,2].
Figure 3 and 4, shows the test from the previously created program captured in Wireshark. Wireshark can track the source and destination of the data packet including the size length and other information, such as port, IP address, or even data packet itself. At figure 4, we can see the data packet that has been sent.
The data packet is the basic entity in the network [12, p.1]. Security implies in the network is all about data packets. Our simple experiment shows how vulnerable the system is because all data and traffic can be captured by a single tool only. All information such as port number, IP Address, data can be seen barely.
The network interface used by Wireshark. Wireshark is a software tool that tracks network traffic. Wireshark is commonly used by a network administrator to review TCP retransmission and network troubleshooting. Wireshark is also commonly used by the Network Security controller to inspect intrusion from the attacker, and indicate malware has been injected into the network or identify a suspicious domain or IP addresses [13]. Wireshark could convert the network code into raw binary data that flow through the network. Wireshark could be used as intrusion detection control for the user who has knowledge of the intrusion mechanism. Some advanced features noted by Sakshi Singh and Suresh Kumar are display filter, I/O graph, network conversation window, coloring rules, and expert information [13].
Figure 3. Traffic Capture in the Wireshark
Figure 4. Details on the Packet Captured in Wireshark
Networking has evolved from year to year. Jon Oltsik in his article, suggests at least five features should have in modern security [15]. They are:
a. Cover end-to-end process.
b. Encryption/Decryption capabilities.
c. Business-oriented security.
d. Centralized control and distributed enforcement.
e. Comprehensive monitoring and analytics.
Scientific research should evolve following the threats that also evolve.
[1] Java Network Programming, Second Edition. O'Reilly Media, Inc. 2020. ISBN: 9781565928701.
[2] M. Moeneclaey, H. Bruneel, I. Bruyland and Doo-Young Chung, Throughput Optimization for a Generalized Stop-and-Wait ARQ Scheme, in IEEE Transactions on Communications, vol. 34, no. 2, pp. 205-207, February 1986, doi: 10.1109/TCOM.1986.1096507.
[3] Kurose and Rose. Computer Networking, a Top-Down Approach, 7th Edition, England, Pearson, 2017.
[4] G. Benelli. A new ARQ scheme using a go-back-N protocol. European transactions on telecommunications, 1990, Vol.1(6), p.615-620. ISSN: 1124-318X, 1541-8251; DOI: 10.1002/ett.4460010605.
[5] Natarajan Meghanathan. A Tutorial on Network Security: Attacks and Controls. Jackson State University, USA. https://arxiv.org/ftp/arxiv/papers/1412/1412.6017.pdf [Accessed: Oct. 2021]
[6] Al-Dhief, Fahad & Sabri, Naseer & Abdul Latiff, Nurul Muazzah & Nik Abd Malik, Nik Noordini & Abd Ghani, Mohd Khanapi & Mohammed, Mazin & Al-Haddad, R.N. & Dawood, Yasir & Ghani, Mohd & Ibrahim Obaid, Omar. (2018). Performance comparison between TCP and UDP protocols in different simulation scenarios. International Journal of Engineering & Technology. 7. 172-176.
[7] Fayza Ahmed Nada. Performance Analysis of Go-Back-N ARQ Protocol Used in Data Transmission Over Noisy Channels. Advances in Science, Technology and Engineering Systems Journal Vol. 5, No. 4, 612-617 (2020).
[8] C.O Ezeagwu, K. Ndubuisi, C. Tochukwu, and E. Alagbu. Comparative Analysis of OSI and TCP/IP Models in Network Communication. Quest Journals ISSN(Online) :2321-3795 pp: 08-14, 2021.
[9] B, Prabadevi & Nagamalai, Jeyanthi. (2018). A Review on Various Sniffing Attacks and its Mitigation Techniques. Indonesian Journal of Electrical Engineering and Computer Science. 12. 1117-1125. 10.11591/ijeecs.v12.i3.pp1117-1125.
[10] Camilla Olsen. Security Issues Relating to the Use of UDP. SANS Institute, 2003.
[11] DNS Security Extension. https://www.dnssec.net/ [Accessed: Oct. 2021]
[12] Banerjee, Usha & Ashutosh, Vashishtha & Mukul, Saxena. (2010). Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection. International Journal of Computer Applications. 6. 10.5120/1092-1427.
[13] Sakhsi Singh, Suresh K. Capability of Wireshark as Intrusion Detection System. International Journal of Recent Technology and Engineering (IJRTE). ISSN: 2277-3878, Volume-8 Issue-5, January 2020
[14] Claeys, T., Vucinic, M., Watteyne, T., Rousseau, F., Tourancheau, B. Performance of the Transport Layer Security Handshake Over 6TiSCH. Sensors 2021, 21, 2192. https://doi.org/10.3390/s21062192
[15] Jon Oltsik. 5 must-have features in a modern network security architecture. 2019. Cybersecurity Snippets. https://www.csoonline.com/article/3406475/must-have-features-in-a-modern-network-security-architecture.html [Accessed: Oct. 2021]
The program for sending the data kept in Sender.java file. It has three primary method, the main method is to control the whole of the program, the dataTransmission(File Path, Sliding Windows Size) method, used to transmit the data based on the sliding windows input parameter, and the readFromFile(File Path) method to read the data from the file.
Figure a.1. Sender.java Program Structure
The program for receiving the data kept in Receiver.java file. It has only two primary methods, they are the main() method is to control the whole program and the TramsmissionReceiver().
Figure a.2. Receiver.java Program Structure
Program Compilation:
a. Compilation for Sender.java, no error found.
b. Compilation for Receiver.java, no error found.
c. Run Receiver program.
d. Run Sender program.
e. Select method, first test is for Stop and Wait method, insert number 1 in the screen.
f. The packet sent to the receiver. In the receiver side, the packet accepted, arrange in sequence, and display in the screen. The program will close the session after receive all the packet.
g. Run the Receiver program again.
h. Run 2nd scenario for Go Back N method. Run Sender program and select 2nd method by inserting number 2 in the screen.
The file created as umbrella.txt and contains only text "Umbrella"
