We evaluated both FreeBSD and Linux for our software development. FreeBSD has generally been regarded as higher quality for networking protocol development, but Linux has made great progress in catching up in this regard. Linux has a much wider developer community.
We evaluated the ability of Linux to provide the needed timing accuracy (for embedding watermarks and analyzing traffic). Our experiments show that timer accuracy within 10 ms is easy to achieve. Better accuracy can be obtained if necessary by changing the kernel timing interrupt frequency, or by the use of timer polling rather than interrupts.
Our software is implemented using the netfilter and iptables packages in Linux.
We have joined the Planetlab consortium. We found a utility for sniffing packets belonging to our slice, called "sniffdump", available at http://www.planet-lab.org/raw_sockets/notes_files.html . The output can be converted to tcpdump format for parsing and presentation by a variety of tools. The great thing about planetlab is that it provides a large number of nodes, and experiments are subjected to the normal WAN effects that all applications experience in the Internet.
"Off-Line" (Simulated) Watermarking and Analysis
We have implemented the software for off-line watermarking and analysis, based on our technique. This software has been used to generate the results reported in our paper. A version of this software is available in binary form, with a front-end GUI that is programmed in Java. The software runs under Linux 2.4.22 (and possibly earlier versions). You will need to have Java installed under Linux to run this program
Screenshots of the GUI are:
This software is available upon request to participants in the IAIC program, and other persons designated by Richard Brackney of ARDA. This software is not available publicly at the present time.
"On-Line" (Wire-Speed) Watermarking and Analysis
We have implemented software for (a) embedding a watermark (b) perturbing traffic timing as it is being forwarded and (c) analyzing the traffic to detect the presence of watermarks. The algorithm is based on our CCS 2003 paper. The software runs under Linux 2.4.22 (and possibly earlier versions), and requires a kernel mod.
A version of this software is available in binary form. Normally, you would use 3 or more hosts to test it: one machine originates traffic and embeds the watermark; one machine perturbs the traffic timing and forwards the traffic; another machine receives the traffic and analyzes it for the presence of the watermark. All 3 programs are executed under control of a centralized test setup and monitoring module. This software is available upon request to participants in the IAIC program, and other persons designated by Richard Brackney of ARDA.
Most recently, we have implemented a new watermark embedding method that is more robust, requires fewer packets, and executes in real-time. This version of the on-line software is available upon request to participants in the IAIC program, and other persons designated by Richard Brackney of ARDA. This software is not available publicly at the present time.
Analysis of the Method
We have conducted large-scale experiments to determine the effectiveness of our method under a variety of conditions, and to explore the proper setting of watermarking parameters. We have implemented many types of timing perturbations, based on uniform and normal statistical distributions, a model we call the "batched release" (or "traffic light") model, a self-similar distribution, and a traffic smoothing perturbation.
The new watermark embedding method is highly robust to all of these timing perturbations. This work has been submitted for publication.
|last updated March 25, 2005 by reeves at eos dot ncsu dot edu|