Thursday, August 25, 2011

Evolution Has Ossified the Internet

The Internet is evolving, according researchers at the Georgia Institute of Technology, but unfortunately extinction has resulted in a rigid structure where all information is being forced through a small set of mid-layer protocols that reduce flexibility and decrease security. To remedy, Georgia Tech recommends restructuring the mid-layers into a set of nonoverlapping protocols that do not compete with one another and thus will not become extinct as they evolve.Anyone who has used the Internet for very long knows about its evolution by the number of extinct protocols that are no longer used. For instance, FTP (File Transfer Protocol) used to be the only way to transmit files too large for SMTP (Simple Mail-Transfer Protocol), but clever programmers have devised ways of using server-side algorithms to deliver large files using HTTP (Hypertext Transfer Protocol). As a result, FTP has become virtually extinct on all but legacy systems.
Researchers at the Georgia Institute of Technology wondered if these evolution and extinction phenomena on the Internet were in any way similar to evolution and extinction in nature. After all, protocols could be viewed as species that compete for resources, with the weaker ones eventually becoming extinct. Similarly, the evolution of the Internet's architecture could be described as a competition among protocols, with some thriving and others becoming extinct.
To test their theory, the group headed by computer science professor Constantine Dovrolis crafted a research program that tracks the evolution of architectures, called EvoArch. The overall goal was to help understand how protocols evolve in order to develop better ones that protect the Internet from the wide variety of threats it is facing today and to prevent extinctions that ossify the Internet, making it more vulnerable to attacks. The general conclusion derived from EvoArch was that unless new protocols are crafted to avoid competition, they will inevitably lead to extinctions.

The six layers, from top to bottom, are specific applications (like Firefox), application protocols (like HTTP), transport protocols (like TCP), network protocols (like IP), data-link protocols (like Ethernet) and physical layer protocols (like DSL).  
In particular, the six layers of the Internet have evolved into an hour-glass shape where protocols at the very top and bottom continue to evolve, but where those toward the middle have become stagnant, leaving unnecessary security-risk opportunities open for exploitation.
At the top application layer where browsers, email clients, video and audio streamers exist, there is still plenty of diversity and competition among alternatives. Evolution here is still healthy, weeding out the weaker applications and strengthening those with better security. At the application protocols layer, where HTTP, SMTP and newer protocols like RTP (Real-time Transfer Protocol) exist, extinction has eliminated some of the weaker protocols, but enough variety still exists.
In the middle layers, however, extinction has left only a few survivors, ossifying its structure. At the transport layer (layer three), TCP (Transmission Control Protocol) competes with only a few other alternatives, such as UDP (User Datagram Protocol), and at layer five, the network protocol, IP (Internet Protocol) and ICMP (Internet Control Message Protocol) are used almost exclusively. Diversity resurfaces at layers five and six, where Ethernet and other data-link protocols such as PPP (Point-to-Point Protocol) communicate with a wide variety of physical layer protocols including DSL (digital subscriber line), coaxial cable and fiber optic alternatives.
From running simulations with the EvoArch program these researchers have concluded that the only way to reintroduce diversity into the middle layers without inevitable extinctions is to create protocols that do not overlap with the others. By thus eliminating competition for the same resources, a rich set of middle layer protocols with increased security should be able to survive.

No comments: