23rd IEEE International Conference on Network Protocols, ICNP 2015, San Francisco, CA, USA, November 10-13, 2015. IEEE Computer Society 【DBLP Link】
【Paper Link】 【Pages】:1-10
【Authors】: Jiaqi Zheng ; Hong Xu ; Guihai Chen ; Haipeng Dai
【Abstract】: To maximize data center network utilization, the SDN control plane needs to frequently update the data plane as the network conditions change. Since each switch updates its flow table independently and asynchronously, the state transition -- if done directly from the initial to the final stage -- may result in serious flash congestion and packet loss. Prior work strives to find a congestion-free update plan with multiple stages, each with the property that there will be no congestion independent of the update order. Yet congestion-free update requires part of the link capacity to be left vacant and decreases utilization of the expensive network infrastructure. Further, it involves solving a series of LP, which is slow and does not scale well. In this paper, we study the more general problem of minimizing transient congestion during network update, given the number of intermediate stages. This exposes the tradeoff between update speed and transient congestion, and allows an operator to navigate a broader design space for performing network update. We formulate the minimum congestion update problem (MCUP) as an optimization program and prove its hardness. We propose an approximation algorithm and a greedy improvement algorithm to find the update sequence in an efficient and scalable manner. Extensive experiments with Mininet show that our solution reduces update time by 50% and saves control overhead by 30% compared to state of the art.
【Keywords】: Transient analysis; Switches; Routing; Approximation algorithms; Wide area networks; Algorithm design and analysis; Optimization
【Paper Link】 【Pages】:11-21
【Authors】: Carlo Fuerst ; Maciek Pacut ; Paolo Costa ; Stefan Schmid
【Abstract】: Virtualized datacenters offer great flexibilities in terms of resource allocation. In particular, by decoupling applications from the constraints of the underlying infrastructure, virtualization supports an optimized mapping of virtual machines as well as their interconnecting network to their physical counterparts: essentially a graph embedding problem. However, existing embedding algorithms such as Oktopus and Proteus often ignore a crucial dimension of the embedding problem, namely data locality: the input to a cloud application such as MapReduce is typically stored in a distributed, and sometimes redundant, file system. Since moving data is costly, an embedding algorithm should be data locality aware, and allocate computational resources close to the data, in case of redundant storage, the algorithm should also optimize the replica selection. This paper initiates the algorithmic study of data locality aware virtual cluster embeddings on datacenter topologies. We show that despite the multiple degrees of freedom in terms of embedding, replica selection and assignment, many problems can be solved efficiently. We also highlight the limitations of such optimizations, by presenting several NP-hardness proofs, interestingly, our hardness results also hold in uncapacitated networks of small diameter.
【Keywords】: Bandwidth; Virtual machining; Servers; Nickel; Optimization; Substrates; Distributed databases
【Paper Link】 【Pages】:22-31
【Authors】: Jiawei Huang ; Yi Huang ; Jianxin Wang ; Tian He
【Abstract】: Modern data center nowadays leverages highly concurrent TCP connections between thousands of computer servers to achieve high system performance and service reliability. However, recent works have shown that, in the many-to-one and barrier-synchronized communication pattern, a large number of concurrent TCP connections suffer the TCP Incast problem due to packet drops in shallow-buffered Ethernet switches. This problem unavoidably leads to severe under-utilization of link capacity. In this work, we first reveal theoretically and empirically that controlling the IP packet size reduces the Incast probability much more effectively than controlling the congestion windows in the presence of severe congestion. We further present the design and implementation of Packet Slicing, a general supporting scheme that adjusts the packet size through a standard ICMP signaling method. Our method can be deployed on commodity switches with small firmware updates, while making no modification on end hosts. Another highlight of our work is Packet Slicing's broad applicability and effectiveness. We integrate Packet Slicing transparently (i.e., without modification) with three state-of-the-art TCP protocols designed for data centers on NS2 simulation and a physical testbed, respectively. The experimental results show that Packet Slicing remarkably improves network goodput across different TCP protocols by average 26× under severe congestion, while introducing little I/O performance impact on both switches and end hosts.
【Keywords】: congestion control; data center network; TCP
【Paper Link】 【Pages】:32-42
【Authors】: Daibo Liu ; Mengshu Hou ; Zhichao Cao ; Yuan He ; Xiaoyu Ji ; Xiaolong Zheng
【Abstract】: Due to the constraint of energy resource, the radio of sensor nodes usually works in a duty-cycled mode. Since the sleep schedules of nodes are unsynchronized, a sender has to send preambles to coordinate with its receiver(s). In such contexts, opportunistic forwarding, which takes the earliest forwarding opportunity instead of a deterministic forwarder, shows great advantage in utilizing channel resource. The multiple forwarding choices with temporal and spatial diversity increase the chance of collision tolerance in concurrent transmissions, potentially enhancing end-to-end network performance. However, the current channel contention mechanism based on collision avoidance is too conservative to exploit concurrency. To address this problem, we propose COF, a practical protocol to exploit the potential Concurrency for low power Opportunistic Forwarding. COF determines whether a node should concurrently transmit or not, by incorporating: (1) a distributed and light-weight link quality measurement scheme for concurrent transmission and (2) a synthetic method to estimate the benefit of potential concurrency opportunity. COF can be easily integrated into the conventional unsynchronized sender-initiated protocols. We evaluate COF on a 40-node testbed. The results show that COF can reduce the end-to-end delay by up to 41% and energy consumption by 18.9%, compared with the state-of-the-art opportunistic forwarding protocol.
【Keywords】: Low power; Wireless sensor networks; Concurrent transmission; Opportunistic forwarding
【Paper Link】 【Pages】:43-53
【Authors】: Marcel Flores ; Uri Klarman ; Aleksandar Kuzmanovic
【Abstract】: FM radio, typically broadcast in the 87.5 to 108.0Mhz range, is widely available in urban areas and beyond. Contrary to GPS, it effectively penetrates buildings, contrary to 3G/4G or TV, FM radio receivers are becoming freely available in mobile devices. Indeed, nearly every smart phone and many other consumer electronics today have a built-in FM chip. In this paper, we demonstrate that this ubiquitous in-the-air and on-device FM radio availability presents a unique opportunity to address some of the fundamental wireless networking problems. In particular, we focus on the problem commonly arising in home networks where devices from neighboring, yet autonomous and non-collaborative, Wi-Fi networks systematically "step on each other's feet", i.e., interfere and degrade each other's performance. We show that the digital signal that accompanies broadcast FM radio has sufficient structure to enable effective scheduling relative to it. It thus provides a common reference for neighboring devices to harmonize their transmissions, yet without requiring any explicit communication among them. To the best of our knowledge, our system is the first to enable such mutually-beneficial, autonomous, and implicit harmonization among Wi-Fi devices across administrative network bounds.
【Keywords】: Frequency modulation; IEEE 802.11 Standard; Synchronization; Encoding; Wireless networks; Mobile handsets
【Paper Link】 【Pages】:54-65
【Authors】: Muhammad Owais Khan ; Lili Qiu ; Apurv Bhartia ; Kate Ching-Ju Lin
【Abstract】: Transmission failures are common in wireless networks due to dynamic channel conditions and unpredictable interference. To efficiently recover from failures, we proposea smart retransmission scheme where the receiver combines information received from multiple failed transmissions associated with the same frame. The smart retransmission has two distinguishing features: (i) it can simultaneously supportpartial retransmission and combines bits with low confidence, and (ii) it has the first combining-aware rate adaptation scheme, which selects the data rates for all transmissions associated withthe same frame to maximize overall throughput. We find thatcombining-aware rate adaptation is essential to harnessing thecombining gain. Using trace-driven simulation and USRP testbedexperiments, we demonstrate the feasibility and effectiveness ofour approach, and show it significantly out-performs the existingschemes, such as WiFi, partial packet recovery (PPR), andSOFT in terms of both throughput and energy.
【Keywords】: partial recovery; WiFi; rate adaptation
【Paper Link】 【Pages】:66-77
【Authors】: Apurv Bhartia ; Yi-Chao Chen ; Lili Qiu ; George Nychis
【Abstract】: This paper proposes a novel routing protocol, DM+, to achieve distributed spatial multiplexing gain in wireless mesh networks. It lets multiple nodes simultaneously send and receive different streams over each hop. To realize this goal, we propose an optimization framework that jointly optimizes spatial multiplexing, routing, and rate limits while taking into account wireless interference. We further design and implement a practical routing protocol that (i) enforces the optimized multiplexed routes, (ii) synchronizes transmissions from different senders, (iii) encodes and decodes analog signals to support simultaneous transmissions, and (iv) compensates for the frequency offset incurred over a multihop path. Using QualNet simulation and USRP implementation, we show it significantly out-performs state-of-the-art shortest path routing and opportunistic routing protocols. To our knowledge, this is the first routing protocol and prototype that achieves distributed spatial multiplexing in a real multihop network.
【Keywords】: wireless mesh networks; MIMO; routing
【Paper Link】 【Pages】:78-89
【Authors】: Michael Markovitch ; Stefan Schmid
【Abstract】: This paper presents SHEAR, a highly available hybrid network architecture which marries distributed legacy protocols with Software-Defined Networking (SDN) technology. SHEAR is based on a small deployment of Openflow switches which serve as “observability points”: SHEAR leverages legacy distributed control plane protocols to detect and localize failures, but outsources the actual failover logic to the logically centralized SHEAR controller, which can make faster and more informed routing decisions. Moreover, the Openflow switches are used to logically decompose the legacy network into loopfree components, enabling a simple and flexible traffic-engineering. The deployment problem solved by SHEAR can be seen as a new variant of a network tomography problem, and may be of independent interest. Our simulations show that in enterprise networks, between 2 to 10 % Openflow switches are sufficient to implement SHEAR. We also report on our prototype implementation which detects a failure and reroutes traffic in less than .3 seconds in our testbed-much faster than what is achieved by the less flexible and distributed legacy protocols. More generally, SHEAR demonstrates that in contrast to common belief, operating a hybrid software defined network can be simple, and given its benefits, a partial Openflow deployment may even be a long-term solution.
【Keywords】: Network Tomography; Resiliency; Robustness; Software-Defined Networking
【Paper Link】 【Pages】:90-99
【Authors】: Yi Hu ; Feixiong Zhang ; K. K. Ramakrishnan ; Dipankar Raychaudhuri
【Abstract】: Network topology plays a critical role while designing and evaluating network protocols. Most existing topology generators are insufficient to reflect the real world network demands to a topology or to capture the Internet topology evolution such as the "flattening" Internet. They focused on the graph properties of a topology, thus, lacking of ability to model engineering features of the network. Some state-of-art topology generators that consider engineering factors fail to capture trends in both intra-AS and inter-AS connections, which are equally important for evaluating future network protocols. We have developed a topology generator GeoTopo, which is to our best knowledge the first scalable topology generator modeling engineering factors for both intra-AS and inter-AS topology generation. The engineering factors that GeoTopo considers include demographic and geographic features as well as business interests of ASes. We use GeoTopo to create and study three classes of topologies: the topology characterized mainly by graph-properties (Status Quo topology), the topology driven by peering at Internet Exchange Points (IXP topology) and the topology characterized by country backbones (CB topology). The SQ topology follows the degree-based model and serves as a baseline for capturing topology features. The IXP and CB topologies model two major directions of the Internet "flattening". The three classes of topologies enable us to analyze the impact of engineering factors on topology generation such as AS peering policies, IXP deployment and AS geo-settings. GeoTopo's ability to generate projected future Internet topologies make it a valuable tool for the design and evaluation of Future Internet Architectures that is currently under consideration in the research community. We use the evaluation of Global Name Resolution Service (GNRS), a key component shared by name-based network architectures, as an example application to demonstrate GeoTopo's capability to capture the mobility of network entities, the locality of the traffic, and the impact of the evolving network.
【Keywords】: Topology; Network topology; Internet; Generators; Business; Urban areas; Protocols
【Paper Link】 【Pages】:100-110
【Authors】: Shuai Hao ; Haining Wang ; Angelos Stavrou ; Evgenia Smirni
【Abstract】: Accessing Internet services relies on the Domain Name System (DNS) for translating human-readable names to routable network addresses. At the bottom level of the DNS hierarchy, the authoritative DNS (ADNS) servers maintain the actual mapping records and answer the DNS queries. Today, the increasing use of upstream ADNS services (i.e., third-party ADNS-hosting services) and Infrastructure-as-a-Service (IaaS) clouds facilitates the establishment of web services, and has been fostering the evolution of the deployment of ADNS servers. To shed light on this trend, in this paper we present a large-scale measurement to study the ADNS deployment patterns of modern web services and examine the characteristics of different deployment styles, such as performance, life-cycle of servers, and availability. Furthermore, we focus specifically on the DNS deployment for subdomains hosted in IaaS clouds.
【Keywords】: Cloud computing; Web servers; Web and internet services; Domain Name System
【Paper Link】 【Pages】:111-122
【Authors】: Min Chen ; Shigang Chen
【Abstract】: Per-flow traffic measurement, which is to count the number of packets for each active flow during a certain measurement period, has many applications in usage accounting, traffic engineering, service provision and anomaly detection. In order to maintain the high throughput of routers or switchers, the per-flow traffic measurement module should use high-bandwidth SRAM that allows fast memory accesses. Due to the limited SRAM space, exact counting, which requires to keep a counter for each flow, does not scale to large networks consisting of numerous flows. Some recent work takes a different path to accurately estimate the flow sizes using counter architectures that can fit into tight SRAM. However, existing counter architectures have some limitations, either still requiring considerable SRAM space, or having a very small estimation range. In this paper, we design a scalable counter architecture Counter Tree which leverages a two-dimensional counter sharing scheme to achieve far better memory efficiency and significantly extend estimation range. The extensive experiments with real network trace demonstrate that our counter architecture can produce accurate estimates for flows of all sizes even under a very tight memory space, e.g., 2 bits per flow.
【Keywords】: Radiation detectors; Random access memory; Size measurement; Estimation; Memory management; Time measurement
【Paper Link】 【Pages】:123-133
【Authors】: Zhiping Cai ; Min Chen ; Shigang Chen ; Yan Qiao
【Abstract】: Searching for widespread events in large networks is a fundamental function that underlies many important applications of distributed anomaly detection, traffic measurement, online data mining, etc. This function can be performed by a cooperative monitoring system consisting of a central coordinator and a number of monitors that are deployed at a set of vantage points. We formulate a network primitive function, called multi-monitor joint detection, which is to find the common events observed by all or a given subset of monitors during each measurement period. It is a challenging problem because large-scale cooperative monitoring can generate tremendous communication overhead. Therefore, it is critical to design a solution for multi-monitor joint detection which controls communication overhead to a low level. We thoroughly examine existing techniques that may be applied, and identify their performance limitations. We then propose two new techniques, called combinable filters and progressive filtering, which address the performance limitations from different angles. We formally prove the correctness of our new solutions based on a probabilistic joint detection model. Numerical evaluation shows that our best solution achieves an overhead reduction in the range of 63% to 91% over the Bloom filter solution under various simulation settings when the number of monitors is 10 or more.
【Keywords】: Monitoring; Probabilistic logic; Numerical models; Distributed databases; Protocols; Google; Ports (Computers)
【Paper Link】 【Pages】:134-144
【Authors】: Yipeng Wang ; Xiao-chun Yun ; Yongzheng Zhang
【Abstract】: Protocol traffic analysis is important for a variety of networking and security infrastructures, such as intrusion detection and prevention systems, network management systems, and protocol specification parsers. In this paper, we propose ProHacker, a nonparametric approach that extracts robust and accurate protocol keywords from network traces and effectively identifies the protocol trace from mixed Internet traffic. ProHacker is based on the key insight that the n-grams of protocol traces have highly predictable statistical nature that can be effectively captured by statistical language models and leveraged for robust and accurate protocol identification. In ProHacker, we first extract protocol keywords using a nonparametric Bayesian statistical model, and then use the corresponding protocol keywords to classify protocol traces by a semi-supervised learning algorithm. We implement and evaluate ProHacker on real-world traces, including SMTP, FTP, PPLive, SopCast, and PPStream, and our experimental results show that ProHacker can accurately identify the protocol trace with an average precision of about 99.42% and an average recall of about 98.64%. We also compare the results of ProHacker to two state-of-the-art approaches ProWord and Securitas using backbone traffic. We show that ProHacker provides significant improvements on precision and recall for online protocol identification.
【Keywords】: Protocols; Robustness; Internet; Payloads; Smoothing methods; Data models; Art
【Paper Link】 【Pages】:145-155
【Authors】: Yeli Geng ; Wenjie Hu ; Yi Yang ; Wei Gao ; Guohong Cao
【Abstract】: Computationally intensive applications may quickly drain mobile device batteries. One viable solution to address this problem utilizes computation offloading. The tradeoff is that computation offloading introduces additional communication, with a corresponding energy cost. Yet, previous research into computation offloading has failed to account for the special characteristics of cellular networks that impact mobile device energy consumption. In this paper, we aim to develop energy efficient computation offloading algorithms for cellular networks. We analyze the effects of the long tail problem on task offloading, formalize the computation offloading problem, and use Dijkstra's algorithm to find the optimal decision. Since this optimal solution relies on perfect knowledge of future tasks, we further propose an online algorithm for offloading. We have implemented this latter algorithm on Android-based smartphones. Both experimental results from this implementation and trace-driven simulation show that our algorithm can significantly reduce the energy of computation offloading in cellular networks.
【Keywords】: Servers; Smart phones; Mobile communication; Energy consumption; Computational modeling; Data communication
【Paper Link】 【Pages】:156-167
【Authors】: Azeem Aqil ; Ahmed Osama Fathy Atya ; Srikanth V. Krishnamurthy ; George Papageorgiou
【Abstract】: Streaming video content over cellular connectivity impacts the battery consumption of a client (e.g., a smartphone). The problem is exacerbated when the channel quality is poor because of a large number of retransmissions, moreover, streaming high quality video in such cases can negatively impact user experience (e.g., due to stalling). In this paper, we develop an analytical framework which can provide the user with an estimate of "how much" energy she can save by choosing to view a lower quality stream of the video she wishes to view. The framework takes as input the network conditions (in terms of packet error rate or PER) and a coarse characterization of the video to be viewed (slow versus fast motion, resolution), and yields as output the energy savings with different resolutions of the video to be viewed. Thus empowered, the user can then make a quick, educated decision on the version of the video to view. We validate that our framework is extremely accurate in estimating the energy consumption via both simulations, and experiments on smartphones (within ~5% of real measurements). We find that switching to a lower resolution video can potentially lead to ~418 mW (23.2%) decrease in the consumed power for slow motion video, and ~480 mW (26%) for fast motion video in bad channel conditions. This translates to an energy savings of 376.2 J and 432 J respectively, for video clips that are 15 minutes long.
【Keywords】: Streaming media; Energy resolution; Batteries; Energy states; Servers; Video recording; Quality assessment
【Paper Link】 【Pages】:168-178
【Authors】: Vijay Gabale ; Anand Prabhu Subramanian ; Ravi Kokku
【Abstract】: Recent studies have shown that mobile applications are increasingly becoming "chatty", resulting in excessive signaling load on cellular networks, potentially causing major network outages. One of the main causes of this signaling overload is the static dormancy timer that 3GPP-based networks employ to control the release of radio resources allocated to a device. To systematically manage the ever-increasing signaling load, we design a novel network-aware system named REACT for dynamically tuning the dormancy timers. In doing so, we highlight a key trade-off between signaling overhead on the network and energy consumed on mobile devices. Contrary to the prior work, our solution models and predicts traffic of mobile apps at the network side with high degree of accuracy, and then dynamically tunes the dormancy timer at a per-device, per-base-station or per-RNC granularity, the approach requires no modifications on mobile devices. Our evaluation shows that REACT reduces signaling overhead by more than a factor of 2 compared to current static setting of dormancy timers. Furthermore, network-aware dynamic tuning of dormancy timers enables a flexible system that can aggressively save energy on devices when the overall network load is low, and manages signaling overhead effectively during high network load.
【Keywords】: Mobile communication; Mobile computing; Tuning; Smart phones; Energy consumption; IEEE 802.11 Standard
【Paper Link】 【Pages】:179-188
【Authors】: Kang Chen ; Haiying Shen
【Abstract】: In mobile opportunistic social networks (MOSNs), mobile devices carried by people communicate with each other directly when they meet for proximity-based MOSN services (e.g., file sharing) without the support of infrastructures. In current methods, when nodes meet, they simply communicate with their real IDs, which leads to privacy and security concerns. Anonymizing real IDs among encountering neighbor nodes solves such concerns. However, this prevents nodes from collecting real ID based encountering information, which is needed to support MOSN services. Therefore, in this paper, we propose FaceChange that can support both anonymizing real IDs among neighbor nodes and collecting real ID based encountering information. To realize neighbor node anonymity, two encountering nodes communicate anonymously. Then, when the two nodes disconnect, each node forwards an encrypted encountering evidence to the encountered node to enable encountering information collection. A set of novel schemes are designed to protect the confidentiality and uniqueness of encountering evidences. FaceChange also supports fine-grained control over what encountering information should be forwarded based on attribute similarity (i.e., trust) without disclosing attributes. Extensive analysis and experiments show the effectiveness of FaceChange on protecting node privacy and meanwhile supporting the encountering information collection in MOSNs. Real implementation on smartphones also demonstrates its energy efficiency.
【Keywords】: Privacy; Mobile Opportunistic Social Networks; Anonymity
【Paper Link】 【Pages】:189-200
【Authors】: Christos Pappas ; Raphael M. Reischuk ; Adrian Perrig
【Abstract】: This paper presents FAIR, a forwarding accountability mechanism that incentivizes ISPs to apply stricter security policies to their customers. The Autonomous System (AS) of the receiver specifies a traffic profile that the sender AS must adhere to. Transit ASes on the path mark packets. In case of traffic profile violations, the marked packets are used as a proof of misbehavior. FAIR introduces low bandwidth overhead and requires no per-packet and no per-flow state for forwarding. We describe integration with IP and demonstrate a software switch running on commodity hardware that can switch packets at a line rate of 120 Gbps, and can forward 140M minimum-sized packets per second, limited by the hardware I/O subsystem. Moreover, this paper proposes a "suspicious bit" for packet headers -- an application that builds on top of FAIR's proofs of misbehavior and flags packets to warn other entities in the network.
【Keywords】: DDoS defense; Internet security; accountability
【Paper Link】 【Pages】:201-211
【Authors】: Wen Qi ; Yichen Xu ; Wanfu Ding ; Yonghang Jiang ; Jianping Wang ; Kejie Lu
【Abstract】: To protect user privacy, many smartphone systems, such as Android and Windows Phone, adopt the permission-based mechanism in which a user can evaluate the request of private information by a mobile app before installing it. However, recent studies show that the permission-based mechanism is vulnerable to application colluding attacks because two apps, which appear to be harmless individually, can establish a covert channel and use it to leak confidential information. In general, existing known covert channels usually work in a way that one app can modify the status of a system component, while the other can read the status. Even though several covert channel detection schemes have been proposed recently to fight against this type of covert channels, we point out that such designed covert channel detection schemes are not sufficient. In this paper, we demonstrate the possibility of establishing novel covert channels that work in quite different ways, in which one app (e.g., a game) can be designed deliberately such that the user will be induced to voluntarily modify the status of a system component (e.g., a motion sensor), while the other app can read the status of the system component. To validate our design, we implement three covert channels on Android. Our experiments show that these channels can bypass existing detection schemes. Moreover, we also measure the achievable throughput, error rate, and energy consumption in devices. The results demonstrate that our covert channels can achieve a transmission with high accuracy and low energy consumption. Our work sets a new alarm for the security issue of using smartphones.
【Keywords】: Motion sensor; Smartphone security; Covert channel; Application colluding attack
【Paper Link】 【Pages】:212-223
【Authors】: Yi-Hsuan Kung ; Taeho Lee ; Po-Ning Tseng ; Hsu-Chun Hsiao ; Tiffany Hyun-Jin Kim ; Soo Bum Lee ; Yue-Hsun Lin ; Adrian Perrig
【Abstract】: With the growing incidents of flash crowds and sophisticated DDoS attacks mimicking benign traffic, it becomes challenging to protect Internet-based services solely by differentiating attack traffic from legitimate traffic. While fair-sharing schemes are commonly suggested as a defense when differentiation is difficult, they alone may suffer from highly variable or even unbounded waiting times. We propose RainCheck Filter (RCF), a lightweight primitive that guarantees bounded waiting time for clients despite server flooding without keeping per-client state on the server. RCF achieves strong waiting time guarantees by prioritizing clients based on how long the clients have waited - as if the server maintained a queue in which the clients lined up waiting for service. To avoid keeping state for every incoming client request, the server sends to the client a raincheck, a timestamped cryptographic token that not only informs the client to retry later but also serves as a proof of the client's priority level within the virtual queue. We prove that every client complying with RCF can access the server in bounded time, even under a flash crowd incident or a DDoS attack. Our large-scale simulations confirm that RCF provides a small and predictable maximum waiting time while existing schemes cannot. To demonstrate its deployability, we implement RCF as a Python module such that web developers can protect a critical server resource by adding only three lines of code.
【Keywords】: maximum waiting time guarantees; DDoS; flash crowds
【Paper Link】 【Pages】:224-234
【Authors】: Thanh Dinh ; Tao Gu
【Abstract】: This paper investigates the suboptimal problem of existing state-of-the-art routing protocols when they are applied to heterogeneous duty-cycled wireless sensor networks (WSNs). In particular, we discover that the selected optimal routes with the least cost based their routing metric may not always lead to the least transmission cost. The key reason is that the existing routing metrics used do not sufficiently capture packet transmission cost in heterogeneous duty-cycled WSNs. To address this issue, we propose a novel routing metric, namely expected transmission cost (ETC), which efficiently captures packet transmission cost in heterogeneous duty-cycled WSNs by estimating both expected rendezvous cost and communication cost. Based on ETC, we design an opportunistic routing protocol (EoR) which is proved to select optimal routes with the least packet transmission cost. Our experimental results show that EoR outperforms the state-of-the-art protocols in terms of energy efficiency, latency, and packet delivery ratio.
【Keywords】: expected rendezvous cost; opportunistic routing; heterogeneous duty-cycled; wireless sensor network
【Paper Link】 【Pages】:235-244
【Authors】: Wei Dong ; Jie Yu ; Xiaojin Liu
【Abstract】: Wireless communications are inherently unreliable, especially for low-power wireless networks like 802.15.4. Packet corruptions typically occur because of interference, fading or noise. In this paper, we investigate the problem of corruption aware retransmission with adaptive coding in commercial-off-the-shelf (COTS) low-power devices. We propose an accurate corruption detection algorithm for identifying the number of corrupted bytes in a packet based on the RSSI time series during packet reception. Based on the corruption level, we design an adaptive coding scheme based on Reed Solomon (RS) codes. We carefully select the coding parameters so as to optimize the network performance. Finally, we design and implement CARE, a Corruption-Aware REtransmission protocol by incorporating corruption detection and adaptive coding. We conduct extensive experiments based on COTS low-power devices. Results show that CARE significantly improves the performance for weak and highly interfered links while incurring no additional overhead for good links.
【Keywords】: retransmission; low-power wireless; corruption detection; adaptive coding
【Paper Link】 【Pages】:245-255
【Authors】: Se-Yong Park ; Changhee Joo ; Yongseok Park ; Saewoong Bahk
【Abstract】: Multi-Path TCP (MPTCP) has attracted much attention as a promising technology to improve throughput performance of wireless devices that support multi-homed heterogeneous networks. Although MPTCP provides significant increase in network capacity, it may suffer from poor delay performance since the delay tends to be aligned with the worst-performing path: packets delivered through a short-delay subflow have to wait in the reordering buffer for packets being transmitted over a long-delay subflow. In this paper, we investigate the application-level delay performance of streaming traffic over MPTCP, and develop an analytical framework to take into account non-negligible network queuing delay and the interplay of congestion control between multiple subflows. We design a simple threshold-based subflow traffic allocation scheme that aims to minimize user-level delay and develop a receiver-centric traffic splitting control (R-TSC) that can be tuned to user preferences. The client-side R-TSC solution facilitates incremental deployment of low-delay streaming service over MPTCP. Through simulation and testbed experiments using commercial LTE and WiFi networks, we demonstrate significant performance gains over the standard MPTCP protocol.
【Keywords】: Delays; Receivers; Resource management; IEEE 802.11 Standard; Wireless networks; Throughput
【Paper Link】 【Pages】:256-266
【Authors】: Julien Herzen ; Albert Banchs ; Vsevolod Shneer ; Patrick Thiran
【Abstract】: It has recently been shown that "flexible channelization", whereby wireless stations adapt their spectrum bands on a per-frame basis, is feasible in practice. In this paper, we propose TF-CSMA/CA, an algorithm for flexible channelization that schedules packets in time and frequency domains. TF-CSMA/CA is a simple extension of the CSMA/CA protocol used by IEEE 802.11. Contrary to existing channelization schemes, it is entirely distributed and it reacts only to packet collisions, successful transmissions and carrier sensing. With TF-CSMA/CA, when a station is involved in a collision, it performs backoff in both time and frequency domains. Backing off also in the frequency domain allows the transmitters to be much more efficient and aggressive in the time domain, which significantly reduces the severe overheads present with recent 802.11 PHY layers. The main challenge, however, is that the stations need some level of self-organization in order to find spectrum bands of variable widths that minimize interference, while still efficiently using the available spectrum. Using analysis and simulations, we show that such an extension of CSMA/CA to the frequency domain drastically improves both throughput and fairness. Notably, it enables the stations to find interference-free spectrum bands of appropriate size using no communication -- relying only on collisions and successes as implicit signals.
【Keywords】: random access; wireless; spectrum; algorithm; analysis; MAC; scheduling; 802.11
【Paper Link】 【Pages】:267-278
【Authors】: Min Chen ; Shigang Chen
【Abstract】: Radio frequency identification (RFID) technologies are making their way into retail products, library books, debit cards, passports, driver licenses, car plates, medical devices, etc. The widespread use of tags in traditional ways of deployment raises a privacy concern: They make their carriers trackable. To protect the privacy of the tag carriers, we need to invent new mechanisms that keep the usefulness of tags while doing so anonymously. Many tag applications such as toll payment require authentication. This paper studies the problem of anonymous authentication. Since low-cost tags have extremely limited hardware resource, we propose an asymmetric design principle that pushes most complexity to more powerful RFID readers. Thus, we develop a lightweight technique that generates dynamic tokens for anonymous authentication. Instead of implementing complicated and hardware-intensive cryptographic hash functions, our authentication protocol only requires tags to perform several simple and hardware-efficient operations such as bitwise XOR, one-bit left circular shift, and bit flip. The theoretic analysis and randomness tests demonstrate that our protocol can ensure the privacy of the tags. Moreover, our protocol reduces the communication overhead and online computation overhead to O(1) per authentication for both tags and readers, which compares favorably with the prior art.
【Keywords】: Authentication; Protocols; Servers; Radiofrequency identification; Privacy; Hardware; Cryptography
【Paper Link】 【Pages】:279-290
【Authors】: Muhammad Shahzad ; Alex X. Liu
【Abstract】: RFID systems with battery powered active tags are widely used in various applications such as supply chain management and object tracking. In RFID identification, tags transmit their IDs to readers over a shared wireless medium, thus, transmissions from tags often collide causing some tags to use their scarce energy resources to retransmit their IDs. Existing RFID identification protocols are unfair in the sense that some tags transmit more times compared to others and thus deplete their batteries faster. Locating tags with depleted batteries for replacement is troublesome. This paper addresses the fundamental problem of ensuring required fairness in the number of transmissions per tag while minimizing identification time in active RFID tag identification. We propose the first Fair RFID Identification Protocol (FRIP) that can achieve any required amount of fairness. The key idea behind FRIP is to bound the expected number of tags that transmit more than once by finding optimal frame sizes for the standardized frame slotted Aloha. We implemented and performed side-by-side comparisons of FRIP with all nine major existing RFID identification protocols. Our results show that FRIP can achieve arbitrarily high fairness. FRIP reduces the average number of transmissions per tag by at least 2.62 times compared to the best existing protocol. At the same time, it is faster than the existing protocols. FRIP is easy to deploy because it is compliant with the C1G2 standard, and thus, requires no modifications to tags or to the communication protocol between tags and readers. It only needs to be implemented on readers as a software module. FRIP works with multiple readers.
【Keywords】: Identification; RFID; Fairness
【Paper Link】 【Pages】:291-301
【Authors】: Kun Zhao ; Chen Qian ; Wei Xi ; Jinsong Han ; Xue Liu ; Zhiping Jiang ; Jizhong Zhao
【Abstract】: Efficient and accurate tracking of device-free objects is critical for anti-intrusion systems. Prior solutions for device-free object tracking are mainly based on costly sensing infrastructures, resulting in barriers to practical applications. In this paper, we propose an accurate and efficient motion detection system, named EMoD, to track device-free objects based on cheap passive RFID tags. EMoD is the first RFID system that can estimate the moving direction as well as the current location of a device-free object by measuring critical power variation sequences of passive tags. Compared with previous solutions, the unique advantage of EMoD, i.e., the capability to estimate moving directions, enables object tracking using a much sparser tag deployment. We contribute to both theory and practice of this phenomenon by presenting the interference model that precisely explains it and using extensive experiments to validate it. We design a practical EMoD based intrusion detection system and implement a prototype by commercial off-the-shelf (COTS) RFID reader and tags. The real-world experiments results show that EMoD is effective in tracking the trajectory of moving object in various environments.
【Keywords】: Critical state; Device-free; Motion detection
【Paper Link】 【Pages】:302-312
【Authors】: Min Chen ; Shigang Chen
【Abstract】: Traditional radio frequency identification (RFID) technologies allow tags to communicate with a reader but not among themselves. By enabling peer communications between nearby tags, the emerging networked tags represent a fundamental enhancement to today's RFID systems. They support applications in previously infeasible scenarios where the readers cannot cover all tags due to cost or physical limitations. This paper is the first study on identifying state-free networked tags, which is a basic, fundamental function for most tagged systems. To prolong the lifetime of networked tags and make identification protocols scalable to large systems, energy efficiency and time efficiency are most critical. Our investigation reveals that the traditional contention-based protocol design will incur too much energy overhead in multihop tag systems. Surprisingly, a reader-coordinated design that significantly serializes tag transmissions performs much better. In addition, we show that load balancing is important in reducing the worst-case energy cost to the tags, and we present a solution based on serial numbers.
【Keywords】: Protocols; Radiofrequency identification; Routing; Load management; Clocks; Relays; Libraries
【Paper Link】 【Pages】:313-322
【Authors】: Yirong Yu ; Dan Li ; Yukai Huang
【Abstract】: Data center operators are accepting software defined networking (SDN) to manage their networks, but it remains challenging how to provide desirable virtual SDN services to tenants in a public cloud. We design SVirt, which enables highly flexible virtual SDN in a multi-tenant cloud by a substrate-agnostic SDN virtualization architecture. By redesigning the physical switch's processing pipeline with a "late-binding key extractor", SVirt supports virtual SDN switches with different processing pipelines simultaneously on a physical switch. In the control plane, SVirt enables "many-to-one" and "one-to-many" mapping when allocating the physical resource for a virtual network, which embraces arbitrary topology and TCAM resource demanded by a virtual network. In the data plane, SVirt explicitly carries the forwarding context information in the packets, overcoming the "context-loss problem" in a virtual SDN network. We develop a NetFPGA prototype of SVirt switch. Evaluations based on event-driven simulations and prototype-based experiments demonstrate that, compared with traditional approaches, SVirt significantly enhances the cloud's capability to accept various virtual SDN requests and improves the network's throughput.
【Keywords】: data center network; software defined network; network virtualization
【Paper Link】 【Pages】:323-333
【Authors】: Shuyong Zhu ; Jun Bi ; Chen Sun ; Chenhui Wu ; Hongxin Hu
【Abstract】: As the prevailing technique of Software-Defined Networking (SDN), OpenFlow introduces significant programmability, granularity and flexibility for many network applications to effectively manage and process network flows. However, OpenFlow only provides a simple "match-action" paradigm and lacks the function of stateful forwarding for SDN data plane, which limits it to support advanced network applications. Heavily relying on SDN controllers for all state maintenance incurs both scalability and performance issues. In this paper, we propose a novel Stateful Data Plane Architecture (SDPA) for SDN data plane. A co-processing unit, Forwarding Processor (FP), is designed for SDN switches to manage state information through new instructions and state tables. We design and implement an extended OpenFlow protocol to implement the communication between the controller and FP. To demonstrate the practicality and feasibility of our approach, we implement both software and hardware prototypes of SDPA switches, and develop a sample network function chain with stateful firewall, DNS reflection attack defense and NAT applications in one SDPA-based switch. Experimental results show that the SDPA architecture can effectively improve the forwarding efficiency with manageable processing overhead for those applications that need stateful forwarding in SDN-based networks.
【Keywords】: SDN; SDPA; stateful fowarding; OpenFlow
【Paper Link】 【Pages】:334-344
【Authors】: Xinming Chen ; Hao Cai ; Tilman Wolf
【Abstract】: Typical routing algorithms use a single criterion, such as hop count or link weight, to calculate paths. As the requirement of flexible routing arises, there are circumstances where multiple criteria are needed for routing. Though there are proposed solutions to the multi-criteria optimal path selection problem for quality-of-service routing, they usually combine all criteria into a single path optimization metric a priori. However, this approach is not feasible in scenarios where the path consumers' weightings of criteria is not known at compute time. Such circumstances require finding all the Pareto-optimal paths, i.e., all the paths that are not dominated by other paths. In this paper, we present the algorithmic foundations for efficiently computing Pareto-optimal paths. We present ParetoBFS, a variant of a breadth-first search that uses branch-and-bound techniques to find all the Pareto-optimal paths while effectively limiting the potentially very large search space. We present several sampling techniques to further increase the speed of the search while degrading the quality of the results only marginally. Our simulation results show that existing multi-criteria combinatorial optimization approaches can only search a small fraction of all the Pareto-optimal paths while ParetoBFS can obtain the whole path set in shorter time. We also present results from an implementation of ParetoBFS on a software-defined network prototype.
【Keywords】: Routing; Optimization; Bandwidth; Quality of service; Delays; Prototypes
【Paper Link】 【Pages】:345-355
【Authors】: Spencer Sevilla ; J. J. Garcia-Luna-Aceves
【Abstract】: The IP Internet architecture is such that applications must bind fixed IP addresses and ports before any other operations can be executed. These early bindings cause bottlenecks, reliability issues, and force applications and protocols to manage complex lower-layer issues. This poses a big challenge to the future of the IP Internet, given the large and growing numbers of nomadic Internet users, the shift in Internet usage from centralized servers to peer-to-peer content sharing, and the popularity of service replication and virtualization. To address these issues, we introduce and evaluate HIDRA (Hidden Identifiers for Demultiplexing and Resolution Architecture), a novel architecture that creates indirection between layers of any network stack. HIDRA enables sockets and protocols to evolve with the IP Internet by hiding all mobility, multihoming, and multiplexing issues from applications, does not induce significant overhead in the protocol stack, preserves backwards compatibility with today's Internet and applications, and does not require or preclude any additional identifiers or protocols to be used in the protocol stack.
【Keywords】: TCP; Internet Architecture; Future Architectures; Mobility; Multihoming; Binding; Network Stack
【Paper Link】 【Pages】:356-365
【Authors】: Qingjun Chen ; Chen Qian ; Sheng Zhong
【Abstract】: Today's large-scale enterprise networks, data center networks, and wide area networks can be decomposed into multiple administrative or geographical domains. Domains may be owned by different administrative units or organizations. Hence protecting domain information is an important concern. Existing general-purpose Secure Multi-Party Computation (SMPC) methods that preserves privacy for domains are extremely slow for cross-domain routing problems. In this paper we present PYCRO, a cryptographic protocol specifically designed for privacy-preserving cross-domain routing optimization in Software Defined Networking (SDN) environments. PYCRO provides two fundamental routing functions, policy-compliant shortest path computing and bandwidth allocation, while ensuring strong protection for the private information of domains. We rigorously prove the privacy guarantee of our protocol. We have implemented a prototype system that runs PYCRO on servers in a campus network. Experimental results using real ISP network topologies show that PYCRO is very efficient in computation and communication costs.
【Keywords】: Homomorphic Cryptography; Software Defined Networking; Inter-domain Routing; Privacy
【Paper Link】 【Pages】:366-375
【Authors】: Xin Zhang ; Sugih Jamin ; Kwan L. Yeung
【Abstract】: A probabilistic quorum system (PQS) allows distributed services to be replicated on only a subset (quorum) of servers. The replicas can be kept consistent with high levels of assurance as long as any two quorums intersect with very high probability. PQS thus provides a means to trade off levels of consistency against the scalability and efficiency of a quorum system. When quorums are constructed by choosing members of the subset uniformly at random, the non-intersection probability can be easily computed. On a distributed system with n servers, uniform sampling is often conducted using random walk of length O(log n). To collect multiple uniform samples naively would require as many random walks. A number of works have relied on analytical results based on the Chernoff bound to reduce the number of random walks needed to collect multiple samples. Controlled flooding is another efficient method to collect multiple samples. In this paper we evaluate both methods analytically and found that quorums formed using either method cannot satisfy the non-intersection probability bound associated with quorum formed by uniform sampling. Our contributions are: (1) to show that overlay topology can be constructed to cache multiple random walks, (2) to show that repeated use of this cache to obtain multiple uniform samples leads to degradation of sample uniformity over time, and (3) to propose and evaluate graph re-wiring as a simple method to keep the cache fresh, to take advantage of overhead reduction of random walk caching while alleviating the degradation in sample uniformity.
【Keywords】: topology re-wiring; probabilistic quorum system; random walk; uniform sampling
【Paper Link】 【Pages】:376-385
【Authors】: János Tapolcai ; Gábor Rétvári ; Péter Babarczi ; Erika R. Bérczi-Kovács ; Panna Kristof ; Gábor Enyedi
【Abstract】: A fundamental unsolved challenge in multipath routing is to provide disjoint end-to-end paths, each one satisfying certain operational goals (e.g., shortest possible), without overwhelming the data plane with prohibitive amount of forwarding state. In this paper, we study the problem of finding a pair of shortest disjoint paths that can be represented by only two forwarding table entries per destination. Building on prior work on minimum length redundant trees, we show that the underlying mathematical problem is NP-complete and we present heuristic algorithms that improve the known complexity bounds from cubic to the order of a single shortest path search. Finally, by extensive simulations we find that it is possible to very closely attain the absolute optimal path length with our algorithms (the gap is just 1-5%), eventually opening the door for wide-scale multipath routing deployments.
【Keywords】: minimal path length; protection routing; redundant trees; independent spanning trees; not-all-equal 3SAT
【Paper Link】 【Pages】:386-395
【Authors】: Wan-Seon Lim ; Kang G. Shin
【Abstract】: We have discovered two main problems when a multicast sender and multicast receivers are associated with the same AP. First, the multicast sender cannot determine a proper sending rate with the traditional end-to-end rate-adaptation schemes. Second, the multicast sender wastes its power due to the unique characteristics of power saving mode of the IEEE 802.11 standard. We propose efficient multicast streaming (EMS) to solve these problems without modifying the AP and the multicast receivers. With EMS, the multicast sender adapts its sending rate at the application layer and adjusts the sleep cycle at the MAC layer by monitoring multicast packets sent from the AP. Our experimentation and simulation results show that EMS can improve video quality at the receivers and reduce power consumption of the multicast sender significantly.
【Keywords】: power saving; IEEE 802.11; multicast; video streaming; rate-adaptation
【Paper Link】 【Pages】:396-405
【Authors】: Qingquan Zhang ; Wei Xu ; Zhichuan Huang ; Ziqiao Zhou ; Ping Yi ; Ting Zhu ; Sheng Xiao
【Abstract】: Localization proves to be a promising application of wireless sensor networks. Although a considerable number of algorithms have been designed for low-overhead and high-accuracy localization, problems remain to be tackled such as the way to use anchor-deploying. In this paper, we present a mechanism for range-free localization called Enhanced Map Segmentation (EMS) to deploy and segment the map where precise indoor localization is required. Despite the limits of environmental noise, sensing irregularity, received signal strength (RSS) variation and other unavoidable factors, EMS can be reliable by improving the quality of map segmentation. This paper will present and analyze the enhancing method by a series of simulations. In addition, to deal with ambiguous context positions that confounds the localization, this paper ameliorates the segmentation with context conception mentioned in [1] by statistical methods. In fact, a well-organized deployment and a context-based decision mechanism can make such a layer of abstraction more reliable and compatible.
【Keywords】: Deployment; Context; Target Localization; Anchor
【Paper Link】 【Pages】:406-416
【Authors】: Rui Liu ; Yao Liang ; Xiaoyang Zhong
【Abstract】: In large-scale multi-hop wireless sensor networks (WSNs) for data collection, the ability of monitoring per-packet routing paths at the sink is essential in better understanding network dynamics, and improving routing protocols, topology control, energy conservation, anomaly detection, and load balance in WSN deployments. In this study, we consider this important problem under tremendous WSN routing dynamics, which cannot be addressed by previous methods based on a routing tree model. We formulate the WSN topology inference as a novel optimization problem, and devise efficient decoding algorithms to effectively recover WSN routing topology at the sink in real-time using a small fixed-size path measurement attached to each packet. Rigorous complexity analysis of the devised algorithms is given. Performance evaluation is conducted via extensive simulations. The results reveal that our approach significantly outperforms other state-of-the-art methods including MNT, Pathfinder, and CSPR. Furthermore, we validate our approach intensively with a real-world outdoor WSN deployment running collection tree protocol for environmental data collection.
【Keywords】: real-world testbed; Wireless sensor networks; routing dynamics; path reconstruction; performance analysis
【Paper Link】 【Pages】:417-424
【Authors】: Heedo Kang ; Seungsoo Lee ; Chanhee Lee ; Changhoon Yoon ; Seungwon Shin
【Abstract】: Software-Defined Networking (SDN), which separates the control and data plane of network, is strongly considered as a promising future networking architecture. Compared with legacy networking architecture, it allows to enable a variety of innovative network functions at much less cost and effort. Accordingly, each component of SDN is also being rapidly realized, and one of the most noticeable SDN component implementations would be SDN controllers, such as ONOS or Floodlight. One advantage of these SDN controllers is capability of hosting various network applications to enable innovative network functions, however, it is crucial to analyze these applications before the actual deployment as they may directly affect the performance of the managed network. To be more specific, SDN applications may contain performance bugs that unnecessarily consume significant system resource or produce critical bottlenecks in the controller. In this paper, we introduce an automatic SDN application profiling framework, SPIRIT, which reduces the human effort in revealing any performance bugs that might exist in SDN applications. In order to show the effectiveness of our framework, we reveal new performance bugs exist in ONOS and Floodlight applications.
【Keywords】: Generators; Switches; Network topology; XML; Context; User interfaces; Computer architecture
【Paper Link】 【Pages】:425-431
【Authors】: Ryo Nakamura ; Kazuya Okada ; Shuichi Saito ; Hiroyuki Tanahashi ; Yuji Sekiya
【Abstract】: Service chaining is an emerging architecture from the trend of Software Defined Networking and Network Functions Virtualization. This architecture is expected to improve network flexibility and reduce equipment and operational costs. However, recent approaches for service chaining require new networking technologies that need to be standardized, implemented and developed. In this paper, we present and demonstrate a scalable and deployable service chaining architecture, called FlowFall. FlowFall does not require any novel technologies, only requires OpenFlow and current Virtual Machines as Virtual Network Function. Moreover, we focus on the NFV backbone network and how to achieve scale-out its performance. We describe the approach of FlowFall and an evaluation in which our method achieves 10-gigabit wire-rate throughput with 128-byte packets on a single Hyper Visor and scale-out performance among multiple Hyper Visors. Finally, we demonstrate a proof-of-concept of FlowFall in an actual service network at Interop Tokyo 2015 ShowNet.
【Keywords】: Service Chaining; SDN; NFV
【Paper Link】 【Pages】:432-437
【Authors】: Muxi Yan ; C. Jasson Casey ; Prithviraj Shome ; Alex Sprintson ; Andrew Sutton
【Abstract】: Software Defined Networking (SDN) drastically changes the meaning and process of designing, building, testing, and operating networks. The current support for wireless networking in SDN technologies has lagged behind its development and deployment for wired networks. The purpose of this work is to bring principled support for wireless access networks so that they can receive the same level of programmability as wireline interfaces. Specifically we aim to integrate wireless protocols into the general SDN framework by proposing a new set of abstractions in wireless devices and the interfaces to manipulate them. We validate our approach by implementing our design as an extension of an existing OpenFlow data plane and deploying it in an IEEE 802.11 access point. We demonstrate the viability of software-defined wireless access networks by developing and testing a wireless handoff application. The results of the experiment show that our framework is capable of providing new capabilities in an efficient manner.
【Keywords】: Ports (Computers); IEEE 802.11 Standard; Protocols; Mobile communication; Unified modeling language; Wireless networks
【Paper Link】 【Pages】:438-445
【Authors】: Ze Chen ; Jun Bi ; Yonghong Fu ; Yangyang Wang ; Anmin Xu
【Abstract】: Software Defined Networking (SDN) separates the tightly coupled network control and data forwarding functions. During the past years, it has been applied in all kinds of intra-domain networks, such as enterprise networks, data centers and content provider networks. However, it is a big challenge to extend SDN to inter-domain networks. In this paper, we extend the advantage of SDN to an inter-domain network federation to improve the Internet routing flexibility. To achieve this goal, we propose a Multi-dimension Link Vector network view exchange mechanism (MLV) to exchange the fine-grained inter-domain routing information and enable programmable inter-domain routing. MLV can support flexible inter-domain routing control by exchanging multiple fields of the IP header. Based on MLV, innovations in inter-domain routing can be deployed as applications over SDN controllers. In order to validate the MLV design, we analyzed its performance with BGP-derived Internet AS topology. Finally, we implemented a prototype of MLV and tested it on an internationally collaborative inter-domain SDN testbed.
【Keywords】: Software Defined Networking (SDN); inter-domain routing; network view exchange mechanism
【Paper Link】 【Pages】:446-452
【Authors】: Sai Qian Zhang ; Pouya Yasrebi ; Ali Tizghadam ; Hadi Bannazadeh ; Alberto Leon-Garcia
【Abstract】: Virtual machine (VM) migration occurs very frequently in cloud computing. VM Migration enables a running OS, including memory and storage to move from one physical host to another physical host. A particular case of interest is live migration where the process of migrating the full state from one OS to the other should happen continuously and without any connection disruption. In order to have a seamless VM migration process the system has to be able to resume network connectivity very quickly. Fast resumption has proved to be a challenging problem. In this paper, we present a scheme to efficiently to migrate VMs networking resources using SDN techniques to achieve fast network flow resumption on SDN. We formulate the problem by an integer programming problem, we prove its NP-completeness and we propose a heuristic algorithm to solve the problem. Software simulation and real testbed implementation are done to demonstrate the performance of the flow migration scheme.
【Keywords】: Virtual Machine Migration; Software Defined Networking
【Paper Link】 【Pages】:453-459
【Authors】: Roberto Bifulco ; Heng Cui ; Ghassan O. Karame ; Felix Klaedtke
【Abstract】: In this paper, we study the feasibility of fingerprinting of controller-switch interactions in SDN networks by a remote adversary whose aim is to acquire knowledge about specific flow rules that are installed at the switches. This knowledge empowers the adversary with a better understanding of the network's packet-forwarding logic and exposes the network to a number of threats. In our study, we collect measurements from hosts located across the globe using a realistic SDN network comprising of OpenFlow hardware switches. We show that, by leveraging information from the RTT and packet-pair dispersion of the exchanged packets, fingerprinting attacks on SDN networks succeed with overwhelming probability. We also show that these attacks are not restricted to active adversaries, but can be equally mounted by passive adversaries that only monitor traffic exchanged with the SDN network. Finally, we sketch an efficient countermeasure to strengthen SDN networks against fingerprinting.
【Keywords】: Packet-pair dispersion; Fingerprinting attacks; SDN security
【Paper Link】 【Pages】:460-462
【Authors】: Daqing Yun ; Chase Q. Wu
【Abstract】: We propose and develop an integrated transport solution to big data movement in high-performance networks in support of data-and network-intensive applications in various science domains. This solution integrates three major components, i.e. (i) transport-support workflow optimization, (ii) transport profile generation, and (iii) transport protocol design, into a unified framework.
【Keywords】: Data transfer; Transport protocols; Throughput; Bandwidth; Databases; Big data
【Paper Link】 【Pages】:463-466
【Authors】: Brian R. Granby ; Bob Askwith ; Angelos K. Marnerides
【Abstract】: The proliferation of cloud-enabled services has caused an exponential growth in the traffic volume of modern data centres (DCs). An important aspect for the optimal operation of DCs related to the real-time detection of anomalies within the measured traffic volume in order to identify possible threats or challenges that are caused by either malicious or legitimate intent. Therefore in this paper we present SDN-PANDA, a 'pluggable' software platform that aims to provide centralised administration and experimentation for anomaly detection techniques in Software Defined Data Centres (SDDCs). We present the overall design of the proposed scheme, and illustrate some initial results related to the performance of the current prototype with respect to scalability and basic traffic visualisation. We argue that the introduced platform may facilitate the underlying functional basis for a number of real-time anomaly detection applications and provide the necessary foundations for such algorithms to be easily deployed.
【Keywords】: Anomaly Detection; Software Defined Networking; Software Defined Data Centres; Network Function Virtualization
【Paper Link】 【Pages】:467-469
【Authors】: Li Sun ; Dimitrios Koutsonikolas
【Abstract】: The increasing popularity of WiFi brings new challenges in the design of wireless protocols but at the same time creates exciting opportunities for novel ways of exploiting WiFi technology in a variety of applications. On one hand, the smaller form factor of today's WiFi devices allows WiFi users to access wireless networks under mobility, calling for new, mobility-aware wireless protocols that are able to sustain high performance, on the other hand, the ubiquity of WiFi devices has recently raised interest in extending WiFi's capabilities beyond communication, e.g., for human-computer interaction. In this paper, we demonstrate that it is possible to enable fine-grained human motion detection on commodity WiFi devices by exploiting PHY layer information exposed by today's WiFi chipsets. We propose two motion detection techniques for two different application scenarios and explore their benefits on protocol performance and human-device interaction, respectively.
【Keywords】: IEEE 802.11 Standard; Protocols; Performance evaluation; Mobile handsets; Wireless communication; Wireless LAN; Tracking
【Paper Link】 【Pages】:470-472
【Authors】: Swetank Kumar Saha ; Dimitrios Koutsonikolas
【Abstract】: The 7 GHz wide unlicensed band centered around 60 GHz, standardized by 802.11ad, is emerging as an alternative to 2.4/5 GHz wireless systems, promising multi-Gigabit throughput. However, the Millimeter-Wave (mmWave) technology comes with its own challenges. The aim of this thesis is to overcome these challenges in order to build general-purpose 802.11ad indoor home/enterprise WLANs. Towards this goal, we perform an extensive link measurement study with COTS hardware to characterize the 60 GHz channel in an indoor setup. The results of this study will guide the design of better performing MAC algorithms and protocols. Further, we propose a relay-based WLAN architecture as a solution to the unique challenges of 60 GHz links and specify multiple research directions associated with such an architecture that are essential to the realization of multi-Gigabit indoor WLANs.
【Keywords】: Relays; 802.11ad; 60GHz
【Paper Link】 【Pages】:473-475
【Authors】: Spencer Sevilla
【Abstract】: All currently-implemented and proposed future architectures assume a layered design wherein the identifiers used by a particular layer are propagated up the stack and exposed to higher layers. We argue that these higher-layer exposures and bindings are the root of a large number of problems today, and present significant roadblocks to the evolution and deployment of future network architectures tomorrow. We address these problems by proposing a novel network architecture based around identifier indirection and translation between layers of the stack, and show how such an architecture (1) provides an attractive solution to problems today such as mobility and multi-homing by injecting additional flexibility into the existing network stack, (2) can be used to support the goals of future internet architecture (i.e. service-or information-centricity) within the existing network stack, and (3) relieves the ossification of the network stack and enables the incremental deployment of new protocols and layers.
【Keywords】: TCP; Internet Architecture; Future Architectures; Mobility; Multihoming; Binding; Network Stack
【Paper Link】 【Pages】:476-478
【Authors】: Evripidis Paraskevas ; John S. Baras
【Abstract】: With an increasing number of wireless devices available, there is a tremendous need for designing new efficient protocols, which take into account resource constraints and at the same time provide adequate Quality of Service (QoS) performance guarantees (e.g. throughput, latency etc.). Most wireless protocols currently used perform well under specific environmental conditions or in particular applications. In this work, we propose a novel methodology for designing routing protocols for resource-constrained wireless multi-hop networks by separating the protocol into distinct components, which specify particular functionalities. Different QoS requirements can be guaranteed by configuring the different components without the need to modify or develop the protocol from scratch. An initial study for energy-constrained environments indicated that our approach is effective. In our ongoing work we consider adversarial environments and we develop techniques to mitigate network-layer attacks. Finally we are investigating the design of a decision-theoretic module for dynamic protocol configuration.
【Keywords】: multi-hop networks; QoS performance; Routing