27th IEEE International Conference on Network Protocols, ICNP 2019, Chicago, IL, USA, October 8-10, 2019. IEEE 【DBLP Link】
【Paper Link】 【Pages】:1-2
【Authors】: Jan Pennekamp ; Jens Hiller ; Sebastian Reuter ; Wladimir De la Cadena ; Asya Mitseva ; Martin Henze ; Thomas Engel ; Klaus Wehrle ; Andriy Panchenko
【Abstract】: Users of an onion routing network, such as Tor, depend on its anonymity properties. However, especially malicious entry nodes, which know the client's identity, can also observe the whole communication on their link to the client and, thus, conduct several de-anonymization attacks. To limit this exposure and to impede corresponding attacks, we propose to multipath traffic between the client and the middle node to reduce the information an attacker can obtain at a single vantage point. To facilitate the deployment, only clients and selected middle nodes need to implement our approach, which works transparently for the remaining legacy nodes. Furthermore, we let clients control the splitting strategy to prevent any external manipulation.
【Keywords】: Routing; Security; Internet; Wireless fidelity; Timing; Privacy; Fingerprint recognition
【Paper Link】 【Pages】:1-11
【Authors】: Yimeng Zhao ; Ahmed Saeed ; Mostafa H. Ammar ; Ellen W. Zegura
【Abstract】: BGP was initially created assuming by default that all ASes are equal. Its policies and protocols, namely BGP, evolved to accommodate a hierarchical Internet, allowing an autonomous system more control over outgoing traffic than incoming traffic. However, the modern Internet is flat, making BGP asymmetrical. In particular, routing decisions are mostly in the hands of traffic sources (i.e., content providers). This leads to suboptimal routing decisions as traffic sources can only estimate route capacity at the destination (i.e., ISP). In this paper, we present the design of Unison, a system that allows an ISP to jointly optimize its intra-domain routes and inter-domain routes, in collaboration with content providers. Unison provides the ISP operator and the neighbors of the ISP with an abstraction ISP network in the form of a virtual switch. This abstraction allows the content providers to program the virtual switch with their requirements. It also allows the ISP to use that information to optimize the overall performance of its network. We show through extensive simulations that Unison can improve ISP throughput by up to 30% through cooperation with content providers. We also show that cooperation of content providers only improves performance, even for non-cooperating content providers (e.g., a single cooperating neighbour can improve ISP throughput by up to 6%).
【Keywords】: Routing; Internet; Throughput; Collaboration; Switches; Autonomous systems; Software
【Paper Link】 【Pages】:1-12
【Authors】: Jens Hiller ; Jan Pennekamp ; Markus Dahlmanns ; Martin Henze ; Andriy Panchenko ; Klaus Wehrle
【Abstract】: An increasing number of IoT scenarios involve mobile, resource-constrained IoT devices that rely on untrusted networks for Internet connectivity. In such environments, attackers can derive sensitive private information of IoT device owners, e.g., daily routines or secret supply chain procedures, when sniffing on IoT communication and linking IoT devices and owner. Furthermore, untrusted networks do not provide IoT devices with any protection against attacks from the Internet. Anonymous communication using onion routing provides a well-proven mechanism to keep the relationship between communication partners secret and (optionally) protect against network attacks. However, the application of onion routing is challenged by protocol incompatibilities and demanding cryptographic processing on constrained IoT devices, rendering its use infeasible. To close this gap, we tailor onion routing to the IoT by bridging protocol incompatibilities and offloading expensive cryptographic processing to a router or web server of the IoT device owner. Thus, we realize resource-conserving access control and end-to-end security for IoT devices. To prove applicability, we deploy onion routing for the IoT within the well-established Tor network enabling IoT devices to leverage its resources to achieve the same grade of anonymity as readily available to traditional devices.
【Keywords】: Routing; Internet of Things; Protocols; Cryptography; Servers
【Paper Link】 【Pages】:1-11
【Authors】: Ziyao Zhang ; Liang Ma ; Konstantinos Poularakis ; Kin K. Leung ; Jeremy Tucker ; Ananthram Swami
【Abstract】: In distributed software-defined networks (SDN), multiple physical SDN controllers, each managing a network domain, are implemented to balance centralised control, scalability, and reliability requirements. In such networking paradigms, controllers synchronize with each other, in attempts to maintain a logically centralised network view. Despite the presence of various design proposals for distributed SDN controller architectures, most existing works only aim at eliminating anomalies arising from the inconsistencies in different controllers' network views. However, the performance aspect of controller synchronization designs with respect to given SDN applications are generally missing. To fill this gap, we formulate the controller synchronization problem as a Markov decision process (MDP) and apply reinforcement learning techniques combined with deep neural networks (DNNs) to train a smart, scalable, and fine-grained controller synchronization policy, called the Multi-Armed Cooperative Synchronization (MACS), whose goal is to maximise the performance enhancements brought by controller synchronizations. Evaluation results confirm the DNN's exceptional ability in abstracting latent patterns in the distributed SDN environment, rendering significant superiority to MACS-based synchronization policy, which are 56% and 30% performance improvements over ONOS and greedy SDN controller synchronization heuristics.
【Keywords】: Synchronization; Servers; Delays; Logic gates; Reinforcement learning; Government
【Paper Link】 【Pages】:1-6
【Authors】: Zhipeng Gao ; Chenxi Xia ; Zhuojun Jin ; Qian Wang ; Junmeng Huang ; Yang Yang ; Lanlan Rui
【Abstract】: With the development of the edge computing and cloud computing technology, the cloud-edge collaboration framework is proposed as a new effective computing architecture and applied in many fields. However, due to the openness of the edge networks, the security of cloud-edge framework is an unavoidable problem and most recent trust mechanism could not resist mixed malicious attacks at the same time. In this work, a light-weight and reliable trust mechanism based on the improved LightGBM algorithm is originally proposed to evaluate the credibility of edge devices. First, we design a light-weight trust mechanism for edge devices to process raw interaction data and extract trust features, which reduces the amount of data transmission and the pressure on the communication networks. In addition, an evaluation algorithm based on the entropy weight method (EWM) and punishment factors is designed for edge brokers to distinguish the malicious devices from the normal ones, which performs great against mixed malicious attacks. At last, we propose an improved LightGBM algorithm developed in the centralized cloud to learn other researchers' evaluation methods and check the evaluation uploaded from edge brokers, which could make the punishment factors of edge networks weighted adaptively with the change of edge networks. The experimental results show the proposed trust mechanism outperforms existing methods in the accuracy and discriminating speed under mixed malicious attacks.
【Keywords】: Cloud-Edge collaboration; improved LightGBM algorithm mixed malicious attacks; weighted adaptively
【Paper Link】 【Pages】:1-11
【Authors】: Xiong Wang ; Linghe Kong ; Liang He ; Guihai Chen
【Abstract】: We present mLoRa in this paper, a novel protocol that can decode multiple collided packets simultaneously from different transmitters in LoRa networks. As a recently proposed wireless technology designed for low-power wide-area networks, LoRa has been proverbially employed in many fields, such as smart cities, intelligent agriculture, and environmental monitoring. In LoRa networks, a star-of-stars topology is conventionally implemented, in which thousands of nodes connect to a single gateway. Accordingly, the convergecast scenario becomes common. For example, in intelligent agriculture, multiple sensor nodes send information with respect to the soil temperature and humidity to a LoRa gateway. Regularly, simultaneous transmissions result in the severe collision problem. Meanwhile, the ALOHA protocol is widely applied in LoRa networks, which further aggravates the collision problem. To conquer this challenge, we propose a protocol named mLoRa for multi-packet reception in LoRa networks, leveraging unique features inherent in LoRa's physical layer including chirp spread spectrum (CSS), M-FSK modulation, and demodulation. In addition, design enhancements are developed to mitigate the noise and frequency offset influence. We implement mLoRa on a six-node testbed with USRPs. Experiment results demonstrate that mLoRa enables up to three concurrent transmissions. Correspondingly, mLoRa based throughput is around 3 times more than the conventional LoRa.
【Keywords】: LoRa Networks; Collision Resolution; Chirp; M-FSK Modulation
【Paper Link】 【Pages】:1-4
【Authors】: Ali Mohammadkhan ; K. K. Ramakrishnan
【Abstract】: With the rapid increase in the number of users and changing pattern of network usage, cellular networks will continue to be challenged meeting bandwidth and latency requirements. A significant contributor to latency and overhead in cellular networks is the complex control-plane involving many message exchanges across multiple components in the packet core, base station, and user equipment. We propose CleanG, a new packet core architecture and significantly more efficient control-plane protocol, that exploits the capabilities of modern-day Network Function Virtualization (NFV) platforms. In CleanG, we have consolidated the core components into a set of virtual network functions on an NFV platform. With the elastic scalability offered by NFV, the data and control sub-components of the core functions can scale, adapting to workload demand. CleanG eliminates the use of GPRS Tunneling Protocol (GTP) Tunnels for data packets and the associated complex protocol for coordination across multiple, distributed components for setting up and managing them, as specified in the 3rd Generation Partnership Project (3GPP) architecture and protocol standard, while retaining similar essential functionality for security, mobility, and air-interface resource management. Measurements on our testbed show that CleanG substantially reduces both control and data plane latency, and significantly increases system capacity.
【Keywords】: Protocols; Computer architecture; Cellular networks; Delays; 3GPP; 5G mobile communication; IP networks
【Paper Link】 【Pages】:1-12
【Authors】: Gaoxiong Zeng ; Wei Bai ; Ge Chen ; Kai Chen ; Dongsu Han ; Yibo Zhu ; Lei Cui
【Abstract】: Geographically distributed applications hosted on cloud are becoming prevalent. They run on cross-datacenter network that consists of multiple data center networks (DCNs) connected by a wide area network (WAN). Such a cross-DC network imposes significant challenges in transport design because the DCN and WAN segments have vastly distinct characteristics (e.g., butter depths, RTTs). In this paper, we find that existing DCN or WAN transports reacting to ECN or delay alone do not (and cannot be extended to) work well for such an environment. The key reason is that neither of the signals, by itself, can simultaneously capture the location and degree of congestion. This is due to the discrepancies between DCN and WAN. Motivated by this, we present the design and implementation of GEMINI that strategically integrates both ECN and delay signals for cross-DC congestion control. To achieve low latency, GEMINI bounds the inter-DC latency with delay signal and prevents the intra-DC packet loss with ECN. To maintain high throughput, GEMINI modulates the window dynamics and maintains low butter occupancy utilizing both congestion signals. GEMINI is implemented in Linux kernel and evaluated by extensive testbed experiments. Results show that GEMINI achieves up to 53%, 31% and 76% reduction of small flow average completion times compared to TCP Cubic, DCTCP and BBR; and up to 58% reduction of large flow average completion times compared to TCP Vegas.
【Keywords】: Wide area networks; Delays; Throughput; Packet loss; Servers; Bandwidth
【Paper Link】 【Pages】:1-11
【Authors】: Yige Chen ; Tianning Zang ; Yongzheng Zhang ; Yuan Zhou ; Yipeng Wang
【Abstract】: With the unprecedented prevalence of mobile network applications, cryptographic protocols, such as the Secure Socket Layer/Transport Layer Security (SSL/TLS), are widely used in mobile network applications for communication security. The proven methods for encrypted video stream classification or encrypted protocol detection are unsuitable for the SSL/TLS traffic. Consequently, application-level traffic classification based networking and security services are facing severe challenges in effectiveness. Existing encrypted traffic classification methods exhibit unsatisfying accuracy for applications with similar state characteristics. In this paper, we propose a multiple-attribute-based encrypted traffic classification system named Multi-Attribute Associated Fingerprints (MAAF). We develop MAAF based on the two key insights that the DNS traces generated during the application runtime contain classification guidance information and that the handshake certificates in the encrypted flows can provide classification clues. Apart from the exploitation of key insights, MAAF employs the context of the encrypted traffic to overcome the attribute-lacking problem during the classification. Our experimental results demonstrate that MAAF achieves 98.69% accuracy on the real-world traceset that consists of 16 applications, supports the early prediction, and is robust to the scale of the training traceset. Besides, MAAF is superior to the state-of-the-art methods in terms of both accuracy and robustness.
【Keywords】: Encrypted traffic classification; SSL/TLS; domain name; certificate; application data; network management
【Paper Link】 【Pages】:1-11
【Authors】: Hyunjoong Lee ; Jung-Jun Kim ; Changhee Joo ; Saewoong Bahk
【Abstract】: The explosion of mobile traffic volume has led to dense deployment of IEEE 802.11 WLANs. As a consequence, periodic beacon transmissions can overwhelm the air-time, leading to significant air-time depletion for data transmissions. In this work, we develop an opportunistic air-time sharing scheme, named BeaconRider, that facilitates simultaneous data and beacon transmissions aimed at improving spectrum efficiency in dense network environments. The proposed method works for downlink communication and allows access points (APs) to coordinate with each other in a distributed manner to exploit opportunities provided by the capture effect. Our protocol is backward compatible with legacy 802.11 APs. Through experiments with a prototype implementation using off-the-shelf IEEE 802.11n dongles as well as extensive ns-3 simulation, we show that the proposed method achieves substantial performance gains that increase with the number of APs.
【Keywords】: beacon frame; air-time sharing; capture effect; interference mitigation; high-density WLANs
【Paper Link】 【Pages】:1-2
【Authors】: Mohammad Amin Beiruti ; Yashar Ganjali
【Abstract】: Load migration is essential in any distributed SDN control platform due to natural load imbalance and dynamic nature of input traffic. Existing solutions focus on migrating a single switch between two controller instances. Migrating multiple switches requires careful planning due to controller resource constraints, and to ensure minimum service interruption in the network. In this poster, we present a model and a solution for migration scheduling, taking a set of switch migrations as input, generating a migration schedule with respect to controller resource and service interruption constraints.
【Keywords】: Switches; Quality of service; Schedules; Process control; Memory management
【Paper Link】 【Pages】:1-11
【Authors】: Vitalii Demianiuk ; Sergey Gorinsky ; Sergey I. Nikolenko ; Kirill Kogan
【Abstract】: Scalable monitoring of traffic flows faces challenges posed by unrelenting traffic growth, device heterogeneity, and load unevenness. We explore an approach that tackles these challenges by shifting a portion of the monitoring-task execution from an overloaded network element to another element that has spare resources. Moving the entire execution of the task to a lightly loaded element might be infeasible because execution on multiple elements is inherent in the task or requires at least partial participation by the particular overloaded element (e.g., flow-size computation at the ingress element for billing purposes). Distributed execution of a stateful traffic-monitoring task has to be robust against packet reordering or loss, i.e., network noise. This paper designs robust traffic monitoring where the goal is to determine a flow metric for each flow exactly in spite of network noise. We follow the open-loop paradigm that does not add any control packets, communicates flow state in-band by appending few (on the order of 2 or 4) control bits to packets of the monitored flows, and keeps latency low. We consider the task of flow-size computation, analytically derive conditions assuring correct operation of the designed algorithms, and evaluate the algorithms on realistic traffic traces. The algorithms successfully distribute the monitoring-task load without imposing significant computation or storage overhead.
【Keywords】: Monitoring; Task analysis; Packet loss; Control systems; Approximation algorithms
【Paper Link】 【Pages】:1-12
【Authors】: Mohammad Jahanian ; Jiachen Chen ; K. K. Ramakrishnan
【Abstract】: Timely, flexible and accurate information dissemination can make a life-and-death difference in managing disasters. Complex command structures and information organization make such dissemination challenging. Thus, it is vital to have an architecture with appropriate naming frameworks, adaptable to the changing roles of participants, focused on content rather than network addresses. To address this, we propose POISE, a name-based and recipient-based publish/subscribe architecture for efficient content dissemination in disaster management. POISE proposes an information layer, improving on state-of-the-art Information-Centric Networking (ICN) solutions such as Named Data Networking (NDN) in two major ways: 1) support for complex graph-based namespaces, and 2) automatic name-based load-splitting. To capture the complexity and dynamicity of disaster response command chains and information flows, POISE proposes a graph-based naming framework, leveraged in a dissemination protocol which exploits information layer rendezvous points (RPs) that perform name expansions. For improved robustness and scalability, POISE allows load-sharing via multiple RPs each managing a subset of the namespace graph. However, excessive workload on one RP may turn it into a “hot spot”, thus impeding performance and reliability. To eliminate such traffic concentration, we propose an automatic load-splitting mechanism, consisting of a namespace graph partitioning complemented by a seamless, loss-less core migration procedure. Due to the nature of our graph partitioning and its complex objectives, off-the-shelf graph partitioning, e.g., METIS, is inadequate. We propose a hybrid partitioning solution, consisting of an initial and a refinement phase. Our simulation results show that POISE outperforms state-of-the-art solutions, demonstrating its effectiveness in timely delivery and load-sharing.
【Keywords】: IP networks; Organizations; Disaster management; Protocols; Scalability; Internet
【Paper Link】 【Pages】:1-11
【Authors】: Congcong Miao ; Jilong Wang ; Tianying Ji ; Hui Wang ; Chao Xu ; Fenghua Li ; Fengyuan Ren
【Abstract】: DHCP is widely used to dynamically allocate IP addresses to the devices on local area networks, but the explosive increases of WiFi devices and their frequent mobility pose great challenges on DHCP performance in wireless LANs. In this paper, by analyzing large scale real network traces, we observe that the dynamic WiFi user behavior (e.g., online time pattern and spatio-temporal mobility pattern) leads to the poor DHCP performance. The IP pools in some VLANs have been exhausted in rush hours although the total IP utilization in WLAN is only 24%. Therefore, we have to configure IP lease times and IP pools dynamically and make sure that they are adaptive to the WiFi user behavior. In order to achieve this goal, we characterize and model the user behavior across online time pattern and spatiotemporal mobility pattern. Then we propose BDAC, a behaviour-aware dynamic adaptive configuration, which is combined of two strategies: adaptive IP lease time configuration and dynamic IP pool configuration. The former is to set adaptive lease times across user roles and area types based on online time pattern to reclaim IP addresses in time and reduce the peak IP usage, while the latter dynamically migrates the IP addresses across VLANs based on spatio-temporal mobility correlation to save the IP addresses. Using the real network traces of a different week, we conduct experiments to evaluate the performance of BDAC. Results show that BDAC can save up to 60% of IP addresses and the actual IP utilization rises from 24% to 59%. Furthermore, BDAC maintains high IP utilization when the number of VLANs in a WLAN increases.
【Keywords】: IP networks; Servers; Wireless fidelity; Performance evaluation; Adaptation models; Buildings
【Paper Link】 【Pages】:1-11
【Authors】: Shouqian Shi ; Chen Qian ; Minmei Wang
【Abstract】: Forwarding packets based on networking names is essential for network protocols on different layers, where the `names' could be addresses, packet/flow IDs, and content IDs. For long there have been efforts using dynamic and compact data structures for fast and memory-efficient forwarding. In this work, we identify that the recently developed programmable network paradigm has the potential to further reduce the time/memory complexity of forwarding structures by separating the data plane and control plane. This work presents the new designs of network forwarding structures under the programmable network paradigm, applying three typical dynamic and compact data structures: Bloom filters, Cuckoo hashing, and Othello hashing. We conduct careful analyses and experiments in real networks of these forwarding methods for multiple performance metrics, including lookup throughput, memory footprint, construction time, dynamic updates, and lookup errors. The results give rich insights on designing forwarding algorithms with dynamic and compact data structures. In particular, the new designs based on Cuckoo hashing and Othello hashing show significant advantages over the extensively studied Bloom filter based methods, in all situations discussed in this paper.
【Keywords】: Switches; Heuristic algorithms; Data structures; Routing; Throughput; Software algorithms; Ethernet
【Paper Link】 【Pages】:1-11
【Authors】: Yifeng Cao ; Zhe Wang ; Linghe Kong ; Guihai Chen ; Jiadi Yu ; Shaojie Tang ; Yingying Chen
【Abstract】: As wireless communication is tailored for low-power devices while the number of Internet of Things is growing exponentially, the collision problem in ZigBee is worsen. The classical approaches of solving collision problems lie in collision avoidance and packet retransmission, which could incur considerable overhead. The new trend is to decompose multipacket collision directly, however, the high bit error rate limits its practical applications. Toward this end, we observe three major issues in the existing solutions: 1) all existing solutions adopt the priori-chip-dependent decomposition pattern, leading to the error propagation; 2) the available samples for chip decoding can be scarce, resulting in severe scarce-sample errors; 3) existing solutions assume the consistent frequency offset for consecutive packets, leading to inaccurate frequency offset estimation. To solve the issues of collision decomposition in ZigBee, we propose FORWARD, a novel physical layer design to enable highly accurate collision decomposition in ZigBee. The key idea is to generate all possible collided combinations as reference waveforms. The decomposition is determined by comparing the collided signal with the reference waveforms. Such a priori-chip-independent design has the advantages to eliminate the cumulative errors incurred from error propagation. When decoding, FORWARD always choose the longest segment to ensure sufficient samples for decoding. Furthermore, the recursive calibration design is approaching the real-time frequency offset and dynamically compensates the reference waveform. We implement FORWARD on USRP based testbed and evaluate its performance. Experimental results demonstrate that FORWARD reduces bit error rate by 4.96× and increases throughput 1.46~2.8× compared with the state-of-the-art mZig.
【Keywords】: Zigbee; Decoding; Bit error rate; Calibration; Throughput; Wireless communication; Physical layer
【Paper Link】 【Pages】:1-6
【Authors】: Xiaoyan Hu ; Shaoqi Zheng ; Lixia Zhao ; Guang Cheng ; Jian Gong
【Abstract】: Named Data Networking (NDN) intrinsically supports in-network caching and multipath forwarding. The two salient features offer the potential to simultaneously transmit content segments that comprise the requested content from original content publishers and in-network caches. However, due to the complexity of maintaining the reachability information of off-path cached content at the fine-grained packet level of granularity, the multipath forwarding and off-path cached copies are significantly underutilized in NDN so far. Network coding enabled NDN, referred to as NC-NDN, was proposed to effectively utilize multiple on-path routes to transmit content, but off-path cached copies are still unexploited. This work enhances NC-NDN with an On-demand Off-path Cache Exploration based Multipath Forwarding strategy, dubbed as O2CEMF, to take full advantage of the multipath forwarding to efficiently utilize off-path cached content. In O2CEMF, each network node reactively explores the reachability information of nearby off-path cached content when consumers begin to request a generation of content, and maintains the reachability at the coarse-grained generation level of granularity instead. Then the consumers simultaneously retrieve content from the original content publisher(s) and the explored capable off-path caches. Our experimental studies validate that this strategy improves the content delivery performance efficiently as compared to that in the present NC-NDN.
【Keywords】: On-demand exploration; off-path caches; multipath forwarding; network coding; named data networking
【Paper Link】 【Pages】:1-12
【Authors】: Ting Qu ; Raj Joshi ; Mun Choon Chan ; Ben Leong ; Deke Guo ; Zhong Liu
【Abstract】: In datacenter networks, flows need to complete as quickly as possible because the flow completion time (FCT) directly impacts user experience, and thus revenue. Link failures can have a significant impact on short latency-sensitive flows because they increase their FCTs by several fold. Existing link failure management techniques cannot keep the FCTs low under link failures because they cannot completely eliminate packet loss during such failures. We observe that to completely mask the effect of packet loss and the resulting long recovery latency, the network has to be responsible for packet loss recovery instead of relying on end-to-end recovery. To this end, we propose Shared Queue Ring (SQR), an on-switch mechanism that completely eliminates packet loss during link failures by diverting the affected flows seamlessly to alternative paths. We implemented SQR on a Barefoot Tofino switch using the P4 programming language. Our evaluation on a hardware testbed shows that SQR can completely mask link failures and reduce tail FCT by up to 4 orders of magnitude for latency-sensitive workloads.
【Keywords】: Packet loss; Delays; Optical switches; Hardware; Web search
【Paper Link】 【Pages】:1-12
【Authors】: Sepehr Taeb ; Nashid Shahriar ; Shihabur Rahman Chowdhury ; Massimo Tornatore ; Raouf Boutaba ; Jeebak Mitra ; Mahdi Hemmati
【Abstract】: Elastic Optical Network (EON) virtualization has recently emerged as an enabling technology for 5G network slicing. A fundamental problem in EON slicing (known as Virtual Network Embedding (VNE)) is how to efficiently map a virtual network (VN) on a substrate EON characterized by elastic transponders and flexible grid. Since a number of 5G services will have strict latency requirements, the VNE problem in EONs must be solved while guaranteeing latency targets. In existing literature, latency has always been modeled as a constraint applied on the virtual links of the VN. In contrast, we argue in favor of an alternate modeling that constrains the latency of virtual paths. Constraining latency over virtual paths (vs. over virtual links) poses additional modeling and algorithmic challenges to the VNE problem, but allows us to capture end-to-end service requirements. In this paper, we first model latency in an EON by identifying the different factors that contribute to it. We formulate the VNE problem with latency guarantees as an Integer Linear Program (ILP) and propose a heuristic solution that can scale to large problem instances. We evaluated our proposed solutions using real network topologies and realistic transmission configurations under different scenarios and observed that, for a given VN request, latency constraints can be guaranteed by accepting a modest increase in network resource utilization. Latency constraints instead showed a higher impact on VN blocking ratio in dynamic scenarios.
【Keywords】: Substrates; Optical fiber networks; 5G mobile communication; Resource management; Adaptive optics; Virtualization
【Paper Link】 【Pages】:1-12
【Authors】: Guanyu Li ; Menghao Zhang ; Chang Liu ; Xiao Kong ; Ang Chen ; Guofei Gu ; Haixin Duan
【Abstract】: In this paper, we design NETHCF, a line-rate in-network system for filtering spoofed traffic. NETHCF leverages the opportunity provided by programmable switches to design a novel defense against spoofed IP traffic, and it is highly efficient and adaptive. One key challenge stems from the restrictions of the computational model and memory resources of programmable switches. We address this by decomposing the HCF system into two complementary components-one component for the data plane and another for the control plane. We also aggregate the IP-to-Hop-Count (IP2HC) mapping table for efficient memory usage, and design adaptive mechanisms to handle end-to-end routing changes, IP popularity changes, and network activity dynamics. We have built a prototype on a hardware Tofino switch, and our evaluation demonstrates that NETHCF can achieve line-rate and adaptive traffic filtering with low overheads.
【Keywords】: IP networks; Servers; Switches; Bandwidth; Pipelines; Internet; Kernel
【Paper Link】 【Pages】:1-11
【Authors】: Lin Jin ; Shuai Hao ; Haining Wang ; Chase Cotton
【Abstract】: Content Delivery Networks (CDNs) are critical to today's Internet ecosystem for delivering rich content to end-users. CDNs augment the Internet infrastructure by deploying geographically distributed edge servers, which play a dual role in CDNs: one as frontend interface to facilitate end-user's proximal access and the other as backend interface to fetch content from origin servers. Previous research has well studied the frontend interface of CDNs, but no active approach has yet been provided to investigate the backend interface. In this paper, we first propose an active approach to measuring the backend interface of CDNs. Then, we present a large-scale measurement study to characterize the backend interface for three CDN platforms, so as to understand the CDN's globally distributed infrastructure, which is essential to its performance and security. In particular, we discover the address space and operation patterns of the backend interface of CDNs. Then, by analyzing the backend addresses and their associated frontend addresses, we study their geolocation association. Furthermore, we issue traceroutes from origin servers to the backend addresses of the CDNs to analyze their performance implications, and perform port scanning on the backend addresses to investigate their security implications.
【Keywords】: Servers; IP networks; Internet; Security; Geology; Routing; Load management
【Paper Link】 【Pages】:1-2
【Authors】: Ning Wang ; Yunsheng Wang
【Abstract】: Traffic monitoring is one of the key challenges in Intelligent Transportation Systems (ITS). In this paper, we propose to build a crowdsourcing application for traffic monitoring. The novelty of the proposed approach is that visual data is collected to enable automatic event inference with the recent advance in Computer Vision. The challenge is that mobile devices are not capable of handling visual task processing in high accuracy. We propose to build a networked system so that mobile devices can offload data via available wireless access interfaces (e.g., 4G LTE, WiFi, DSRC) to edge servers, e.g., GENI Rack. We plan to use the testbed at Kettering University to validate the proposed approach.
【Keywords】: Spatial crowdsourcing; Intelligent Transportation Systems; Edge Computing
【Paper Link】 【Pages】:1-2
【Authors】: Ruipeng Zhang ; Chen Xu ; Mengjun Xie
【Abstract】: Cybersecurity education and training have gained increasing attention in all sectors due to the prevalence and quick evolution of cyberattacks. A variety of platforms and systems have been proposed and developed to accommodate the growing needs of hands-on cybersecurity practice. However, those systems are either lacking sufficient flexibility (e.g., tied to a specific virtual computing service provider, little customization support) or difficult to scale. In this work, we present a cloud-based platform named EZSetup for hands-on cybersecurity practice at scale and our experience of using it in class. EZSetup is customizable and cloud-agnostic. Users can create labs through an intuitive Web interface and deploy them onto one or multiple clouds. We have used NSF funded Chameleon cloud and our private OpenStack cloud to develop, test and deploy EZSetup. We have developed 14 network and security labs using the tool and included six labs in an undergraduate network security course in spring 2019. Our survey results show that students have very positive feedback on using EZSetup and computing clouds for hands-on cybersecurity practice.
【Keywords】: Cybersecurity Education; Hands-on Lab; Cloud Computing
【Paper Link】 【Pages】:1-2
【Authors】: Hiroki Masuda ; Kentaro Kita ; Yuki Koizumi ; Toru Hasegawa
【Abstract】: Verifying remote computing environments, such as computing nodes in fog and edge computing, has gained considerable attention. This poster extends an existing remote attestation method so that it can verify that obtained results are generated by trusted computing nodes as well as remote computing nodes are trusted.
【Keywords】: Computational modeling; Virtual machine monitors; Hardware; Edge computing; Encryption
【Paper Link】 【Pages】:1-12
【Authors】: Thomas Wirtgen ; Cyril Dénos ; Quentin De Coninck ; Mathieu Jadin ; Olivier Bonaventure
【Abstract】: Routing protocols such as BGP and OSPF are key components of Internet Service Provider (ISP) networks. These protocols and the operator's requirements evolve over time, but it often takes many years for network operators to convince their different router vendors and the IETF to extend routing protocols. Some network operators, notably in enterprise and datacenters have adopted Software Defined Networking (SDN) with its centralised control to be more agile. We propose a new approach to implement routing protocols that enables network operators to innovate while still using distributed routing protocols and thus keeping all their benefits compared to centralised routing approaches. We extend a routing protocol with a virtual machine that is capable of executing plugins. These plugins extend the protocol or modify its underlying algorithms through a simple API to meet the specific requirements of operators. We modify the OSPF and BGP implementations provided by FRRouting and demonstrate the applicability of our approach with several use cases.
【Keywords】: Routing protocols; Routing; Virtual machining; Technological innovation; Computational modeling; Linux
【Paper Link】 【Pages】:1-11
【Authors】: Zhijun Li ; Yongrui Chen
【Abstract】: Low-Power Wide-Area Network (LPWAN) is an emerging platform for Internet-of-Thing (IoT) devices to access the base station far away. However, two of the most popular IoT techniques, Bluetooth and ZigBee, can not be connected to LPWAN directly due to their very short communication distance (e.g., 30 meters). Our work, named as Symphony, implements an universal LPWAN on existing heterogeneous wireless devices by overcoming two challenges. First, Symphony achieves a long-range communication from both Bluetooth Low Energy (BLE) and ZigBee to LoRaWAN, enabling these ubiquitously deployed low-power devices to access a base station from faraway. It is achieved by exploiting Narrow-Band Communication, where the BLE/ZigBee devices generate ultra narrow-band signals (i.e., single-tone sinusoidal signals) through payload manipulation, while the LoRaWAN base station detects these signals via its demodulator, which has a high receiver sensitivity for long range communication. Second, Symphony enables concurrent transmissions from heterogeneous radios (i.e., BLE, ZigBee and LoRa) at a LoRaWAN base station. This is achieved by Cross-Technology Parallel Decoding, which is able to disentangle and decode the interfering transmissions. Our evaluations on USRP and commodity devices reveal that Symphony achieves a concurrent wireless communication from BLE, ZigBee and LoRa commercial chips to a LoRaWAN base station over 500 meters, $16 \times$ range extension over native BLE/ZigBee.
【Keywords】: Zigbee; Base stations; Chirp; Demodulation; Receivers; Wireless personal area networks; Wireless communication
【Paper Link】 【Pages】:1-2
【Authors】: Kate Keahey ; Joe Mambretti ; Paul Ruth ; Dan Stanzione
【Abstract】: Computer Science experimental testbeds allow investigators to explore a broad range of different state-of-the-art hardware options, assess scalability of their systems, and provide conditions that allow deep reconfigurability and isolation so that one user does not impact the experiments of another. An experimental testbed is also in a unique position to support methods facilitating experiment analysis and improve repeatability and reproducibility of experiments. Providing these capabilities at least partially within a commodity framework improves the sustainability of systems experiments and thus makes them available to a broader range of experimenters.
【Keywords】: Computer science; Cloud computing; Software; IEEE Press; Hardware; Conferences; Resource management
【Paper Link】 【Pages】:1-2
【Authors】: Naoki Moriyama ; Yusuke Ito ; Hiroyuki Koga
【Abstract】: Information-centric networking (ICN) is expected as a novel network architecture for content delivery services. In ICN, content routers (CRs) with a cache function store a chunk received from upstream CRs or servers. Therefore, clients can retrieve distributed chunks from multiple nodes simultaneously. However, it will cause heavy congestion due to competition of multiple flows in a network as well as long time to acquire content. In this study, we propose an efficient congestion control scheme to retrieve distributed chunks from multiple nodes in ICN. This scheme aggregates competing flows and then allocates an adequate transmission rate to the aggregated flows. We show the effictiveness of the proposed scheme through simulation evaluations.
【Keywords】: ICN (Information Centric Networking); Congestion control; Flow aggregation
【Paper Link】 【Pages】:1-2
【Authors】: Maxine D. Brown ; Luc Renambot ; Lance Long ; Timothy Bargo ; Andrew E. Johnson
【Abstract】: In today's Big Data era, data scientists require new computational instruments in order to quickly analyze large-scale datasets using complex codes and quicken the rate of scientific progress. While Federally-funded computer resources, from supercomputers to clouds, are beneficial, they are often limiting - particularly for deep learning and visualization - as they have few Graphics Processing Units (GPUs). GPUs are at the center of modern high-performance computing and artificial intelligence, efficiently performing mathematical operations that can be massively parallelized, speeding up codes used for deep learning, visualization and image processing, more so than general-purpose microprocessors, or Central Processing Units (CPUs). The University of Illinois at Chicago is acquiring a much-in-demand GPU-based instrument, COMPaaS DLV - COMposable Platform as a Service Instrument for Deep Learning & Visualization, based on composable infrastructure, an advanced architecture that disaggregates the underlying compute, storage, and network resources for scaling needs, but operates as a single cohesive infrastructure for management and workload purposes. We are experimenting with a small system and learning a great deal about composability, and we believe COMPaaS DLV users will benefit from the varied workflow that composable infrastructure allows.
【Keywords】: distributed systems; testbed implementation & deployment; composable infrastructure; deep learning; visualization
【Paper Link】 【Pages】:1-2
【Authors】: Minh Nguyen ; Saptarshi Debroy ; Prasad Calyam ; Zhen Lyu ; Trupti Joshi
【Abstract】: Data-intensive bioinformatics applications often use federated multi-cloud infrastructures to support compute-intensive processing needs. In this paper, we propose a Multi-Cloud Performance and Security (MCPS) Brokering framework within such federated multi-cloud infrastructures to allocate cloud resources to applications by satisfying their performance and security requirements.
【Keywords】: Security; Bioinformatics; Scheduling; Risk management; Resource management; NIST; Genomics
【Paper Link】 【Pages】:1-2
【Authors】: Joaquín Chung ; Zhengchun Liu ; Rajkumar Kettimuthu ; Ian T. Foster
【Abstract】: Many science workflows are distributed in nature and rely on wide area networks (WANs) to move data between geographically distributed resources for analysis, sharing, and storage. In spite of continued enhancements in campus cyberinfrastructure, data transfer nodes (DTNs) are grossly underutilized. Our previous analysis of logs from 1,800 DTNs shows that they were completely idle for 94.3% of the time in 2017. Motivated by the opportunity to optimize DTN usage, here we present an elastic data transfer infrastructure (DTI) architecture in which the pool of nodes allocated to DTN activities expands and shrinks over time, based on demand. Our results show that this elastic DTI can save up to ~95% of resources compared with a typical static DTN deployment.
【Keywords】: Diffusion tensor imaging; Data transfer; Containers; Computer architecture; Throughput; Metals; Conferences
【Paper Link】 【Pages】:1-11
【Authors】: Haofan Cai ; Ge Wang ; Xiaofeng Shi ; Junjie Xie ; Minmei Wang ; Chen Qian
【Abstract】: Though being widely used in industrial and logistic applications, current passive RFID technology still has a fundamental limitation: Individual users, who do not carry any reader, are difficult to interact with tagged items, such as retrieving their digital profiles and requesting certain association with them. Recent proposals to improve user-item interaction experience rely on special hardware such as smartphone based RID scanner. This work presents a promising approach to allow each user to interact with tagged item using only one passive tag, which is named Tag Mutual Identification Interface (TagMii). TagMii requires a user to put her user tag in a physical proximity with an item tag to express certain interactions between the user and item. The key idea behind TagMii is to utilize two experimental observations: 1) inductive coupling for detecting interaction events, and 2) channel similarity for determining the actual interacting tags. We implement TagMii using commodity off-the-shelf RID devices and conduct experiments in complex environments with rich multipath, mobility, wireless signals, electrical devices, and magnetic fields. The results show that TagMii provides accurate mutual identification. TagMii is a completely new approach for user-item interactions in pervasive environments and enables many user-friendly IoT applications with low cost and convenience.
【Keywords】: Couplings; RFID tags; Wireless communication; Internet of Things; Headphones; Monitoring
【Paper Link】 【Pages】:1-11
【Authors】: Jingling Liu ; Jiawei Huang ; Weihe Li ; Jianxin Wang
【Abstract】: Modern data center topologies often take the form of a multi-rooted tree with rich parallel paths to provide high bandwidth. However, various path diversities caused by traffic dynamics, link failures and heterogeneous switching equipments widely exist in production datacenter network. Therefore, the multi-path load balancer in data center should be robust to these diversities. Although prior fine-grained schemes such as RPS and Presto make full use of available paths, they are prone to experience packet reordering problem under asymmetric topology. The coarse-grained solutions such as ECMP and LetFlow effectively avoid packet reordering, but easily lead to under-utilization of multiple paths. To cope with these inefficiencies, we propose a load balancing mechanism called AG, which adaptively adjusts switching granularity according to the asymmetric degree of multiple paths. AG increases switching granularity to alleviate packet reordering under large degrees of topology asymmetry, while reducing switching granularity to obtain high link utilization under small degrees of topology asymmetry. AG is deployed on the switches with negligible overhead, while making no modification on end-hosts. We evaluate AG through both Mininet testbed and large-scale NS2 simulations. The experimental results show that AG reduces the average and 99 th flow completion time by up to 51% and 56% over the state-of-the-art load balancing schemes, respectively.
【Keywords】: data center; load balancing; asymmetry
【Paper Link】 【Pages】:1-11
【Authors】: Hyunseok Chang ; Murali S. Kodialam ; T. V. Lakshman ; Sarit Mukherjee
【Abstract】: Application aware data centers promise various benefits for data center management, in terms of resource provisioning, power estimation, network management, security protection, etc. However, the emerging microservices make it challenging for data center operators to accurately identify what applications are deployed by tenants, due to their highly dynamic and heterogeneous nature. In this paper, we address the problem of fingerprinting microservices in a unified, efficient, accurate and non-intrusive fashion. To this end, we characterize the runtime behaviors of microservices using eBPF-based lightweight system call tracing. To accurately fingerprint a diverse set of microservices based on their system call activities, we utilize the machine learning approach which combines Bayesian learning and LSTM autoencoders. We demonstrate that our approach can fingerprint many real-world microservices with 99% accuracy, using 1-2% additional CPU resource, and can detect the presence of previously unseen microservices with near perfect accuracy.
【Keywords】: Engines; Bayes methods; Data centers; Training; Computational modeling; Monitoring; Security
【Paper Link】 【Pages】:1-2
【Authors】: Chen Xu ; Ruipeng Zhang ; Mengjun Xie ; Li Yang
【Abstract】: Cloud computing has become a major computing paradigm and data processing approach in almost all sectors. To ensure normal business operation and data security, performing traffic monitoring and detecting suspicious network packets and possible network intrusions have become a daily job for tenant administrators. Using existing tools, a tenant administrator can set up a Network Intrusion Detection System (NIDS) on a virtual machine (VM) instance in the tenant and mirror the traffic from other instances in the tenant to the NIDS instance via Tap as a Service (TaaS) or a Switched Port Analyzer (SPAN) port. However, this type of mechanisms can consume significant resources (e.g., CPU and bandwidth) in the cloud environment. In this work, we propose a new lightweight approach, namely Network Intrusion Detection System as a Service (NIDSaaS), for OpenStack cloud. Our preliminary experimental results show that our NIDSaaS approach consumes much less CPU compared to the existing TaaS approach.
【Keywords】: Cloud Security; Neutron Plugin; NIDS; Open-Stack
【Paper Link】 【Pages】:1-2
【Authors】: Shiva Ketabi ; Yashar Ganjali
【Abstract】: Congestion control protocols face several challenges for achieving max-min fairness and high throughput. First, each flow has a limited view of the network state. In the absence of a centralized congestion control entity, coordination is left (directly or indirectly) to individual flows. Second, most flows are very volatile by nature: flow rates/demands change significantly from one instant to another. In this poster, we present a hierarchical congestion control scheme to tackle these challenges. We aggregate flows with low correlation in a hierarchical manner, and recursively compute and allocate rates to these flows. Our preliminary experimental results show significant promise in terms of fairness and throughput.
【Keywords】: Aggregates; Throughput; Correlation; Resource management; Protocols; Bandwidth; Indexes
【Paper Link】 【Pages】:1-6
【Authors】: Spyridon Mastorakis ; Abderrahmen Mtibaa
【Abstract】: The efforts exploring Named Data Networking (NDN) have mainly focused on addressing the lack of scalable data distribution by today's Internet. In this paper, we argue that NDN offers a richer environment for edge computing applications. We consider a scenario, where applications need to discover the services running in the edge network. We demonstrate the design and implementation of a distributed service discovery mechanism over NDN through an example use-case of a mobile application for vision impairment patient. The paper discusses three main edge computing challenges, namely service discovery, service invocation, and user mobility management, to highlight NDN's architectural advantages for edge computing systems. Experimental results show that our framework design can effectively utilize the available resources at the network edge, being able to satisfy 95-98% of mobile users' service requests.
【Keywords】: Edge Computing; Named-Data Networking; Service Discovery; Service Invocation
【Paper Link】 【Pages】:1-2
【Authors】: Wenbo Zou ; Jiwoong Won ; Jemin Ahn ; Kyungtae Kang
【Abstract】: Many prediction models have been proposed to improve the effectiveness of web prefetching for reducing the response time perceived by users when browsing the web. Most of these models are based on structure learning and are applied at the client side. Currently, considerable attention is being paid to proxy-based prefetching because it is more effective and accurate in predicting the correlated pages of many websites of similar interest for more homogeneous users. Compared with client-based prefetching, more complex prediction tasks must run in the proxy, which implies that a more powerful prediction model is required. Thus, based on the time-series characteristics of browsing records, we proposed the intentionality-related long short-term memory (Ir-LSTM) model, which combines both the Skip-Gram embedding method and the LSTM model while expanding the input features with user information. We also propose a novel dynamic allocation module for detecting real-time traffic bursts and correspondingly adjusting the correlation coefficient of the model's output to achieve higher server-side resource utilization while fully maximizing hit ratio.
【Keywords】: Web prefetching; Web prediction model; Intentionality-related long short-term memory (Ir-LSTM)
【Paper Link】 【Pages】:1-2
【Authors】: Raghav Hampapur Venkatnarayan ; Muhammad Shahzad
【Abstract】: Accurately measuring the distance traveled by an object or odometry, in indoor environments is important in many applications such as video-game controller tracking or robot route guidance. While the distance traveled by an object can be simply measured using an accelerometer, it is wellknown that distances measured with accelerometers suffer from large drift errors. In this paper, we demonstrate WIO, a WiFi-assisted Inertial Odometry technique that uses WiFi signals as an auxiliary source of information to correct such drift errors. The key intuition behind WIO is that, among multiple paths of a transmitted WiFi signal that arrive at a moving object equipped with a WiFi receiver, WIO can isolate the path that is most parallel to the object's direction of motion and use the change in the length of that path as an estimate of the traversed distance. WIO then fuses this distance estimate with the distance measured from an accelerometer on-board the object to correct drift errors. We implement WIO using commodity devices, and evaluate it on a robot car. Our results demonstrate an average error of just 4.37% in estimating the distance traversed by the car.
【Keywords】: Wireless fidelity; Automobiles; Accelerometers; Wavelength measurement; Measurement uncertainty; Time measurement; Acceleration
【Paper Link】 【Pages】:1-11
【Authors】: Gregor Bankhamer ; Robert Elsässer ; Stefan Schmid
【Abstract】: Most modern communication networks include fast rerouting mechanisms, implemented entirely in the data plane, to quickly recover connectivity after link failures. By relying on local failure information only, these data plane mechanisms provide very fast reaction times, but at the same time introduce an algorithmic challenge in case of multiple link failures: failover routes need to be robust to additional but locally unknown failures downstream. This paper presents local fast rerouting algorithms which not only provide a high degree of resilience against multiple link failures, but also ensure a low congestion on the resulting failover paths. We consider a randomized approach and focus on networks which are highly connected before the failures occur. Our main contribution are three simple algorithms which come with provable guarantees and provide interesting resilience-load tradeoffs, significantly outperforming any deterministic fast rerouting algorithm with high probability.
【Keywords】: Routing; Protocols; Resilience; Communication networks; Complexity theory; Computer science; 5G mobile communication
【Paper Link】 【Pages】:1-2
【Authors】: Kiran Makhijani ; Hamed Yousefi ; K. K. Ramakrishnan ; Richard Li
【Abstract】: The current Internet protocol suite, with its best-effort semantics, can result in potentially very different delivery characteristics for packets. Actually, no two paths (or even different packet flows on the same path) can be assumed to have identical properties in terms of bandwidth, delay and jitter. However, multi-site remote collaboration applications are highly inter-dependent and must remain consistent across multiple users. To this end, we introduce a new network capability, called coordinated communication service, and propose coordination points to support coordinated delivery of multiple flows in the network.
【Keywords】: Receivers; Synchronization; Internet; Protocols; Next generation networking; Delays; Multimedia communication
【Paper Link】 【Pages】:1-2
【Authors】: Chengyi Qu ; Songjie Wang ; Prasad Calyam
【Abstract】: Unmanned aerial vehicles (UAV) or drone systems equipped with cameras are extensively used in different surveillance scenarios and often require real-time control and high-quality video transmission. However, unstable network situations and various transport protocols may result in impairments during video streaming, which in turn negatively impacts user's quality of experience (QoE). In this paper, we propose a dynamic computation offloading and control framework, named DyCOCo, based on image impairment detection under various available network bandwith conditions. Our DyCOCo framework demo features IoT devices in a testbed setup on the GENI infrastructure. Our demo results show that our DyCOCo approach can efficiently choose the suitable networking protocols and orchestrate both the camera control on the drone, and the computation offloading of the video analytics over limited edge computing/networking resources.
【Keywords】: computation offloading; drone video impairment recovery; GENI testbed
【Paper Link】 【Pages】:1-2
【Authors】: Bashir Mohammed ; Mariam Kiran ; Nandini Krishnaswamy
【Abstract】: As the numbers of internet users and connected devices continue to multiply, due to big data and Cloud applications, network traffic is growing at an exponential rate. WAN networks, in particular, are witnessing very large traffic spikes cause by large file transfers that last from a few minutes to hours on network links and there is a need to develop innovative ways in which flows can be managed in real-time.In this work, we develop a reinforcement learning approach, in particular Upper-Confidence Algorithm, to learn optimal paths and reroute traffic to improve network utilization. We present throughput and flow diversions using Mininet and demo the technique using Chameleon's Testbed (Bring-Your-Own-Controller [BYOC] functionality). This work is initial implementation towards DeepRoute, which combines Deep reinforcement learning algorithms with SDN controllers to create and route traffic using deployed OpenFlow switches.
【Keywords】: Reinforcement learning; Throughput; Loss measurement; Network topology; Wide area networks; Optimization; Bandwidth
【Paper Link】 【Pages】:1-4
【Authors】: Yuhui Zhang ; Dejun Yang
【Abstract】: The past decade has witnessed an explosive growth in cryptocurrencies, but the blockchain-based cryptocurrencies have also raised many concerns, among which a crucial one is the scalability issue. Suffering from the large overhead of global consensus and security assurance, even the leading cryptocurrencies can only handle up to tens of transactions per second, which largely limits their applications in real-world scenarios. Among many proposals to improve the cryptocurrency scalability, one of the most promising and mature solutions is the payment channel network (PCN), which offers the off-chain settlement of transactions with minimal involvement of expensive blockchain operations. However, transaction failures may occur due to external attacks or unexpected conditions, e.g., an uncooperative user becoming unresponsive. In this paper, we present a distributed robust payment routing protocol RobustPay to resist transaction failures, which achieves robustness, efficiency and distributedness. Moreover, we modify the original HTLC protocol and adapt it to the robust payment routing protocol.
【Keywords】: Cryptocurrency; payment channel network; routing; blockchain
【Paper Link】 【Pages】:1-2
【Authors】: Paul Ruth ; Mert Cevik
【Abstract】: Many scientific research communities and institutions are adopting the cloud as a primary platform to support their computing needs. Rapid adoption of the cloud for scientific computing is a result of the simplicity with which an individual researcher can obtain large amounts of customized compute and storage resources. At the same time, most public cloud providers have rolled out many advanced networking services. Many of these services, like their compute services, are simple to access by any cloud user (e.g. routing between regions and private networking spaces within a cloud). However, it is not possible for most researchers to access expensive low-level, externally facing cloud network services without complicated support by campus IT staff, as well as national and regional network providers. This paper describes how to use Chameleon, ExoGENI, and Internet2's Cloud Connect service to deploy research experiments that use AWS Direct Connect without requiring a privately owned Direct Connect endpoint or support from local campus IT staff.
【Keywords】: Cloud computing; Google; Routing; Logic gates; Peer-to-peer computing; Computer science; Software
【Paper Link】 【Pages】:1-4
【Authors】: Yuwei Zeng ; Yongzheng Zhang ; Tianning Zang ; Xunxun Chen ; Yipeng Wang
【Abstract】: More Internet services tend to collect the one-time information from clients via DNS queries. Notably, the uncertainty of such transient information makes these domain names be queried only once in their lifetime. This type of domain is called disposable domain. Although they are not malicious, the efficiency of DNS infrastructures will still be affected by their ever-increasing number. In this paper, we propose Vogers, a linguistics-based stacking model, to detect the disposable domains. Our evaluation demonstrates that Vogers decreases the false positive rate by more than 19%, compared with the prior art, while maintaining the true positive rate above 98.9%.
【Keywords】: Feature extraction; Linguistics; Training; Stacking; Measurement; Web and internet services; Uncertainty
【Paper Link】 【Pages】:1-10
【Authors】: Shih-Hao Tseng
【Abstract】: Expensive optical fibers provide connectivity for wide-area networks. Nowadays, the fibers are operated in a much conservative manner. By adaptively reconfiguring the fibers to exploit its signal quality, a recent proposal demonstrates a significant increase of optical link capacity. Such a reconfiguration currently accompanies a non-ignorable delay, during which the reconfigured link is not accessible, and the mentioned approach trades off the final throughput with the induced churn during the transition. This scheme can result in high traffic disturbance during the reconfiguration.To overcome the drawback of the simple churn-based update, we study the rate adaptation planning (RAP) problem under reconfiguration delay. We propose a multiple step planning with perseverance constraints. This approach leads to a smoother transition, but the optimal plan is shown NP-hard without constant factor approximation (unless P= NP). Therefore, we develop an efficient LP-based heuristic algorithm. Extensive simulations show that the algorithm gives 40 -50% higher throughput than the no-adaptive-link case. Also, the transition is much smoother: the resulting traffic fluctuation is only 40 -50% of the existing churn-based approach.
【Keywords】: Throughput; Modulation; Signal to noise ratio; Optical fiber communication; Delays; Planning; Transient analysis
【Paper Link】 【Pages】:1-4
【Authors】: Xiaoxi Zhang ; Siqi Chen ; Youngbin Im ; Maria Gorlatova ; Sangtae Ha ; Carlee Joe-Wong
【Abstract】: Today's Internet must support applications with increasingly dynamic and heterogeneous connectivity requirements, such as video streaming and the Internet of Things. Yet current network management practices generally rely on pre-specified flow configurations, which cannot cover all possible scenarios. In this work, we instead propose a model-free learning approach to automatically optimize the policies for heterogeneous network flows. This approach is attractive as no existing comprehensive models quantify how different policy choices affect flow performance under dynamically changing network conditions. We extend multi-armed bandit frameworks to propose new online learning algorithms for protocol selection, addressing the challenge of policy configurations affecting the performance of multiple flows sharing the same network resources. This performance coupling limits the scalability and optimality of existing online learning algorithms. We theoretically prove that our algorithm achieves a sublinear regret and demonstrate its optimality and scalability through data-driven simulations.
【Keywords】: Network protocol selection; completion time minimization; multi-armed bandit; online algorithm design
【Paper Link】 【Pages】:1-2
【Authors】: Paul Lepe ; Aashray Aggarwal ; Jelena Mirkovic ; Jens Mache ; Richard Weiss ; David Weinmann
【Abstract】: Engaging students in practical, hands-on exercises on testbeds improves student learning and knowledge retention. However, testbeds may also present an obstacle to learning for students who are not familiar with the environment, or who lack the necessary background to complete their assignments. Our research investigates how students learn with testbeds. We instrument a default operating system on the DeterLab testbed and monitor the students' command line input and output, as they perform homework assignments.We use this data to evaluate students' progress, to detect when a student is struggling and to identify common problems.
【Keywords】: Monitoring; Task analysis; Computer security; Corporate acquisitions; Impedance matching; Privacy
【Paper Link】 【Pages】:1-2
【Authors】: Mohammad Amin Beiruti ; Yashar Ganjali
【Abstract】: The dynamic nature of network traffic can lead to load imbalance amongst controller instances in a distributed SDN controller. A highly loaded controller instance can be slower in responding to datapath queries, and can slow down the entire control platform. In this poster, we present a new and efficient load migration protocol for shifting input load associated with overloaded controller instances towards lightly loaded instances. Unlike existing protocols for load migration, our protocol ensures consistency among controller instances, and can handle failures during migration procedure. Our protocol reduces the migration time by 20-55%, and the migration buffer size by 10-15%.
【Keywords】: Protocols; Control systems; Resilience; Process control; Load management; Safety; Bars
【Paper Link】 【Pages】:1-6
【Authors】: Zhi Zhou
【Abstract】: Mobile edge computing, with its promise to fulfill the urgent need for richer applications and better experience of resource-hungry IoT devices, is emerging as a new computing paradigm and has quickly ascended to the spotlight. It is readily acknowledged, however that edge infrastructures are less capable of improving power usage efficiency and integrating renewable energy. To address this challenge, we propose a new framework - GreenEdge, which leverages device-to-device (D2D) communication and energy-harvesting (EH) to realize sustainable and collaborative task execution. Specifically, we first introduce the motivations of combining D2D and EH to green edge infrastructure. We next validate the feasibility and economic-efficiency of combining D2D and EH, with the help of two emerging commercial-applicable IoT applications: smart street lighting and smart bike-sharing. We further present the basic architecture, model and optimization of GreenEdge. For research inspirations, practical challenges and directions towards GreenEdge are identified. Finally, we acknowledge that GreenEdge is not the only road towards sustainability, future alternatives that can work in conjunction with GreenEdge to comprehensively green edge computing are discussed.
【Keywords】: Green products; Internet of Things; Device-to-device communication; Task analysis; Renewable energy sources; Edge computing; Cooling
【Paper Link】 【Pages】:1-4
【Authors】: Osamah L. Barakat ; Pier Luigi Ventre ; Stefano Salsano ; Xiaoming Fu
【Abstract】: Segment Routing is a source routing based architecture that provides an opportunity to include a list of instructions called segments in the packet headers. The segments may allow the inclusion of detours for responding to Traffic Engineering needs or Service Function Chaining implementations. Even though there is an increasing interest towards enhancing and adopting Segment Routing, the administrators are still burdened with the task of manually write and maintain the segment lists. Such type of management presents several challenges ranging from error-prone configurations to increased response time for network updates. In this paper, we present a Segment Routing management framework named Busoni, which automates and simplifies the process of segments lists management. Additionally, we also provide programming tools to compose and manage Segment Routing policies that operate efficiently, even under multi-tenancy environments. Using different use cases, we show the programming capabilities offered by our framework.
【Keywords】: Network Function Virtualization; Northbound Interface; Policy; Segment Routing; SFC; SRv6; Software Defined Networking; VNF
【Paper Link】 【Pages】:1-2
【Authors】: Rajat Tandon ; Abhinav Palia ; Jaydeep Ramani ; Brandon Paulsen ; Genevieve Bartlett ; Jelena Mirkovic
【Abstract】: Flash Crowd Attacks (FCAs) are DDoS attacks that flood victim services, such as Web servers, with well-formed requests, generated by numerous bots. It is hard to detect and filter such attacks because both legitimate and attack requests look identical. In our previous work [1], we proposed models of how human users interact with Web servers, and also showed in simulation that these models can detect naive FCA attacks. We significantly extend these proposed models to make them more robust, simpler, and applicable to a wider variety of FCA attacks in this paper. We implement the models in a system called FRADE, and evaluate it on three Web servers with different server applications and different content. We show that FRADE can detect both naive and sophisticated bots within seconds and successfully filters out attack traffic. Therefore, FRADE significantly raises the bar for a successful attack by requiring attackers to deploy botnets that are at least three orders of magnitude larger than the botnets today.
【Keywords】: Web servers; Blacklisting; Hypertext systems; Web pages; Botnet; Semantics
【Paper Link】 【Pages】:1-2
【Authors】: Jinshu Su ; Biao Han ; Gaofeng Lv ; Tao Li ; Zhigang Sun
【Abstract】: Network function virtualization (NFV) offers a new way to design, deploy and manage networking services. It is of vital importance to exploit heterogeneous parallelism between hardware and software, in order to improve virtulization performance and quality of virtualized network services. In this poster, we propose a novel heterogeneous parallel architecture that highly exploits the parallelism inside packet processing, and implementation efficacy with hardware processing engines and software threads. We present two packet processing pipelines with three implemented VNF instances to better demonstrate the efficiency of heterogeneous parallelism in accelerating NFV. We show the performance of our proposed architecture with various virtualized requirements and traffics in a well-deployed network environment. Experimental results reveal that it can achieve accelerated NFV performance, as well as provide a wide class of VNFs to improve the quality of virtualized network services.
【Keywords】: network function virtualization; heterogeneous parallelism; VNF
【Paper Link】 【Pages】:1-2
【Authors】: Bálint György Nagy ; János Dóka ; Sándor Rácz ; Géza Szabó ; István Pelle ; János Czentye ; László Toka ; Balázs Sonkoly
【Abstract】: Safe and efficient Human-Robot Collaboration (HRC) is an essential feature of future Industry 4.0 production systems which requires sophisticated collision avoidance mechanisms with intense computation need. Digital twins provide a novel way to test the impact of different control decisions in a simulated virtual environment even in parallel. In addition, Virtual/Augmented Reality (VR/AR) applications can revolutionize future industry environments. Each component requires extreme computational power which can be provided by cloud platforms but at the cost of higher delay and jitter. Moreover, clouds bring a versatile set of novel techniques easing the life of both developers and operators. Can these applications be realized and operated on today's systems? In this demonstration, we give answers to this question via real experiments.
【Keywords】: Cloud computing; Collision avoidance; Trajectory; Industries; Engines; Robot kinematics
【Paper Link】 【Pages】:1-2
【Authors】: Craig Gutterman ; Gil Zussman ; Artur Minakhmetov ; Jiakai Yu ; Michael Sherman ; Tingjun Chen ; Shengxiang Zhu ; Ivan Seskar ; Dipankar Raychaudhuri ; Daniel C. Kilper
【Abstract】: The Cloud-Enhanced Open Software Defined Mobile Wireless Testbed for City-Scale Deployment (COSMOS) platform is a programmable city-scale shared multi-user advanced wireless testbed that is being deployed in West Harlem of New York City [1]. To keep pace with the significantly increased wireless link bandwidth and to effectively integrate the emerging C-RANs, COSMOS is designed to incorporate a fast programmable core network for providing connections across different computing layers. A key feature of COSMOS is its dark fiber based optical x-haul network that enables both highly flexible, user defined network topologies and experimentation directly in the optical physical layer. The optical architecture of COSMOS was presented in [2]. In this abstract, we present the tools and services designed to configure and monitor the performance of optical paths and topologies of the COSMOS testbed. In particular, we present the SDN framework that allows testbed users to implement experiments with application-driven control of optical and data networking functionalities.
【Keywords】: Optical switches; Optical signal processing; Optical network units; Computer architecture; Network topology
【Paper Link】 【Pages】:1-6
【Authors】: Qing Gao ; Limin Zhu ; Yuxin Lin ; Xun Chen
【Abstract】: Anomaly detection has always been a hot topic in signal processing and machine learning. Convolutional Neural Network (CNN) is an effective technique to detect anomaly. However, at Ant Financial, a simple CNN neglects certain patterns in real-world data that may lead to triggering of false alarms. To reduce the possibility of a false alarm, we run an anomaly noise filtering model after the CNN. In this paper, we introduce techniques to develop the model and a new method of time series trend computation. The model helps increase the accuracy in detecting false anomalies of a rise-fall pattern in the traffic(y-value) of a time series dataset. At the end of the paper, we will present the benchmarks of using our method on real online systems at Ant Financial.
【Keywords】: noise filtering model; detection algorithms; anomaly detection; rise-fall model
【Paper Link】 【Pages】:1-2
【Authors】: Yusaku Hayamizu ; Kazuhisa Matsuzono ; Hitoshi Asaeda
【Abstract】: In this paper, we introduce “CeforeSim”, which is an ns-3-based network simulator for Information-Centric Networking (ICN). CeforeSim is compliant with an ICN software platform known as Cefore. This simulator supports the CCNx 1.0 messages specified in the IRTF and inherits the unique features of Cefore such as the transport protocol for real-time video streaming, cache storage separation from the forwarding engine, network measurement using CCNinfo defined in the IRTF, and so on. As one of the example features, we focuses on the CeforeSim function for real-time video streaming and show the low-overhead multicast streaming compared to the conventional ICN approach.
【Keywords】: Cefore; ns-3; Simulator; Information-Centric Networking; Content-Centric Networking
【Paper Link】 【Pages】:1-2
【Authors】: Jiachen Chen ; Yuxuan Xing ; K. K. Ramakrishnan ; Mohammad Jahanian ; Hulya Seferoglu ; Murat Yuksel
【Abstract】: Effective communication among first responders during and in the aftermath of a disaster can affect outcomes dramatically. We seek to build a resilient architecture that allows first responders to communicate even with: 1) damage to infrastructure - civilian and / or specialized communication facilities may be damaged by the disaster, and 2) dynamically formed groups - first responder teams may be formed dynamically in response to a disaster and team member addresses (e.g., phone numbers, network addresses) may not be known to one another. We propose a resilient network architecture that allows efficient communication among first responders during and after a disaster [1]. We seek to support dynamically formed groups for incident response, allowing first responders to securely and conveniently communicate based on roles (names). The architecture supports communication in disasters by 1) building resilience into the framework across all the layers, 2) creating a framework that allows communication by role and identity, rather than addresses, 3) supporting multiple modalities (data, voice) for communication among dynamically formed first responder teams, and 4) providing robust and resilient communication and computing even when facilities are error- and disruption-prone.
【Keywords】: Bluetooth; Automobiles; Computer architecture; Device-to-device communication; Wireless fidelity; Graphical user interfaces; Network architecture
【Paper Link】 【Pages】:1-2
【Authors】: Coleman Link ; Jesse Sarran ; Garegin Grigoryan ; Minseok Kwon ; M. Mustafa Rafique ; Warren R. Carithers
【Abstract】: With the widespread usage of containerized virtualization in data centers and clouds, it is important to enabling high-throughput and zero-copy data transfer between those containers. Remote Direct Memory Access (RDMA) allows bypassing the kernel for packet processing by offloading it to specific RDMA-enabled NICs. The existing solutions enabling RDMA with containers are either based on custom container orchestrators (e.g., FreeFlow) or lack the ability for the control plane to manage the underlying RDMA traffic (e.g., Kubernetes RDMA plug-in via SR-IOV). The work in this paper builds off of previous work in Kubernetes to make an architecture that allows control over bandwidth requirements of RDMA within a Kubernetes cluster.
【Keywords】: Containers; Bandwidth; Data centers; Systems architecture; Hardware; Kernel; Computer architecture
【Paper Link】 【Pages】:1-2
【Authors】: Ashish Pandey ; Songjie Wang ; Prasad Calyam
【Abstract】: Cloud computing has become a necessary utility for scientific and technical applications. Many diverse web services are published and subscribed using cloud data centers. It has become fairly easy to use services from Cloud Service Providers (CSPs) for computation and data processing. However, even with all their benefits, commercial cloud resources are not economical when large data processing is required. Hence, educators and researchers need guidance to use commercial cloud resources to run large data processing workflow applications within a budget. In this paper, we propose a framework to help users to leverage distributed compute resources to execute data-intensive application workflows, under budget constraints. We demonstrate how our framework can be used by users who may have access to small-scale compute resources in-house, to seamlessly interoperate with public cloud resources.
【Keywords】: Compute resource utilization; Scientific workflows; distributed computing
【Paper Link】 【Pages】:1-2
【Authors】: Markus Dahlmanns ; Chris Dax ; Roman Matzutt ; Jan Pennekamp ; Jens Hiller ; Klaus Wehrle
【Abstract】: More and more traditional services, such as malware detectors or collaboration services in industrial scenarios, move to the cloud. However, this behavior poses a risk for the privacy of clients since these services are able to generate profiles containing very sensitive information, e.g., vulnerability information or collaboration partners. Hence, a rising need for protocols that enable clients to obtain knowledge without revealing their requests exists. To address this issue, we propose a protocol that enables clients (i) to query large cloud-based knowledge systems in a privacy-preserving manner using Private Set Intersection and (ii) to subsequently obtain individual knowledge items without leaking the client's requests via few Oblivious Transfers. With our preliminary design, we allow clients to save a significant amount of time in comparison to performing Oblivious Transfers only.
【Keywords】: Knowledge based systems; Privacy; Protocols; Databases; Runtime; Malware; Collaboration
【Paper Link】 【Pages】:1-2
【Authors】: Timur Friedman ; Rick McGeer ; Berat Can Senel ; Matt Hemmings ; Glenn Ricart
【Abstract】: EdgeNet is the prototype of a scalable, sustainable general-purpose testbed for very wide area distributed systems and extremely low-latency distributed services. In this, it is aimed at the same experimenters and systems that formed the core usage of previous, highly-successful wide-area testbeds such as PlanetLab [1], G-Lab [2], V-Node [5], GENI [4], and SAVI [3], and it incorporates many of the features that characterized those previous testbeds. EdgeNet's goal is to achieve the usability and research value of the previous generations of wide area testbed, whilst offering radical improvements in the scalability and sustainability of those systems. It achieves this scalability and sustainability through a strategy of using industry-standard open-source software as the basis of its software stack, and by a strategy of hardwarefree, bottom-up, site-driven deployment. EdgeNet follows the Seattle [6] and PlanetIgnite [9] strategy of permitting sites to join the testbed with purely local action.
【Keywords】: distributed testbed; containers-as-a-service; widearea systems
【Paper Link】 【Pages】:1-11
【Authors】: Gongming Zhao ; Hongli Xu ; Jianchun Liu ; Chen Qian ; Juncheng Ge ; Liusheng Huang
【Abstract】: The past decades have seen a proliferation of middlebox deployment in various networks, including backbone networks and datacenters. Since network flows have to traverse specific service function chains (SFCs) for security and performance enhancement, it becomes much complex for SFC routing due to routing loops, traffic dynamics and scalability requirement. The existing SFC routing solutions may consume many resources (e.g., TCAM) on the data plane and lead to massive overhead on the control plane, which decrease the scalability of middlebox networks. Due to SFC requirement and potential routing loops, solutions like traditional default paths (e.g., using ECMP) that are widely used in non-middlebox networks will no longer be feasible. In this paper, we present and implement a scalable and flexible middlebox policy enforcement (SAFE-ME) system to minimize the TCAM usage and control overhead. To this end, we design the smart tag operations for construction of default SFC paths with less TCAM rules in the data plane, and present lightweight SFC routing update with less control overhead for dealing with traffic dynamics in the control plane. We implement our solution and evaluate its performance with experiments on both physical platform (Pica8) and Open vSwitch (OVS), as well as large-scale simulations. Both experimental and simulation results show that SAFE-ME can greatly improve scalability (e.g., TCAM cost, update delay, and control overhead) in middlebox networks. For example, our system can reduce the control traffic overhead by about 83% while achieving almost the similar middlebox load, compared with state-of-the-art solutions.
【Keywords】: Software Defined Networks; Network Function; Middlebox; Default Path; Tag
【Paper Link】 【Pages】:1-2
【Authors】: Yuuichi Teranishi ; Takashi Kimata ; Hiroaki Yamanaka ; Eiji Kawai ; Hiroaki Harai
【Abstract】: We present the LASK protocol and its platform implementation that supports distributed k-Nearest Service Discovery. LASK achieves scalable and locality-aware name-based service discovery and routing for the target nodes avoiding redundant lookup message exchanges across the edge networks.
【Keywords】: Protocols; Edge computing; Peer-to-peer computing; Routing; Internet of Things; Servers; Overlay networks
【Paper Link】 【Pages】:1-6
【Authors】: Jianhua He ; Andrew Radford ; Laura Li ; Zhiliang Xiong ; Zuoyin Tang ; Xiaoming Fu ; Supeng Leng ; Fan Wu ; Kaisheng Huang ; Jianye Huang ; Jie Zhang ; Yan Zhang
【Abstract】: Road accidents and traffic congestion are two critical problems for global transport systems. Connected vehicles (CV) and automated vehicles (AV) are among the most heavily researched and promising automotive technologies to reduce road accidents and improve road efficiency. However, both AV and CV technologies have inherent shortcomings, for example, line of sight sensing limitation of AV sensors and the dependency of high penetration rate for CVs. In this paper we present a cooperative connected intelligent vehicles (CAV) framework. It is motivated by the observation that vehicles are increasingly intelligent with various levels of autonomous functionalities. The vehicles intelligence is boosted by more sensing and computing resources. These sensor and computing resources of CAV vehicles and the transport infrastructure could be shared and exploited. With resource sharing and cooperation CAVs can have comprehensive perception of driving environments, and novel cooperative applications can be developed to improve road safety and efficiency (RSE). The key feature of the cooperative CAV system is the cooperation within and across the key players in the road transport systems and across system layers. For example, the various levels of cooperation include cooperative sensing, cooperative RSE applications and cooperation among the vehicles and among the vehicles and infrastructure. We will present the potentials that could be brought by cooperative CAV, the roadmap for research and development, the preliminary research results and open issues.
【Keywords】: Connected vehicles; autonomous vehicles; connected intelligent vehicles; CAV; cooperative road safety
【Paper Link】 【Pages】:1-4
【Authors】: Liyang Sun ; Tongyu Zong ; Yong Liu ; Yao Wang ; Haihong Zhu
【Abstract】: Low-latency is a critical user Quality-of-Experience (QoE) metric for live video streaming. It poses significant challenges for streaming over the Internet. In this paper, we explore the design space of low-latency live video streaming by developing dynamic models and optimal control strategies. We further develop practical live video streaming algorithms within the Model Predictive Control (MPC) framework, namely MPC-Live, to maximize user QoE by adapting the video bitrate while maintaining low end-to-end video latency in dynamic network environment. Through extensive experiments driven by real network traces, we demonstrate that our live video streaming algorithms can improve the performance dramatically within latency range of two to five seconds.
【Keywords】: live streaming; chunk-base encoding
【Paper Link】 【Pages】:1-2
【Authors】: Dmitry Duplyakin ; Alexandru Uta ; Aleksander Maricq ; Robert Ricci
【Abstract】: Empirical performance measurements of computer systems almost always exhibit variability and anomalies. Run-to-run and server-to-server variations are common for CPU, memory, disk, and network performance characteristics. In our previous work, we focused on taming performance variability for memory, disk, and network [1] and established an interactive analysis service at: https://confirm.fyi/ to help users of the CloudLab testbed [2] better plan and conduct their experiments. In this paper, we describe our analysis of CPU variability based on over 1.3M performance measurements from nearly 1,800 servers and present our initial findings.
【Keywords】: Sockets; Servers; Hardware; Cloud computing; Standards; Measurement; Big Data
【Paper Link】 【Pages】:1-12
【Authors】: Xiaodong Yi ; Junjie Wang ; Jingpu Duan ; Wei Bai ; Chuan Wu ; Yongqiang Xiong ; Dongsu Han
【Abstract】: GPU acceleration has been widely investigated for packet processing in virtual network functions (NFs), but not for L7 flow-processing NFs. In L7 NFs, reassembled TCP messages of the same flow should be processed in order in the same processing thread, and the uneven sizes among flows pose a major challenge for full realization of GPU's parallel computation power. To exploit GPUs for L7 NF processing, this paper presents FlowShader, a GPU acceleration framework to achieve both high generality and throughput even under skewed flow size distributions. We carefully design an efficient scheduling algorithm that fully exploits available GPU and CPU capacities; in particular, we dispatch large flows which seriously break up the size balance to CPU and the rest of flows to GPU. Furthermore, FlowShader allows similar NF logic (as CPU-based NFs) to run on individual threads in a GPU, which is more generalized and easy to take on as compared to redesigning an NF for operation parallelism on GPU. We implemented a number of L7 flow processing NFs based on FlowShader. Evaluations are conducted under both synthetic and real-world traffic traces and results show that the throughput achieved by FlowShader is up to 6x that of the CPU-only baseline and 3x of the GPU-only design.
【Keywords】: Graphics processing units; Noise measurement; Message systems; Throughput; Acceleration; Parallel processing; Central Processing Unit
【Paper Link】 【Pages】:1-2
【Authors】: Lingang Li ; Yongrui Chen ; Zhijun Li
【Abstract】: Recent advances on physical-layer Cross-Technology Communication (PHY-CTC) achieve high throughput direct communication across different wireless technologies, by emulating the standard waveform of the receiver. However, this signal emulation method faces the challenges of inherent unreliability due to the imperfect emulation. Therefore, it's not suitable to achieve PHY-CTC from WiFi to BLE, since a BLE receiver can not tolerate any bit error in preamble checking when receiving a BLE frame. We present NBee, the first WiFi to BLE physical-level CTC. The key insight lies in Narrow-Band Decoding, i.e., 22MHz bandwidth WiFi (802.11b) signal can be correctly decoded at the BLE RF front-end with only 1MHz bandwidth, if the WiFi payload bits are selected by a specific pattern. More specifically, NBee leverages the unique signatures in the WiFi signal distorted by 1MHz Low Pass Filter (LPF) at BLE to extract information. Evaluation results on commodity BLE chips show NBee can achieve 1Mbps CTC with 95% packet reception rate (PRR), 3400x faster than the state-of-art CTC from WiFi to BLE.
【Keywords】: Wireless fidelity; Receivers; Emulation; Decoding; Payloads; Throughput; Standards
【Paper Link】 【Pages】:1-6
【Authors】: Menghao Zhang ; Jiasong Bai ; Guanyu Li ; Zili Meng ; Hongda Li ; Hongxin Hu ; Mingwei Xu
【Abstract】: Network Function Virtualization (NFV) provides middleboxes with substantial elasticity from a system level, and Artificial Neural Network (ANN) empowers middleboxes with great intelligence from an algorithm-level perspective. However, when ANN-based Network Functions (NFs) want to take advantage of the elasticity of NFV, our study finds that huge gaps exist between the existing approaches and the ideal goals for the elasticity control of ANN-based NFs. By revealing the key differences between ANN-based NFs and traditional NFs, we propose LEGO, an innovative framework that provides systematic mechanisms for traffic splitting, instance partition and runtime management to enable correct and efficient scaling of ANN-based NFs. Preliminary implementation and evaluation demonstrate the feasibility and effectiveness of the LEGO system. The major purpose of this paper is to highlight these challenges and sketch out a new roadmap towards ANN-based NFV paradigm.
【Keywords】: Noise measurement; Feature extraction; Neurons; Middleboxes; Elasticity; Neural networks; Training
【Paper Link】 【Pages】:1-2
【Authors】: Nathan Tusing ; Jonathan Oakley ; C. Geddings Barrineau ; Lu Yu ; Kuang-Ching Wang ; Richard R. Brooks
【Abstract】: We proposed a Traffic Analysis Resistant Network (TARN) that randomizes IP addresses in a fashion similar to Frequency Hop Spread Spectrum (FHSS), allowing users to blend into background traffic. IP hopping alone is not enough. TARN may still be susceptible to side-channel analysis. To remove the vulnerabilities, we introduce a SDX-based solution. In this work, we describe the design and implementation of TARN and experimental environment used to test TARN.
【Keywords】: Traffic Analysis; SDX; TARN; NMTD
【Paper Link】 【Pages】:1-2
【Authors】: Mijanur R. Palash ; Voicu Popescu ; Amit Sheoran ; Sonia Fahmy
【Abstract】: CoRE is an approach for streaming 360° videos based on a non-linear sampling of the equirectangular video cube. CoRE is robust to view prediction errors.
【Keywords】: 360° video streaming
【Paper Link】 【Pages】:1-2
【Authors】: Komal Thareja ; Cong Wang ; Paul Ruth ; Anirban Mandal ; Ilya Baldin ; Michael Stealey
【Abstract】: A majority of today's cloud services are independently operated by individual cloud service providers. In this approach, the locations of cloud resources are strictly constrained by the distribution of cloud service providers' sites. As the popularity and scale of cloud services increase, we believe this traditional paradigm is about to change toward further federated services, a.k.a., multi-cloud, due to the improved performance, reduced cost of compute, storage and network resources, as well as increased user demands. In this paper, we present COMET, a lightweight, distributed storage system for managing metadata on large scale, federated cloud infrastructure providers, end users, and their applications (e.g. HTCondor Cluster or Hadoop Cluster). We showcase use case from NSF's, Chameleon, ExoGENI and JetStream research cloud testbeds to show the effectiveness of COMET design and deployment.
【Keywords】: Cloud computing; Metadata; Public key; Computer architecture; IP networks; Generators; Clouds
【Paper Link】 【Pages】:1-4
【Authors】: Ge Wang ; Chen Qian ; Kaiyan Cui ; Han Ding ; Haofan Cai ; Wei Xi ; Jinsong Han ; Jizhong Zhao
【Abstract】: There have been increasing interests in exploring the sensing capabilities of RFID to enable numerous IoT applications, including object localization, trajectory tracking, and human behavior sensing. However, most existing methods rely on the signal measurement either in a low multipath environment, which is unlikely to exist in many practical situations, or with special devices, which increase the operating cost. This paper investigates the possibility of measuring `multipath-free' signal information in multipath-prevalent environments simply using a commodity RFID reader. The proposed solution, Clean Physical Information Extraction (CPIX), is universal, accurate, and compatible to standard protocols and devices. CPIX improves RFID sensing quality with near zero cost - it requires no extra device. We implement CPIX and evaluate its effectiveness on improving the performance on tag localization. The results show that CPIX reduces the localization error by 30% to 50% and achieves the MOST accurate localization by commodity readers compared to existing work.
【Keywords】: RFID; Sensing; Multipath; Localization
【Paper Link】 【Pages】:1-12
【Authors】: Alex Horn ; Ali Kheradmand ; Mukul R. Prasad
【Abstract】: Network verification promises to detect errors, such as black holes and forwarding loops, by logically analyzing the control or data plane. To do so efficiently, the state-of-the-art (e.g., Veriflow) partitions packet headers with identical forwarding behavior into the same packet equivalence class (PEC).Recently, Yang and Lam showed how to construct the minimal set of PECs, called atomic predicates. Their construction uses Binary Decision Diagrams (BDDs). However, BDDs have been shown to incur significant overhead per packet header bit, performing poorly when analyzing large-scale data centers. The overhead of atomic predicates prompted ddNF to devise a specialized data structure of Ternary Bit Vectors (TBV) instead.However, TBVs are strictly less expressive than BDDs. Moreover, unlike atomic predicates, ddNF's set of PECs is not minimal. We show that ddNF's non-minimality is due to empty PECs. In addition, empty PECs are shown to trigger wrong analysis results. This reveals an inherent tension between precision, expressiveness and performance in formal network verification.Our paper resolves this tension through a new lattice-theoretical PEC-construction algorithm, # PEC, that advances the field as follows: (i) # PEC can encode more kinds of forwarding rules (e.g., ip-tables) than ddNF and Veriflow, (ii) # PEC verifies a wider class of errors (e.g., shadowed rules) than ddNF, and (iii) on a broad range of real-world datasets, # PEC is 10\times faster than atomic predicates. By achieving precision, expressiveness and performance, this paper answers a longstanding quest that has spanned three generations of formal network analysis techniques.
【Keywords】: IP networks; Tools; Cognition; Laboratories; Binary decision diagrams; Data centers
【Paper Link】 【Pages】:1-11
【Authors】: Junyang Shi ; Di Mu ; Mo Sha
【Abstract】: Low-power wireless mesh networks (LPWMNs) have been widely used in wireless monitoring and control applications. Although LPWMNs work satisfactorily most of the time thanks to decades of research, they are often complex, inelastic to change, and difficult to manage once the networks are deployed. Moreover, the deliveries of control commands, especially those carrying urgent information such as emergency alarms, suffer long delay, since the messages must go through the hop-by-hop transport. Recent studies show that adding low-power wide-area network (LPWAN) radios such as LoRa onto the LPWMN devices (e.g., ZigBee) effectively overcomes the limitation. However, users have shown a marked reluctance to embrace the new heterogeneous communication approach because of the cost of hardware modification. In this paper, we introduce LoRaBee, a novel LoRa to ZigBee cross-technology communication (CTC) approach, which leverages the energy emission in the Sub-1 GHz bands as the carrier to deliver information. Although LoRa and ZigBee adopt distinct modulation techniques, LoRaBee sends information from LoRa to ZigBee by putting specific bytes in the payload of legitimate LoRa packets. The bytes are selected such that the corresponding LoRa chirps can be recognized by the ZigBee devices through sampling the received signal strength (RSS). Experimental results show that our LoRaBee provides reliable CTC communication from LoRa to ZigBee with the throughput of up to 281.61bps in the Sub-1 GHz bands.
【Keywords】: Cross-technology Communication; LoRa; Zig-Bee; Internet of Things
【Paper Link】 【Pages】:1-2
【Authors】: Tingjun Chen ; Jackson Welles ; Manav Kohli ; Mahmood Baraani Dastjerdi ; Jakub Kolodziejski ; Michael Sherman ; Ivan Seskar ; Harish Krishnaswamy ; Gil Zussman
【Abstract】: In order to support experimentation with full-duplex (FD) wireless, we integrated the FlexICoN Gen-2 wideband FD radio with the city-scale PAWR COSMOS testbed [1]. In particular, the implemented FD radio consists of an antenna, a customized Gen-2 RF self-interference (SI) canceller box, a USRP software-defined radio (SDR), and a compute node. The RF canceller box includes an RF SI canceller implemented using discrete components on a printed circuit board (PCB), which emulates its RFIC canceller counterpart. The Gen-2 RF SI canceller achieves 50dB RF SI cancellation across 20MHz bandwidth using the technique of frequency-domain equalization (FDE) [2]. In this abstract, we present the design and implementation of the remotely accessible Gen-2 wideband FD radio integrated with the COSMOS sandbox at Columbia University. We also present an example real-time wideband FD wireless link demonstration using the GNU Radio software.
【Keywords】: Radio frequency; Silicon carbide; Wireless communication; Wideband; Antenna measurements; Orbits
【Paper Link】 【Pages】:1-11
【Authors】: Gamal Sallam ; Zizhan Zheng ; Bo Ji
【Abstract】: Network function virtualization (NFV) is an emerging design paradigm that replaces physical middlebox devices with software modules running on general purpose commodity servers. While gradually transitioning to NFV, Internet service providers face the problem of where to introduce NFV in order to make the most benefit of that; here, we measure the benefit by the amount of traffic that can be serviced through the NFV. This problem is non-trivial as it is composed of two challenging subproblems: 1) placement of nodes to support virtual network functions (referred to as VNF-nodes); and 2) allocation of the VNF-nodes resources to network flows; the two subproblems need to be considered jointly to satisfy the objective of serving the maximum amount of traffic. This problem has been studied recently but for the one-dimensional setting, where all network flows require one network function, which requires a unit of resource to process a unit of flow. In this work, we extend to the multi-dimensional setting, where flows can require multiple network functions, which can also require a different amount of each resource to process a unit of flow. The multi-dimensional setting introduces new challenges in addition to those of the onedimensional setting (e.g., NP-hardness and non-submodularity) and also makes the resource allocation a multi-dimensional generalization of the generalized assignment problem with assignment restrictions. To address these difficulties, we propose a novel two-level relaxation method and utilize the primal-dual technique to design two approximation algorithms that achieve an approximation ratio of ((Z-1)(e-1))/(2e 2 Z(kR) 1 /(Z-1)) and ((e-1)(Z-1))/(2e(Z-1+eZR 1 /(Z-1)), where k (resp. R) is the number of VNF-nodes (resp. resources), and Z is a measure of the available resource compared to flow demand. Finally, we perform extensive trace-driven simulations to show the effectiveness of the proposed algorithms.
【Keywords】: Resource management; Approximation algorithms; Servers; Hardware; Middleboxes; Web and internet services
【Paper Link】 【Pages】:1-11
【Authors】: Xiaofeng Shi ; Minmei Wang ; Ge Wang ; Baiwen Huang ; Haofan Cai ; Junjie Xie ; Chen Qian
【Abstract】: We propose to study mobile object tracing, which allows a mobile system to report the shape, location, and trajectory of the mobile objects appearing in a video camera and identifies each of them with its cyber-identity (ID), even if the appearances of the objects are not known to the system. Existing tracking methods either cannot match objects with their cyber-IDs or rely on complex vision modules pre-learned from vast and well-annotated datasets including the appearances of the target objects, which may not exist in practice. We design and implement TagAttention, a vision-RFID fusion system that archives mobile object tracing without the knowledge of the target object appearances and hence can be used in many applications that need to track arbitrary un-registered objects. TagAttention adopts the visual attention mechanism, through which RF signals can direct the visual system to detect and track target objects with unknown appearances. Experiments show TagAttention can actively discover, identify, and track the target objects while matching them with their cyber-IDs by using commercial sensing devices, in complex environments with various multipath reflectors. It only requires around one second to detect and localize a new mobile target appearing in the video aWe thank the anonymous reviewers for their suggestions and comments.nd keeps tracking it accurately over time.
【Keywords】: Target tracking; Visualization; Cameras; Object recognition; Sensors; Trajectory; Computer vision
【Paper Link】 【Pages】:1-6
【Authors】: Yimeng Wang ; Yongbo Li ; Tian Lan ; Nakjung Choi
【Abstract】: We consider the problem of optimally mapping an edge computing service that is modeled as a tree with multiple processing sub-tasks and data flows onto the underlying physical network. As new computing and data analytics applications require more complicated data processing structures, and different types of data (e.g., images, videos, and numbers) sensed at geographically distributed locations must be collected and processed to obtain a complex and comprehensive result, highly intelligent algorithms are needed to solve this challenging problem. In this paper, we propose a learning-based hierarchical service tree placement strategy that aims to optimize the net utility, defined as achieved utility minus network congestion. The key idea is to decouple a service tree into appropriate sub-trees each containing a single computing sub-task as well as associated data flows and to recursively leverage Q-learning to place each sub-tree while maintaining the dependencies of sub-tasks in the service tree structure. It enables a scalable solution for large networks with unknown arrival statistics and complex service structures. Numerical results show that our solution can significantly outperform baseline heuristics in online service tree placement.
【Keywords】: computer networks; data analysis; distributed processing; learning (artificial intelligence); optimisation; telecommunication network topology; trees (mathematics)