Department of Computer Science Activity 1998-2004

This report summarizes much of the research and teaching activity of the Department of Computer Science at Dartmouth College between late 1998 and late 2004. The material for this report was collected as part of the final report for NSF Institutional Infrastructure award EIA-9802068, which funded equipment and technical staff during that six-year period. This equipment and staff supported essentially all of the department\u27s research activity during that period

AI Solutions for MDS: Artificial Intelligence Techniques for Misuse Detection and Localisation in Telecommunication Environments

This report considers the application of Articial Intelligence (AI) techniques to the problem of misuse detection and misuse localisation within telecommunications environments. A broad survey of techniques is provided, that covers inter alia rule based systems, model-based systems, case based reasoning, pattern matching, clustering and feature extraction, articial neural networks, genetic algorithms, arti cial immune systems, agent based systems, data mining and a variety of hybrid approaches. The report then considers the central issue of event correlation, that is at the heart of many misuse detection and localisation systems. The notion of being able to infer misuse by the correlation of individual temporally distributed events within a multiple data stream environment is explored, and a range of techniques, covering model based approaches, `programmed' AI and machine learning paradigms. It is found that, in general, correlation is best achieved via rule based approaches, but that these suffer from a number of drawbacks, such as the difculty of developing and maintaining an appropriate knowledge base, and the lack of ability to generalise from known misuses to new unseen misuses. Two distinct approaches are evident. One attempts to encode knowledge of known misuses, typically within rules, and use this to screen events. This approach cannot generally detect misuses for which it has not been programmed, i.e. it is prone to issuing false negatives. The other attempts to `learn' the features of event patterns that constitute normal behaviour, and, by observing patterns that do not match expected behaviour, detect when a misuse has occurred. This approach is prone to issuing false positives, i.e. inferring misuse from innocent patterns of behaviour that the system was not trained to recognise. Contemporary approaches are seen to favour hybridisation, often combining detection or localisation mechanisms for both abnormal and normal behaviour, the former to capture known cases of misuse, the latter to capture unknown cases. In some systems, these mechanisms even work together to update each other to increase detection rates and lower false positive rates. It is concluded that hybridisation offers the most promising future direction, but that a rule or state based component is likely to remain, being the most natural approach to the correlation of complex events. The challenge, then, is to mitigate the weaknesses of canonical programmed systems such that learning, generalisation and adaptation are more readily facilitated

Network Simulation Cradle

This thesis proposes the use of real world network stacks instead of protocol abstractions in a network simulator, bringing the actual code used in computer systems inside the simulator and allowing for greater simulation accuracy. Specifically, a framework called the Network Simulation Cradle is created that supports the kernel source code from FreeBSD, OpenBSD and Linux to make the network stacks from these systems available to the popular network simulator ns-2. Simulating with these real world network stacks reveals situations where the result differs significantly from ns-2's TCP models. The simulated network stacks are able to be directly compared to the same operating system running on an actual machine, making validation simple. When measuring the packet traces produced on a test network and in simulation the results are nearly identical, a level of accuracy previously unavailable using traditional TCP simulation models. The results of simulations run comparing ns-2 TCP models and our framework are presented in this dissertation along with validation studies of our framework showing how closely simulation resembles real world computers. Using real world stacks to simulate TCP is a complementary approach to using the existing TCP models and provides an extra level of validation. This way of simulating TCP and other protocols provides the network researcher or engineer new possibilities. One example is using the framework as a protocol development environment, which allows user-level development of protocols with a standard set of reproducible tests, the ability to test scenarios which are costly or impossible to build physically, and being able to trace and debug the protocol code without affecting results

Dynamic Metric OSPF-Based Routing Protocol for Software Defined Networks

[EN] Routing protocols are needed in networking to find the optimal path to reach the destination. However, networks are changing both their use finality and their technology. Paradigms like Software Defined Networks (SDNs) introduce the possibility and the necessity to improve the routing protocols. In this paper, a modification of the Open Shortest Path First (OSPF) routing protocol is proposed in order to allow the protocol to change the metric calculation dynamically according to the network requirements. Experiments, which compare our proposal against the OSPF protocol, are performed in five different scenarios. In these scenarios, the performance of the multimedia traffic has been increased 33% in terms of bandwidth utilization, 80% of loss rate reduction and delay reduction on VoIP communications.This work has been partially supported by the "Ministerio de Educacion, Cultura y Deporte", through the "Ayudas para contratos predoctorales de Formacion del Profesorado Universitario FPU (Convocatoria 2015)". Grant No. FPU15/06837, by the "Ministerio de Economia y Competitividad", through the "Convocatoria 2014. Proyectos I+D - Programa Estatal de Investigacion Cientifica y Tecnica de Excelencia" in the "Subprograma Estatal de Generacion de Conocimiento", project TIN2014-57991-C3-1-P, through the "Convocatoria 2016 - Proyectos I+D+I - Programa Estatal De Investigacion, Desarrollo e Innovacion Orientada a los retos de la sociedad" (Project TEC2016-76795-C6-4-R) and through the "Convocatoria 2017 - Proyectos I+D+I - Programa Estatal de Investigacion, Desarrollo e Innovacion, convocatoria excelencia" (Project TIN2017-84802-C2-1-P).Rego Mañez, A.; Sendra, S.; Jimenez, JM.; Lloret, J. (2019). Dynamic Metric OSPF-Based Routing Protocol for Software Defined Networks. Cluster Computing. 22(3):705-720. https://doi.org/10.1007/s10586-018-2875-7S705720223Coltun, R., Ferguson, D., Moy, J.: OSPF for IPv6, RFC 5340. https://doi.org/10.17487/rfc5340 , July 2008. https://rfc-editor.org/rfc/rfc5340.txtSoftware-Defined Networking (SDN) Definition. https://www.opennetworking.org/sdn-definition/ . Accessed 15 Dec 2017Jimenez, J.M., Romero, O., Rego, A., Dilendra, A., Lloret, J.: Study of multimedia delivery over software defined networks. Netw. Protoc. Algorithms 7(4), 37–62 (2015). https://doi.org/10.5296/npa.v7i4.8794Egea, S., Rego, A., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Intelligent IoT traffic classification using novel search strategy for fast based-correlation feature selection in industrial environments. IEEE Internet Things J. 5(3), 1616–1624 (2018). https://doi.org/10.1109/JIOT.2017.2787959Rego, A., Sendra, S., Jimenez, J.M., Lloret J.: OSPF routing protocol performance in software defined networks. In: Fourth International Conference on Software Defined Systems (SDS 2017), 8–11 May 2017, Valencia, Spain, https://doi.org/10.1109/SDS.2017.7939153Sendra, S., Fernández, P.A., Quilez, M.A., Lloret, J.: Study and performance of interior gateway IP routing protocols. Netw. Protoc. Algorithms 2(4), 88–117 (2010). https://doi.org/10.5296/npa.v2i4.547Rakheja, P., Kaour, P., Gupta, A., Sharma, A.: Performance analysis of RIP, OSPF, IGRP and EIGRP routing protocols in a network. Int. J. Comput. Appl. 48(18), 6–11 (2012). https://doi.org/10.5120/7446-0401Sendra, S., Rego, A., Lloret, J., Jimenez, J.M., Romero, O.: Including artificial intelligence in a routing protocol using software defined networks. In: IEEE International Conference on Communications Workshops (ICC Workshops 2017), 21–25 May 2017, Paris, France. https://doi.org/10.1109/ICCW.2017.7962735Barbancho, J., León, C., Molina, J., Barbancho, A., SIR: a new wireless sensor network routing protocol based on artificial intelligence. In: Advanced Web and Network Technologies, and Applications. APWeb 2006. Lecture Notes in Computer Science (LNCS), vol. 3842, pp. 271–275. https://doi.org/10.1007/11610496_35Barbancho, J., León, C., Molina, F.J., Barbancho, A.: Using artificial intelligence in wireless sensor routing protocols. In: Knowledge-Based Intelligent Information and Engineering Systems. (KES 2006). Lecture Notes in Computer Science, vol. 4251, pp. 475–482. Springer, New York. https://doi.org/10.1007/11892960_58Arabshahi, P., Gary, A., Kassabalidis, I., Das, A., Narayanan, S., Sharkawi, M.E., Marks, R.J.: Adaptive routing in wireless communication networks using swarm intelligence. In: AIAA 19th Annual Satellite Communications System Conference, Toulouse, France, April 17, 2001Gunes, M., Sorges, U., Bouazizi I.: ARA-the ant-colony based routing algorithm for MANETs. In: International Conference on Parallel Processing Workshops, Vancouver, BC, Canada, 21–21 Aug 2002. https://doi.org/10.1109/ICPPW.2002.1039715Ducatelle, F., Di Caro, G.A., Gambardella, L.M.: Principles and applications of swarm intelligence for adaptive routing in telecommunications networks. Swarm Intell. 4(3), 173–198 (2010). https://doi.org/10.1007/s11721-010-0040-xRajagopalan, S., Shen, C.: ANSI: a swarm intelligence-based unicast routing protocol for hybrid ad hoc networks. J. Syst. Archit. 52(8–9), 485–504 (2006). https://doi.org/10.1016/j.sysarc.2006.02.006RFC 3561 Ad hoc On-Demand Distance Vector (AODV) Routing, July 2003. https://www.rfc-editor.org/info/rfc3561 . Accessed 08 may 2018Zungeru, A.M., Ang, L., Seng, K.P.: Classical and swarm intelligence based routing protocols for wireless sensor networks: a survey and comparison. J. Netw. Comput. Appl. 35(5), 1508–1536 (2012). https://doi.org/10.1016/j.jnca.2012.03.004Karaboga, D., Okdem, S., Ozturk, C.: Cluster based wireless sensor network routing using artificial bee colony algorithm. Wirel. Netw. 18(7), 847–860 (2012). https://doi.org/10.1007/s11276-012-0438-zGinsberg, L., Litkowski, S., Previdi, S.: IS-IS route preference for extended IP and IPv6 reachability, RFC 7775. https://doi.org/10.17487/rfc7775 , February 2016. https://www.rfc-editor.org/rfc/rfc7775.txtRekhter, Y., Li, T., Hares, S.: A border gateway protocol 4 (BGP-4), RFC 4271. https://doi.org/10.17487/rfc4271 . Jan 2006. https://rfc-editor.org/rfc/rfc4271.txtCaria, M., Das, T., Jukan, A.: Divide and conquer: partitioning OSPF networks with SDN. In: IFIP/IEEE International Symposium on Integrated Network Management (IM 2015), 11–15 May, Ottawa (ON), Canada, 2015. https://doi.org/10.1109/INM.2015.7140324Rothenberg, C.E., Nascimento, M.R., Salvador, M.R., Corrêa, C.N.A., Cunha de Lucena, S., Raszuk, R.: Revisiting routing control platforms with the eyes and muscles of software-defined networking. In: HotSDN ‘12 Proceedings of the first workshop on Hot topics in software defined networks, August 13–17 (2012), Helsinki (Finland), pp. 13–18. https://doi.org/10.1145/2342441.2342445Zhu, M., Cao, J., Pang, D., He, Z., Xu, M.: SDN-based routing for efficient message propagation in VANET, In: Wireless Algorithms, Systems, and Applications (WASA 2015), Lecture Notes in Computer Science, vol. 9204, pp. 788–797. https://doi.org/10.1007/978-3-319-21837-3_77Ye, T., Hema, T.K., Kalyanaraman, S., Vastola, K.S, Yadav S.: Minimizing packet loss by optimizing OSPF weights using online simulation. Modeling, Analysis and Simulation of Computer Telecommunications Systems, 2003. MASCOTS 2003. In: 11th IEEE/ACM International Symposium on, Orlando, FL, USA, 27 Oct 2003. https://doi.org/10.1109/MASCOT.2003.1240645O’Halloran, C.: Dynamic adaptation of OSPF interface metrics based on network load. In: 26th Irish Signals and Systems Conference (ISSC), Ireland, Jun 2015. https://doi.org/10.1109/ISSC.2015.7163767Şimşek, M., Doğan, N., Akcayol, M.A.: A new packet scheduling algorithm for real-time multimedia streaming. Netw. Protoc. Algorithms 9(1–2), 28–47 (2017). https://doi.org/10.5296/npa.v9i1-2.12410Sanchez-Iborra, R., Cano, M.D., Garcia-Haro, J.: Revisiting VoIP QoE assessment methods: are they suitable for VoLTE? Netw. Protoc. Algorithms 8(2), 39–57 (2016). https://doi.org/10.5296/npa.v8i2.912

Modelling and Design of Resilient Networks under Challenges

Communication networks, in particular the Internet, face a variety of challenges that can disrupt our daily lives resulting in the loss of human lives and significant financial costs in the worst cases. We define challenges as external events that trigger faults that eventually result in service failures. Understanding these challenges accordingly is essential for improvement of the current networks and for designing Future Internet architectures. This dissertation presents a taxonomy of challenges that can help evaluate design choices for the current and Future Internet. Graph models to analyse critical infrastructures are examined and a multilevel graph model is developed to study interdependencies between different networks. Furthermore, graph-theoretic heuristic optimisation algorithms are developed. These heuristic algorithms add links to increase the resilience of networks in the least costly manner and they are computationally less expensive than an exhaustive search algorithm. The performance of networks under random failures, targeted attacks, and correlated area-based challenges are evaluated by the challenge simulation module that we developed. The GpENI Future Internet testbed is used to conduct experiments to evaluate the performance of the heuristic algorithms developed

Improving Large-Scale Network Traffic Simulation with Multi-Resolution Models

Simulating a large-scale network like the Internet is a challenging undertaking because of the sheer volume of its traffic. Packet-oriented representation provides high-fidelity details but is computationally expensive; fluid-oriented representation offers high simulation efficiency at the price of losing packet-level details. Multi-resolution modeling techniques exploit the advantages of both representations by integrating them in the same simulation framework. This dissertation presents solutions to the problems regarding the efficiency, accuracy, and scalability of the traffic simulation models in this framework. The ``ripple effect\u27\u27 is a well-known problem inherent in event-driven fluid-oriented traffic simulation, causing explosion of fluid rate changes. Integrating multi-resolution traffic representations requires estimating arrival rates of packet-oriented traffic, calculating the queueing delay upon a packet arrival, and computing packet loss rate under buffer overflow. Real time simulation of a large or ultra-large network demands efficient background traffic simulation. The dissertation includes a rate smoothing technique that provably mitigates the ``ripple effect\u27\u27, an accurate and efficient approach that integrates traffic models at multiple abstraction levels, a sequential algorithm that achieves real time simulation of the coarse-grained traffic in a network with 3 tier-1 ISP (Internet Service Provider) backbones using an ordinary PC, and a highly scalable parallel algorithm that simulates network traffic at coarse time scales

Design And Analysis Of Effective Routing And Channel Scheduling For Wavelength Division Multiplexing Optical Networks

Optical networking, employing wavelength division multiplexing (WDM), is seen as the technology of the future for the Internet. This dissertation investigates several important problems affecting optical circuit switching (OCS) and optical burst switching (OBS) networks. Novel algorithms and new approaches to improve the performance of these networks through effective routing and channel scheduling are presented. Extensive simulations and analytical modeling have both been used to evaluate the effectiveness of the proposed algorithms in achieving lower blocking probability, better fairness as well as faster switching. The simulation tests were performed over a variety of optical network topologies including the ring and mesh topologies, the U.S. Long-Haul topology, the Abilene high-speed optical network used in Internet 2, the Toronto Metropolitan topology and the European Optical topology. Optical routing protocols previously published in the literature have largely ignored the noise and timing jitter accumulation caused by cascading several wavelength conversions along the lightpath of the data burst. This dissertation has identified and evaluated a new constraint, called the wavelength conversion cascading constraint. According to this constraint, the deployment of wavelength converters in future optical networks will be constrained by a bound on the number of wavelength conversions that a signal can go through when it is switched all-optically from the source to the destination. Extensive simulation results have conclusively demonstrated that the presence of this constraint causes significant performance deterioration in existing routing and wavelength assignment (RWA) algorithms. Higher blocking probability and/or worse fairness have been observed for existing RWA algorithms when the cascading constraint is not ignored. To counteract the negative side effect of the cascading constraint, two constraint-aware routing algorithms are proposed for OCS networks: the desirable greedy algorithm and the weighted adaptive algorithm. The two algorithms perform source routing using link connectivity and the global state information of each wavelength. Extensive comparative simulation results have illustrated that by limiting the negative cascading impact to the minimum extent practicable, the proposed approaches can dramatically decrease the blocking probability for a variety of optical network topologies. The dissertation has developed a suite of three fairness-improving adaptive routing algorithms in OBS networks. The adaptive routing schemes consider the transient link congestion at the moment when bursts arrive and use this information to reduce the overall burst loss probability. The proposed schemes also resolve the intrinsic unfairness defect of existing popular signaling protocols. The extensive simulation results have shown that the proposed schemes generally outperform the popular shortest path routing algorithm and the improvement could be substantial. A two-dimensional Markov chain analytical model has also been developed and used to analyze the burst loss probabilities for symmetrical ring networks. The accuracy of the model has been validated by simulation. Effective proactive routing and preemptive channel scheduling have also been proposed to address the conversion cascading constraint in OBS environments. The proactive routing adapts the fairness-improving adaptive routing mentioned earlier to the environment of cascaded wavelength conversions. On the other hand, the preemptive channel scheduling approach uses a dynamic priority for each burst based on the constraint threshold and the current number of performed wavelength conversions. Empirical results have proved that when the cascading constraint is present, both approaches would not only decrease the burst loss rates greatly, but also improve the transmission fairness among bursts with different hop counts to a large extent

A Cross-Layer Modification to the DSR Routing Protocol in Wireless Mesh Networks

A cross-layer modification to the DSR routing protocol that finds high throughput paths in WMNs has been introduced in this work. The Access Efficiency Factor (AEF) has been introduced in this modification as a local congestion avoidance metric for the DSR routing mechanism as an alternative to the hop count (Hc) metric. In this modification, the selected path is identified by finding a path with the highest minimum AEF (max_min_AEF) value. The basis of this study is to compare the performance of the Hc and max_min_AEF as routing metrics for the DSR protocol in WMNs using the OPNET modeler. Performance comparisons between max_min_AEF, Metric Path (MP), and the well known ETT metrics are also carried out in this work. The results of this modification suggest that employing the max_min_AEF as a routing metric outperforms the Hc, ETT, and MP within the DSR protocol in WMNs in terms of throughput. This is because the max_min_AEF is based upon avoiding directing traffic through congested nodes where significant packet loss is likely to occur. This throughput improvement is associated with an increment in the delay time due to the long paths taken to avoid congested regions. To overcome this drawback, a further modification to the routing discovery mechanism has been made by imposing a hop count limit (HCL) on the discovered paths. Tuning the HCL allows the network manager to tradeoff throughput against delay. The choice of congestion avoidance metric exhibits another shortcoming owing to its dependency on the packet size. It penalises the smaller packets over large ones in terms of path lengths. This has been corrected for by introducing a ModAEF metric that explicitly considers the size of the packet. The ModAEF metric includes a tuning factor that allows the operator determine the level of the weighting that should be applied to the packet size to correct for this dependence