3,465 research outputs found
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
A unified approach to the performance analysis of caching systems
We propose a unified methodology to analyse the performance of caches (both
isolated and interconnected), by extending and generalizing a decoupling
technique originally known as Che's approximation, which provides very accurate
results at low computational cost. We consider several caching policies, taking
into account the effects of temporal locality. In the case of interconnected
caches, our approach allows us to do better than the Poisson approximation
commonly adopted in prior work. Our results, validated against simulations and
trace-driven experiments, provide interesting insights into the performance of
caching systems.Comment: in ACM TOMPECS 20016. Preliminary version published at IEEE Infocom
201
cISP: A Speed-of-Light Internet Service Provider
Low latency is a requirement for a variety of interactive network
applications. The Internet, however, is not optimized for latency. We thus
explore the design of cost-effective wide-area networks that move data over
paths very close to great-circle paths, at speeds very close to the speed of
light in vacuum. Our cISP design augments the Internet's fiber with free-space
wireless connectivity. cISP addresses the fundamental challenge of
simultaneously providing low latency and scalable bandwidth, while accounting
for numerous practical factors ranging from transmission tower availability to
packet queuing. We show that instantiations of cISP across the contiguous
United States and Europe would achieve mean latencies within 5% of that
achievable using great-circle paths at the speed of light, over medium and long
distances. Further, we estimate that the economic value from such networks
would substantially exceed their expense
Synchronization in complex networks
Synchronization processes in populations of locally interacting elements are
in the focus of intense research in physical, biological, chemical,
technological and social systems. The many efforts devoted to understand
synchronization phenomena in natural systems take now advantage of the recent
theory of complex networks. In this review, we report the advances in the
comprehension of synchronization phenomena when oscillating elements are
constrained to interact in a complex network topology. We also overview the new
emergent features coming out from the interplay between the structure and the
function of the underlying pattern of connections. Extensive numerical work as
well as analytical approaches to the problem are presented. Finally, we review
several applications of synchronization in complex networks to different
disciplines: biological systems and neuroscience, engineering and computer
science, and economy and social sciences.Comment: Final version published in Physics Reports. More information
available at http://synchronets.googlepages.com
Graph-theoretic Approach To Modeling Propagation And Control Of Network Worms
In today\u27s network-dependent society, cyber attacks with network worms have become the predominant threat to confidentiality, integrity, and availability of network computing resources. Despite ongoing research efforts, there is still no comprehensive network-security solution aimed at controling large-scale worm propagation. The aim of this work is fivefold: (1) Developing an accurate combinatorial model of worm propagation that can facilitate the analysis of worm control strategies, (2) Building an accurate epidemiological model for the propagation of a worm employing local strategies, (3) Devising distributed architecture and algorithms for detection of worm scanning activities, (4) Designing effective control strategies against the worm, and (5) Simulation of the developed models and strategies on large, scale-free graphs representing real-world communication networks. The proposed pair-approximation model uses the information about the network structure--order, size, degree distribution, and transitivity. The empirical study of propagation on large scale-free graphs is in agreement with the theoretical analysis of the proposed pair-approximation model. We, then, describe a natural generalization of the classical cops-and-robbers game--a combinatorial model of worm propagation and control. With the help of this game on graphs, we show that the problem of containing the worm is NP-hard. Six novel near-optimal control strategies are devised: combination of static and dynamic immunization, reactive dynamic and invariant dynamic immunization, soft quarantining, predictive traffic-blocking, and contact-tracing. The analysis of the predictive dynamic traffic-blocking, employing only local information, shows that the worm can be contained so that 40\% of the network nodes are not affected. Finally, we develop the Detection via Distributed Blackholes architecture and algorithm which reflect the propagation strategy used by the worm and the salient properties of the network. Our distributed detection algorithm can detect the worm scanning activity when only 1.5% of the network has been affected by the propagation. The proposed models and algorithms are analyzed with an individual-based simulation of worm propagation on realistic scale-free topologies
Intracellular transport driven by cytoskeletal motors: General mechanisms and defects
Cells are strongly out-of-equilibrium systems driven by continuous energy
supply. They carry out many vital functions requiring active transport of
various ingredients and organelles, some being small, others being large. The
cytoskeleton, composed of three types of filaments, determines the shape of the
cell and plays a role in cell motion. It also serves as a road network for the
so-called cytoskeletal motors. These molecules can attach to a cytoskeletal
filament, perform directed motion, possibly carrying along some cargo, and then
detach. It is a central issue to understand how intracellular transport driven
by molecular motors is regulated, in particular because its breakdown is one of
the signatures of some neuronal diseases like the Alzheimer.
We give a survey of the current knowledge on microtubule based intracellular
transport. We first review some biological facts obtained from experiments, and
present some modeling attempts based on cellular automata. We start with
background knowledge on the original and variants of the TASEP (Totally
Asymmetric Simple Exclusion Process), before turning to more application
oriented models. After addressing microtubule based transport in general, with
a focus on in vitro experiments, and on cooperative effects in the
transportation of large cargos by multiple motors, we concentrate on axonal
transport, because of its relevance for neuronal diseases. It is a challenge to
understand how this transport is organized, given that it takes place in a
confined environment and that several types of motors moving in opposite
directions are involved. We review several features that could contribute to
the efficiency of this transport, including the role of motor-motor
interactions and of the dynamics of the underlying microtubule network.
Finally, we discuss some still open questions.Comment: 74 pages, 43 figure
Provider-Controlled Bandwidth Management for HTTP-based Video Delivery
Over the past few years, a revolution in video delivery technology has taken place as mobile viewers and over-the-top (OTT) distribution paradigms have significantly changed the landscape of video delivery services. For decades, high quality video was only available in the home via linear television or physical media. Though Web-based services brought video to desktop and laptop computers, the dominance of proprietary delivery protocols and codecs inhibited research efforts. The recent emergence of HTTP adaptive streaming protocols has prompted a re-evaluation of legacy video delivery paradigms and introduced new questions as to the scalability and manageability of OTT video delivery.
This dissertation addresses the question of how to enable for content and network service providers the ability to monitor and manage large numbers of HTTP adaptive streaming clients in an OTT environment. Our early work focused on demonstrating the viability of server-side pacing schemes to produce an HTTP-based streaming server. We also investigated the ability of client-side pacing schemes to work with both commodity HTTP servers and our HTTP streaming server. Continuing our client-side pacing research, we developed our own client-side data proxy architecture which was implemented on a variety of mobile devices and operating systems. We used the portable client architecture as a platform for investigating different rate adaptation schemes and algorithms. We then concentrated on evaluating the network impact of multiple adaptive bitrate clients competing for limited network resources, and developing schemes for enforcing fair access to network resources.
The main contribution of this dissertation is the definition of segment-level client and network techniques for enforcing class of service (CoS) differentiation between OTT HTTP adaptive streaming clients. We developed a segment-level network proxy architecture which works transparently with adaptive bitrate clients through the use of segment replacement. We also defined a segment-level rate adaptation algorithm which uses download aborts to enforce CoS differentiation across distributed independent clients. The segment-level abstraction more accurately models application-network interactions and highlights the difference between segment-level and packet-level time scales. Our segment-level CoS enforcement techniques provide a foundation for creating scalable managed OTT video delivery services
- …