HORST -Home Router Sharing based on Trust

Abstract-Today's Internet services are increasingly accessed from mobile devices, thus being responsible for growing load in mobile networks. At the same time, more and more WiFi routers are deployed such that a dense coverage of WiFi is available. Results from different related works suggest that there is a high potential of reducing load on the mobile networks by offloading data to WiFi networks, thereby improving mobile users' quality of experience (QoE) with Internet services. Additionally, the storage of the router could be used for content caching and delivery close to the end user, which is more energy efficient compared to classical content servers, and saves costs for network operators by reducing traffic between autonomous systems. Going one step beyond, we foresee that merging these approaches and augmenting them with social information from online social networks (OSNs) will result both in even less costs for network operators and increased QoE of end users. Therefore, we propose home router sharing based on trust (HORST) -a socially-aware traffic management solution which targets three popular use cases: data offloading to WiFi, content caching/prefetching, and content delivery

Quality of experience and access network traffic management of HTTP adaptive video streaming

The thesis focuses on Quality of Experience (QoE) of HTTP adaptive video streaming (HAS) and traffic management in access networks to improve the QoE of HAS. First, the QoE impact of adaptation parameters and time on layer was investigated with subjective crowdsourcing studies. The results were used to compute a QoE-optimal adaptation strategy for given video and network conditions. This allows video service providers to develop and benchmark improved adaptation logics for HAS. Furthermore, the thesis investigated concepts to monitor video QoE on application and network layer, which can be used by network providers in the QoE-aware traffic management cycle. Moreover, an analytic and simulative performance evaluation of QoE-aware traffic management on a bottleneck link was conducted. Finally, the thesis investigated socially-aware traffic management for HAS via Wi-Fi offloading of mobile HAS flows. A model for the distribution of public Wi-Fi hotspots and a platform for socially-aware traffic management on private home routers was presented. A simulative performance evaluation investigated the impact of Wi-Fi offloading on the QoE and energy consumption of mobile HAS.Die Doktorarbeit beschäftigt sich mit Quality of Experience (QoE) – der subjektiv empfundenen Dienstgüte – von adaptivem HTTP Videostreaming (HAS) und mit Verkehrsmanagement, das in Zugangsnetzwerken eingesetzt werden kann, um die QoE des adaptiven Videostreamings zu verbessern. Zuerst wurde der Einfluss von Adaptionsparameters und der Zeit pro Qualitätsstufe auf die QoE von adaptivem Videostreaming mittels subjektiver Crowdsourcingstudien untersucht. Die Ergebnisse wurden benutzt, um die QoE-optimale Adaptionsstrategie für gegebene Videos und Netzwerkbedingungen zu berechnen. Dies ermöglicht Dienstanbietern von Videostreaming verbesserte Adaptionsstrategien für adaptives Videostreaming zu entwerfen und zu benchmarken. Weiterhin untersuchte die Arbeit Konzepte zum Überwachen von QoE von Videostreaming in der Applikation und im Netzwerk, die von Netzwerkbetreibern im Kreislauf des QoE-bewussten Verkehrsmanagements eingesetzt werden können. Außerdem wurde eine analytische und simulative Leistungsbewertung von QoE-bewusstem Verkehrsmanagement auf einer Engpassverbindung durchgeführt. Schließlich untersuchte diese Arbeit sozialbewusstes Verkehrsmanagement für adaptives Videostreaming mittels WLAN Offloading, also dem Auslagern von mobilen Videoflüssen über WLAN Netzwerke. Es wurde ein Modell für die Verteilung von öffentlichen WLAN Zugangspunkte und eine Plattform für sozialbewusstes Verkehrsmanagement auf privaten, häuslichen WLAN Routern vorgestellt. Abschließend untersuchte eine simulative Leistungsbewertung den Einfluss von WLAN Offloading auf die QoE und den Energieverbrauch von mobilem adaptivem Videostreaming

On service optimization in community network micro-clouds

Cotutela Universitat Politècnica de Catalunya i KTH Royal Institute of TechnologyInternet coverage in the world is still weak and local communities are required to come together and build their own network infrastructures. People collaborate for the common goal of accessing the Internet and cloud services by building Community networks (CNs). The use of Internet cloud services has grown over the last decade. Community network cloud infrastructures (i.e. micro-clouds) have been introduced to run services inside the network, without the need to consume them from the Internet. CN micro-clouds aims for not only an improved service performance, but also an entry point for an alternative to Internet cloud services in CNs. However, the adaptation of the services to be used in CN micro-clouds have their own challenges since the use of low-capacity devices and wireless connections without a central management is predominant in CNs. Further, large and irregular topology of the network, high software and hardware diversity and different service requirements in CNs, makes the CN micro-clouds a challenging environment to run local services, and to achieve service performance and quality similar to Internet cloud services. In this thesis, our main objective is the optimization of services (performance, quality) in CN micro-clouds, facilitating entrance to other services and motivating members to make use of CN micro-cloud services as an alternative to Internet services. We present an approach to handle services in CN micro-cloud environments in order to improve service performance and quality that can be approximated to Internet services, while also giving to the community motivation to use CN micro-cloud services. Furthermore, we break the problem into different levels (resource, service and middleware), propose a model that provides improvements for each level and contribute with information that helps to support the improvements (in terms of service performance and quality) in the other levels. At the resource level, we facilitate the use of community devices by utilizing virtualization techniques that isolate and manage CN micro-cloud services in order to have a multi-purpose environment that fosters services in the CN micro-cloud environment. At the service level, we build a monitoring tool tailored for CN micro-clouds that helps us to analyze service behavior and performance in CN micro-clouds. Subsequently, the information gathered enables adaptation of the services to the environment in order to improve their quality and performance under CN environments. At the middleware level, we build overlay networks as the main communication system according to the social information in order to improve paths and routes of the nodes, and improve transmission of data across the network by utilizing the relationships already established in the social network or community of practices that are related to the CNs. Therefore, service performance in CN micro-clouds can become more stable with respect to resource usage, performance and user perceived quality.Acceder a Internet sigue siendo un reto en muchas partes del mundo y las comunidades locales se ven en la necesidad de colaborar para construir sus propias infraestructuras de red. Los usuarios colaboran por el objetivo común de acceder a Internet y a los servicios en la nube construyendo redes comunitarias (RC). El uso de servicios de Internet en la nube ha crecido durante la última década. Las infraestructuras de nube en redes comunitarias (i.e., micronubes) han aparecido para albergar servicios dentro de las mismas redes, sin tener que acceder a Internet para usarlos. Las micronubes de las RC no solo tienen por objetivo ofrecer un mejor rendimiento, sino también ser la puerta de entrada en las RC hacia una alternativa a los servicios de Internet en la nube. Sin embargo, la adaptación de los servicios para ser usados en micronubes de RC conlleva sus retos ya que el uso de dispositivos de recursos limitados y de conexiones inalámbricas sin una gestión centralizada predominan en las RC. Más aún, la amplia e irregular topología de la red, la diversidad en el hardware y el software y los diferentes requisitos de los servicios en RC convierten en un desafío albergar servicios locales en micronubes de RC y obtener un rendimiento y una calidad del servicio comparables a los servicios de Internet en la nube. Esta tesis tiene por objetivo la optimización de servicios (rendimiento, calidad) en micronubes de RC, facilitando la entrada a otros servicios y motivando a sus miembros a usar los servicios en la micronube de RC como una alternativa a los servicios en Internet. Presentamos una aproximación para gestionar los servicios en entornos de micronube de RC para mejorar su rendimiento y calidad comparable a los servicios en Internet, a la vez que proporcionamos a la comunidad motivación para usar los servicios de micronube en RC. Además, dividimos el problema en distintos niveles (recursos, servicios y middleware), proponemos un modelo que proporciona mejoras para cada nivel y contribuye con información que apoya las mejoras (en términos de rendimiento y calidad de los servicios) en los otros niveles. En el nivel de los recursos, facilitamos el uso de dispositivos comunitarios al emplear técnicas de virtualización que aíslan y gestionan los servicios en micronubes de RC para obtener un entorno multipropósito que fomenta los servicios en el entorno de micronube de RC. En el nivel de servicio, construimos una herramienta de monitorización a la medida de las micronubes de RC que nos ayuda a analizar el comportamiento de los servicios y su rendimiento en micronubes de RC. Luego, la información recopilada permite adaptar los servicios al entorno para mejorar su calidad y rendimiento bajo las condiciones de una RC. En el nivel de middleware, construimos redes de overlay que actúan como el sistema de comunicación principal de acuerdo a información social para mejorar los caminos y las rutas de los nodos y mejoramos la transmisión de datos a lo largo de la red al utilizar las relaciones preestablecidas en la red social o la comunidad de prácticas que están relacionadas con las RC. De este modo, el rendimiento en las micronubes de RC puede devenir más estable respecto al uso de recursos, el rendimiento y la calidad percibidas por el usuario.Postprint (published version

Actas da 10ª Conferência sobre Redes de Computadores

Universidade do MinhoCCTCCentro AlgoritmiCisco SystemsIEEE Portugal Sectio

An Emergent Architecture for Scaling Decentralized Communication Systems (DCS)

With recent technological advancements now accelerating the mobile and wireless Internet solution space, a ubiquitous computing Internet is well within the research and industrial community's design reach - a decentralized system design, which is not solely driven by static physical models and sound engineering principals, but more dynamically, perhaps sub-optimally at initial deployment and socially-influenced in its evolution. To complement today's Internet system, this thesis proposes a Decentralized Communication System (DCS) architecture with the following characteristics: flat physical topologies with numerous compute oriented and communication intensive nodes in the network with many of these nodes operating in multiple functional roles; self-organizing virtual structures formed through alternative mobility scenarios and capable of serving ad hoc networking formations; emergent operations and control with limited dependency on centralized control and management administration. Today, decentralized systems are not commercially scalable or viable for broad adoption in the same way we have to come to rely on the Internet or telephony systems. The premise in this thesis is that DCS can reach high levels of resilience, usefulness, scale that the industry has come to experience with traditional centralized systems by exploiting the following properties: (i.) network density and topological diversity; (ii.) self-organization and emergent attributes; (iii.) cooperative and dynamic infrastructure; and (iv.) node role diversity. This thesis delivers key contributions towards advancing the current state of the art in decentralized systems. First, we present the vision and a conceptual framework for DCS. Second, the thesis demonstrates that such a framework and concept architecture is feasible by prototyping a DCS platform that exhibits the above properties or minimally, demonstrates that these properties are feasible through prototyped network services. Third, this work expands on an alternative approach to network clustering using hierarchical virtual clusters (HVC) to facilitate self-organizing network structures. With increasing network complexity, decentralized systems can generally lead to unreliable and irregular service quality, especially given unpredictable node mobility and traffic dynamics. The HVC framework is an architectural strategy to address organizational disorder associated with traditional decentralized systems. The proposed HVC architecture along with the associated promotional methodology organizes distributed control and management services by leveraging alternative organizational models (e.g., peer-to-peer (P2P), centralized or tiered) in hierarchical and virtual fashion. Through simulation and analytical modeling, we demonstrate HVC efficiencies in DCS structural scalability and resilience by comparing static and dynamic HVC node configurations against traditional physical configurations based on P2P, centralized or tiered structures. Next, an emergent management architecture for DCS exploiting HVC for self-organization, introduces emergence as an operational approach to scaling DCS services for state management and policy control. In this thesis, emergence scales in hierarchical fashion using virtual clustering to create multiple tiers of local and global separation for aggregation, distribution and network control. Emergence is an architectural objective, which HVC introduces into the proposed self-management design for scaling and stability purposes. Since HVC expands the clustering model hierarchically and virtually, a clusterhead (CH) node, positioned as a proxy for a specific cluster or grouped DCS nodes, can also operate in a micro-capacity as a peer member of an organized cluster in a higher tier. As the HVC promotional process continues through the hierarchy, each tier of the hierarchy exhibits emergent behavior. With HVC as the self-organizing structural framework, a multi-tiered, emergent architecture enables the decentralized management strategy to improve scaling objectives that traditionally challenge decentralized systems. The HVC organizational concept and the emergence properties align with and the view of the human brain's neocortex layering structure of sensory storage, prediction and intelligence. It is the position in this thesis, that for DCS to scale and maintain broad stability, network control and management must strive towards an emergent or natural approach. While today's models for network control and management have proven to lack scalability and responsiveness based on pure centralized models, it is unlikely that singular organizational models can withstand the operational complexities associated with DCS. In this work, we integrate emergence and learning-based methods in a cooperative computing manner towards realizing DCS self-management. However, unlike many existing work in these areas which break down with increased network complexity and dynamics, the proposed HVC framework is utilized to offset these issues through effective separation, aggregation and asynchronous processing of both distributed state and policy. Using modeling techniques, we demonstrate that such architecture is feasible and can improve the operational robustness of DCS. The modeling emphasis focuses on demonstrating the operational advantages of an HVC-based organizational strategy for emergent management services (i.e., reachability, availability or performance). By integrating the two approaches, the DCS architecture forms a scalable system to address the challenges associated with traditional decentralized systems. The hypothesis is that the emergent management system architecture will improve the operational scaling properties of DCS-based applications and services. Additionally, we demonstrate structural flexibility of HVC as an underlying service infrastructure to build and deploy DCS applications and layered services. The modeling results demonstrate that an HVC-based emergent management and control system operationally outperforms traditional structural organizational models. In summary, this thesis brings together the above contributions towards delivering a scalable, decentralized system for Internet mobile computing and communications

Understanding and mitigating the impact of Internet demand in everyday life

Digital devices and online services are increasingly embedded within our everyday lives. The growth in usage of these technologies has implications for environmental sustainability due to the energy demand from the underlying Internet infrastructure (e.g. communication networks, data centres). Energy efficiencies in the infrastructure are important, but they are made inconsequential by the sheer growth in the demand for data. We need to transition users’ Internet-connected practices and adapt HumanComputer Interaction (HCI) design in less demanding and more sustainable directions. Yet it’s not clear what the most data demanding devices and online activities are in users’ lives, and how this demand can be intervened with most effectively through HCI design. In this thesis, the issue of Internet demand is explored—uncovering how it is embedded into digital devices, online services and users’ everyday practices. Specifically, I conduct a series of experiments to understand Internet demand on mobile devices and in the home, involving: a large-scale quantitative analysis of 398 mobile devices; and a mixed-methods study involving month-long home router logging and interviews with 20 participants (nine households). Through these studies, I provide an in-depth understanding of how digital activities in users’ lives augment Internet demand (particularly through the practice of watching), and outline the roles for the HCI community and broader stakeholders (policy makers, businesses) in curtailing this demand. I then juxtapose these formative studies with design workshops involving 13 participants; these discover how we can reduce Internet demand in ways that users may accept or even want. From this, I provide specific design recommendations for the HCI community aiming to alleviate the issue of Internet growth for concerns of sustainability, as well as holistically mitigate the negative impacts that digital devices and online services can create in users’ lives

From cellular networks to mobile cloud computing: security and efficiency of smartphone systems.

In my first year of my Computer Science degree, if somebody had told me that the few years ahead of me could have been the last ones of the so-called PC-era, I would have hardly believed him. Sure, I could imagine computers becoming smaller, faster and cheaper, but I could have never imagined that in such a short time the focus of the market would have so dramatically shifted from PCs to personal devices. Today, smartphones and tablets have become our inseparable companions, changing for the better numerous aspects of our daily life. The way we plan our days, we communicate with people, we listen to music, we search for information, we take pictures, we spend our free time and the way we note our ideas has been totally revolutionized thanks to them. At the same time, thanks also to the rapid growth of the Cloud Computing based services, most of our data and of the Internet services that we use every day are just a login-distance away from any device connected to the Internet that we can find around us. We can edit our documents, look our and our friends’ pictures and videos, share our thoughts, access our bank account, pay our taxes using a familiar interface independently from where we are. What is the most fascinating thing is that all these new possibilities are not anymore at the hand of technically-savvy geeks only, but they are available to newer and older generations alike thanks to the efforts that recently have been put into building user interfaces that feel more natural and intuitive even to totally unexperienced users. Despite of that, we are still far from an ideal world. Service providers, software engineers, hardware manufacturers and security experts are having a hard time in trying to satisfy the always growing expectations of a number of users that is steadily increasing every day. People are always longing for faster mobile connectivity at lower prices, for longer lasting batteries and for more powerful devices. On top of that, users are more and more exposed to new security threats, either because they tend to ignore even the most basic security-practices, or because virus writers have found new ways to exploit the now world-sized market of mobile devices. For instance, more people accessing the Internet from their mobile devices forces the existing network infrastructure to be continuously updated in order to cope with the constantly increase in data consumption. As a consequence, AT&T’s subscribers in the United States were getting extremely slow or no service at all because of the mobile network straining to meet iPhone users’ demand [5]. The company switched from unlimited traffic plans to tiered pricing for mobile data users in summer 2010. Similarly, Dutch T-Mobile’s infrastructure has not been able to cope with intense data traffic, thus forcing the company to issue refunds for affected users [6]. Another important aspect is that of mobile security. Around a billion of people today have their personal information on Facebook and half of them access Facebook from their mobile phone [7]; the size of the online-banking in America has almost doubled since 2004, with 16% of the American mobile users conducting financial-related activities from their mobile device [8]; on 2010, customers spent one billion of dollars buying products on Amazon via mobile devices [9]. These numbers give an idea of the amount of people that today could find themselves in trouble by not giving enough care into protecting their mobile device from unauthorized access. A distracted user who loses his phone, or just forgets it in a public place, even if for a short time only, could allow someone else to get unrestrained access to his online identity. By copying the contents of the phone, including passwords and access keys, an attacker could steal money from the user’s bank account, read the user’s emails, steal the user’s personal files stored on the cloud, use the user’s personal information to conduct scams, frauds, and other crimes using his name and so on. But identity theft is not the only security problem affecting mobile users. Between 2011 and 2012, the number of unique viruses and malwares targeting mobile devices has increased more than six times, according to a recent report [10]. Typically, these try to get installed in the target device by convincing the user to download an infected app, or by making them follow a link to a malicious web site. The problems just exposed are major issues affecting user’s experience nowadays. We believe that finding effective, yet simple and widely adoptable solutions may require a new point of view, a shift in the way these problems are tackled. For these reasons, we evaluated the possibility of using a hybrid approach, that is, one where different technologies are brought together to create new, previously unexplored solutions. We started by considering the issues affecting the mobile network infrastructure. While it is true that the usage of mobile connectivity has significantly increased over the past few years, it is also true that socially close users tend to be interested in the same content, like, the same Youtube videos, the same application updates, the same news and so on. By knowing that, operators, instead of spending billions [11] to update their mobile network, could try an orthogonal approach and leverage an ad-hoc wireless network between the mobile devices, referred to in literature as Pocket Switched Networks [12]. Indeed, most of the smartphones on the market today are equipped with short-ranged radio interfaces (i.e., Bluetooth, WiFi) that allow them to exchange data whenever they are close enough to each other. Popular data could be then stored and transferred directly between devices in the same social context in an ad-hoc fashion instead of being downloaded multiple times from the mobile network. We therefore studied the possibility of channeling traffic to a few, socially important users in the network called VIP delegates, that can help distributing contents to the rest of the network. We evaluated VIP selection strategies that are based on the properties of the social network between mobile devices users. In Chapter 2, through extensive evaluations with real and synthetic traces, we show the effectiveness of VIP delegation both in terms of coverage and required number of VIPs – down to 7% in average of VIPs are needed in campus-like scenarios to offload about 90% of the traffic. These results have also been presented in [1]. Next we moved to the security issues. On of the highest threats to the security of mobile users is that of an identity theft performed using the data stored on the device. The problem highlighted by this kind of attacks is that the most commonly used authentication mechanisms completely fail to distinguish the honest user from somebody who just happens to know the user’s login credentials or private keys. To be resistant to identity theft attacks, an authentication mechanism should, instead, be built to leverage some intrinsic and difficult to replicate characteristic of each user. We proposed the Personal Marks and Community Certificates systems with this aim in mind. They constitute an authentication mechanism that uses the social context sensed by the smartphone by means of Bluetooth or WiFi radios as a biometric way to identify the owner of a device. Personal Marks is a simple cryptographic protocol that works well when the attacker tries to use the stolen credentials in the social community of the victim. Community Certificates works well when the adversary has the goal of using the stolen credentials when interacting with entities that are far from the social network of the victim. When combined, these mechanisms provide an excellent protection against identity theft attacks. In Chapter 3 we prove our ideas and solutions with extensive simulations in both simulated and real world scenarios—with mobility traces collected in a real life experiment. This study appeared in [2]. Another way of accessing the private data of a user, other than getting physical access to his device, could be by means of a malware. An emerging trend in the way people are fooled into installing malware-infected apps is that of exploiting existing trust relationships between socially close users, like those between Facebook friends. In this way, the malware can rapidly expand through social links from a small set of infected devices towards the rest of the network. In our quest for hybrid solutions to the problem of malware spreading in social networks of mobile users we developed a novel approach based on the Mobile Cloud Computing paradigm. In this new paradigm, a mobile device can alleviate the burden of computationally intensive tasks by offloading them to a software clone running on the cloud. Also, the clones associated to devices of users in the same community are connected in a social peer-to-peer network, thus allowing lightweight content sharing between friends. CloudShield is a suite of protocols that provides an efficient way stop the malware spread by sending a small set of patches from the clones to the infected devices. Our experiments on different datasets show that CloudShield is able to better and more efficiently contain malware spreading in mobile wireless networks than the state-of-the-art solutions presented in literature. These findings (which are not included in this dissertation) appeared in [3] and are the result of a joint work with P.h.D student S. Kosta from Sapienza University. My main contribution to this work was in the simulation of both the malware spreading and of the patching protocol schemes on the different social networks datasets. The Mobile Cloud Computing paradigm seems to be an excellent resource for mobile systems. It alleviates battery consumption on smartphones, it helps backing up user’s data on-the-fly and, as CloudShield proves, it can also be used to find new, effective, solutions to existing problems. However, the communication between the mobile devices and their clones needed by such paradigm certainly does not come for free. It costs both in terms of bandwidth (the traffic overhead to communicate with the cloud) and in terms of energy (computation and use of network interfaces on the device). Being aware of the issues that heavy computation or communication can cause to both the battery life of the devices [13], and to the mobile infrastructure, we decided to study the actual feasibility of both mobile computation offloading and mobile software/data backups in real-life scenarios. In our study we considered two types of clones: The off-clone, whose purpose is to support computation offloading, and the back-clone, which comes to use when a restore of user’s data and apps is needed. In Chapter 5 we give a precise evaluation of the feasibility and costs of both off-clones and back-clones in terms of bandwidth and energy consumption on the real device. We achieved this by means measurements done on a real testbed of 11 Android smartphones and on their relative clones running on the Amazon EC2 public cloud. The smartphones have been used as the primary mobile by the participants for the whole experiment duration. This study has been presented in [4] and is the result of a collaboration with P.h.D. Student S. Kosta from Sapienza University. S. Kosta mainly contributed to the experimental setup, deployment of the testbed and data collection