612 research outputs found
TRIDEnT: Building Decentralized Incentives for Collaborative Security
Sophisticated mass attacks, especially when exploiting zero-day
vulnerabilities, have the potential to cause destructive damage to
organizations and critical infrastructure. To timely detect and contain such
attacks, collaboration among the defenders is critical. By correlating
real-time detection information (alerts) from multiple sources (collaborative
intrusion detection), defenders can detect attacks and take the appropriate
defensive measures in time. However, although the technical tools to facilitate
collaboration exist, real-world adoption of such collaborative security
mechanisms is still underwhelming. This is largely due to a lack of trust and
participation incentives for companies and organizations. This paper proposes
TRIDEnT, a novel collaborative platform that aims to enable and incentivize
parties to exchange network alert data, thus increasing their overall detection
capabilities. TRIDEnT allows parties that may be in a competitive relationship,
to selectively advertise, sell and acquire security alerts in the form of
(near) real-time peer-to-peer streams. To validate the basic principles behind
TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is
of independent interest, and show that collaboration is bound to take place
infinitely often. Furthermore, to demonstrate the feasibility of our approach,
we instantiate our design in a decentralized manner using Ethereum smart
contracts and provide a fully functional prototype.Comment: 28 page
Mesmerizer: A Effective Tool for a Complete Peer-to-Peer Software Development Life-cycle
In this paper we present what are, in our experience, the best
practices in Peer-To-Peer(P2P) application development and
how we combined them in a middleware platform called Mesmerizer. We explain how simulation is an integral part of
the development process and not just an assessment tool.
We then present our component-based event-driven framework for P2P application development, which can be used
to execute multiple instances of the same application in a
strictly controlled manner over an emulated network layer
for simulation/testing, or a single application in a concurrent
environment for deployment purpose. We highlight modeling aspects that are of critical importance for designing and
testing P2P applications, e.g. the emulation of Network Address Translation and bandwidth dynamics. We show how
our simulator scales when emulating low-level bandwidth
characteristics of thousands of concurrent peers while preserving a good degree of accuracy compared to a packet-level
simulator
Peer-to-Peer Networks and Computation: Current Trends and Future Perspectives
This research papers examines the state-of-the-art in the area of P2P networks/computation. It attempts to identify the challenges that confront the community of P2P researchers and developers, which need to be addressed before the potential of P2P-based systems, can be effectively realized beyond content distribution and file-sharing applications to build real-world, intelligent and commercial software systems. Future perspectives and some thoughts on the evolution of P2P-based systems are also provided
Development of advanced multimedia services in P2P architectures
La transmissió de fluxos multimèdia en temps real (streaming) s’ha convertit en
un tema punter i de gran interès al món de la recerca d’Internet, especialment
quan ens referim a aplicacions de transmissió d’à udio i vÃdeo en directe a
través de xarxes peer-to-peer (P2P). Generalment, aquestes aplicacions han
de fer front a molts problemes en el seu disseny i implementació deguts a la
dinamicitat i heterogeneïtat que per natura caracteritzen les xarxes P2P. En
aquest projecte, s’introdueixen noves caracterÃstiques que les aplicacions de
transmissió multimèdia P2P actuals no contemplen.
Els requisits de connexió i maquinari són diferents per a la transmissió de
fluxos de baixa i alta capacitat, no obstant, tots els nodes s’acostumen a
considerar idèntics, cosa que no representa una aproximació gaire encertada
tenint en compte un medi tan heterogeni. A més a més, amb la finalitat
d’aconseguir distinció entre nodes, es fa necessari la introducció d’un
mecanisme que permeti l’intercanvi de les capacitats especÃfiques de cada
node, incloent-hi les de transcodificació de fluxos. Un altre aspecte a destacar
és el fet que aquestes aplicacions són difÃcils d’ampliar, incorporar nous
serveis o modificar les dades que porten precarregades com ara la llista de
canals de televisió disponibles, cosa que impossibilita garantir la disponibilitat
de la font tot el temps. Per altra banda, els serveis interactius tampoc s’han
desenvolupat gaire.
Aquest projecte proposa el disseny i implementació d’una plataforma de difusió
multimèdia P2P cooperativa i interactiva que permet superar els problemes
esmentats. La plataforma integra diferents mecanismes que permeten la
distribució en temps real de continguts multimèdia en diferents qualitats
incloent fluxos d’alta capacitat (com per exemple HD). Aquesta plataforma és
una solució novedosa basada en JXTA, DONET i ALM (Arbres Multicast a
nivell d’Aplicació) que proporciona un sistema ampliable segons noves
necessitats i facilita la inserció de nous serveis de valor afegit. La plataforma
proposada es fonamenta en la creació d’una arquitectura de 2 capes lògiques
superposades: una capa lògica JXTA, encarregada bà sicament de la
senyalització i intercanvi de metadades, i una capa de transmissió basada en
sockets UDP unicast. D’aquesta manera, la diferència entre la capa de
transmissió i la capa fÃsica es pot veure reduïda a partir de la informació
obtinguda de la capa JXTA, la qual es va actualitzant al llarg del temps
The Road Ahead for Networking: A Survey on ICN-IP Coexistence Solutions
In recent years, the current Internet has experienced an unexpected paradigm
shift in the usage model, which has pushed researchers towards the design of
the Information-Centric Networking (ICN) paradigm as a possible replacement of
the existing architecture. Even though both Academia and Industry have
investigated the feasibility and effectiveness of ICN, achieving the complete
replacement of the Internet Protocol (IP) is a challenging task.
Some research groups have already addressed the coexistence by designing
their own architectures, but none of those is the final solution to move
towards the future Internet considering the unaltered state of the networking.
To design such architecture, the research community needs now a comprehensive
overview of the existing solutions that have so far addressed the coexistence.
The purpose of this paper is to reach this goal by providing the first
comprehensive survey and classification of the coexistence architectures
according to their features (i.e., deployment approach, deployment scenarios,
addressed coexistence requirements and architecture or technology used) and
evaluation parameters (i.e., challenges emerging during the deployment and the
runtime behaviour of an architecture). We believe that this paper will finally
fill the gap required for moving towards the design of the final coexistence
architecture.Comment: 23 pages, 16 figures, 3 table
Enabling Large-Scale Peer-to-Peer Stored Video Streaming Service with QoS Support
This research aims to enable a large-scale, high-volume, peer-to-peer, stored-video streaming service over the Internet, such as on-line DVD rentals. P2P allows a group of dynamically organized users to cooperatively support content discovery and distribution services without needing to employ a central server. P2P has the potential to overcome the scalability issue associated with client-server based video distribution networks; however, it brings a new set of challenges. This research addresses the following five technical challenges associated with the distribution of streaming video over the P2P network: 1) allow users with limited transmit bandwidth capacity to become contributing sources, 2) support the advertisement and discovery of time-changing and time-bounded video frame availability, 3) Minimize the impact of distribution source losses during video playback, 4) incorporate user mobility information in the selection of distribution sources, and 5) design a streaming network architecture that enables above functionalities.To meet the above requirements, we propose a video distribution network model based on a hybrid architecture between client-server and P2P. In this model, a video is divided into a sequence of small segments and each user executes a scheduling algorithm to determine the order, the timing, and the rate of segment retrievals from other users. The model also employs an advertisement and discovery scheme which incorporates parameters of the scheduling algorithm to allow users to share their life-time of video segment availability information in one advertisement and one query. An accompanying QoS scheme allows reduction in the number of video playback interruptions while one or more distribution sources depart from the service prematurely.The simulation study shows that the proposed model and associated schemes greatly alleviate the bandwidth requirement of the video distribution server, especially when the number of participating users grows large. As much as 90% of load reduction was observed in some experiments when compared to a traditional client-server based video distribution service. A significant reduction is also observed in the number of video presentation interruptions when the proposed QoS scheme is incorporated in the distribution process while certain percentages of distribution sources depart from the service unexpectedly
Use of locator/identifier separation to improve the future internet routing system
The Internet evolved from its early days of being a small research network to become a critical infrastructure many organizations and individuals rely on. One dimension of this evolution is the continuous growth of the number of participants in the network, far beyond what the initial designers had in mind. While it does work today, it is widely believed that the current design of the global routing system cannot scale to accommodate future challenges.
In 2006 an Internet Architecture Board (IAB) workshop was held to develop a shared understanding of the Internet routing system scalability issues faced by the large backbone operators. The participants documented in RFC 4984 their belief that "routing scalability is the most important problem facing the Internet today and must be solved."
A potential solution to the routing scalability problem is ending the semantic overloading of Internet addresses, by separating node location from identity. Several proposals exist to apply this idea to current Internet addressing, among which the Locator/Identifier Separation Protocol (LISP) is the only one already being shipped in production routers. Separating locators from identifiers results in another level of indirection, and introduces a new problem: how to determine location, when the identity is known.
The first part of our work analyzes existing proposals for systems that map identifiers to locators and proposes an alternative system, within the LISP ecosystem. We created a large-scale Internet topology simulator and used it to compare the performance of three mapping systems: LISP-DHT, LISP+ALT and the proposed LISP-TREE. We analyzed and contrasted their architectural properties as well.
The monitoring projects that supplied Internet routing table growth data over a large timespan inspired us to create LISPmon, a monitoring platform aimed at collecting, storing and presenting data gathered from the LISP pilot network, early in the deployment of the LISP protocol. The project web site and collected data is publicly available and will assist researchers in studying the evolution of the LISP mapping system.
We also document how the newly introduced LISP network elements fit into the current Internet, advantages and disadvantages of different deployment options, and how the proposed transition mechanism scenarios could affect the evolution of the global routing system. This work is currently available as an active Internet Engineering Task Force (IETF) Internet Draft.
The second part looks at the problem of efficient one-to-many communications, assuming a routing system that implements the above mentioned locator/identifier split paradigm. We propose a network layer protocol for efficient live streaming. It is incrementally deployable, with changes required only in the same border routers that should be upgraded to support locator/identifier separation. Our proof-of-concept Linux kernel implementation shows the feasibility of the protocol, and our comparison to popular peer-to-peer live streaming systems indicates important savings in inter-domain traffic.
We believe LISP has considerable potential of getting adopted, and an important aspect of this work is how it might contribute towards a better mapping system design, by showing the weaknesses of current favorites and proposing alternatives. The presented results are an important step forward in addressing the routing scalability problem described in RFC 4984, and improving the delivery of live streaming video over the Internet
Mathematical analysis of scheduling policies in peer-to-peer video streaming networks
Las redes de pares son comunidades virtuales autogestionadas, desarrolladas en la capa de aplicación sobre la infraestructura de Internet, donde los usuarios (denominados pares) comparten recursos (ancho de banda, memoria, procesamiento) para alcanzar un fin común. La distribución de video representa la aplicación más desafiante, dadas las limitaciones de ancho de banda. Existen básicamente tres servicios de video. El más simple es la descarga, donde un conjunto de servidores posee el contenido original, y los usuarios deben descargar completamente este contenido previo a su reproducción. Un segundo servicio se denomina video bajo demanda, donde los pares se unen a una red virtual siempre que inicien una solicitud de un contenido de video, e inician una descarga progresiva en lÃnea. El último servicio es video en vivo, donde el contenido de video es generado, distribuido y visualizado simultáneamente. En esta tesis se estudian aspectos de diseño para la distribución de video en vivo y bajo demanda. Se presenta un análisis matemático de estabilidad y capacidad de arquitecturas de distribución bajo demanda hÃbridas, asistidas por pares. Los pares inician descargas concurrentes de múltiples contenidos, y se desconectan cuando lo desean. Se predice la evolución esperada del sistema asumiendo proceso Poisson de arribos y egresos exponenciales, mediante un modelo determinÃstico de fluidos. Un sub-modelo de descargas secuenciales (no simultáneas) es globalmente y estructuralmente estable, independientemente de los parámetros de la red. Mediante la Ley de Little se determina el tiempo medio de residencia de usuarios en un sistema bajo demanda secuencial estacionario. Se demuestra teóricamente que la filosofÃa hÃbrida de cooperación entre pares siempre desempeña mejor que la tecnologÃa pura basada en cliente-servidor
- …