Content Distribution in P2P Systems

The report provides a literature review of the state-of-the-art for content distribution. The report's contributions are of threefold. First, it gives more insight into traditional Content Distribution Networks (CDN), their requirements and open issues. Second, it discusses Peer-to-Peer (P2P) systems as a cheap and scalable alternative for CDN and extracts their design challenges. Finally, it evaluates the existing P2P systems dedicated for content distribution according to the identied requirements and challenges

Replication for Web Hosting Systems

Replication is a well-known technique to improve the accessibility of Web sites. It generally offers reduced client latencies and increases a site’s availability. However, applying replication techniques is not trivial, and various Content Delivery Networks (CDNs) have been created to facilitate replication for digital content providers. Th

KISS: Stochastic Packet Inspection Classifier for UDP Traffic

This paper proposes KISS, a novel Internet classifica- tion engine. Motivated by the expected raise of UDP traffic, which stems from the momentum of Peer-to-Peer (P2P) streaming appli- cations, we propose a novel classification framework that leverages on statistical characterization of payload. Statistical signatures are derived by the means of a Chi-Square-like test, which extracts the protocol "format," but ignores the protocol "semantic" and "synchronization" rules. The signatures feed a decision process based either on the geometric distance among samples, or on Sup- port Vector Machines. KISS is very accurate, and its signatures are intrinsically robust to packet sampling, reordering, and flow asym- metry, so that it can be used on almost any network. KISS is tested in different scenarios, considering traditional client-server proto- cols, VoIP, and both traditional and new P2P Internet applications. Results are astonishing. The average True Positive percentage is 99.6%, with the worst case equal to 98.1,% while results are al- most perfect when dealing with new P2P streaming applications

Provision of adaptive and context-aware service discovery for the Internet of Things

The IoT concept has revolutionised the vision of the future Internet with the advent of standards such as 6LoWPAN making it feasible to extend the Internet into previously isolated environments, e.g., WSNs. The abstraction of resources as services, has opened these environments to a new plethora of potential applications. Moreover, the web service paradigm can be used to provide interoperability by offering a standard interface to interact with these services to enable WoT paradigm. However, these networks pose many challenges, in terms of limited resources, that make the adaptability of existing IP-based solutions infeasible. As traditional service discovery and selection solutions demand heavy communication and use bulky formats, which are unsuitable for these resource-constrained devices incorporating sleep cycles to save energy. Even a registry based approach exhibits burdensome traffic in maintaining the availability status of the devices. The feasible solution for service discovery and selection is instrumental to enable the wide application coverage of these networks in the future. This research project proposes, TRENDY, a new compact and adaptive registry-based SDP with context awareness for the IoT, with more emphasis given to constrained networks, e.g., 6LoWPAN It uses CoAP-based light-weight and RESTful web services to provide standard interoperable interfaces, which can be easily translated from HTTP. TRENDY's service selection mechanism collects and intelligently uses the context information to select appropriate services for user applications based on the available context information of users and services. In addition, TRENDY introduces an adaptive timer algorithm to minimise control overhead for status maintenance, which also reduces energy consumption. Its context-aware grouping technique divides the network at the application layer, by creating location-based groups. This grouping of nodes localises the control overhead and provides the base for service composition, localised aggregation and processing of data. Different grouping roles enable the resource-awareness by offering profiles with varied responsibilities, where high capability devices can implement powerful profiles to share the load of other low capability devices. Thus, it allows the productive usage of network resources. Furthermore, this research project proposes APPUB, an adaptive caching technique, that has the following benefits: it allows service hosts to share their load with the resource directory and also decreases the service invocation delay. The performance of TRENDY and its mechanisms is evaluated using an extensive number of experiments performed using emulated Tmote sky nodes in the COOJA environment. The analysis of the results validates the benefit of performance gain for all techniques. The service selection and APPUB mechanisms improve the service invocation delay considerably that, consequently, reduces the traffic in the network. The timer technique consistently achieved the lowest control overhead, which eventually decreased the energy consumption of the nodes to prolong the network lifetime. Moreover, the low traffic in dense networks decreases the service invocations delay, and makes the solution more scalable. The grouping mechanism localises the traffic, which increases the energy efficiency while improving the scalability. In summary, the experiments demonstrate the benefit of using TRENDY and its techniques in terms of increased energy efficiency and network lifetime, reduced control overhead, better scalability and optimised service invocation time

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor