Referee-based architectures for massively multiplayer online games

Network computer games are played amongst players on different hosts across the Internet. Massively Multiplayer Online Games (MMOG) are network games in which thousands of players participate simultaneously in each instance of the virtual world. Current commercial MMOG use a Client/Server (C/S) architecture in which the server simulates and validates the game, and notifies players about the current game state. While C/S is very popular, it has several limitations: (i) C/S has poor scalability as the server is a bandwidth and processing bottleneck; (ii) all updates must be routed through the server, reducing responsiveness; (iii) players with lower client-to-server delay than their opponents have an unfair advantage as they can respond to game events faster; and (iv) the server is a single point of failure.The Mirrored Server (MS) architecture uses multiple mirrored servers connected via a private network. MS achieves better scalability, responsiveness, fairness, and reliability than C/S; however, as updates are still routed through the mirrored servers the problems are not eliminated. P2P network game architectures allow players to exchange updates directly, maximising scalability, responsiveness, and fairness, while removing the single point of failure. However, P2P games are vulnerable to cheating. Several P2P architectures have been proposed to detect and/or prevent game cheating. Nevertheless, they only address a subset of cheating methods. Further, these solutions require costly distributed validation algorithms that increase game delay and bandwidth, and prevent players with high latency from participating.In this thesis we propose a new cheat classification that reflects the levels in which the cheats occur: game, application, protocol, or infrastructure. We also propose three network game architectures: the Referee Anti-Cheat Scheme (RACS), the Mirrored Referee Anti-Cheat Scheme (MRACS), and the Distributed Referee Anti-Cheat Scheme (DRACS); which maximise game scalability, responsiveness, and fairness, while maintaining cheat detection/prevention equal to that in C/S. Each proposed architecture utilises one or more trusted referees to validate the game simulation - similar to the server in C/S - while allowing players to exchange updates directly - similar to peers in P2P.RACS is a hybrid C/S and P2P architecture that improves C/S by using a referee in the server. RACS allows honest players to exchange updates directly between each other, with a copy sent to the referee for validation. By allowing P2P communication RACS has better responsiveness and fairness than C/S. Further, as the referee is not required to forward updates it has better bandwidth and processing scalability. The RACS protocol could be applied to any existing C/S game. Compared to P2P protocols RACS has lower delay, and allows players with high delay to participate. Like in many P2P architectures, RACS divides time into rounds. We have proposed two efficient solutions to find the optimal round length such that the total system delay is minimised.MRACS combines the RACS and MS architectures. A referee is used at each mirror to validate player updates, while allowing players to exchange updates directly. By using multiple mirrored referees the bandwidth required by each referee, and the player-to mirror delays, are reduced; improving the scalability, responsiveness and fairness of RACS, while removing its single point of failure. Direct communication MRACS improves MS in terms of its responsiveness, fairness, and scalability. To maximise responsiveness, we have defined and solved the Client-to-Mirror Assignment (CMA) problem to assign clients to mirrors such that the total delay is minimised, and no mirror is overloaded. We have proposed two sets of efficient solutions: the optimal J-SA/L-SA and the faster heuristic J-Greedy/L-Greedy to solve CMA.DRACS uses referees distributed to player hosts to minimise the publisher / developer infrastructure, and maximise responsiveness and/or fairness. To prevent colluding players cheating DRACS requires every update to be validated by multiple unaffiliated referees, providing cheat detection / prevention equal to that in C/S. We have formally defined the Referee Selection Problem (RSP) to select a set of referees from the untrusted peers such that responsiveness and/or fairness are maximised, while ensuring the probability of the majority of referees colluding is below a pre-defined threshold. We have proposed two efficient algorithms, SRS-1 and SRS-2, to solve the problem.We have evaluated the performances of RACS, MRACS, and DRACS analytically and using simulations. We have shown analytically that RACS, MRACS and DRACS have cheat detection/prevention equivalent to that in C/S. Our analysis shows that RACS has better scalability and responsiveness than C/S; and that MRACS has better scalability and responsiveness than C/S, RACS, and MS. As there is currently no publicly available traces from MMOG we have constructed artificial and realistic inputs. We have used these inputs on all simulations in this thesis to show the benefits of our proposed architectures and algorithms

Dealing With Misbehavior In Distributed Systems: A Game-Theoretic Approach

Most distributed systems comprise autonomous entities interacting with each other to achieve their objectives. These entities behave selfishly when making decisions. This behavior may result in strategical manipulation of the protocols thus jeopardizing the system wide goals. Micro-economics and game theory provides suitable tools to model such interactions. We use game theory to model and study three specific problems in distributed systems. We study the problem of sharing the cost of multicast transmissions and develop mechanisms to prevent cheating in such settings. We study the problem of antisocial behavior in a scheduling mechanism based on the second price sealed bid auction. We also build models using extensive form games to analyze the interactions of the attackers and the defender in a security game involving honeypots. Multicast cost sharing is an important problem and very few distributed strategyproof mechanisms exist to calculate the costs shares of the users. These mechanisms are susceptible to manipulation by rational nodes. We propose a faithful mechanism which uses digital signatures and auditing to catch and punish the cheating nodes. Such mechanism will incur some overhead. We deployed the proposed and existing mechanisms on planet-lab to experimentally analyze the overhead and other relevant economic properties of the proposed and existing mechanisms. In a second price sealed bid auction, even though the bids are sealed, an agent can infer the private values of the winning bidders, if the auction is repeated for related items. We study this problem from the perspective of a scheduling mechanism and develop an antisocial strategy which can be used by an agent to inflict losses on the other agents. In a security system attackers and defender(s) interact with each other. Examples of such systems are the honeynets which are used to map the activities of the attackers to gain valuable insight about their behavior. The attackers want to evade the honeypots while the defenders want them to attack the honeypots. These interesting interactions form the basis of our research where we develop a model used to analyze the interactions of an attacker and a honeynet system

Systems-compatible Incentives

Originally, the Internet was a technological playground, a collaborative endeavor among researchers who shared the common goal of achieving communication. Self-interest used not to be a concern, but the motivations of the Internet's participants have broadened. Today, the Internet consists of millions of commercial entities and nearly 2 billion users, who often have conflicting goals. For example, while Facebook gives users the illusion of access control, users do not have the ability to control how the personal data they upload is shared or sold by Facebook. Even in BitTorrent, where all users seemingly have the same motivation of downloading a file as quickly as possible, users can subvert the protocol to download more quickly without giving their fair share. These examples demonstrate that protocols that are merely technologically proficient are not enough. Successful networked systems must account for potentially competing interests. In this dissertation, I demonstrate how to build systems that give users incentives to follow the systems' protocols. To achieve incentive-compatible systems, I apply mechanisms from game theory and auction theory to protocol design. This approach has been considered in prior literature, but unfortunately has resulted in few real, deployed systems with incentives to cooperate. I identify the primary challenge in applying mechanism design and game theory to large-scale systems: the goals and assumptions of economic mechanisms often do not match those of networked systems. For example, while auction theory may assume a centralized clearing house, there is no analog in a decentralized system seeking to avoid single points of failure or centralized policies. Similarly, game theory often assumes that each player is able to observe everyone else's actions, or at the very least know how many other players there are, but maintaining perfect system-wide information is impossible in most systems. In other words, not all incentive mechanisms are systems-compatible. The main contribution of this dissertation is the design, implementation, and evaluation of various systems-compatible incentive mechanisms and their application to a wide range of deployable systems. These systems include BitTorrent, which is used to distribute a large file to a large number of downloaders, PeerWise, which leverages user cooperation to achieve lower latencies in Internet routing, and Hoodnets, a new system I present that allows users to share their cellular data access to obtain greater bandwidth on their mobile devices. Each of these systems represents a different point in the design space of systems-compatible incentives. Taken together, along with their implementations and evaluations, these systems demonstrate that systems-compatibility is crucial in achieving practical incentives in real systems. I present design principles outlining how to achieve systems-compatible incentives, which may serve an even broader range of systems than considered herein. I conclude this dissertation with what I consider to be the most important open problems in aligning the competing interests of the Internet's participants

Best effort measurement based congestion control

Abstract available: p.

Enabling a Low-delay Internet Service via Built-in Performance Incentives

The single best-effort service of the Internet struggles to accommodate divergent needs of different distributed applications. Numerous alternative network architectures have been proposed to offer diversified network services. These innovative solutions failed to gain wide deployment primarily due to economic and legacy issues rather than technical shortcomings. Our paper presents a new simple paradigm for network service differentiation that accounts explicitly for the multiplicity of Internet service providers and users as well as their economic interests in environments with partly deployed new services. Our key idea is to base the service differentiation on performance itself, rather than price. We design RD (Rate-Delay) network services that give a user an opportunity to choose between a higher transmission rate or low queuing delay at a congested network link. To support the two services, an RD router maintains two queues per output link and achieves the intended ratedelay differentiation through simple link scheduling and dynamic buffer sizing. Our extensive evaluation of the RD network services reports their performance, deployability, and security properties

Smart Wireless Sensor Networks

The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks

Efficient Passive Clustering and Gateways selection MANETs

Passive clustering does not employ control packets to collect topological information in ad hoc networks. In our proposal, we avoid making frequent changes in cluster architecture due to repeated election and re-election of cluster heads and gateways. Our primary objective has been to make Passive Clustering more practical by employing optimal number of gateways and reduce the number of rebroadcast packets

Real-time communications over switched Ethernet supporting dynamic QoS management

Doutoramento em Engenharia InformáticaDurante a última década temos assistido a um crescente aumento na utilização de sistemas embutidos para suporte ao controlo de processos, de sistemas robóticos, de sistemas de transportes e veículos e até de sistemas domóticos e eletrodomésticos. Muitas destas aplicações são críticas em termos de segurança de pessoas e bens e requerem um alto nível de determinismo com respeito aos instantes de execução das respectivas tarefas. Além disso, a implantação destes sistemas pode estar sujeita a limitações estruturais, exigindo ou beneficiando de uma configuração distribuída, com vários subsistemas computacionais espacialmente separados. Estes subsistemas, apesar de espacialmente separados, são cooperativos e dependem de uma infraestrutura de comunicação para atingir os objectivos da aplicação e, por consequência, também as transacções efectuadas nesta infraestrutura estão sujeitas às restrições temporais definidas pela aplicação. As aplicações que executam nestes sistemas distribuídos, chamados networked embedded systems (NES), podem ser altamente complexas e heterogéneas, envolvendo diferentes tipos de interacções com diferentes requisitos e propriedades. Um exemplo desta heterogeneidade é o modelo de activação da comunicação entre os subsistemas que pode ser desencadeada periodicamente de acordo com uma base de tempo global (time-triggered), como sejam os fluxos de sistemas de controlo distribuído, ou ainda ser desencadeada como consequência de eventos assíncronos da aplicação (event-triggered). Independentemente das características do tráfego ou do seu modelo de activação, é de extrema importância que a plataforma de comunicações disponibilize as garantias de cumprimento dos requisitos da aplicação ao mesmo tempo que proporciona uma integração simples dos vários tipos de tráfego. Uma outra propriedade que está a emergir e a ganhar importância no seio dos NES é a flexibilidade. Esta propiedade é realçada pela necessidade de reduzir os custos de instalação, manutenção e operação dos sistemas. Neste sentido, o sistema é dotado da capacidade para adaptar o serviço fornecido à aplicação aos respectivos requisitos instantâneos, acompanhando a evolução do sistema e proporcionando uma melhor e mais racional utilização dos recursos disponíveis. No entanto, maior flexibilidade operacional é igualmente sinónimo de maior complexidade derivada da necessidade de efectuar a alocação dinâmica dos recursos, acabando também por consumir recursos adicionais no sistema. A possibilidade de modificar dinâmicamente as caracteristicas do sistema também acarreta uma maior complexidade na fase de desenho e especificação. O aumento do número de graus de liberdade suportados faz aumentar o espaço de estados do sistema, dificultando a uma pre-análise. No sentido de conter o aumento de complexidade são necessários modelos que representem a dinâmica do sistema e proporcionem uma gestão optimizada e justa dos recursos com base em parâmetros de qualidade de serviço (QdS). É nossa tese que as propriedades de flexibilidade, pontualidade e gestão dinâmica de QdS podem ser integradas numa rede switched Ethernet (SE), tirando partido do baixo custo, alta largura de banda e fácil implantação. Nesta dissertação é proposto um protocolo, Flexible Time-Triggered communication over Switched Ethernet (FTT-SE), que suporta as propriedades desejadas e que ultrapassa as limitações das redes SE para aplicações de tempo-real tais como a utilização de filas FIFO, a existência de poucos níveis de prioridade e a pouca capacidade de gestão individualizada dos fluxos. O protocolo baseia-se no paradigma FTT, que genericamente define a arquitectura de uma pilha protocolar sobre o acesso ao meio de uma rede partilhada, impondo desta forma determinismo temporal, juntamente com a capacidade para reconfiguração e adaptação dinâmica da rede. São ainda apresentados vários modelos de distribuição da largura de banda da rede de acordo com o nível de QdS especificado por cada serviço utilizador da rede. Esta dissertação expõe a motivação para a criação do protocolo FTT-SE, apresenta uma descrição do mesmo, bem como a análise de algumas das suas propiedades mais relevantes. São ainda apresentados e comparados modelos de distribuição da QdS. Finalmente, são apresentados dois casos de aplicações que sustentam a validade da tese acima mencionada.During the last decade we have witnessed a massive deployment of embedded systems on a wide applications range, from industrial automation to process control, avionics, cars or even robotics. Many of these applications have an inherently high level of criticality, having to perform tasks within tight temporal constraints. Additionally, the configuration of such systems is often distributed, with several computing nodes that rely on a communication infrastructure to cooperate and achieve the application global goals. Therefore, the communications are also subject to the same temporal constraints set by the application requirements. Many applications relying on such networked embedded systems (NES) are complex and heterogeneous, comprehending different activities with different requirements and properties. For example, the communication between subsystems may follow a strict temporal synchronization with respect to a global time-base (time-triggered), like in a distributed feedback control loop, or it may be issued asynchronously upon the occurrence of events (eventtriggered). Regardless of the traffic characteristics and its activation model, it is of paramount importance having a communication framework that provides seamless integration of heterogeneous traffic sources while guaranteeing the application requirements. Another property that has been emerging as important for NES design and operation is flexibility. The need to reduce installation and operational costs, while facilitating maintenance is promoting a more rational use of the available resources at run-time, exploring the ability to tune service parameters as the system evolves. However, such operational flexibility comes with the cost of increasing the complexity of the system to handle the dynamic resource management, which on the other hand demands the allocation of additional system resources. Moreover, the capacity to dynamically modify the system properties also causes a higher complexity when designing and specifying the system, since the operational state-space increases with the degrees of flexibility of the system. Therefore, in order to bound this complexity appropriate operational models are needed to handle the system dynamics and carry on an efficient and fair resource management strategy based on quality of service (QoS) metrics. This thesis states that the properties of flexibility and timeliness as needed for dynamic QoS management can be provided to switched Ethernet based systems. Switched Ethernet, although initially designed for general purpose Internet access and file transfers, is becoming widely used in NES-based applications. However, COTS switched Ethernet is insufficient regarding the needs for real-time predictability and for supporting the aforementioned properties due the use of FIFO queues too few priority levels and for stream-level management capabilities. In this dissertation we propose a protocol to overcome those limitations, namely the Flexible Time-Triggered communication over Switched Ethernet (FTT-SE). The protocol is based on the FTT paradigm that generically defines a protocol architecture suitable to enforce real-time determinism on a communication network supporting the desired flexibility properties. This dissertation addresses the motivation for FTT-SE, describing the protocol as well as its schedulability analysis. It additionally covers the resource distribution topic, where several distribution models are proposed to manage the resource capacity among the competing services and while considering the QoS level requirements of each service. A couple of application cases are shown that support the aforementioned thesis