A Framework for Rapid Development and Portable Execution of Packet-Handling Applications

This paper presents a framework that enables the execution of packet-handling applications (such as sniffers, firewalls, intrusion detectors, etc.) on different hardware platforms. This framework is centered on the NetVM - a novel, portable, and efficient virtual processor targeted for packet-based processing - and the NetPDL - a language dissociating applications from protocol specifications. In addition, a high-level programming language that enables rapid development of packet-based applications is presented

MAC OS X VERSION 10.5 “LEOPARD”

Mac OS X version 10.5 “Leopard” is the sixth major release of Mac OS X. This operating system is the successor of Mac OS X v10.4 "Tiger". Leopard was released on 26 October 2007, and is available in two variantsmacos x

Measuring the Impact of Spectre and Meltdown

The Spectre and Meltdown flaws in modern microprocessors represent a new class of attacks that have been difficult to mitigate. The mitigations that have been proposed have known performance impacts. The reported magnitude of these impacts varies depending on the industry sector and expected workload characteristics. In this paper, we measure the performance impact on several workloads relevant to HPC systems. We show that the impact can be significant on both synthetic and realistic workloads. We also show that the performance penalties are difficult to avoid even in dedicated systems where security is a lesser concern

SDN based Network Function Parallelism in Cloud

Network function virtualization (NFV) based service function chaining (SFC) allows the provisioning of various security and traffic engineering applications in a cloud network. Inefficient deployment of network functions can lead to security violations and performance overhead. In an OpenFlow enabled cloud, the key problem with current mechanisms is that several packet field match and flow rule action sets associated with the network functions are non-overlapping and can be parallelized for performance enhancement. We introduce Network Function Parallelism (NFP) SFC-NFP for OpenFlow network. Our solution utilizes network function parallelism over the OpenFlow rules to improve SFC performance in the cloud network. We have utilized the DPDK platform with an OpenFlow switch (OVS) for experimental analysis. Our solution achieves a 1.40-1.90x reduction in latency for SFC in an OpenStack cloud network managed by the SDN framework.Comment: 5 page

Reflections on the use of Project Wonderland as a mixed-reality environment for teaching and learning

This paper reflects on the lessons learnt from MiRTLE?a collaborative research project to create a ?mixed reality teaching and learning environment? that enables teachers and students participating in real-time mixed and online classes to interact with avatar representations of each other. The key hypothesis of the project is that avatar representations of teachers and students can help create a sense of shared presence, engendering a greater sense of community and improving student engagement in online lessons. This paper explores the technology that underpins such environments by presenting work on the use of a massively multi-user game server, based on Sun?s Project Darkstar and Project Wonderland tools, to create a shared teaching environment, illustrating the process by describing the creation of a virtual classroom. It is planned that the MiRTLE platform will be used in several trial applications ? which are described in the paper. These example applications are then used to explore some of the research issues arising from the use of virtual environments within an education environment. The research discussion initially focuses on the plans to assess this within the MiRTLE project. This includes some of the issues of designing virtual environments for teaching and learning, and how supporting pedagogical and social theories can inform this process

Investigating the effectiveness of many-core network processors for high performance cyber protection systems. Part I, FY2011.

This report documents our first year efforts to address the use of many-core processors for high performance cyber protection. As the demands grow for higher bandwidth (beyond 1 Gbits/sec) on network connections, the need to provide faster and more efficient solution to cyber security grows. Fortunately, in recent years, the development of many-core network processors have seen increased interest. Prior working experiences with many-core processors have led us to investigate its effectiveness for cyber protection tools, with particular emphasis on high performance firewalls. Although advanced algorithms for smarter cyber protection of high-speed network traffic are being developed, these advanced analysis techniques require significantly more computational capabilities than static techniques. Moreover, many locations where cyber protections are deployed have limited power, space and cooling resources. This makes the use of traditionally large computing systems impractical for the front-end systems that process large network streams; hence, the drive for this study which could potentially yield a highly reconfigurable and rapidly scalable solution

Semantic validation of affinity constrained service function chain requests

Network Function Virtualization (NFV) has been proposed as a paradigm to increase the cost-efficiency, flexibility and innovation in network service provisioning. By leveraging IT virtualization techniques in combination with programmable networks, NFV is able to decouple network functionality from the physical devices on which they are deployed. This opens up new business opportunities for both Infrastructure Providers (InPs) as well as Service Providers (SPs), where the SP can request to deploy a chain of Virtual Network Functions (VNFs) on top of which its service can run. However, current NFV approaches lack the possibility for SPs to define location requirements and constraints on the mapping of virtual functions and paths onto physical hosts and links. Nevertheless, many scenarios can be envisioned in which the SP would like to attach placement constraints for efficiency, resilience, legislative, privacy and economic reasons. Therefore, we propose a set of affinity and anti-affinity constraints, which can be used by SPs to define such placement restrictions. This newfound ability to add constraints to Service Function Chain (SFC) requests also introduces an additional risk that SFCs with conflicting constraints are requested or automatically generated. Therefore, a framework is proposed that allows the InP to check the validity of a set of constraints and provide feedback to the SP. To achieve this, the SFC request and relevant information on the physical topology are modeled as an ontology of which the consistency can be checked using a semantic reasoner. Enabling semantic validation of SFC requests, eliminates inconsistent SFCs requests from being transferred to the embedding algorithm.Peer Reviewe