A policy-based architecture for virtual network embedding

Network virtualization is a technology that enables multiple virtual instances to coexist on a common physical network infrastructure. This paradigm fostered new business models, allowing infrastructure providers to lease or share their physical resources. Each virtual network is isolated and can be customized to support a new class of customers and applications. To this end, infrastructure providers need to embed virtual networks on their infrastructure. The virtual network embedding is the (NP-hard) problem of matching constrained virtual networks onto a physical network. Heuristics to solve the embedding problem have exploited several policies under different settings. For example, centralized solutions have been devised for small enterprise physical networks, while distributed solutions have been proposed over larger federated wide-area networks. In this thesis we present a policy-based architecture for the virtual network embedding problem. By policy, we mean a variant aspect of any of the three (invariant) embedding mechanisms: physical resource discovery, virtual network mapping, and allocation on the physical infrastructure. Our architecture adapts to different scenarios by instantiating appropriate policies, and has bounds on embedding efficiency, and on convergence embedding time, over a single provider, or across multiple federated providers. The performance of representative novel and existing policy configurations are compared via extensive simulations, and over a prototype implementation. We also present an object model as a foundation for a protocol specification, and we release a testbed to enable users to test their own embedding policies, and to run applications within their virtual networks. The testbed uses a Linux system architecture to reserve virtual node and link capacities

A survey of flooding, gossip routing, and related schemes for wireless multi- hop networks

Flooding is an essential and critical service in computer networks that is used by many routing protocols to send packets from a source to all nodes in the network. As the packets are forwarded once by each receiving node, many copies of the same packet traverse the network which leads to high redundancy and unnecessary usage of the sparse capacity of the transmission medium. Gossip routing is a well-known approach to improve the flooding in wireless multi-hop networks. Each node has a forwarding probability p that is either statically per-configured or determined by information that is available at runtime, e.g, the node degree. When a packet is received, the node selects a random number r. If the number r is below p, the packet is forwarded and otherwise, in the most simple gossip routing protocol, dropped. With this approach the redundancy can be reduced while at the same time the reachability is preserved if the value of the parameter p (and others) is chosen with consideration of the network topology. This technical report gives an overview of the relevant publications in the research domain of gossip routing and gives an insight in the improvements that can be achieved. We discuss the simulation setups and results of gossip routing protocols as well as further improved flooding schemes. The three most important metrics in this application domain are elaborated: reachability, redundancy, and management overhead. The published studies used simulation environments for their research and thus the assumptions, models, and parameters of the simulations are discussed and the feasibility of an application for real world wireless networks are highlighted. Wireless mesh networks based on IEEE 802.11 are the focus of this survey but publications about other network types and technologies are also included. As percolation theory, epidemiological models, and delay tolerant networks are often referred as foundation, inspiration, or application of gossip routing in wireless networks, a brief introduction to each research domain is included and the applicability of the particular models for the gossip routing is discussed

EDDA: An Efficient Distributed Data Replication Algorithm in VANETs

Efficient data dissemination in vehicular ad hoc networks (VANETs) is a challenging issue due to the dynamic nature of the network. To improve the performance of data dissemination, we study distributed data replication algorithms in VANETs for exchanging information and computing in an arbitrarily-connected network of vehicle nodes. To achieve low dissemination delay and improve the network performance, we control the number of message copies that can be disseminated in the network and then propose an efficient distributed data replication algorithm (EDDA). The key idea is to let the data carrier distribute the data dissemination tasks to multiple nodes to speed up the dissemination process. We calculate the number of communication stages for the network to enter into a balanced status and show that the proposed distributed algorithm can converge to a consensus in a small number of communication stages. Most of the theoretical results described in this paper are to study the complexity of network convergence. The lower bound and upper bound are also provided in the analysis of the algorithm. Simulation results show that the proposed EDDA can efficiently disseminate messages to vehicles in a specific area with low dissemination delay and system overhead

Dumbo-NG: Fast Asynchronous BFT Consensus with Throughput-Oblivious Latency

Despite recent progresses of practical asynchronous Byzantine fault tolerant (BFT) consensus, the state-of-the-art designs still suffer from suboptimal performance. Particularly, to obtain maximum throughput, most existing protocols with guaranteed linear amortized communication complexity require each participating node to broadcast a huge batch of transactions, which dramatically sacrifices latency. Worse still, the f slowest nodes' broadcasts might never be agreed to output and thus can be censored (where f is the number of faults). Implementable mitigation to the threat either uses computationally costly threshold encryption or incurs communication blow-up, thus causing further efficiency issues. We present Dumbo-NG, a novel asynchronous BFT consensus (atomic broadcast) to solve the remaining practical issues. Its technical core is a non-trivial direct reduction from asynchronous atomic broadcast to multi-valued validated Byzantine agreement (MVBA) with quality property. Most interestingly, the new protocol structure empowers completely concurrent execution of transaction dissemination and asynchronous agreement. This brings about two benefits: (i) the throughput-latency tension is resolved to approach peak throughput with minimal increase in latency; (ii) the transactions broadcasted by any honest node can be agreed to output, thus conquering the censorship threat with no extra cost. We implement Dumbo-NG and compare it to the state-of-the-art asynchronous BFT with guaranteed censorship resilience including Dumbo (CCS'20) and Speeding-Dumbo (NDSS'22). We also apply the techniques from Speeding-Dumbo to DispersedLedger (NSDI'22) and obtain an improved variant of DispersedLedger called sDumbo-DL for comprehensive comparison. Extensive experiments reveal: Dumbo-NG realizes better peak throughput performance and its latency can almost remain stable when throughput grows

Radio resource allocation algorithms for multicast OFDM systems

Mención Internacional en el título de doctorVideo services have become highly demanded in mobile networks leading to an unprecedented traffic growth. It is expected that traffic from wireless and mobile devices will account for nearly 70 percent of total IP traffic by the year 2020, and the video services will account for nearly 75 percent of mobile data traffic by 2022. Multicast transmission is one of the key enablers towards a more spectral and energy efficient distribution of multimedia content in current and envisaged mobile networks. It is worth noting that multicast is a mechanism that efficiently delivers the same content to many users, not only focusing on video broadcasting, but also distributing many other media, such as software updates, weather forecast or breaking news. Although multicast services are available in Long Term Evolution (LTE) and LTE-Advanced (LTE-A) networks, new improvements are needed in some areas to handle the demands expected in the near future. Resource allocation techniques for multicast services are one of the main challenging issues, since it is required the development of novel schemes to meet the demands of their evolution towards the next generation. Most multicast techniques adopt rather conservative strategies that select a very robust modulation and coding scheme (MCS), whose characteristics are determined by the propagation conditions experienced by the worst user in the group in order to ensure that all users in a multicast group are able to correctly decode the received data. Obviously, this robustness comes at the prize of a low spectral efficiency. This thesis presents an exhaustive study of broadcast/multicast technology for current mobile networks, especially focusing on the scheduling and resource allocation (SRA) strategies to maximize the potential benefits that multicast transmissions imply on the spectral efficiency. Based on that issue, some contributions have been made to the state of the art in the radio resource management (RRM) for current and beyond mobile multicast services. • In the frame of LTE/LTE-A, the evolved multimedia broadcast and multicast service (eMBMS) shares the physical layer resources with the unicast transmission mode (at least up to Release 12). Consequently, the time allocation to multicast transmission is limited to a maximum of a 60 percent, and the remaining subframes (at least 40 percent) are reserved for unicast transmissions. With the aim of achieving the maximum aggregated data rate (ADR) among the multicast users, we have implemented several innovative SRA schemes that combine the allocation of multicast and unicast resources in the LTE/LTE-A frame, guaranteeing the prescribed quality of service (QoS) requirements for every user. • In the specific context of wideband communication systems, the selection of the multicast MCS has often relied on the use of wideband channel quality indicators (CQIs), providing rather imprecise information regarding the potential capacity of the multicast channel. Only recently has the per-subband CQI been used to improve the spectral efficiency of the system without compromising the link robustness. We have proposed novel subband CQI-based multicast SRA strategies that, relying on the selection of more spectrally efficient transmission modes, lead to increased data rates while still being able to fulfill prescribed QoS metrics. • Mobile broadcast/multicast video services require effective and low complexity SRA strategies. We have proposed an SRA strategy based on multicast subgrouping and the scalable video coding (SVC) technique for multicast video delivery. This scheme focuses on reducing the search space of solutions and optimizes the ADR. The results in terms of ADR, spectral efficiency, and fairness among multicast users, along with the low complexity of the algorithm, show that this new scheme is adequate for real systems. These contributions are intended to serve as a reference that motivate ongoing and future investigation in the challenging field of RRM for broadcast/ multicast services in next generation mobile networks.La demanda de servicios de vídeo en las redes móviles ha sufrido un incremento exponencial en los últimos años, lo que a su vez ha desembocado en un aumento sin precedentes del tráfico de datos. Se espera que antes del año 2020, el trafico debido a dispositivos móviles alcance cerca del 70 por ciento del tráfico IP total, mientras que se prevé que los servicios de vídeo sean prácticamente el 75 por ciento del tráfico de datos en las redes móviles hacia el 2022. Las transmisiones multicast son una de las tecnologías clave para conseguir una distribución más eficiente, tanto espectral como energéticamente, del contenido multimedia en las redes móviles actuales y futuras. Merece la pena reseñar que el multicast es un mecanismo de entrega del mismo contenido a muchos usuarios, que no se enfoca exclusivamente en la distribución de vídeo, sino que también permite la distribución de otros muchos contenidos, como actualizaciones software, información meteorológica o noticias de última hora. A pesar de que los servicios multicast ya se encuentran disponibles en las redes Long Term Evolution (LTE) y LTE-Advanced (LTE-A), la mejora en algunos ámbitos resulta necesaria para manejar las demandas que se prevén a corto plazo. Las técnicas de asignación de recursos para los servicios multicast suponen uno de los mayores desafíos, ya que es necesario el desarrollo de nuevos esquemas que nos permitan acometer las exigencias que supone su evolución hacia la próxima generación. La mayor parte de las técnicas multicast adoptan estrategias conservadoras, seleccionando esquemas de modulación y codificación (MCS) impuestos por las condiciones de propagación que experimenta el usuario del grupo con peor canal, para así asegurar que todos los usuarios pertenecientes al grupo multicast sean capaces de decodificar correctamente los datos recibidos. Como resulta obvio, la utilización de esquemas tan robustos conlleva el precio de sufrir una baja eficiencia espectral. Esta tesis presenta un exhaustivo estudio de la tecnología broadcast/ multicast para las redes móviles actuales, que se centra especialmente en las estrategias de asignación de recursos (SRA), cuyo objetivo es maximizar los beneficios que la utilización de transmisiones multicast potencialmente implica en términos de eficiencia espectral. A partir de dicho estudio, hemos realizado varias contribuciones al estado del arte en el ámbito de la gestión de recursos radio (RRM) para los servicios multicast, aplicables en las redes móviles actuales y futuras. • En el marco de LTE/LTE-A, el eMBMS comparte los recursos de la capa física con las transmisiones unicast (al menos hasta la revisión 12). Por lo tanto, la disponibilidad temporal de las transmisiones multicast está limitada a un máximo del 60 por ciento, reservándose las subtramas restantes (al menos el 40 por ciento) para las transmisiones unicast. Con el objetivo de alcanzar la máxima tasa total de datos (ADR) entre los usuarios multicast, hemos implementado varios esquemas innovadores de SRA que combinan la asignación de los recursos multicast y unicast de la trama LTE/LTE-A, garantizando los requisitos de QoS a cada usuario. • En los sistemas de comunicaciones de banda ancha, la selección del MCS para transmisiones multicast se basa habitualmente en la utilización de CQIs de banda ancha, lo que proporciona información bastante imprecisa acerca de la capacidad potencial del canal multicast. Recientemente se ha empezado a utilizar el CQI por subbanda para mejorar la eficiencia espectral del sistema sin comprometer la robustez de los enlaces. Hemos propuesto nuevas estrategias para SRA multicast basadas en el CQI por subbanda que, basándose en la selección de los modos de transmisión con mayor eficiencia espectral, conducen a mejores tasas de datos, a la vez que permiten cumplir los requisitos de QoS. • Los servicios móviles de vídeo broadcast/multicast precisan estrategias eficientes de SRA con baja complejidad. Hemos propuesto una estrategia de SRA basada en subgrupos multicast y la técnica de codificación de vídeo escalable (SVC) para la difusión de vídeo multicast, la cual se centra en reducir el espacio de búsqueda de soluciones y optimizar el ADR. Los resultados obtenidos en términos de ADR, eficiencia espectral y equidad entre los usuarios multicast, junto con la baja complejidad del algoritmo, ponen de manifiesto que el esquema propuesto es adecuado para su implantación en sistemas reales. Estas contribuciones pretenden servir de referencia que motive la investigación actual y futura en el interesante ámbito de RRM para los servicios broadcast/multicast en las redes móviles de próxima generación.Programa Oficial de Doctorado en Multimedia y ComunicacionesPresidente: Atilio Manuel Da Silva Gameiro.- Secretario: Víctor Pedro Gil Jiménez.- Vocal: María de Diego Antó

Improving Security and Privacy in Online Social Networks

Online social networks (OSNs) have gained soaring popularity and are among the most popular sites on the Web. With OSNs, users around the world establish and strengthen connections by sharing thoughts, activities, photos, locations, and other personal information. However, the immense popularity of OSNs also raises significant security and privacy concerns. Storing millions of users\u27 private information and their social connections, OSNs are susceptible to becoming the target of various attacks. In addition, user privacy will be compromised if the private data collected by OSNs are abused, inadvertently leaked, or under the control of adversaries. as a result, the tension between the value of joining OSNs and the security and privacy risks is rising.;To make OSNs more secure and privacy-preserving, our work follow a bottom-up approach. OSNs are composed of three components, the infrastructure layer, the function layer, and the user data stored on OSNs. For each component of OSNs, in this dissertation, we analyze and address a representative security/privacy issue. Starting from the infrastructure layer of OSNs, we first consider how to improve the reliability of OSN infrastructures, and we propose Fast Mencius, a crash-fault tolerant state machine replication protocol that has low latency and high throughput in wide-area networks. For the function layer of OSNs, we investigate how to prevent the functioning of OSNs from being disturbed by adversaries, and we propose SybilDefender, a centralized sybil defense scheme that can effectively detect sybil nodes by analyzing social network topologies. Finally, we study how to protect user privacy on OSNs, and we propose two schemes. MobiShare is a privacy-preserving location-sharing scheme designed for location-based OSNs (LBSNs), which supports sharing locations between both friends and strangers. LBSNSim is a trace-driven LBSN model that can generate synthetic LBSN datasets used in place of real datasets. Combining our work contributes to improving security and privacy in OSNs

Byzantine Fault Tolerance for Nondeterministic Applications

The growing reliance on online services accessible on the Internet demands highly reliable system that would not be interrupted when encountering faults. A number of Byzantine fault tolerance (BFT) algorithms have been developed to mask the most complicated type of faults - Byzantine faults such as software bugs,operator mistakes, and malicious attacks, which are usually the major cause of service interruptions. However, it is often difficult to apply these algorithms to practical applications because such applications often exhibit sophisticated non-deterministic behaviors that the existing BFT algorithms could not cope with. In this thesis, we propose a classification of common types of replica nondeterminism with respect to the requirement of achieving Byzantine fault tolerance, and describe the design and implementation of the core mechanisms necessary to handle such replica nondeterminism within a Byzantine fault tolerance framework. In addition, we evaluated the performance of our BFT library, referred to as ND-BFT using both a micro-benchmark application and a more realistic online porker game application. The performance results show that the replicated online poker game performs approximately 13 slower than its nonreplicated counterpart in the presence of small number of player

Byzantine Fault Tolerance for Nondeterministic Applications

The growing reliance on online services accessible on the Internet demands highly reliable system that would not be interrupted when encountering faults. A number of Byzantine fault tolerance (BFT) algorithms have been developed to mask the most complicated type of faults - Byzantine faults such as software bugs,operator mistakes, and malicious attacks, which are usually the major cause of service interruptions. However, it is often difficult to apply these algorithms to practical applications because such applications often exhibit sophisticated non-deterministic behaviors that the existing BFT algorithms could not cope with. In this thesis, we propose a classification of common types of replica nondeterminism with respect to the requirement of achieving Byzantine fault tolerance, and describe the design and implementation of the core mechanisms necessary to handle such replica nondeterminism within a Byzantine fault tolerance framework. In addition, we evaluated the performance of our BFT library, referred to as ND-BFT using both a micro-benchmark application and a more realistic online porker game application. The performance results show that the replicated online poker game performs approximately 13 slower than its nonreplicated counterpart in the presence of small number of player