Design of Scalable On-Demand Video Streaming Systems Leveraging Video Viewing Patterns

The explosive growth in on-demand access of video across all forms of delivery (Internet, traditional cable, IPTV, wireless) has renewed the interest in scalable delivery methods. Approaches using Content Delivery Networks (CDNs), Peer-to-Peer (P2P) approaches, and their combinations have been proposed as viable options to ease the load on servers and network links. However, there has been little focus on how to take advantage of user viewing patterns to understand their impact on existing mechanisms and to design new solutions that improve the streaming service quality. In this dissertation, we leverage on the observation that users watch only a small portion of videos to understand the limits of existing designs and to optimize two scalable approaches -- the content placement and P2P Video-on-Demand (VoD) streaming. Then, we present our novel scalable system called Joint-Family which enables adaptive bitrate streaming (ABR) in P2P VoD, supporting user viewing patterns. We first provide evidence of such user viewing behavior from data collected from a nationally deployed VoD service. In contrast to using a simplistic popularity-based placement and traditionally proposed caching strategies (such as CDNs), we use a Mixed Integer Programming formulation to model the placement problem and employ an innovative approach that scales well. We have performed detailed simulations using actual traces of user viewing sessions (including stream control operations such as pause, fast-forward, and rewind). Our results show that the use of segment-based placement strategy yields substantial savings in both disk storage requirements at origin servers/VHOs as well as network bandwidth use. For example, compared to a simple caching scheme using full videos, our MIP-based placement using segments can achieve up to 71% reduction in peak link bandwidth usage. Secondly, we note that the policies adopted in existing P2P VoD systems have not taken user viewing behavior -- that users abandon videos -- into account. We show that abandonment can result in increased interruptions and wasted resources. As a result, we reconsider the set of policies to use in the presence of abandonment. Our goal is to balance the conflicting needs of delivering videos without interruptions while minimizing wastage. We find that an Earliest-First chunk selection policy in conjunction with the Earliest-Deadline peer selection policy allows us to achieve high download rates. We take advantage of abandonment by converting peers to "partial seeds"; this increases capacity. We minimize wastage by using a playback lookahead window. We use analysis and simulation experiments using real-world traces to show the effectiveness of our approach. Finally, we propose Joint-Family, a protocol that combines P2P and adaptive bitrate (ABR) streaming for VoD. While P2P for VoD and ABR have been proposed previously, they have not been studied together because they attempt to tackle problems with seemingly orthogonal goals. We motivate our approach through analysis that overcomes a misconception resulting from prior analytical work, and show that the popularity of a P2P swarm and seed staying time has a significant bearing on the achievable per-receiver download rate. Specifically, our analysis shows that popularity affects swarm efficiency when seeds stay "long enough". We also show that ABR in a P2P setting helps viewers achieve higher playback rates and/or fewer interruptions. We develop the Joint-Family protocol based on the observations from our analysis. Peers in Joint-Family simultaneously participate in multiple swarms to exchange chunks of different bitrates. We adopt chunk, bitrate, and peer selection policies that minimize occurrence of interruptions while delivering high quality video and improving the efficiency of the system. Using traces from a large-scale commercial VoD service, we compare Joint-Family with existing approaches for P2P VoD and show that viewers in Joint-Family enjoy higher playback rates with minimal interruption, irrespective of video popularity

Federated and autonomic management of multimedia services

Over the years, the Internet has significantly evolved in size and complexity. Additionally, the modern multimedia services it offers have considerably more stringent Quality of Service (QoS) requirements than traditional static services. These factors contribute to the ever-increasing complexity and cost to manage the Internet and its services. In the dissertation, a novel network management architecture is proposed to overcome these problems. It supports QoS-guarantees of multimedia services across the Internet, by setting up end-to-end network federations. A network federation is defined as a persistent cross-organizational agreement that enables the cooperating networks to share capabilities. Additionally, the architecture incorporates aspects from autonomic network management to tackle the ever-growing management complexity of modern communications networks. Specifically, a hierarchical approach is presented, which guarantees scalable collaboration of huge amounts of self-governing autonomic management components

Side-channel timing attack on content privacy of named data networking

Tese de Doutoramento em Engenharia Electrónica e de ComputadoresA diversity of current applications, such as Netflix, YouTube, and social media, have used the Internet mainly as a content distribution network. Named Data Networking (NDN) is a network paradigm that attempts to answer today’s applications need by naming the content. NDN promises an optimized content distribution through a named content-centric design. One of the NDN key features is the use of in-network caching to improve network efficiency in terms of content distribution. However, the cached contents may put the consumer privacy at risk. Since the time response of cached contents is different from un-cached contents, the adversary may distinguish the cached contents (targets) from un-cached ones, through the side-channel timing responses. The scope of attack can be towards the content, the name, or the signature. For instance, the adversary may obtain the call history, the callee or caller location on a trusted Voice over NDN (VoNDN) and the popularity of contents in streaming applications (e.g. NDNtube, NDNlive) through side-channel timing responses of the cache. The side-channel timing attack can be mitigated by manipulating the time of the router responses. The countermeasures proposed by other researches, such as additional delay, random/probabilistic caching, group signatures, and no-caching can effectively be used to mitigate the attack. However, the content distribution may be affected by pre-configured countermeasures which may go against the goal of the original NDN paradigm. In this work, the detection and defense (DaD) approach is proposed to mitigate the attack efficiently and effectively. With the DaD usage, an attack can be detected by a multi-level detection mechanism, in order to apply the countermeasures against the adversarial faces. Also, the detections can be used to determine the severity of the attack. In order to detect the behavior of an adversary, a brute-force timing attack was implemented and simulated with the following applications and testbeds: i. a trusted application that mimics the VoNDN and identifies the cached certificate on a worldwide NDN testbed, and ii. a streaming-like NDNtube application to identify the popularity of videos on the NDN testbed and AT&T company. In simulation primary results showed that the multi-level detection based on DaD mitigated the attack about 39.1% in best-route, and 36.6% in multicast communications. Additionally, the results showed that DaD preserves privacy without compromising the efficiency benefits of in-network caching in NDNtube and VoNDN applications.Várias aplicações atuais, como o Netflix e o YouTube, têm vindo a usar a Internet como uma rede de distribuição de conteúdos. O Named Data Networking (NDN) é um paradigma recente nas redes de comunicações que tenta responder às necessidades das aplicações modernas, através da nomeação dos conteúdos. O NDN promete uma otimização da distribuição dos conteúdos usando uma rede centrada nos conteúdos. Uma das características principais do NDN é o uso da cache disponivel nos nós da rede para melhorar a eficiência desta em termos de distribuição de conteúdos. No entanto, a colocação dos conteúdos em cache pode colocar em risco a privacidade dos consumidores. Uma vez que a resposta temporal de um conteúdo em cache é diferente do de um conteúdo que não está em cache, o adversário pode distinguir os conteúdos que estão em cache dos que não estão em cache, através das respostas de side-channel. O objectivo do ataque pode ser direcionado para o conteúdo, o nome ou a assinatura da mensagem. Por exemplo, o adversário pode obter o histórico de chamadas, a localização do callee ou do caller num serviço seguro de voz sobre NDN (VoNDN) e a popularidade do conteúdos em aplicações de streaming (e.g. NDNtube, NDNlive) através das respostas temporais de side-channel. O side-channel timing attack pode ser mitigado manipulando o tempo das respostas dos routers. As contramedidas propostas por outros pesquisadores, tais como o atraso adicional, o cache aleatório /probabilístico, as assinaturas de grupo e não fazer cache, podem ser efetivamente usadas para mitigar um ataque. No entanto, a distribuição de conteúdos pode ser afetada por contramedidas pré-configuradas que podem ir contra o propósito original do paradigma NDN. Neste trabalho, a abordagem de detecção e defesa (DaD) é proposta para mitigar o ataque de forma eficiente e eficaz. Com o uso do DaD, um ataque pode ser detectado por um mecanismo de detecção multi-nível, a fim de aplicar as contramedidas contra as interfaces dos adversários. Além disso, as detecções podem ser usadas para determinar a gravidade do ataque. A fim de detectar o comportamento de um adversário, um timing attack de força-bruta foi implementado e simulado com as seguintes aplicações e plataformas (testbeds): i. uma aplicação segura que implementa o VoNDN e identifica o certificado em cache numa plataforma NDN mundial; e ii. uma aplicação de streaming do tipo NDNtube para identificar a popularidade de vídeos na plataforma NDN da empresa AT&T. Os resultados da simulação mostraram que a detecção multi-nível oferecida pelo DaD atenuou o ataque cerca de 39,1% em best-route e 36,5% em comunicações multicast. Para avaliar o efeito nos pedidos legítimos, comparou-se o DaD com uma contramedida estática, tendo-se verificado que o DaD foi capaz de preservar todos os pedidos legítimos

GRADES: Gradient descent for similarity caching

A similarity cache can reply to a query for an object with similar objects stored locally. In some applications of similarity caches, queries and objects are naturally represented as points in a continuous space. Examples include 360° videos where user's head orientation - expressed in spherical coordinates - determines what part of the video needs to be retrieved, and recommendation systems where the objects are embedded in a finite-dimensional space with a distance metric to capture content dissimilarity. Existing similarity caching policies are simple modifications of classic policies like LRU, LFU, and qLRU and ignore the continuous nature of the space where objects are embedded. In this paper, we propose Grades, a new similarity caching policy that uses gradient descent to navigate the continuous space and find the optimal objects to store in the cache. We provide theoretical convergence guarantees and show Grades increases the similarity of the objects served by the cache in both applications mentioned above

GRADES: Gradient descent for similarity caching

International audienceA similarity cache can reply to a query for an object with similar objects stored locally. In some applications of similarity caches, queries and objects are naturally represented as points in a continuous space. Examples include 360° videos where user's head orientation-expressed in spherical coordinates determines what part of the video needs to be retrieved, and recommendation systems where the objects are embedded in a finite-dimensional space with a distance metric to capture content dissimilarity. Existing similarity caching policies are simple modifications of classic policies like LRU, LFU, and qLRU and ignore the continuous nature of the space where objects are embedded. In this paper, we propose GRADES, a new similarity caching policy that uses gradient descent to navigate the continuous space and find the optimal objects to store in the cache. We provide theoretical convergence guarantees and show GRADES increases the similarity of the objects served by the cache in both applications mentioned above