Cooperative announcement-based caching for video-on-demand streaming

Recently, video-on-demand (VoD) streaming services like Netflix and Hulu have gained a lot of popularity. This has led to a strong increase in bandwidth capacity requirements in the network. To reduce this network load, the design of appropriate caching strategies is of utmost importance. Based on the fact that, typically, a video stream is temporally segmented into smaller chunks that can be accessed and decoded independently, cache replacement strategies have been developed that take advantage of this temporal structure in the video. In this paper, two caching strategies are proposed that additionally take advantage of the phenomenon of binge watching, where users stream multiple consecutive episodes of the same series, reported by recent user behavior studies to become the everyday behavior. Taking into account this information allows us to predict future segment requests, even before the video playout has started. Two strategies are proposed, both with a different level of coordination between the caches in the network. Using a VoD request trace based on binge watching user characteristics, the presented algorithms have been thoroughly evaluated in multiple network topologies with different characteristics, showing their general applicability. It was shown that in a realistic scenario, the proposed election-based caching strategy can outperform the state-of-the-art by 20% in terms of cache hit ratio while using 4% less network bandwidth

Attacking and securing Network Time Protocol

Network Time Protocol (NTP) is used to synchronize time between computer systems communicating over unreliable, variable-latency, and untrusted network paths. Time is critical for many applications; in particular it is heavily utilized by cryptographic protocols. Despite its importance, the community still lacks visibility into the robustness of the NTP ecosystem itself, the integrity of the timing information transmitted by NTP, and the impact that any error in NTP might have upon the security of other protocols that rely on timing information. In this thesis, we seek to accomplish the following broad goals: 1. Demonstrate that the current design presents a security risk, by showing that network attackers can exploit NTP and then use it to attack other core Internet protocols that rely on time. 2. Improve NTP to make it more robust, and rigorously analyze the security of the improved protocol. 3. Establish formal and precise security requirements that should be satisfied by a network time-synchronization protocol, and prove that these are sufficient for the security of other protocols that rely on time. We take the following approach to achieve our goals incrementally. 1. We begin by (a) scrutinizing NTP's core protocol (RFC 5905) and (b) statically analyzing code of its reference implementation to identify vulnerabilities in protocol design, ambiguities in specifications, and flaws in reference implementations. We then leverage these observations to show several off- and on-path denial-of-service and time-shifting attacks on NTP clients. We then show cache-flushing and cache-sticking attacks on DNS(SEC) that leverage NTP. We quantify the attack surface using Internet measurements, and suggest simple countermeasures that can improve the security of NTP and DNS(SEC). 2. Next we move beyond identifying attacks and leverage ideas from Universal Composability (UC) security framework to develop a cryptographic model for attacks on NTP's datagram protocol. We use this model to prove the security of a new backwards-compatible protocol that correctly synchronizes time in the face of both off- and on-path network attackers. 3. Next, we propose general security notions for network time-synchronization protocols within the UC framework and formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols (including but not limited to NTP), and how they can be used to assert security of time-reliant applications-specifically, cryptographic certificates with revocation and expiration times. Our security framework allows for a clear and modular treatment of the use of time in security-sensitive systems. Our work makes the core NTP protocol and its implementations more robust and secure, thus improving the security of applications and protocols that rely on time

Traffic analysis of Internet user behavior and content demand patterns

El estudio del trafico de internet es relevante para poder mejorar la calidad de servicio de los usuarios. Ser capaz de conocer cuales son los servicios más populares y las horas con más usuarios activos permite identificar la cantidad de tráfico producido y, por lo tanto, diseñar una red capaz de soportar la actividad esperada. La implementación de una red considerando este conocimiento puede reducir el tiempo de espera considerablemente, mejorando la experiencia de los usuarios en la web. Ya existen análisis del trafico de los usuarios y de sus patrones de demanda. Pero, los datos utilizados en estos estudios no han sido renovados, por lo tanto los resultados obtenidos pueden estar obsoletos y se han podido producir cambios importantes. En esta tesis, se estudia la cantidad de trafico entrante y saliente producido por diferentes aplicaciones y se ha hecho una evolución teniendo en cuenta datos presentes y pasados. Esto nos permitirá entender los cambios producidos desde 2007 hasta 2015 y observar las tendencias actuales. Además, se han analizado los patrones de demanda de usuarios del inicio de 2016 y se han comparado con resultados previos. La evolución del tráfico demuestra cambios en las preferencias de los usuarios, a pesar de que los patrones de demanda siguen siendo los mismos que en años anteriores. Los resultados obtenidos en esta tesis confirman las predicciones sobre un aumento del tráfico de 'Streaming Media'; se ha comprobado que el tráfico de 'Streaming Media' es el tráfico total dominante, con Netflix como el mayor contribuidor.L'estudi del trànsit d'Internet és rellevant per a poder millor la qualitat de servei dels usuaris. Ser capaç de conèixer quins són els serveis més popular i les hores amb més usuaris actius permet identificar la quantitat de trànsit produït i, per tant, dissenyar una xarxa capaç de soportar la activitat esperada. L'implementació d'una xarxa considerant aquest coneixement pot reduir el temps d'espera considerablement, millorant l'experiència dels usuaris a la web. Ja existeixen anàlisis del transit dels usuaris i els seus patrons de demanda. Però, les dades utilitzades en aquests estudis no han sigut renovades, per tant els resultats obtinguts poden estar obsolets i s'han produït canvis importants. En aquesta tesis, s'estudia la quantitat de transit entrant i sortint produit per diferents aplicacions i s'ha fet una evolució, tenint en compte dades presents i passades. Això ens permetrà entendre els canvis produïts des de 2007 fins 2015 i observar les tendències actuals. A més, s'han analitzat els patrons de demanda de usuaris de principis de 2016 i s'han comparat amb resultats previs. L'evolució del trànsit mostra canvis en las preferències dels usuaris, en canvi els patrons de demanda continuen sent els mateixos que en anys posteriors. Els resultats obtinguts en aquesta tesis confirmen les prediccions sobre un augment del trànsit de 'Streaming Media'; s'ha comprovat que el trànsit de 'Streaming Media' es el trànsit total dominant, amb Netflix com el major contribuïdor.The study of Internet traffic is relevant in order to improve the quality of service of users. Being able to know which are the most popular services and the hours with most active users can let us identify the amount of inbound and outbound traffic produced, and hence design a network able to support the activity expected. The implementation of a network considering that knowledge can reduce the waiting time of users considerably, improving the users’ experience in the web. Analysis of users’ traffic and user demand patterns already exist. However, the data used in these studies is not renewed, thus the results found can be obsolete and considerable changes would have happened. In this bachelor’s thesis, it is studied the amount of inbound and outbound traffic produced considering different applications and the evolution when regarding previous and actual data has been taken into account. This would let us understand the changes produced from 2007 to 2015 and observe the tendencies nowadays. In addition, it has been analyzed the user demand patterns in the beginning of 2016 and it has been contrasted with previous results. The evolution of traffic has shown changes in users’ preferences, although their demand patterns are still the same as previous years. The results found in this thesis confirmed the expectations about an increase of streaming media Internet traffic; it was proved that streaming media traffic is the dominant total traffic, with Netflix as the major contributor

Building a flexible web caching system.

Web caching is a technology that has demonstrated to improve traffic on the Internet. To find out how to implement a Web caching architecture that assures improvements is not an easy task. The problem is more difficult when we are interested in deploying a distributed and cooperative Web caching system. We have found that some cooperative Web caching architectures could be unviable when changes on the network environment appear. This situation suggests that a cooperative Web caching system could get worst access to Web objects. However in this paper we present an architecture that combines the best of several Web caching configurations that we have previously analyzed. Our architecture gives basic ideas for implementing a cooperative Web caching system using groups of HTTP proxy servers which can improve access to remote Web objects regardless of the changes that might occur on the network environment (changes that could produce modifications in Web object validation policies and/or types of caching communication).Peer Reviewe