150 research outputs found
Energy-efficient caching for Video-on-Demand in Fixed-Mobile Convergent networks
The success of novel bandwidth-consuming multimedia services such as Video-on-Demand (VoD) is leading to a tremendous growth of the Internet traffic. Content caching can help to mitigate such uncontrolled growth by storing video content closer to the users in core, metro and access network nodes. So far, metro and especially access networks supporting mobile and fixed users have evolved independently, leveraging logically (and often also physically) separate infrastructures; this means that mobile users cannot access caches placed in the fixed access network (and vice-versa), even if they are geographically close to them, and energy consumption implications of such undesired effect must be investigated. We define an optimization problem modeling an energy-efficient placement of caches in core, metro and fixed/mobile access nodes of the network. Then, we show how the evolution towards a Fixed-Mobile Converged metro/access network, where fixed and mobile users can share caches, can reduce the energy consumed for VoD content delivery
Ontwerp en evaluatie van content distributie netwerken voor multimediale streaming diensten.
Traditionele Internetgebaseerde diensten voor het verspreiden van bestanden, zoals Web browsen en het versturen van e-mails, worden aangeboden via één centrale server. Meer recente netwerkdiensten zoals interactieve digitale televisie of video-op-aanvraag vereisen echter hoge kwaliteitsgaranties (QoS), zoals een lage en constante netwerkvertraging, en verbruiken een aanzienlijke hoeveelheid bandbreedte op het netwerk. Architecturen met één centrale server kunnen deze garanties moeilijk bieden en voldoen daarom niet meer aan de hoge eisen van de volgende generatie multimediatoepassingen. In dit onderzoek worden daarom nieuwe netwerkarchitecturen bestudeerd, die een dergelijke dienstkwaliteit kunnen ondersteunen. Zowel peer-to-peer mechanismes, zoals bij het uitwisselen van muziekbestanden tussen eindgebruikers, als servergebaseerde oplossingen, zoals gedistribueerde caches en content distributie netwerken (CDN's), komen aan bod. Afhankelijk van de bestudeerde dienst en de gebruikte netwerktechnologieën en -architectuur, worden gecentraliseerde algoritmen voor netwerkontwerp voorgesteld. Deze algoritmen optimaliseren de plaatsing van de servers of netwerkcaches en bepalen de nodige capaciteit van de servers en netwerklinks. De dynamische plaatsing van de aangeboden bestanden in de verschillende netwerkelementen wordt aangepast aan de heersende staat van het netwerk en aan de variërende aanvraagpatronen van de eindgebruikers. Serverselectie, herroutering van aanvragen en het verspreiden van de belasting over het hele netwerk komen hierbij ook aan bod
Integration of browser-to-browser architectures with third party legacy cloud storage
An increasing number of web applications run totally or partially in the client machines
- from collaborative editing tools to multi-user games. Avoiding to continuously contact
the server allows to reduce latency between clients and to minimize the load on the
centralized component. Novel implementation techniques, such as WebRTC, allows to
address network problems that previously prevented these systems to be deployed in
practice. Legion is a newly developed framework that exploits these mechanisms, allowing client web applications to replicate data from servers, and synchronize these replicas directly among them.
This work aims to extend the current Legion framework with the integration of an
additional legacy storage system that can be used to support web applications, Antidote. We study the best way to support Legion’s data model into Antidote, we design a synchronization mechanism, and finally we measure the performance cost of such an integration
Cost-Aware Resource Management for Decentralized Internet Services
Decentralized network services, such as naming systems, content
distribution networks, and publish-subscribe systems, play an
increasingly critical role and are required to provide high
performance, low latency service, achieve high availability in the
presence of network and node failures, and handle a large volume
of users. Judicious utilization of expensive system resources,
such as memory space, network bandwidth, and number of machines,
is fundamental to achieving the above properties. Yet, current
network services typically rely on less-informed, heuristic-based
techniques to manage scarce resources, and often fall short of
expectations.
This thesis presents a principled approach for building high
performance, robust, and scalable network services. The key
contribution of this thesis is to show that resolving the
fundamental cost-benefit tradeoff between resource consumption and
performance through mathematical optimization is practical in
large-scale distributed systems, and enables decentralized network
services to meet efficiently system-wide performance goals. This
thesis presents a practical approach for resource management in
three stages: analytically model the cost-benefit tradeoff as a
constrained optimization problem, determine a near-optimal
resource allocation strategy on the fly, and enforce the derived
strategy through light-weight, decentralized mechanisms. It
builds on self-organizing structured overlays, which provide
failure resilience and scalability, and complements them with
stronger performance guarantees and robustness under sudden
changes in workload. This work enables applications to meet
system-wide performance targets, such as low average response
times, high cache hit rates, and small update dissemination times
with low resource consumption. Alternatively, applications can
make the maximum use of available resources, such as storage and
bandwidth, and derive large gains in performance.
I have implemented an extensible framework called Honeycomb to
perform cost-aware resource management on structured overlays
based on the above approach and built three critical network
services using it. These services consist of a new name system for
the Internet called CoDoNS that distributes data associated with
domain names, an open-access content distribution network called
CobWeb that caches web content for faster access by users, and an
online information monitoring system called Corona that notifies
users about changes to web pages. Simulations and performance
measurements from a planetary-scale deployment show that these
services provide unprecedented performance improvement over the
current state of the art
Social distributed content caching in federated residential networks
This work addresses the need for content sharing and backup in household equipped with a home gateway that stores, tags and manages the data collected by the home users. Our solution leverages the interaction between remote gateways in a social way, i.e., by exploiting the users' social networking information, so that caching recipients are those gateways whose users are most likely to be interested in accessing the shared content. We formulate this problem as a Budgeted Maximum Coverage (BMC) problem and we numerically compute the optimal content caching solution. We then propose a low-complexity, distributed heuristic algorithm and use simulation in a synthetic social network scenario to show that the final content placement among "friendly" gateways well approximates the optimal solution under different network setting
Adaptive Response System for Distributed Denial-of-Service Attacks
The continued prevalence and severe damaging effects of the Distributed Denial of Service (DDoS)
attacks in today’s Internet raise growing security concerns and call for an immediate response to come
up with better solutions to tackle DDoS attacks. The current DDoS prevention mechanisms are usually
inflexible and determined attackers with knowledge of these mechanisms, could work around them.
Most existing detection and response mechanisms are standalone systems which do not rely on
adaptive updates to mitigate attacks. As different responses vary in their “leniency” in treating
detected attack traffic, there is a need for an Adaptive Response System.
We designed and implemented our DDoS Adaptive ResponsE (DARE) System, which is a
distributed DDoS mitigation system capable of executing appropriate detection and mitigation
responses automatically and adaptively according to the attacks. It supports easy integrations for both
signature-based and anomaly-based detection modules. Additionally, the design of DARE’s individual
components takes into consideration the strengths and weaknesses of existing defence mechanisms,
and the characteristics and possible future mutations of DDoS attacks. These components consist of an
Enhanced TCP SYN Attack Detector and Bloom-based Filter, a DDoS Flooding Attack Detector and
Flow Identifier, and a Non Intrusive IP Traceback mechanism. The components work together
interactively to adapt the detections and responses in accordance to the attack types. Experiments
conducted on DARE show that the attack detection and mitigation are successfully completed within
seconds, with about 60% to 86% of the attack traffic being dropped, while availability for legitimate
and new legitimate requests is maintained. DARE is able to detect and trigger appropriate responses in
accordance to the attacks being launched with high accuracy, effectiveness and efficiency.
We also designed and implemented a Traffic Redirection Attack Protection System (TRAPS), a
stand-alone DDoS attack detection and mitigation system for IPv6 networks. In TRAPS, the victim
under attack verifies the authenticity of the source by performing virtual relocations to differentiate the
legitimate traffic from the attack traffic. TRAPS requires minimal deployment effort and does not
require modifications to the Internet infrastructure due to its incorporation of the Mobile IPv6
protocol. Experiments to test the feasibility of TRAPS were carried out in a testbed environment to
verify that it would work with the existing Mobile IPv6 implementation. It was observed that the
operations of each module were functioning correctly and TRAPS was able to successfully mitigate an
attack launched with spoofed source IP addresses
- …