2,347 research outputs found
Service quality measurements for IPv6 inter-networks
Measurement-based performance evaluation of
network traffic is becoming very important, especially for
networks trying to provide differentiated levels of service quality to the different application flows. The non-identical response of flows to the different types of network-imposed performance degradation raises the need for ubiquitous measurement mechanisms, able to measure numerous performance properties, and being equally applicable to different applications and transports. This paper presents a new measurement mechanism, facilitated by the steady introduction of IPv6 in network nodes and hosts, which exploits native features of the protocol to provide support for performance measurements at the network (IP) layer. IPv6 Extension Headers have been used to carry the
triggers involving the measurement activity and the
measurement data in-line with the payload data itself, providing a high level of probability that the behaviour of the real user traffic flows is observed. End-to-end one-way delay, jitter, loss, and throughput have been measured for applications operating on top of both reliable and unreliable transports, over different-capacity
IPv6 network configurations. We conclude that this
technique could form the basis for future Internet measurements that can be dynamically deployed where and when required in a multi-service IP environment
Increasing resilience of ATM networks using traffic monitoring and automated anomaly analysis
Systematic network monitoring can be the cornerstone for
the dependable operation of safety-critical distributed
systems. In this paper, we present our vision for informed
anomaly detection through network monitoring and
resilience measurements to increase the operators'
visibility of ATM communication networks. We raise the
question of how to determine the optimal level of
automation in this safety-critical context, and we present a
novel passive network monitoring system that can reveal
network utilisation trends and traffic patterns in diverse
timescales. Using network measurements, we derive
resilience metrics and visualisations to enhance the
operators' knowledge of the network and traffic behaviour,
and allow for network planning and provisioning based on
informed what-if analysis
Measuring named data networks
2020 Spring.Includes bibliographical references.Named Data Networking (NDN) is a promising information-centric networking (ICN) Internet architecture that addresses the content directly rather than addressing servers. NDN provides new features, such as content-centric security, stateful forwarding, and in-network caches, to better satisfy the needs of today's applications. After many years of technological research and experimentation, the community has started to explore the deployment path for NDN. One NDN deployment challenge is measurement. Unlike IP, which has a suite of measurement approaches and tools, NDN only has a few achievements. NDN routing and forwarding are based on name prefixes that do not refer to individual endpoints. While rich NDN functionalities facilitate data distribution, they also break the traditional end-to-end probing based measurement methods. In this dissertation, we present our work to investigate NDN measurements and fill some research gaps in the field. Our thesis of this dissertation states that we can capture a substantial amount of useful and actionable measurements of NDN networks from end hosts. We start by comparing IP and NDN to propose a conceptual framework for NDN measurements. We claim that NDN can be seen as a superset of IP. NDN supports similar functionalities provided by IP, but it has unique features to facilitate data retrieval. The framework helps identify that NDN lacks measurements in various aspects. This dissertation focuses on investigating the active measurements from end hosts. We present our studies in two directions to support the thesis statement. We first present the study to leverage the similarities to replicate IP approaches in NDN networks. We show the first work to measure the NDN-DPDK forwarder, a high-speed NDN forwarder designed and implemented by the National Institute of Standards and Technology (NIST), in a real testbed. The results demonstrate that Data payload sizes dominate the forwarding performance, and efficiently using every fragment to improve the goodput. We then present the first work to replicate packet dispersion techniques in NDN networks. Based on the findings in the NDN-DPDK forwarder benchmark, we devise the techniques to measure interarrivals for Data packets. The results show that the techniques successfully estimate the capacity on end hosts when 1Gbps network cards are used. Our measurements also indicate the NDN-DPDK forwarder introduces variance in Data packet interarrivals. We identify the potential bottlenecks and the possible causes of the variance. We then address the NDN specific measurements, measuring the caching state in NDN networks from end hosts. We propose a novel method to extract fingerprints for various caching decision mechanisms. Our simulation results demonstrate that the method can detect caching decisions in a few rounds. We also show that the method is not sensitive to cross-traffic and can be deployed on real topologies for caching policy detection
Optimizing the delivery of multimedia over mobile networks
Mención Internacional en el título de doctorThe consumption of multimedia content is moving from a residential environment to mobile
phones. Mobile data traffic, driven mostly by video demand, is increasing rapidly and wireless
spectrum is becoming a more and more scarce resource. This makes it highly important to operate
mobile networks efficiently. To tackle this, recent developments in anticipatory networking
schemes make it possible to to predict the future capacity of mobile devices and optimize the
allocation of the limited wireless resources. Further, optimizing Quality of Experience—smooth,
quick, and high quality playback—is more difficult in the mobile setting, due to the highly dynamic
nature of wireless links. A key requirement for achieving, both anticipatory networking
schemes and QoE optimization, is estimating the available bandwidth of mobile devices. Ideally,
this should be done quickly and with low overhead.
In summary, we propose a series of improvements to the delivery of multimedia over mobile
networks. We do so, be identifying inefficiencies in the interconnection of mobile operators with
the servers hosting content, propose an algorithm to opportunistically create frequent capacity estimations
suitable for use in resource optimization solutions and finally propose another algorithm
able to estimate the bandwidth class of a device based on minimal traffic in order to identify the
ideal streaming quality its connection may support before commencing playback.
The main body of this thesis proposes two lightweight algorithms designed to provide bandwidth
estimations under the high constraints of the mobile environment, such as and most notably
the usually very limited traffic quota. To do so, we begin with providing a thorough overview
of the communication path between a content server and a mobile device. We continue with
analysing how accurate smartphone measurements can be and also go in depth identifying the
various artifacts adding noise to the fidelity of on device measurements. Then, we first propose
a novel lightweight measurement technique that can be used as a basis for advanced resource
optimization algorithms to be run on mobile phones. Our main idea leverages an original packet
dispersion based technique to estimate per user capacity. This allows passive measurements by
just sampling the existing mobile traffic. Our technique is able to efficiently filter outliers introduced
by mobile network schedulers and phone hardware. In order to asses and verify our
measurement technique, we apply it to a diverse dataset generated by both extensive simulations
and a week-long measurement campaign spanning two cities in two countries, different radio
technologies, and covering all times of the day. The results demonstrate that our technique is effective even if it is provided only with a small fraction of the exchanged packets of a flow. The
only requirement for the input data is that it should consist of a few consecutive packets that are
gathered periodically. This makes the measurement algorithm a good candidate for inclusion in
OS libraries to allow for advanced resource optimization and application-level traffic scheduling,
based on current and predicted future user capacity.
We proceed with another algorithm that takes advantage of the traffic generated by short-lived
TCP connections, which form the majority of the mobile connections, to passively estimate the
currently available bandwidth class. Our algorithm is able to extract useful information even if the
TCP connection never exits the slow start phase. To the best of our knowledge, no other solution
can operate with such constrained input. Our estimation method is able to achieve good precision
despite artifacts introduced by the slow start behavior of TCP, mobile scheduler and phone hardware.
We evaluate our solution against traces collected in 4 European countries. Furthermore, the
small footprint of our algorithm allows its deployment on resource limited devices.
Finally, in an attempt to face the rapid traffic increase, mobile application developers outsource
their cloud infrastructure deployment and content delivery to cloud computing services
and content delivery networks. Studying how these services, which we collectively denote Cloud
Service Providers (CSPs), perform over Mobile Network Operators (MNOs) is crucial to understanding
some of the performance limitations of today’s mobile apps. To that end, we perform
the first empirical study of the complex dynamics between applications, MNOs and CSPs. First,
we use real mobile app traffic traces that we gathered through a global crowdsourcing campaign
to identify the most prevalent CSPs supporting today’s mobile Internet. Then, we investigate how
well these services interconnect with major European MNOs at a topological level, and measure
their performance over European MNO networks through a month-long measurement campaign
on the MONROE mobile broadband testbed. We discover that the top 6 most prevalent CSPs
are used by 85% of apps, and observe significant differences in their performance across different
MNOs due to the nature of their services, peering relationships with MNOs, and deployment
strategies. We also find that CSP performance in MNOs is affected by inflated path length, roaming,
and presence of middleboxes, but not influenced by the choice of DNS resolver. We also
observe that the choice of operator’s Point of Presence (PoP) may inflate by at least 20% the
delay towards popular websites.This work has been supported by IMDEA Networks Institute.Programa Oficial de Doctorado en Ingeniería TelemáticaPresidente: Ahmed Elmokashfi.- Secretario: Rubén Cuevas Rumín.- Vocal: Paolo Din
Mockingbird: Defending Against Deep-Learning-Based Website Fingerprinting Attacks with Adversarial Traces
Website Fingerprinting (WF) is a type of traffic analysis attack that enables
a local passive eavesdropper to infer the victim's activity, even when the
traffic is protected by a VPN or an anonymity system like Tor. Leveraging a
deep-learning classifier, a WF attacker can gain over 98% accuracy on Tor
traffic. In this paper, we explore a novel defense, Mockingbird, based on the
idea of adversarial examples that have been shown to undermine machine-learning
classifiers in other domains. Since the attacker gets to design and train his
attack classifier based on the defense, we first demonstrate that at a
straightforward technique for generating adversarial-example based traces fails
to protect against an attacker using adversarial training for robust
classification. We then propose Mockingbird, a technique for generating traces
that resists adversarial training by moving randomly in the space of viable
traces and not following more predictable gradients. The technique drops the
accuracy of the state-of-the-art attack hardened with adversarial training from
98% to 42-58% while incurring only 58% bandwidth overhead. The attack accuracy
is generally lower than state-of-the-art defenses, and much lower when
considering Top-2 accuracy, while incurring lower bandwidth overheads.Comment: 18 pages, 13 figures and 8 Tables. Accepted in IEEE Transactions on
Information Forensics and Security (TIFS
- …