Centralized prevention of denial of service attacks

The world has come to depend on the Internet at an increasing rate for communication, e-commerce, and many other essential services. As such, the Internet has become an integral part of the workings of society at large. This has lead to an increased vulnerability to remotely controlled disruption of vital commercial and government operations---with obvious implications. This disruption can be caused by an attack on one or more specific networks which will deny service to legitimate users or an attack on the Internet itself by creating large amounts of spurious traffic (which will deny services to many or all networks). Individual organizations can take steps to protect themselves but this does not solve the problem of an Internet wide attack. This thesis focuses on an analysis of the different types of Denial of Service attacks and suggests an approach to prevent both categories by centralized detection and limitation of excessive packet flows

Managing NFV using SDN and control theory

Control theory and SDN (Software Defined Networking) are key components for NFV (Network Function Virtualization) deployment. However little has been done to use a control-theoretic approach for SDN and NFV management. In this paper, we describe a use case for NFV management using control theory and SDN. We use the management architecture of RINA (a clean-slate Recursive InterNetwork Architecture) to manage Virtual Network Function (VNF) instances over the GENI testbed. We deploy Snort, an Intrusion Detection System (IDS) as the VNF. Our network topology has source and destination hosts, multiple IDSes, an Open vSwitch (OVS) and an OpenFlow controller. A distributed management application running on RINA measures the state of the VNF instances and communicates this information to a Proportional Integral (PI) controller, which then provides load balancing information to the OpenFlow controller. The latter controller in turn updates traffic flow forwarding rules on the OVS switch, thus balancing load across the VNF instances. This paper demonstrates the benefits of using such a control-theoretic load balancing approach and the RINA management architecture in virtualized environments for NFV management. It also illustrates that GENI can easily support a wide range of SDN and NFV related experiments

CHORUS Deliverable 3.4: Vision Document

The goal of the CHORUS Vision Document is to create a high level vision on audio-visual search engines in order to give guidance to the future R&D work in this area and to highlight trends and challenges in this domain. The vision of CHORUS is strongly connected to the CHORUS Roadmap Document (D2.3). A concise document integrating the outcomes of the two deliverables will be prepared for the end of the project (NEM Summit)

TV 2.0: animation readership / authorship on the internet

Traditional platforms for animation, such as broadcast television or cinema, are rapidly becoming obsolete as a new type of spectator demands more choice, the ability to interact with animated content and access to global distribution for their own user-generated work. Audiences are no longer satisfied with receiving a top down distribution of content from traditional cinema or broadcasters. Internet technologies are emerging to address this demand for active spectatorship and enable communities of interest to evolve their own alternative distribution methods. Viewing animation online has become increasingly accessible with the mass adoption of broadband and the emergence of new file formats. TV 2.0 is an amalgamation of Internet technologies that combine video on demand with the social networking capabilities of Web 2.0. In the age of TV 2.0, the role of the viewer has increased in complexity with new possibilities for active interaction and intervention with the content displayed. This new audience seeks a form of spectatorship that can extend beyond the passive recipience of programming distributed by elite broadcasters. TV 2.0 on the Internet has changed both methods of distribution and traditional patterns for the viewing of animation. However, any potential for democratic participation in the visual culture of moving images that this could entail may be a brief historic moment before the assimilation and control of active readership by mainstream corporate culture

Enabling Social Applications via Decentralized Social Data Management

An unprecedented information wealth produced by online social networks, further augmented by location/collocation data, is currently fragmented across different proprietary services. Combined, it can accurately represent the social world and enable novel socially-aware applications. We present Prometheus, a socially-aware peer-to-peer service that collects social information from multiple sources into a multigraph managed in a decentralized fashion on user-contributed nodes, and exposes it through an interface implementing non-trivial social inferences while complying with user-defined access policies. Simulations and experiments on PlanetLab with emulated application workloads show the system exhibits good end-to-end response time, low communication overhead and resilience to malicious attacks.Comment: 27 pages, single ACM column, 9 figures, accepted in Special Issue of Foundations of Social Computing, ACM Transactions on Internet Technolog