Application-driven network management with ProtoRINA

Traditional network management is tied to the TCP/IP architecture, thus it inherits its many limitations, e.g., static management and one-size-fits-all structure. Additionally there is no unified framework for application management, and service (application) providers have to rely on their own ad-hoc mechanisms to manage their application services. The Recursive InterNetwork Architecture (RINA) is our solution to achieve better network management. RINA provides a unified framework for application-driven network management along with built-in mechanisms (including registration, authentication, enrollment, addressing, etc.), and it allows the dynamic formation of secure communication containers for service providers in support of various requirements. In this paper, we focus on how application-driven network management can be achieved over the GENI testbed using ProtoRINA, a user-space prototype of RINA. We demonstrate how video can be efficiently multicast to many clients on demand by dynamically creating a delivery tree. Under RINA, multicast can be enabled through a secure communication container that is dynamically formed to support video transport either through application proxies or via relay IPC processes. Experimental results over the GENI testbed show that application-driven network management enabled by ProtoRINA can achieve better network and application performance.National Science Foundation (NSF grant CNS-0963974)

Multi-layer virtual transport network management

Nowadays there is an increasing need for a general paradigm which can simplify network management and further enable network innovations. Software Defined Networking (SDN) is an efficient way to make the network programmable and reduce management complexity, however it is plagued with limitations inherited from the legacy Internet (TCP/IP) architecture. In this paper, in response to limitations of current Software Defined Networking (SDN) management solutions, we propose a recursive approach to enterprise network management, where network management is done through managing various Virtual Transport Networks (VTNs) over different scopes (i.e., regions of operation). Different from the traditional virtual network model which mainly focuses on routing/tunneling, our VTN provides communication service with explicit Quality-of-Service (QoS) support for applications via transport flows, and it involves all mechanisms (e.g., addressing, routing, error and flow control, resource allocation) needed to support such transport flows. Based on this approach, we design and implement a management architecture, which recurses the same VTN-based management mechanism for enterprise network management. Our experimental results show that our management architecture achieves better performance.National Science Foundation awards: CNS-0963974 and CNS-1346688

Multi-layer virtual transport network design

Service overlay networks and network virtualization enable multiple overlay/virtual networks to run over a common physical network infrastructure. They are widely used to overcome deficiencies of the Internet (e.g., resiliency, security and QoS guarantees). However, most overlay/virtual networks are used for routing/tunneling purposes, and not for providing scoped transport flows (involving all mechanisms such as error and flow control, resource allocation, etc.), which can allow better network resource allocation and utilization. Most importantly, the design of overlay/virtual networks is mostly single-layered, and lacks dynamic scope management, which is important for application and network management. In response to these limitations, we propose a multi-layer approach to Virtual Transport Network (VTN) design. This design is a key part of VTN-based network management, where network management is done via managing various VTNs over different scopes (i.e., ranges of operation). Our simulation and experimental results show that our multi-layer approach to VTN design can achieve better performance compared to the traditional single-layer design used for overlay/virtual networks.This work has been partly supported by National Science Foundation awards: CNS-0963974 and CNS-1346688

REMOTE MOBILE SCREEN (RMS): AN APPROACH FOR SECURE BYOD ENVIRONMENTS

Bring Your Own Device (BYOD) is a policy where employees use their own personal mobile devices to perform work-related tasks. Enterprises reduce their costs since they do not have to purchase and provide support for the mobile devices. BYOD increases job satisfaction and productivity in the employees, as they can choose which device to use and do not need to carry two or more devices. However, BYOD policies create an insecure environment, as the corporate network is extended and it becomes harder to protect it from attacks. In this scenario, the corporate information can be leaked, personal and corporate spaces are not separated, it becomes difficult to enforce security policies on the devices, and employees are worried about their privacy. Consequently, a secure BYOD environment must achieve the following goals: space isolation, corporate data protection, security policy enforcement, true space isolation, non-intrusiveness, and low resource consumption. We found that none of the currently available solutions achieve all of these goals. We developed Remote Mobile Screen (RMS), a framework that meets all the goals for a secure BYOD environment. To achieve this, the enterprise provides the employee with a Virtual Machine (VM) running a mobile operating system, which is located in the enterprise network and to which the employee connects using the mobile device. We provide an implementation of RMS using commonly available software for an x86 architecture. We address RMS challenges related to compatibility, scalability and latency. For the first challenge, we show that at least 90.2% of the productivity applications from Google Play can be installed on an x86 architecture, while at least 80.4% run normally. For the second challenge, we deployed our implementation on a high-performance server and run up to 596 VMs using 256 GB of RAM. Further, we show that the number of VMs is proportional to the available RAM. For the third challenge, we used our implementation on GENI and conclude that an application latency of 150 milliseconds can be achieved. Adviser: Byrav Ramamurth

Classification of Email Messages

Tänapäeval on elektronpost üks enimkasutatud rakendusi, mis arvuti jaoks on läbi aegade leiutatud. Kuna saadetavate ekirjade hulk kasvab kiiresti oleme me aina enam seismas silmitsi probleemiga, kus infot tuleb liiga palju ja selle hulgast vajaliku leidmine muutub üha raskemaks. Antud töö eesmärk on anda ülevaade erinevatest klassifitseerimismeetoditest ja võimalustest antud probleemi lahendada läbi ekirjade klassifitseerimise. Antud töö annab ülevaate erinevatest klassifitseerimismeetoditest, võtmesõnade ja võtmefraaside leidmisest ning sellest, kuidas tekstist leitud informatsiooni erinevatesse klassidesse jagada. Samuti tutvustab lühidalt elektronkirja formaati, annab ülevaate, milliseid programme kasutatakse enim elektronkirjade lugemiseks ning toob välja statistika saadetud elektronkirjade hulga kohta aastas. Samuti tutvustab põgusalt suurest ekirjade hulgast põhjustatud infokülluse probleemi. Töö lõpus viiakse läbi ka reaalne katse kasutades meililugemisprogramme – Microsoft Outlook ja Mozilla Thunderbird – ja neisse sisseehitatud kirjade klassifitseerimise funktsionaalsust. Katse tulemusena võib öelda, et mõlema meiliprogrammi vastav funktsionaalsus töötab hästi ja on kasutajale igapäevaselt suureks abiks, et hoida saabuvad kirjad kontrolli all ja klassifitseerida neid vastavalt kasutaja soovile, et seeläbi lihtsustada vajaliku info leidmist.Today email is one of the most widely used communication methods. It has been used for decades by now and is used daily by organizations as well as by individuals to forward and receive all kind of information. Considering this the amount of email messages sent and received has grown significantly and more than before we are seriously facing a message overload problem. To make managing and finding messages easier it is reasonable to classify messages based on user needs. The specific way for classifying emails can be developed by every person just the way it is reasonable for the specific user. An electronic message or in short email consists of two parts: the message body (email content) and the message header. By using information from there I will try to classify email messages to make it easier to find and manage both incoming and existing emails. This thesis aims to give an overview of what classification is and introduce some common classification methods. Another aim is to briefly introduce email format and message overload problem and to take a look at the number of emails sent yearly. Last aim is to study different built-in features for widely used email programs to see if these features are useful for classifying emails to make finding information faster and easier. This thesis is divided into 3 chapters. The first chapter gives an overview of email message format, the message overload problem, widely used email clients, and the amount of emails sent. In chapter two some classification methods, information extraction, categorization and classification are introduced. In chapter three some real life experiments are conducted to show how to use email clients to classify email messages

HIL: designing an exokernel for the data center

We propose a new Exokernel-like layer to allow mutually untrusting physically deployed services to efficiently share the resources of a data center. We believe that such a layer offers not only efficiency gains, but may also enable new economic models, new applications, and new security-sensitive uses. A prototype (currently in active use) demonstrates that the proposed layer is viable, and can support a variety of existing provisioning tools and use cases.Partial support for this work was provided by the MassTech Collaborative Research Matching Grant Program, National Science Foundation awards 1347525 and 1149232 as well as the several commercial partners of the Massachusetts Open Cloud who may be found at http://www.massopencloud.or

Jetstream: A Distributed Cloud Infrastructure for Under-resourced Higher Education Communities

The US National Science Foundation (NSF) in 2015 awarded funding for a first-of-a-kind distributed cyberinfrastructure (DCI) system called Jetstream. Jetstream will be the NSF’s first production cloud for general-purpose science and engineering research and education. Jetstream, scheduled for production in January 2016, will be based on the OpenStack cloud environment software with a menu-driven interface to make it easy for users to select a pre-composed Virtual Machine (VM) to perform a particular discipline-specific analysis. Jetstream will use the Atmosphere user interface developed as part of iPlant, providing a low barrier to use by practicing scientists, engineers, educators, and students, and Globus services from the University of Chicago for seamless integration into the national cyberinfrastructure fabric. The team implementing Jetstream has as their primary mission extending the reach of the NSF’s eXtreme Digital (XD) program to researchers, educators, and research students who have not previously used NSF XD program resources, including those in communities and at institutions that traditionally lack significant cyberinfrastructure resources. We will, for example, use virtual Linux Desktops to deliver DCI capabilities supporting research and research education at small colleges and universities, including Historically Black Colleges and Universities (HBCUs), Minority Serving Institutions (MSIs), Tribal colleges, and higher education institutions in states designated by the NSF as eligible for funding via the Experimental Program to Stimulate Competitive Research (EPSCoR). Jetstream will be a novel distributed cyberinfrastructure, with production components in Indiana and Texas. In particular, Jetstream will deliver virtual Linux desktops to tablet devices and PDAs with reasonable responsiveness running over cellular networks. This paper will discuss design and application plans for Jetstream as a novel Distributed CyberInfrastructure system for research education.National Science Foundation (NSF) grant ACI-1445604. NSF grant OCI-1053575 for campus bridging activitie