680 research outputs found
Worm Epidemics in Wireless Adhoc Networks
A dramatic increase in the number of computing devices with wireless
communication capability has resulted in the emergence of a new class of
computer worms which specifically target such devices. The most striking
feature of these worms is that they do not require Internet connectivity for
their propagation but can spread directly from device to device using a
short-range radio communication technology, such as WiFi or Bluetooth. In this
paper, we develop a new model for epidemic spreading of these worms and
investigate their spreading in wireless ad hoc networks via extensive Monte
Carlo simulations. Our studies show that the threshold behaviour and dynamics
of worm epidemics in these networks are greatly affected by a combination of
spatial and temporal correlations which characterize these networks, and are
significantly different from the previously studied epidemics in the Internet
MOON: MapReduce On Opportunistic eNvironments
Abstract—MapReduce offers a flexible programming model for processing and generating large data sets on dedicated resources, where only a small fraction of such resources are every unavailable at any given time. In contrast, when MapReduce is run on volunteer computing systems, which opportunistically harness idle desktop computers via frameworks like Condor, it results in poor performance due to the volatility of the resources, in particular, the high rate of node unavailability. Specifically, the data and task replication scheme adopted by existing MapReduce implementations is woefully inadequate for resources with high unavailability. To address this, we propose MOON, short for MapReduce On Opportunistic eNvironments. MOON extends Hadoop, an open-source implementation of MapReduce, with adaptive task and data scheduling algorithms in order to offer reliable MapReduce services on a hybrid resource architecture, where volunteer computing systems are supplemented by a small set of dedicated nodes. The adaptive task and data scheduling algorithms in MOON distinguish between (1) different types of MapReduce data and (2) different types of node outages in order to strategically place tasks and data on both volatile and dedicated nodes. Our tests demonstrate that MOON can deliver a 3-fold performance improvement to Hadoop in volatile, volunteer computing environments
Towards secure message systems
Message systems, which transfer information from sender to recipient via communication networks, are indispensable to our modern society. The enormous user base of message systems and their critical role in information delivery make it the top priority to secure message systems. This dissertation focuses on securing the two most representative and dominant messages systems---e-mail and instant messaging (IM)---from two complementary aspects: defending against unwanted messages and ensuring reliable delivery of wanted messages.;To curtail unwanted messages and protect e-mail and instant messaging users, this dissertation proposes two mechanisms DBSpam and HoneyIM, which can effectively thwart e-mail spam laundering and foil malicious instant message spreading, respectively. DBSpam exploits the distinct characteristics of connection correlation and packet symmetry embedded in the behavior of spam laundering and utilizes a simple statistical method, Sequential Probability Ratio Test, to detect and break spam laundering activities inside a customer network in a timely manner. The experimental results demonstrate that DBSpam is effective in quickly and accurately capturing and suppressing e-mail spam laundering activities and is capable of coping with high speed network traffic. HoneyIM leverages the inherent characteristic of spreading of IM malware and applies the honey-pot technology to the detection of malicious instant messages. More specifically, HoneyIM uses decoy accounts in normal users\u27 contact lists as honey-pots to capture malicious messages sent by IM malware and suppresses the spread of malicious instant messages by performing network-wide blocking. The efficacy of HoneyIM has been validated through both simulations and real experiments.;To improve e-mail reliability, that is, prevent losses of wanted e-mail, this dissertation proposes a collaboration-based autonomous e-mail reputation system called CARE. CARE introduces inter-domain collaboration without central authority or third party and enables each e-mail service provider to independently build its reputation database, including frequently contacted and unacquainted sending domains, based on the local e-mail history and the information exchanged with other collaborating domains. The effectiveness of CARE on improving e-mail reliability has been validated through a number of experiments, including a comparison of two large e-mail log traces from two universities, a real experiment of DNS snooping on more than 36,000 domains, and extensive simulation experiments in a large-scale environment
A New Stable Peer-to-Peer Protocol with Non-persistent Peers
Recent studies have suggested that the stability of peer-to-peer networks may
rely on persistent peers, who dwell on the network after they obtain the entire
file. In the absence of such peers, one piece becomes extremely rare in the
network, which leads to instability. Technological developments, however, are
poised to reduce the incidence of persistent peers, giving rise to a need for a
protocol that guarantees stability with non-persistent peers. We propose a
novel peer-to-peer protocol, the group suppression protocol, to ensure the
stability of peer-to-peer networks under the scenario that all the peers adopt
non-persistent behavior. Using a suitable Lyapunov potential function, the
group suppression protocol is proven to be stable when the file is broken into
two pieces, and detailed experiments demonstrate the stability of the protocol
for arbitrary number of pieces. We define and simulate a decentralized version
of this protocol for practical applications. Straightforward incorporation of
the group suppression protocol into BitTorrent while retaining most of
BitTorrent's core mechanisms is also presented. Subsequent simulations show
that under certain assumptions, BitTorrent with the official protocol cannot
escape from the missing piece syndrome, but BitTorrent with group suppression
does.Comment: There are only a couple of minor changes in this version. Simulation
tool is specified this time. Some repetitive figures are remove
RepFlow: Minimizing Flow Completion Times with Replicated Flows in Data Centers
Short TCP flows that are critical for many interactive applications in data
centers are plagued by large flows and head-of-line blocking in switches.
Hash-based load balancing schemes such as ECMP aggravate the matter and result
in long-tailed flow completion times (FCT). Previous work on reducing FCT
usually requires custom switch hardware and/or protocol changes. We propose
RepFlow, a simple yet practically effective approach that replicates each short
flow to reduce the completion times, without any change to switches or host
kernels. With ECMP the original and replicated flows traverse distinct paths
with different congestion levels, thereby reducing the probability of having
long queueing delay. We develop a simple analytical model to demonstrate the
potential improvement of RepFlow. Extensive NS-3 simulations and Mininet
implementation show that RepFlow provides 50%--70% speedup in both mean and
99-th percentile FCT for all loads, and offers near-optimal FCT when used with
DCTCP.Comment: To appear in IEEE INFOCOM 201
- …