123 research outputs found

    Fractal' versus 'Markov' models of traffic (invited conference)

    Get PDF
    International audience

    Femmes et numérique : des opportunités formidables

    Get PDF
    International audienceLa place croissante des technologies de l'information dans tous les secteurs de l'économie fait du numérique un pourvoyeur d'emplois en croissance rapide, tant par le nombre que par la diversité des métiers proposés. Les jeunes diplômés, et en particulier les jeunes femmes, y sont très attendus. Le dynamisme du secteur représente une opportunité d'épanouissement pour toutes et pour tous. Pourtant les femmes sont très peu nombreuses à s'orienter vers les formations dans ce domaine et à y faire carrière. Cet article propose un état des lieux sur la féminisation des formations et métiers du numérique, s'interroge sur le manque d'attractivité du secteur auprès des jeunes femmes et présente la grande variété des actions mises en place pour tenter d'y remédier

    On the problem of revenue sharing in multi-domain federations

    Get PDF
    Part 5: Cooperation and CollaborationInternational audienceAutonomous System alliances or federations are envisioned to emerge in the near future as a means of selling end-to-end quality assured services through interdomain networks. This collaborative paradigm mainly responds to the ever increasing Internet traffic volumes that requires assured quality, and constitutes a new business opportunity for Network Service Providers (NSPs). However, current Internet business rules are not likely to satisfy all involved partners in this emerging scenario. How the revenue is shared among NSPs must be agreed in advance, and should enforce economical incentives to join an alliance and remain in it, so that the alliance remains stable. In this paper, we work on the scenario of such federations, where service selling is formulated as a Network Utility Maximization (NUM) problem. In this context, we formally formulate the properties the revenue sharing (RS) method should fulfill and argue why the existing methods are not suitable. Finally, we propose a family of solutions to the RS problem such that the economical stability and efficiency of the alliance in the long term is guaranteed. The proposed method is based on solving a series of Optimization Problems and considering statistics on the incomes

    Egalité Femmes-Hommes & « numérique » : le point de vue de Sandrine Vaton, référente égalité à Télécom Bretagne (propos recueillis par Florence Sédès)

    Get PDF
    National audienceSandrine Vaton est professeure au département Informatique de Télécom Bretagne, à Brest. Elle enseigne différents sujets parmi lesquels la théorie des files d'attente, la cryptographie et la sécurité informatique, ou encore les statistiques bayésiennes. En recherche son domaine d'activité principal concerne la modélisation statistique appliquée à l'évaluation de performance et à la sécurité des réseaux de télécommunications. Fin 2013 elle a été nommée référente égalité hommes femmes à Télécom Bretagne pour mettre en oeuvre les mesures proposées dans la charte signée par la Conférence des Grandes Ecoles (CGE), le Ministère de l'Enseignement Supérieur et de la Recherche et le Ministère des Droits des Femmes

    Volume anomaly detection in data networks : an optimal detection algorithm vs. the PCA approach

    Get PDF
    The crucial future role of Internet in society makes of network monitoring a critical issue for network operators in future network scenarios. The Future Internet will have to cope with new and different anomalies, motivating the development of accurate detection algorithms. This paper presents a novel approach to detect unexpected and large traffic variations in data networks. We introduce an optimal volume anomaly detection algorithm in which the anomaly-free traffic is treated as a nuisance parameter. The algorithm relies on an original parsimonious model for traffic demands which allows detecting anomalies from link traffic measurements, reducing the overhead of data collection. The performance of the method is compared to that obtained with the Principal Components Analysis (PCA) approach. We choose this method as benchmark given its relevance in the anomaly detection literature. Our proposal is validated using data from an operational network, showing how the method outperforms the PCA approac

    Reproducing DNS 10Gbps flooding attacks with commodity-hardware

    Get PDF
    International audienceBeing DNS an essential service for Internet reliability, it is an attractive target for malicious users. The constantly increasing Internet traffic rate challenges DNS services and their attack detection methods to handle actual queries while being flooded by tens of millions of malicious requests per second. Moreover, state of the art on hostile actions evolve fast. DNS administrators continuously face new kinds of attacks and they regularly need to evaluate their detection systems. We have studied different approaches to develop a tool able to reproduce state-of-the-art attacks, aiming to make it easy to evaluate countermeasure strategies. We have focused on commodity-hardware, DPDK and MoonGen to build a flexible flood query generator. The described tool can saturate a 10Gbps link, sending more than 12 million attack-like random DNS requests per second

    Modèles de chaîne de Markov pour la classification automatique des services

    Get PDF
    La bande passante des réseaux mobiles est une ressource très rare, par conséquent les opérateurs sont contraints à connaître le plus précisément possible tous les services transportés sur leurs réseaux, afin de mieux surveiller leur usage et optimiser ces ressources. Dans ce papier on propose une méthode de classification automatique de services basée sur les modèles de chaînes de Markov. Cette méthode est basée sur l'aspect fonctionnel des applications et modélise l'ordre de séquence de paquets d'une application par une chaîne de Markov afin d'identifier une "signature" à cette application. La théorie de test d'hypothèses est employée pour tester si une séquence de paquets est produite par le service à détecter ou par un autre service. Nous nous sommes basés sur des traces réelles du réseau d'Orange France pour calibrer les modèles Markovien et évaluer notre méthode

    Robust Routing mechanisms for intradomain Traffic Engineering in dynamic networks

    Full text link
    International audienceInternet traffic is highly dynamic and difficult to predict in current network scenarios. This makes of traffic engineering (TE) a very challenging task for network management and resources optimization. We study the problem of intradomain routing optimization under this traffic uncertainty. Recent works have proposed robust optimization techniques to tackle the problem, conceiving the robust routing (RR) approach. RR copes with traffic uncertainty in an off-line preemptive fashion, computing a single static routing configuration that is optimized for traffic variations within some predefined uncertainty set. Despite achieving routing reliability with relatively low performance loss, RR presents various drawbacks and conception problems as it is currently proposed. This paper brings insight into the different robust routing shortcomings, introducing new mechanisms that improve previous proposals and alleviate these problems. Among others, we propose and evaluate new optimization objectives to attain better global performance from an end-to-end quality of service perspective

    Semantics based analysis of botnet activity from heterogeneous data sources

    Get PDF
    International audienceThe diversity in network devices, protocols, data sources and probes impose different challenges to uniformly measure and analyse network traffic. Analysing a network means considering distinctive reporting approaches and diverse methods to represent data, measure times or identify nodes. In this work, we tackle these challenges by relying on semantics, taking advantage of the ontologies' ability to map high-level network concepts to concrete information sources of different nature. In particular, we propose a simple architecture to map network concepts to data stored in relational databases. Based on this architecture, we implement a tool that looks for malicious bot activity, studying, from a unique point of view, DNS traffic from PCAP sources, and TCP connections from IPFIX reports. This approach is able to enhance current DNS based botnet detection methods, taking into account additional heterogeneous analysis elements
    • …