| | 711 | <b>Bumgardner, V. K. Cody</b> |
| | 712 | , "Contributions to Edge Computing (Doctoral dissertation)." |
| | 713 | |
| | 714 | 2017. |
| | 715 | doi:https://doi.org/10.13023/ETD.2017.086. |
| | 716 | <a href="http://uknowledge.uky.edu/cs_etds/56/">http://uknowledge.uky.edu/cs_etds/56/</a> |
| | 717 | <br><br><b>Abstract: </b>Efforts related to Internet of Things (IoT), Cyber-Physical Systems (CPS), Machine to Machine (M2M) technologies, Industrial Internet, and Smart Cities aim to improve society through the coordination of distributed devices and analysis of resulting data. By the year 2020 there will be an estimated 50 billion network connected devices globally and 43 trillion gigabytes of electronic data. Current practices of moving data directly from end-devices to remote and potentially distant cloud computing services will not be sufficient to manage future device and data growth. Edge Computing is the migration of computational functionality to sources of data generation. The importance of edge computing increases with the size and complexity of devices and resulting data. In addition, the coordination of global edge-to-edge communications, shared resources, high-level application scheduling, monitoring, measurement, and Quality of Service (QoS) enforcement will be critical to address the rapid growth of connected devices and associated data. We present a new distributed agent-based framework designed to address the challenges of edge computing. This actor-model framework implementation is designed to manage large numbers of geographically distributed services, comprised from heterogeneous resources and communication protocols, in support of low-latency real-time streaming applications. As part of this framework, an application description language was developed and implemented. Using the application description language a number of high-order management modules were implemented including solutions for resource and workload comparison, performance observation, scheduling, and provisioning. A number of hypothetical and real-world use cases are described to support the framework implementation. |
| | 718 | </li> |
| | 719 | <br> |
| | 720 | |
| | 721 | |
| | 722 | |
| | 723 | <li> |
| | 855 | , "Global optimization of file availability through replication for efficient file sharing in MANETs." |
| | 856 | Network Protocols (ICNP), 2011 19th IEEE International Conference on, Vancouver, AB, Canada, IEEE, |
| | 857 | 2011. |
| | 858 | doi:10.1109/icnp.2011.6089056. |
| | 859 | <a href="http://dx.doi.org/10.1109/icnp.2011.6089056">http://dx.doi.org/10.1109/icnp.2011.6089056</a> |
| | 860 | <br><br><b>Abstract: </b>File sharing applications in mobile ad hoc networks (MANETs) have attracted more and more attention in recent years. The efficiency of file querying suffers from the distinctive properties of MANETs including node mobility and limited communication range and resource. An intuitive method to alleviate this problem is to create file replicas in the network. However, despite the efforts on file replication, no research has focused on the global optimal replica sharing with minimum average querying delay. Specifically, current file replication protocols in MANETs have two shortcomings. First, they lack a rule to allocate limited resource to different files in order to minimize the average querying delay. Second, they simply consider storage as resource for replicas, but neglect the fact that the file holders' frequency of meeting other nodes also plays an important role in determining file availability. A node having a higher meeting frequency with others provides higher availability to its files. In this paper, we introduce a new concept of resource for file replication, which considers both node storage and meeting frequency. We theoretically study the influence of resource allocation on the average querying delay and derive a resource allocation rule to minimize the average querying delay. We further propose a distributed file replication protocol that follows the rule. The trace-driven experiments on both the real-world GENI testbed and NS-2 show that our protocol can achieve shorter average querying delay at lower cost than current replication protocols, which justifies the correctness of our theoretical analysis and the effectiveness of the proposed protocol. |
| | 861 | </li> |
| | 862 | <br> |
| | 863 | |
| | 864 | <li> |
| | 865 | <b>Chen, Kang and Shen, Haiying</b> |
| 848 | | </li> |
| 849 | | <br> |
| 850 | | |
| 851 | | <li> |
| 852 | | <b>Chen, Kang and Shen, Haiying</b> |
| 853 | | , "Global optimization of file availability through replication for efficient file sharing in MANETs." |
| 854 | | Network Protocols (ICNP), 2011 19th IEEE International Conference on, Vancouver, AB, Canada, IEEE, |
| 855 | | 2011. |
| 856 | | doi:10.1109/icnp.2011.6089056. |
| 857 | | <a href="http://dx.doi.org/10.1109/icnp.2011.6089056">http://dx.doi.org/10.1109/icnp.2011.6089056</a> |
| 858 | | <br><br><b>Abstract: </b>File sharing applications in mobile ad hoc networks (MANETs) have attracted more and more attention in recent years. The efficiency of file querying suffers from the distinctive properties of MANETs including node mobility and limited communication range and resource. An intuitive method to alleviate this problem is to create file replicas in the network. However, despite the efforts on file replication, no research has focused on the global optimal replica sharing with minimum average querying delay. Specifically, current file replication protocols in MANETs have two shortcomings. First, they lack a rule to allocate limited resource to different files in order to minimize the average querying delay. Second, they simply consider storage as resource for replicas, but neglect the fact that the file holders' frequency of meeting other nodes also plays an important role in determining file availability. A node having a higher meeting frequency with others provides higher availability to its files. In this paper, we introduce a new concept of resource for file replication, which considers both node storage and meeting frequency. We theoretically study the influence of resource allocation on the average querying delay and derive a resource allocation rule to minimize the average querying delay. We further propose a distributed file replication protocol that follows the rule. The trace-driven experiments on both the real-world GENI testbed and NS-2 show that our protocol can achieve shorter average querying delay at lower cost than current replication protocols, which justifies the correctness of our theoretical analysis and the effectiveness of the proposed protocol. |
| | 957 | , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." |
| | 958 | Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, |
| | 959 | 2015. |
| | 960 | doi:10.1109/icdcsw.2015.27. |
| | 961 | <a href="http://dx.doi.org/10.1109/icdcsw.2015.27">http://dx.doi.org/10.1109/icdcsw.2015.27</a> |
| | 962 | <br><br><b>Abstract: </b>Software-defined networking (SDN) and Open Flow have been driving new security applications and services. However, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. In this paper, we discuss a novel attack detection approach that coordinates monitors distributed over a network and controllers centralized on an SDN Open Virtual Switch (OVS), selectively inspecting network packets on demand. With different scale of network views and information availability, these two elements collaboratively detect signature constituents of an attack. Therefore, this approach is able to quickly issue an alert against potential threats followed by careful verification for high accuracy, while balancing the workload on the OVS. We have applied this method for detection and mitigation of TCP SYN flood attacks on Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful toward a systematic methodology of SDN-supported attack detection and containment. |
| | 963 | </li> |
| | 964 | <br> |
| | 965 | |
| | 966 | <li> |
| | 967 | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> |
| 953 | | <li> |
| 954 | | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> |
| 955 | | , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." |
| 956 | | Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, |
| 957 | | 2015. |
| 958 | | doi:10.1109/icdcsw.2015.27. |
| 959 | | <a href="http://dx.doi.org/10.1109/icdcsw.2015.27">http://dx.doi.org/10.1109/icdcsw.2015.27</a> |
| 960 | | <br><br><b>Abstract: </b>Software-defined networking (SDN) and Open Flow have been driving new security applications and services. However, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. In this paper, we discuss a novel attack detection approach that coordinates monitors distributed over a network and controllers centralized on an SDN Open Virtual Switch (OVS), selectively inspecting network packets on demand. With different scale of network views and information availability, these two elements collaboratively detect signature constituents of an attack. Therefore, this approach is able to quickly issue an alert against potential threats followed by careful verification for high accuracy, while balancing the workload on the OVS. We have applied this method for detection and mitigation of TCP SYN flood attacks on Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful toward a systematic methodology of SDN-supported attack detection and containment. |
| 961 | | </li> |
| 962 | | <br> |
| 963 | | |
| 964 | | |
| | 977 | |
| | 978 | |
| | 979 | <li> |
| | 980 | <b>Chin, Tommy and Xiong, Kaiqi</b> |
| | 981 | , "Dynamic generation containment systems (DGCS): A Moving Target Defense approach." |
| | 982 | 2016 3rd International Workshop on Emerging Ideas and Trends in Engineering of Cyber-Physical Systems (EITEC), IEEE, |
| | 983 | 2016. |
| | 984 | doi:10.1109/eitec.2016.7503690. |
| | 985 | <a href="http://dx.doi.org/10.1109/eitec.2016.7503690">http://dx.doi.org/10.1109/eitec.2016.7503690</a> |
| | 986 | <br><br><b>Abstract: </b>Supervisory Control and Data Acquisition (SCADA) systems are critical assets to public utility and manufacturing organizations. These systems, although critical, are prone to numerous cyber security related threats and attacks. To combat such challenges, we propose a Dynamic Generated Containment System (DGCS), a moving target defense model as a method of threat evasion. Under the proposed approach, we employ the use of intrusion detection systems (IDS) in conjunction with virtualization solution - Docker. The proposed approach provides an individual Docker container for each threat detected by our IDS. We conduct several experiments using high performance computing systems to measure and demonstrate our proposed approach. |
| | 987 | </li> |
| | 988 | <br> |
| 974 | | </li> |
| 975 | | <br> |
| 976 | | |
| 977 | | <li> |
| 978 | | <b>Chin, Tommy and Xiong, Kaiqi</b> |
| 979 | | , "Dynamic generation containment systems (DGCS): A Moving Target Defense approach." |
| 980 | | 2016 3rd International Workshop on Emerging Ideas and Trends in Engineering of Cyber-Physical Systems (EITEC), IEEE, |
| 981 | | 2016. |
| 982 | | doi:10.1109/eitec.2016.7503690. |
| 983 | | <a href="http://dx.doi.org/10.1109/eitec.2016.7503690">http://dx.doi.org/10.1109/eitec.2016.7503690</a> |
| 984 | | <br><br><b>Abstract: </b>Supervisory Control and Data Acquisition (SCADA) systems are critical assets to public utility and manufacturing organizations. These systems, although critical, are prone to numerous cyber security related threats and attacks. To combat such challenges, we propose a Dynamic Generated Containment System (DGCS), a moving target defense model as a method of threat evasion. Under the proposed approach, we employ the use of intrusion detection systems (IDS) in conjunction with virtualization solution - Docker. The proposed approach provides an individual Docker container for each threat detected by our IDS. We conduct several experiments using high performance computing systems to measure and demonstrate our proposed approach. |
| 1512 | | , "The design of an instrumentation system for federated and virtualized network testbeds." |
| 1513 | | Network Operations and Management Symposium (NOMS), 2012 IEEE, IEEE, |
| 1514 | | 2012. |
| 1515 | | doi:10.1109/NOMS.2012.6212061. |
| 1516 | | <a href="http://dx.doi.org/10.1109/NOMS.2012.6212061">http://dx.doi.org/10.1109/NOMS.2012.6212061</a> |
| 1517 | | <br><br><b>Abstract: </b>Much of the GENI effort in developing network testbeds has been focused on building the control frameworks needed to allocate and initialize the network resources that make up an experiment. We argue that building the instrumentation and measurement system to monitor and capture the behavior of the network is just as important and challenging as setting up the network itself, especially in a virtualized and federated environment where getting information from experimental nodes is too complicated and too much to handle for a typical user. In this paper, we describe the design of an instrumentation and measurement infrastructure that allows users to monitor their experiments. The challenge that virtualization and federation of GENI testbeds bring to instrumentation and monitoring is how to hide the details of instrumentation setup from users so that users do not need to be experts in system administration or network management of virtualized and federated systems, but are still able to ” see” what is going on with their experiments. Our instrumentation tool sets up experiment-specific monitoring infrastructure that is tailored to capture, record, and display only information associated with that experiment. Our tools are currently available in GENI, and we present a simple example of how to use them to instrument an experiment. |
| 1518 | | </li> |
| 1519 | | <br> |
| 1520 | | |
| 1521 | | <li> |
| 1522 | | <b>Griffioen, J. and Fei, Zongming and Nasir, H. and Wu, Xiongqi and Reed, J. and Carpenter, C.</b> |
| | 1531 | </li> |
| | 1532 | <br> |
| | 1533 | |
| | 1534 | <li> |
| | 1535 | <b>Griffioen, J. and Fei, Zongming and Nasir, H. and Wu, Xiongqi and Reed, J. and Carpenter, C.</b> |
| | 1536 | , "The design of an instrumentation system for federated and virtualized network testbeds." |
| | 1537 | Network Operations and Management Symposium (NOMS), 2012 IEEE, IEEE, |
| | 1538 | 2012. |
| | 1539 | doi:10.1109/NOMS.2012.6212061. |
| | 1540 | <a href="http://dx.doi.org/10.1109/NOMS.2012.6212061">http://dx.doi.org/10.1109/NOMS.2012.6212061</a> |
| | 1541 | <br><br><b>Abstract: </b>Much of the GENI effort in developing network testbeds has been focused on building the control frameworks needed to allocate and initialize the network resources that make up an experiment. We argue that building the instrumentation and measurement system to monitor and capture the behavior of the network is just as important and challenging as setting up the network itself, especially in a virtualized and federated environment where getting information from experimental nodes is too complicated and too much to handle for a typical user. In this paper, we describe the design of an instrumentation and measurement infrastructure that allows users to monitor their experiments. The challenge that virtualization and federation of GENI testbeds bring to instrumentation and monitoring is how to hide the details of instrumentation setup from users so that users do not need to be experts in system administration or network management of virtualized and federated systems, but are still able to ” see” what is going on with their experiments. Our instrumentation tool sets up experiment-specific monitoring infrastructure that is tailored to capture, record, and display only information associated with that experiment. Our tools are currently available in GENI, and we present a simple example of how to use them to instrument an experiment. |
| | 1731 | , "PVNs: Making Virtualized Network Infrastructure Usable." |
| | 1732 | ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS '12), |
| | 1733 | 2012. |
| | 1734 | doi:10.1145/2396556.2396590. |
| | 1735 | <a href="http://dx.doi.org/10.1145/2396556.2396590">http://dx.doi.org/10.1145/2396556.2396590</a> |
| | 1736 | <br><br><b>Abstract: </b>Network virtualization is becoming a fundamental building block of future Internet architectures. Although the underlying network infrastructure needed to dynamically create and deploy custom virtual networks is rapidly taking shape ( e.g., GENI), constructing and using a virtual network is still a challenging and labor intensive task, one best left to experts. In this paper, we present the concept of a Packaged Virtual Network (PVN), that enables normal users to easily download, deploy and use application-specific virtual networks. At the heart of our approach is a PVN Hypervisor that ” runs” a PVN by allocating the virtual network resources needed by the PVN and then connecting the PVN's participants into the network on demand. To demonstrate our PVN approach, we implemented a multicast PVN that runs on the PVN hypervisor prototype using ProtoGENI as the underlying virtual network, allowing average users to create their own private multicast network. |
| | 1737 | </li> |
| | 1738 | <br> |
| | 1739 | |
| | 1740 | <li> |
| | 1741 | <b>Huang, Shufeng and Griffioen, James and Calvert, Ken</b> |
| 1723 | | <br><br><b>Abstract: </b>Network virtualization is becoming a fundamental building block of future Internet architectures. Although the underlying network infrastructure needed to dynamically create and deploy custom virtual networks is rapidly taking shape ( e.g., GENI), constructing and using a virtual network is still a challenging and labor intensive task, one best left to experts. In this paper, we present the concept of a Packaged Virtual Network (PVN), that enables normal users to easily download, deploy and use application-specific virtual networks. At the heart of our approach is a PVN Hypervisor that ” runs” a PVN by allocating the virtual network resources needed by the PVN and then connecting the PVN's participants into the network on demand. To demonstrate our PVN approach, we implemented a multicast PVN that runs on the PVN hypervisor prototype using ProtoGENI as the underlying virtual network, allowing average users to create their own private multicast network. |
| 1724 | | </li> |
| 1725 | | <br> |
| 1726 | | |
| 1727 | | <li> |
| 1728 | | <b>Huang, Shufeng and Griffioen, James and Calvert, Ken</b> |
| 1729 | | , "PVNs: Making Virtualized Network Infrastructure Usable." |
| 1730 | | ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS '12), |
| 1731 | | 2012. |
| 1732 | | doi:10.1145/2396556.2396590. |
| 1733 | | <a href="http://dx.doi.org/10.1145/2396556.2396590">http://dx.doi.org/10.1145/2396556.2396590</a> |
| | 2322 | <b>Liu, Xuan and Medhi, Deepankar</b> |
| | 2323 | , "Optimally Selecting Standby Virtual Routers for Node Failures in a Virtual Network Environment." |
| | 2324 | IEEE Transactions on Network and Service Management, |
| | 2325 | 2017. |
| | 2326 | doi:10.1109/tnsm.2017.2695492. |
| | 2327 | <a href="http://dx.doi.org/10.1109/tnsm.2017.2695492">http://dx.doi.org/10.1109/tnsm.2017.2695492</a> |
| | 2328 | <br><br><b>Abstract: </b>In a virtual network environment, a substrate network provider allocates computing and networking resources for service providers who request virtual networks to be created for particular services, and it also has the capability to provide resilient virtual network management with redundant resources, such as dynamic virtual network restoration from failures. In this work, we consider the situation where the substrate network provider desires to have standby virtual routers ready to serve virtual networks under node failures. Such a failure can affect one or more virtual routers in multiple virtual networks. The goal of our work is to make the optimal selection of standby virtual routers so that virtual networks can be dynamically reconfigured back to their original topologies right after the failures. We present an optimization formulation and a heuristic for this problem. By considering a number of factors, we present numerical studies to show how the optimal selection was affected by those factors, and the proposed heuristic's performance was close to the optimization model when there were sufficient standby virtual routers for each virtual network and the substrate nodes have the capability to support multiple standby virtual routers to be in service concurrently. |
| | 2329 | </li> |
| | 2330 | <br> |
| | 2331 | |
| | 2332 | |
| | 2333 | |
| | 2334 | <li> |
| | 2427 | , "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
| | 2428 | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| | 2429 | 2014. |
| | 2430 | doi:10.1109/itc.2014.6932970. |
| | 2431 | <a href="http://dx.doi.org/10.1109/itc.2014.6932970">http://dx.doi.org/10.1109/itc.2014.6932970</a> |
| | 2432 | <br><br><b>Abstract: </b>Software Defined Networks (SDNs), primarily based on OpenFlow, are being deployed in single domain networks around the world. The popularity of SDNs has given rise to multiple considerations about designing, implementing, and operating Software-Defined Network Exchanges (SDXs), to enable SDNs to interconnect SDN islands and to extend SDNs across multiple domains. These goals can be accomplished only by developing new techniques that extend the single domain orientation of current SDN/OpenFlow approaches to include capabilities for multidomain control, including those for resource discovery, signaling, and dynamic provisioning. Several networking research communities have begun to investigate these concepts. Early architectural models of SDXs have been designed and implemented as prototypes. These SDXs are being used to conduct experiments and to demonstrate the potentials of SDXs. |
| | 2433 | </li> |
| | 2434 | <br> |
| | 2435 | |
| | 2436 | <li> |
| | 2437 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
| 2412 | | , "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
| 2413 | | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| 2414 | | 2014. |
| 2415 | | doi:10.1109/itc.2014.6932970. |
| 2416 | | <a href="http://dx.doi.org/10.1109/itc.2014.6932970">http://dx.doi.org/10.1109/itc.2014.6932970</a> |
| 2417 | | <br><br><b>Abstract: </b>Software Defined Networks (SDNs), primarily based on OpenFlow, are being deployed in single domain networks around the world. The popularity of SDNs has given rise to multiple considerations about designing, implementing, and operating Software-Defined Network Exchanges (SDXs), to enable SDNs to interconnect SDN islands and to extend SDNs across multiple domains. These goals can be accomplished only by developing new techniques that extend the single domain orientation of current SDN/OpenFlow approaches to include capabilities for multidomain control, including those for resource discovery, signaling, and dynamic provisioning. Several networking research communities have begun to investigate these concepts. Early architectural models of SDXs have been designed and implemented as prototypes. These SDXs are being used to conduct experiments and to demonstrate the potentials of SDXs. |
| 2418 | | </li> |
| 2419 | | <br> |
| 2420 | | |
| 2421 | | <li> |
| 2422 | | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
| 2440 | 2466 | <a href="http://dx.doi.org/10.1007/978-3-319-33769-2_24">http://dx.doi.org/10.1007/978-3-319-33769-2_24</a> |
| 2441 | 2467 | <br><br><b>Abstract: </b>Many important societal activities are global in scope, and as these activities continually expand world-wide, they are increasingly based on a foundation of advanced communication services and underlying innovative network architecture, technology, and core infrastructure. To continue progress in these areas, research activities cannot be limited to campus labs and small local testbeds or even to national testbeds. Researchers must be able to explore concepts at scale— to conduct experiments on world-wide testbeds that approximate the attributes of the real world. Today, it is possible to take advantage of several macro information technology trends, especially virtualization and capabilities for programming technology resources at a highly granulated level, to design, implement and operate network research environments at a global scale. GENI is developing such an environment, as are research communities in a number of other countries. Recently, these communities have not only been investigating techniques for federating these research environments across multiple domains, but they have also been demonstration prototypes of such federations. This chapter provides an overview of key topics and experimental activities related to GENI international networking and to related projects throughout the world. |
| | 2468 | </li> |
| | 2469 | <br> |
| | 2470 | |
| | 2471 | |
| | 2472 | |
| | 2473 | <li> |
| | 2474 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei and Grossman, Robert and Nash, Piers and Heath, Alison and Arya, Renuka and Agrawal, Stuti and Zhang, Zhenyu</b> |
| | 2475 | , "Designing and deploying a bioinformatics software-defined network exchange (SDX): Architecture, services, capabilities, and foundation technologies." |
| | 2476 | 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN), Paris, IEEE, |
| | 2477 | 2017. |
| | 2478 | doi:10.1109/icin.2017.7899403. |
| | 2479 | <a href="http://dx.doi.org/10.1109/icin.2017.7899403">http://dx.doi.org/10.1109/icin.2017.7899403</a> |
| | 2480 | <br><br><b>Abstract: </b>This paper describes a Bioinformatics Software Defined Network Exchange (SDX) or BioSDX, which has been designed, deployed, and demonstrated by a multi-organizational research consortium to enable bioinformatics knowledge discovery supported by dynamic networking services. This BioSDX uses precision networking to support precision medicine. The BioSDX is based on recent technical developments in infrastructure abstraction that enables new types of tools and services utilizing programmable network infrastructure through high levels of resource virtualization. Combined with close integration of programmable cloud computing facilities, the BioSDX is an important advance in supporting the new paradigm of data intensive bioinformatics across multiple disciplines, including computational genomics and precision medicine. |
| | 2852 | , "Security experimentation using operational systems." |
| | 2853 | Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, Oak Ridge, Tennessee, ACM, New York, NY, USA, |
| | 2854 | 2011. |
| | 2855 | doi:10.1145/2179298.2179388. |
| | 2856 | <a href="http://dx.doi.org/10.1145/2179298.2179388">http://dx.doi.org/10.1145/2179298.2179388</a> |
| | 2857 | <br><br><b>Abstract: </b>Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of this growing dependence, there is a concern that these systems remain protected and available. This concern increases exponentially when considering systems such as smart power grids. Therefore, research should be conducted to develop effective ways of detecting system anomalies. To have realistic results, the studies should be tested on real systems. However, it is not possible to test these experiments on the live network. With the recent collaboration of Universities and research labs, a new experiment test bed has been established. As a result, experiments can now be implemented on real networks. In our study, we design an experiment to analyze Distributed Denial of Service Attacks (DDoS Attack) on a real network with real Internet traffic. The approach that we use in our study can easily be generalized to apply to smart power grids. |
| | 2858 | </li> |
| | 2859 | <br> |
| | 2860 | |
| | 2861 | <li> |
| | 2862 | <b>Ozcelik, Ilker and Brooks, Richard R.</b> |
| 2833 | | <li> |
| 2834 | | <b>Ozcelik, Ilker and Brooks, Richard R.</b> |
| 2835 | | , "Security experimentation using operational systems." |
| 2836 | | Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, Oak Ridge, Tennessee, ACM, New York, NY, USA, |
| 2837 | | 2011. |
| 2838 | | doi:10.1145/2179298.2179388. |
| 2839 | | <a href="http://dx.doi.org/10.1145/2179298.2179388">http://dx.doi.org/10.1145/2179298.2179388</a> |
| 2840 | | <br><br><b>Abstract: </b>Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of this growing dependence, there is a concern that these systems remain protected and available. This concern increases exponentially when considering systems such as smart power grids. Therefore, research should be conducted to develop effective ways of detecting system anomalies. To have realistic results, the studies should be tested on real systems. However, it is not possible to test these experiments on the live network. With the recent collaboration of Universities and research labs, a new experiment test bed has been established. As a result, experiments can now be implemented on real networks. In our study, we design an experiment to analyze Distributed Denial of Service Attacks (DDoS Attack) on a real network with real Internet traffic. The approach that we use in our study can easily be generalized to apply to smart power grids. |
| 2841 | | </li> |
| 2842 | | <br> |
| 2843 | | |
| | 3927 | , "PrimoGENI for hybrid network simulation and emulation experiments in GENI." |
| | 3928 | Journal of Simulation, |
| | 3929 | 2012. |
| | 3930 | doi:10.1057/jos.2012.5. |
| | 3931 | <a href="http://dx.doi.org/10.1057/jos.2012.5">http://dx.doi.org/10.1057/jos.2012.5</a> |
| | 3932 | <br><br><b>Abstract: </b>The Global Environment for Network Innovations (GENI) is a community-driven research and development effort to build a collaborative and exploratory network experimentation platform—a 'virtual laboratory' for the design, implementation, and evaluation of future networks. The PrimoGENI project enables real-time network simulation by extending an existing network simulator to become part of the GENI federation to support large-scale experiments involving physical, simulated, and emulated network entities. In this paper, we describe a novel design of PrimoGENI, which aims at supporting realistic, scalable, and flexible network experiments with real-time simulation and emulation capabilities. We present a flexible emulation infrastructure that allows both remote client machines, local cluster nodes running virtual machines, and external networks to seamlessly interoperate with the simulated network running within a designated 'slice' of resources. We present the results of our preliminary validation and performance studies to demonstrate the capabilities as well as limitations of our approach. |
| | 3933 | </li> |
| | 3934 | <br> |
| | 3935 | |
| | 3936 | <li> |
| | 3937 | <b>Van Vorst, N. and Erazo, M. and Liu, J.</b> |
| 3894 | | </li> |
| 3895 | | <br> |
| 3896 | | |
| 3897 | | <li> |
| 3898 | | <b>Van Vorst, N. and Erazo, M. and Liu, J.</b> |
| 3899 | | , "PrimoGENI for hybrid network simulation and emulation experiments in GENI." |
| 3900 | | Journal of Simulation, |
| 3901 | | 2012. |
| 3902 | | doi:10.1057/jos.2012.5. |
| 3903 | | <a href="http://dx.doi.org/10.1057/jos.2012.5">http://dx.doi.org/10.1057/jos.2012.5</a> |
| 3904 | | <br><br><b>Abstract: </b>The Global Environment for Network Innovations (GENI) is a community-driven research and development effort to build a collaborative and exploratory network experimentation platform—a 'virtual laboratory' for the design, implementation, and evaluation of future networks. The PrimoGENI project enables real-time network simulation by extending an existing network simulator to become part of the GENI federation to support large-scale experiments involving physical, simulated, and emulated network entities. In this paper, we describe a novel design of PrimoGENI, which aims at supporting realistic, scalable, and flexible network experiments with real-time simulation and emulation capabilities. We present a flexible emulation infrastructure that allows both remote client machines, local cluster nodes running virtual machines, and external networks to seamlessly interoperate with the simulated network running within a designated 'slice' of resources. We present the results of our preliminary validation and performance studies to demonstrate the capabilities as well as limitations of our approach. |
| | 4224 | , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service." |
| | 4225 | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| | 4226 | 2014. |
| | 4227 | doi:10.1109/itc.2014.6932973. |
| | 4228 | <a href="http://dx.doi.org/10.1109/itc.2014.6932973">http://dx.doi.org/10.1109/itc.2014.6932973</a> |
| | 4229 | <br><br><b>Abstract: </b>In this paper, we study the problem of provisioning large-scale virtual clusters over federated clouds connected by multi-domain, layer-2 wide area networks. We first present the virtual cluster request abstraction and the abstraction models for substrate resource pools. Based on these two abstraction models, we developed a novel layer-2 exchange mechanism and an implementation of it in a multi-domain networked cloud environment. The design of the mechanism takes into consideration the realistic constraints in current network and cloud systems. We show that efficient cluster splitting, cloud data center selection and resource allocation algorithms can be developed to provision large-scale virtual clusters across cloud sites. A prototype system has been deployed and integrated into the ExoGENI testbed for about a year, and is being heavily used by scientific and data analytic applications. |
| | 4230 | </li> |
| | 4231 | <br> |
| | 4232 | |
| | 4233 | <li> |
| | 4234 | <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> |
| 4191 | | </li> |
| 4192 | | <br> |
| 4193 | | |
| 4194 | | <li> |
| 4195 | | <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> |
| 4196 | | , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service." |
| 4197 | | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| 4198 | | 2014. |
| 4199 | | doi:10.1109/itc.2014.6932973. |
| 4200 | | <a href="http://dx.doi.org/10.1109/itc.2014.6932973">http://dx.doi.org/10.1109/itc.2014.6932973</a> |
| 4201 | | <br><br><b>Abstract: </b>In this paper, we study the problem of provisioning large-scale virtual clusters over federated clouds connected by multi-domain, layer-2 wide area networks. We first present the virtual cluster request abstraction and the abstraction models for substrate resource pools. Based on these two abstraction models, we developed a novel layer-2 exchange mechanism and an implementation of it in a multi-domain networked cloud environment. The design of the mechanism takes into consideration the realistic constraints in current network and cloud systems. We show that efficient cluster splitting, cloud data center selection and resource allocation algorithms can be developed to provision large-scale virtual clusters across cloud sites. A prototype system has been deployed and integrated into the ExoGENI testbed for about a year, and is being heavily used by scientific and data analytic applications. |
| | 6511 | , "Next Generation Virtual Network Architecture for Multi-tenant Distributed Clouds: Challenges and Emerging Techniques." |
| | 6512 | Proceedings of the 4th Workshop on Distributed Cloud Computing, Chicago, Illinois, ACM, New York, NY, USA, |
| | 6513 | 2016. |
| | 6514 | doi:10.1145/2955193.2955194. |
| | 6515 | </li> |
| | 6516 | <br> |
| | 6517 | |
| | 6518 | <li> |
| | 6519 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
| 6454 | | </li> |
| 6455 | | <br> |
| 6456 | | |
| 6457 | | <li> |
| 6458 | | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
| 6459 | | , "Next Generation Virtual Network Architecture for Multi-tenant Distributed Clouds: Challenges and Emerging Techniques." |
| 6460 | | Proceedings of the 4th Workshop on Distributed Cloud Computing, Chicago, Illinois, ACM, New York, NY, USA, |
| 6461 | | 2016. |
| 6462 | | doi:10.1145/2955193.2955194. |
| | 6535 | </li> |
| | 6536 | <br> |
| | 6537 | |
| | 6538 | |
| | 6539 | |
| | 6540 | <li> |
| | 6541 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei and Grossman, Robert and Nash, Piers and Heath, Alison and Arya, Renuka and Agrawal, Stuti and Zhang, Zhenyu</b> |
| | 6542 | , "Designing and deploying a bioinformatics software-defined network exchange (SDX): Architecture, services, capabilities, and foundation technologies." |
| | 6543 | 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN), Paris, IEEE, |
| | 6544 | 2017. |
| | 6545 | doi:10.1109/icin.2017.7899403. |
