| 231 | "HyperExchange: A protocol-agnostic exchange fabric enabling peering of Virtual Networks." |
| 232 | 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, Portugal, IEEE, |
| 233 | 2017. |
| 234 | doi:10.23919/inm.2017.7987281. |
| 235 | <a href="http://dx.doi.org/10.23919/inm.2017.7987281">http://dx.doi.org/10.23919/inm.2017.7987281</a> |
| 236 | <br><br><b>Abstract: </b>With the growing pervasiveness of virtualization technologies, carrier networks are shifting from simple packet delivery platforms to multi-tenant integrated clouds offering fine-grained resource management. The need for interoperability among these autonomous cloud-based service providers has created demand for versatile and extensible exchange points to interconnect the future Internet. A novel SDX (Software Defined Exchange) can address this challenge and help redefine the Internet exchange by leveraging SDN. Current implementations of SDXs have focused on traffic exchange between conventional IP networks and have not been specifically intended for exchange between multi-tenant environments and virtual networks; and they have mostly relied on OpenFlow for network forwarding and functionality. While OpenFlow is the de-facto solution for fine-grained forwarding, it nevertheless provides limited network functionality. In this paper we present HyperExchange, a protocol-agnostic exchange fabric for peering of virtual networks. HyperExchange is designed to provide exchange services between autonomous Infrastructure Providers and their hosted Virtual Networks. As a result, it specifically offers solutions for inter-domain tenant authentication and authorization for network control. By leveraging SDI as the core building architecture, HyperExchange uses SDN to forward and steer traffic in a fine-grained manner and yet relies on NFV to push all network functionalities to standard servers as software-based functions. This solution meets both scalability and extensibility requirements for long-term use. We have deployed a prototype of the HyperExchange between SAVI and GENI testbeds to serve real world exchange experiments. |
| 237 | </li> |
| 238 | <br> |
| 239 | |
| 240 | <li> |
| 241 | <b>Arezoumand, Saeed and Bannazadeh, Hadi and Leon-Garcia, Alberto</b>, |
237 | | </li> |
238 | | <br> |
239 | | |
240 | | <li> |
241 | | <b>Arezoumand, Saeed and Bannazadeh, Hadi and Leon-Garcia, Alberto</b>, |
242 | | "HyperExchange: A protocol-agnostic exchange fabric enabling peering of Virtual Networks." |
243 | | 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, Portugal, IEEE, |
244 | | 2017. |
245 | | doi:10.23919/inm.2017.7987281. |
246 | | <a href="http://dx.doi.org/10.23919/inm.2017.7987281">http://dx.doi.org/10.23919/inm.2017.7987281</a> |
247 | | <br><br><b>Abstract: </b>With the growing pervasiveness of virtualization technologies, carrier networks are shifting from simple packet delivery platforms to multi-tenant integrated clouds offering fine-grained resource management. The need for interoperability among these autonomous cloud-based service providers has created demand for versatile and extensible exchange points to interconnect the future Internet. A novel SDX (Software Defined Exchange) can address this challenge and help redefine the Internet exchange by leveraging SDN. Current implementations of SDXs have focused on traffic exchange between conventional IP networks and have not been specifically intended for exchange between multi-tenant environments and virtual networks; and they have mostly relied on OpenFlow for network forwarding and functionality. While OpenFlow is the de-facto solution for fine-grained forwarding, it nevertheless provides limited network functionality. In this paper we present HyperExchange, a protocol-agnostic exchange fabric for peering of virtual networks. HyperExchange is designed to provide exchange services between autonomous Infrastructure Providers and their hosted Virtual Networks. As a result, it specifically offers solutions for inter-domain tenant authentication and authorization for network control. By leveraging SDI as the core building architecture, HyperExchange uses SDN to forward and steer traffic in a fine-grained manner and yet relies on NFV to push all network functionalities to standard servers as software-based functions. This solution meets both scalability and extensibility requirements for long-term use. We have deployed a prototype of the HyperExchange between SAVI and GENI testbeds to serve real world exchange experiments. |
| 1020 | "An SDN-supported collaborative approach for DDoS flooding detection and containment." |
| 1021 | Military Communications Conference, MILCOM 2015 - 2015 IEEE, IEEE, |
| 1022 | 2015. |
| 1023 | doi:10.1109/milcom.2015.7357519. |
| 1024 | <a href="http://dx.doi.org/10.1109/milcom.2015.7357519">http://dx.doi.org/10.1109/milcom.2015.7357519</a> |
| 1025 | <br><br><b>Abstract: </b>Software Defined Networking (SDN) has the potential to enable novel security applications that support flexible, on-demand deployment of system elements. It can offer targeted forensic evidence collection and investigation of computer network attacks. Such unique capabilities are instrumental to network intrusion detection that is challenged by large volumes of data and complex network topologies. This paper presents an innovative approach that coordinates distributed network traffic Monitors and attack Correlators supported by Open Virtual Switches (OVS). The Monitors conduct anomaly detection and the Correlators perform deep packet inspection for attack signature recognition. These elements take advantage of complementary views and information availability on both the data and control planes. Moreover, they collaboratively look for network flooding attack signature constituents that possess different characteristics in the level of information abstraction. Therefore, this approach is able to not only quickly raise an alert against potential threats, but also follow it up with careful verification to reduce false alarms. We experiment with this SDN-supported collaborative approach to detect TCP SYN flood attacks on the Global Environment for Network Innovations (GENI), a realistic virtual testbed. The response times and detection accuracy, in the context of a small to medium corporate network, have demonstrated its effectiveness and scalability. |
| 1026 | </li> |
| 1027 | <br> |
| 1028 | |
| 1029 | <li> |
| 1030 | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b>, |
1029 | | <li> |
1030 | | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b>, |
1031 | | "An SDN-supported collaborative approach for DDoS flooding detection and containment." |
1032 | | Military Communications Conference, MILCOM 2015 - 2015 IEEE, IEEE, |
1033 | | 2015. |
1034 | | doi:10.1109/milcom.2015.7357519. |
1035 | | <a href="http://dx.doi.org/10.1109/milcom.2015.7357519">http://dx.doi.org/10.1109/milcom.2015.7357519</a> |
1036 | | <br><br><b>Abstract: </b>Software Defined Networking (SDN) has the potential to enable novel security applications that support flexible, on-demand deployment of system elements. It can offer targeted forensic evidence collection and investigation of computer network attacks. Such unique capabilities are instrumental to network intrusion detection that is challenged by large volumes of data and complex network topologies. This paper presents an innovative approach that coordinates distributed network traffic Monitors and attack Correlators supported by Open Virtual Switches (OVS). The Monitors conduct anomaly detection and the Correlators perform deep packet inspection for attack signature recognition. These elements take advantage of complementary views and information availability on both the data and control planes. Moreover, they collaboratively look for network flooding attack signature constituents that possess different characteristics in the level of information abstraction. Therefore, this approach is able to not only quickly raise an alert against potential threats, but also follow it up with careful verification to reduce false alarms. We experiment with this SDN-supported collaborative approach to detect TCP SYN flood attacks on the Global Environment for Network Innovations (GENI), a realistic virtual testbed. The response times and detection accuracy, in the context of a small to medium corporate network, have demonstrated its effectiveness and scalability. |
1037 | | </li> |
1038 | | <br> |
1039 | | |
1040 | | |
| 1040 | |
| 1041 | |
| 1042 | <li> |
| 1043 | <b>Chin, Tommy and Xiong, Kaiqi</b>, |
| 1044 | "MPBSD: A Moving Target Defense Approach for Base Station Security in Wireless Sensor Networks." |
| 1045 | Wireless Algorithms, Systems, and Applications, Springer International Publishing, |
| 1046 | 2016. |
| 1047 | doi:10.1007/978-3-319-42836-9_43. |
| 1048 | <a href="http://dx.doi.org/10.1007/978-3-319-42836-9_43">http://dx.doi.org/10.1007/978-3-319-42836-9_43</a> |
| 1049 | <br><br><b>Abstract: </b>This paper addresses one major concern on how to secure the location information of a base station in a compromised Wireless Sensor Network (WSN). In this concern, disrupting or damaging the wireless base station can be catastrophic for a WSN. To aid in the mitigation of this challenge, we present Moving Proximity Base Station Defense (MPBSD), a Moving Target Defense (MTD) approach to concealing the location of a base station within a WSN. In this approach, we employ multiple base stations to serve a WSN where one of the multiple base stations is elected to serve the WSN in a specific period of time. Specifically, our approach periodically changes the designation over a period of time to provide obscurity in the location information of the base station. We further evaluate MPBSD using a real-world testbed environment utilizing Wi-Fi frequencies. Our results show that MPBSD is an effective MTD approach to securing base stations for a WSN in term of sensory performance such as end-to-end delay. |
| 1050 | </li> |
| 1051 | <br> |
1050 | | </li> |
1051 | | <br> |
1052 | | |
1053 | | <li> |
1054 | | <b>Chin, Tommy and Xiong, Kaiqi</b>, |
1055 | | "MPBSD: A Moving Target Defense Approach for Base Station Security in Wireless Sensor Networks." |
1056 | | Wireless Algorithms, Systems, and Applications, Springer International Publishing, |
1057 | | 2016. |
1058 | | doi:10.1007/978-3-319-42836-9_43. |
1059 | | <a href="http://dx.doi.org/10.1007/978-3-319-42836-9_43">http://dx.doi.org/10.1007/978-3-319-42836-9_43</a> |
1060 | | <br><br><b>Abstract: </b>This paper addresses one major concern on how to secure the location information of a base station in a compromised Wireless Sensor Network (WSN). In this concern, disrupting or damaging the wireless base station can be catastrophic for a WSN. To aid in the mitigation of this challenge, we present Moving Proximity Base Station Defense (MPBSD), a Moving Target Defense (MTD) approach to concealing the location of a base station within a WSN. In this approach, we employ multiple base stations to serve a WSN where one of the multiple base stations is elected to serve the WSN in a specific period of time. Specifically, our approach periodically changes the designation over a period of time to provide obscurity in the location information of the base station. We further evaluate MPBSD using a real-world testbed environment utilizing Wi-Fi frequencies. Our results show that MPBSD is an effective MTD approach to securing base stations for a WSN in term of sensory performance such as end-to-end delay. |
1664 | | "The design of an instrumentation system for federated and virtualized network testbeds." |
1665 | | Network Operations and Management Symposium (NOMS), 2012 IEEE, IEEE, |
1666 | | 2012. |
1667 | | doi:10.1109/NOMS.2012.6212061. |
1668 | | <a href="http://dx.doi.org/10.1109/NOMS.2012.6212061">http://dx.doi.org/10.1109/NOMS.2012.6212061</a> |
1669 | | <br><br><b>Abstract: </b>Much of the GENI effort in developing network testbeds has been focused on building the control frameworks needed to allocate and initialize the network resources that make up an experiment. We argue that building the instrumentation and measurement system to monitor and capture the behavior of the network is just as important and challenging as setting up the network itself, especially in a virtualized and federated environment where getting information from experimental nodes is too complicated and too much to handle for a typical user. In this paper, we describe the design of an instrumentation and measurement infrastructure that allows users to monitor their experiments. The challenge that virtualization and federation of GENI testbeds bring to instrumentation and monitoring is how to hide the details of instrumentation setup from users so that users do not need to be experts in system administration or network management of virtualized and federated systems, but are still able to ” see” what is going on with their experiments. Our instrumentation tool sets up experiment-specific monitoring infrastructure that is tailored to capture, record, and display only information associated with that experiment. Our tools are currently available in GENI, and we present a simple example of how to use them to instrument an experiment. |
1670 | | </li> |
1671 | | <br> |
1672 | | |
1673 | | <li> |
1674 | | <b>Griffioen, J. and Fei, Zongming and Nasir, H. and Wu, Xiongqi and Reed, J. and Carpenter, C.</b>, |
| 1670 | </li> |
| 1671 | <br> |
| 1672 | |
| 1673 | <li> |
| 1674 | <b>Griffioen, J. and Fei, Zongming and Nasir, H. and Wu, Xiongqi and Reed, J. and Carpenter, C.</b>, |
| 1675 | "The design of an instrumentation system for federated and virtualized network testbeds." |
| 1676 | Network Operations and Management Symposium (NOMS), 2012 IEEE, IEEE, |
| 1677 | 2012. |
| 1678 | doi:10.1109/NOMS.2012.6212061. |
| 1679 | <a href="http://dx.doi.org/10.1109/NOMS.2012.6212061">http://dx.doi.org/10.1109/NOMS.2012.6212061</a> |
| 1680 | <br><br><b>Abstract: </b>Much of the GENI effort in developing network testbeds has been focused on building the control frameworks needed to allocate and initialize the network resources that make up an experiment. We argue that building the instrumentation and measurement system to monitor and capture the behavior of the network is just as important and challenging as setting up the network itself, especially in a virtualized and federated environment where getting information from experimental nodes is too complicated and too much to handle for a typical user. In this paper, we describe the design of an instrumentation and measurement infrastructure that allows users to monitor their experiments. The challenge that virtualization and federation of GENI testbeds bring to instrumentation and monitoring is how to hide the details of instrumentation setup from users so that users do not need to be experts in system administration or network management of virtualized and federated systems, but are still able to ” see” what is going on with their experiments. Our instrumentation tool sets up experiment-specific monitoring infrastructure that is tailored to capture, record, and display only information associated with that experiment. Our tools are currently available in GENI, and we present a simple example of how to use them to instrument an experiment. |
| 1974 | "QoE management in DASH systems using the segment aware rate adaptation algorithm." |
| 1975 | NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE, |
| 1976 | 2016. |
| 1977 | doi:10.1109/noms.2016.7502805. |
| 1978 | <a href="http://dx.doi.org/10.1109/noms.2016.7502805">http://dx.doi.org/10.1109/noms.2016.7502805</a> |
| 1979 | <br><br><b>Abstract: </b>Dynamic Adaptive Streaming over HTTP (DASH) enables the video player to adapt the bitrate of the video while streaming to ensure playback without interruptions even with varying throughput. A DASH server hosts multiple representations of the same video, each of which is broken down into small segments of fixed playback duration. The video bitrate adaptation is purely driven by the player at the endhost. Typically, the player employs an Adaptive Bitrate (ABR) algorithm, that determines the most appropriate representation for the next segment to be downloaded, based on the current network conditions and user preferences. The aim of an ABR algorithm is to dynamically manage the Quality of Experience (QoE) of the user during the playback. ABR algorithms manage the QoE by maximizing the bitrate while at the same time trying to minimize the other QoE metrics: playback start time, duration and number of buffering events, and the number of bitrate switching events. Typically, the ABR algorithms manage the QoE by using the measured network throughput and buffer occupancy to adapt the playback bitrate. However, due to the video encoding schemes employed, the sizes of the individual segments may vary significantly. For low bandwidth networks, fluctuation in the segment sizes results in inaccurate estimation the expected segment fetch times, thereby resulting in inaccurate estimation of the optimum bitrate. In this paper we demonstrate how the Segment-Aware Rate Adaptation (SARA) algorithm, that considers the measured throughput, buffer occupancy, and the variation in segment sizes helps in better management of the users' QoE in a DASH system. By comparing with a typical throughput-based and buffer-based adaptation algorithm under varying network conditions, we demonstrate that SARA manages the QoE better, especially in a low bandwidth network. We also developed AStream, an open-source Python-based emulated DASH-video player that was used to evaluate three different ABR algor- thms and measure the QoE metrics with each of them. |
| 1980 | </li> |
| 1981 | <br> |
| 1982 | |
| 1983 | <li> |
| 1984 | <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b>, |
1980 | | </li> |
1981 | | <br> |
1982 | | |
1983 | | <li> |
1984 | | <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b>, |
1985 | | "QoE management in DASH systems using the segment aware rate adaptation algorithm." |
1986 | | NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE, |
1987 | | 2016. |
1988 | | doi:10.1109/noms.2016.7502805. |
1989 | | <a href="http://dx.doi.org/10.1109/noms.2016.7502805">http://dx.doi.org/10.1109/noms.2016.7502805</a> |
1990 | | <br><br><b>Abstract: </b>Dynamic Adaptive Streaming over HTTP (DASH) enables the video player to adapt the bitrate of the video while streaming to ensure playback without interruptions even with varying throughput. A DASH server hosts multiple representations of the same video, each of which is broken down into small segments of fixed playback duration. The video bitrate adaptation is purely driven by the player at the endhost. Typically, the player employs an Adaptive Bitrate (ABR) algorithm, that determines the most appropriate representation for the next segment to be downloaded, based on the current network conditions and user preferences. The aim of an ABR algorithm is to dynamically manage the Quality of Experience (QoE) of the user during the playback. ABR algorithms manage the QoE by maximizing the bitrate while at the same time trying to minimize the other QoE metrics: playback start time, duration and number of buffering events, and the number of bitrate switching events. Typically, the ABR algorithms manage the QoE by using the measured network throughput and buffer occupancy to adapt the playback bitrate. However, due to the video encoding schemes employed, the sizes of the individual segments may vary significantly. For low bandwidth networks, fluctuation in the segment sizes results in inaccurate estimation the expected segment fetch times, thereby resulting in inaccurate estimation of the optimum bitrate. In this paper we demonstrate how the Segment-Aware Rate Adaptation (SARA) algorithm, that considers the measured throughput, buffer occupancy, and the variation in segment sizes helps in better management of the users' QoE in a DASH system. By comparing with a typical throughput-based and buffer-based adaptation algorithm under varying network conditions, we demonstrate that SARA manages the QoE better, especially in a low bandwidth network. We also developed AStream, an open-source Python-based emulated DASH-video player that was used to evaluate three different ABR algor- thms and measure the QoE metrics with each of them. |
| 2566 | "Next Generation Virtual Network Architecture for Multi-tenant Distributed Clouds: Challenges and Emerging Techniques." |
| 2567 | Proceedings of the 4th Workshop on Distributed Cloud Computing, Chicago, Illinois, ACM, New York, NY, USA, |
| 2568 | 2016. |
| 2569 | doi:10.1145/2955193.2955194. |
| 2570 | <a href="http://dx.doi.org/10.1145/2955193.2955194">http://dx.doi.org/10.1145/2955193.2955194</a> |
| 2571 | <br><br><b>Abstract: </b>Providing services for multiple tenants within a single or federated distributed cloud environment requires a variety of special considerations related to network design, provisioning, and operations. Especially important are multiple topics concerning the implementation of multiple parallel programmable virtual networks for large numbers of tenants, who require autonomous management, control, and data planes. This paper provides an overview of some of the challenges that arise from developing and implementing parallel programmable virtual networks, describes experiences with several experimental techniques for addressing those challenges based on large scale distributed testbeds, and presents the results of the experiments that were conducted. Distributed environments used include a distributed cloud testbed, the Chameleon Cloud, sponsored by the National Science Foundation's NSFCloud program, the NSF's Global Environment for Network Innovations (GENI), an international distributed OpenFlow testbed, and the Open Science Data Cloud. |
| 2572 | </li> |
| 2573 | <br> |
| 2574 | |
| 2575 | <li> |
| 2576 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b>, |
2570 | 2581 | <a href="http://dx.doi.org/10.1016/j.bjp.2013.12.024">http://dx.doi.org/10.1016/j.bjp.2013.12.024</a> |
2571 | 2582 | <br><br><b>Abstract: </b>Large scale national and international experimental research environments are required to advance communication services and supporting network architecture, technology, and infrastructure. Theories and concepts are often explored using simulation and modeling techniques within labs or on small scale testbeds. However, while such testbeds are valuable resources for the research process, these facilities alone cannot provide an appropriate approximation of the real world conditions required to explore ideas at scale. Very large scale global, experimental network research capabilities are required to deeply investigate innovative concepts. For many years, network testbeds were created to address fairly specific, well defined, limited research goals, and they were implemented for fairly short periods. Recently, taking advantage of a number of macro information technology trends, such as virtualization and programmable resources, several network research communities have been developing innovative types of network research environments. Instead of designing traditional network testbeds, research communities are designing large scale, highly flexible distributed platforms that can be used to create many different types of testbeds. Also, rather than creating short term testbeds for limited research objectives, these new environments are being designed as long term persistent resources to support many types of experimental research. This paper describes the motivations for this trend, provides several examples of large scale distributed network research environments based on the Global Lambda Integrated Facility (GLIF) and the StarLight Exchange Facility, including the Global Environment for Network Innovation (GENI), and indicates emerging future trends for these types of environments. |
2572 | | </li> |
2573 | | <br> |
2574 | | |
2575 | | <li> |
2576 | | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b>, |
2577 | | "Next Generation Virtual Network Architecture for Multi-tenant Distributed Clouds: Challenges and Emerging Techniques." |
2578 | | Proceedings of the 4th Workshop on Distributed Cloud Computing, Chicago, Illinois, ACM, New York, NY, USA, |
2579 | | 2016. |
2580 | | doi:10.1145/2955193.2955194. |
2581 | | <a href="http://dx.doi.org/10.1145/2955193.2955194">http://dx.doi.org/10.1145/2955193.2955194</a> |
2582 | | <br><br><b>Abstract: </b>Providing services for multiple tenants within a single or federated distributed cloud environment requires a variety of special considerations related to network design, provisioning, and operations. Especially important are multiple topics concerning the implementation of multiple parallel programmable virtual networks for large numbers of tenants, who require autonomous management, control, and data planes. This paper provides an overview of some of the challenges that arise from developing and implementing parallel programmable virtual networks, describes experiences with several experimental techniques for addressing those challenges based on large scale distributed testbeds, and presents the results of the experiments that were conducted. Distributed environments used include a distributed cloud testbed, the Chameleon Cloud, sponsored by the National Science Foundation's NSFCloud program, the NSF's Global Environment for Network Innovations (GENI), an international distributed OpenFlow testbed, and the Open Science Data Cloud. |
| 2953 | <b>Nussbaum, Lucas</b>, |
| 2954 | "Testbeds Support for Reproducible Research." |
| 2955 | Proceedings of the Reproducibility Workshop, Los Angeles, CA, USA, ACM, New York, NY, USA, |
| 2956 | 2017. |
| 2957 | doi:10.1145/3097766.3097773. |
| 2958 | <a href="http://dx.doi.org/10.1145/3097766.3097773">http://dx.doi.org/10.1145/3097766.3097773</a> |
| 2959 | <br><br><b>Abstract: </b>In the context of experimental research, testbeds play an important role in enabling reproducibility of experiments, by providing a set of services that help experiments with setting up the experimental environment, and collecting data about it. This paper explores the status of three different testbeds (Chameleon, CloudLab and Grid'5000) regarding features required for, or related to reproducible research, and discusses some open questions on that topic. |
| 2960 | </li> |
| 2961 | <br> |
| 2962 | |
| 2963 | |
| 2964 | |
| 2965 | <li> |
| 2993 | "Security experimentation using operational systems." |
| 2994 | Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, Oak Ridge, Tennessee, ACM, New York, NY, USA, |
| 2995 | 2011. |
| 2996 | doi:10.1145/2179298.2179388. |
| 2997 | <a href="http://dx.doi.org/10.1145/2179298.2179388">http://dx.doi.org/10.1145/2179298.2179388</a> |
| 2998 | <br><br><b>Abstract: </b>Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of this growing dependence, there is a concern that these systems remain protected and available. This concern increases exponentially when considering systems such as smart power grids. Therefore, research should be conducted to develop effective ways of detecting system anomalies. To have realistic results, the studies should be tested on real systems. However, it is not possible to test these experiments on the live network. With the recent collaboration of Universities and research labs, a new experiment test bed has been established. As a result, experiments can now be implemented on real networks. In our study, we design an experiment to analyze Distributed Denial of Service Attacks (DDoS Attack) on a real network with real Internet traffic. The approach that we use in our study can easily be generalized to apply to smart power grids. |
| 2999 | </li> |
| 3000 | <br> |
| 3001 | |
| 3002 | <li> |
| 3003 | <b>Ozcelik, Ilker and Brooks, Richard R.</b>, |
3000 | | <li> |
3001 | | <b>Ozcelik, Ilker and Brooks, Richard R.</b>, |
3002 | | "Security experimentation using operational systems." |
3003 | | Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, Oak Ridge, Tennessee, ACM, New York, NY, USA, |
3004 | | 2011. |
3005 | | doi:10.1145/2179298.2179388. |
3006 | | <a href="http://dx.doi.org/10.1145/2179298.2179388">http://dx.doi.org/10.1145/2179298.2179388</a> |
3007 | | <br><br><b>Abstract: </b>Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of this growing dependence, there is a concern that these systems remain protected and available. This concern increases exponentially when considering systems such as smart power grids. Therefore, research should be conducted to develop effective ways of detecting system anomalies. To have realistic results, the studies should be tested on real systems. However, it is not possible to test these experiments on the live network. With the recent collaboration of Universities and research labs, a new experiment test bed has been established. As a result, experiments can now be implemented on real networks. In our study, we design an experiment to analyze Distributed Denial of Service Attacks (DDoS Attack) on a real network with real Internet traffic. The approach that we use in our study can easily be generalized to apply to smart power grids. |
3008 | | </li> |
3009 | | <br> |
3010 | | |
| 3872 | <b>Teixeira, Thiago and Marentes, Andres and Wolf, Tilman</b>, |
| 3873 | "Economic incentives in virtualized access networks." |
| 3874 | 2017 IEEE International Conference on Communications (ICC), Paris, France, IEEE, |
| 3875 | 2017. |
| 3876 | doi:10.1109/icc.2017.7996957. |
| 3877 | <a href="http://dx.doi.org/10.1109/icc.2017.7996957">http://dx.doi.org/10.1109/icc.2017.7996957</a> |
| 3878 | <br><br><b>Abstract: </b>Monopolies in access networks present challenging problems for network users: providers have no economic incentives to improve service quality or reduce cost. Virtualization of the access infrastructure can enable competition between providers without the need for deploying different physical access networks. For example, municipal broadband networks are owned by local governments and can be sliced to host multiple service providers. In this work, we evaluate the economic incentives in virtualized access networks and compare them to current access networks with limited (or no) provider competition. We also consider fine-grained competition among transit providers to reflect emerging ideas on offering network connectivity and services dynamically through marketplaces. We use an agent-based simulator in a research testbed to obtain results on quality and cost trends as well as on the ability of providers to thrive in the marketplace. Our findings show that having a shared infrastructure and multiple Internet providers is beneficial for subscribers while maintaining a sustainable ecosystem. Moreover, because the risk associated with deploying infrastructure is shared, Internet providers have more incentive to innovate. Thus, our results highlight the importance of virtualizing access networks to leverage economic drivers in this environment. |
| 3879 | </li> |
| 3880 | <br> |
| 3881 | |
| 3882 | |
| 3883 | |
| 3884 | <li> |
| 4299 | <b>Wang, Xiaoyu and Veeraraghavan, Malathi and Lin, Zongli and Oki, Eiji</b>, |
| 4300 | "Optical Switch in the Middle (OSM) architecture for DCNs with Hadoop adaptations." |
| 4301 | 2017 IEEE International Conference on Communications (ICC), Paris, France, IEEE, |
| 4302 | 2017. |
| 4303 | doi:10.1109/icc.2017.7996504. |
| 4304 | <a href="http://dx.doi.org/10.1109/icc.2017.7996504">http://dx.doi.org/10.1109/icc.2017.7996504</a> |
| 4305 | <br><br><b>Abstract: </b>Optical switching technologies offer a cost-and power-efficient approach for handling the DataCenter Network (DCN) oversubscription problem. We propose a hybrid DCN architecture named Optical Switch in the Middle (OSM), which offers increased flexibility (when compared to prior hybrid architectures) for supporting multiple simultaneous high-speed TOR-to-TOR paths through an Optical Circuit Switch (OCS) and a core-level Electrical Packet Switch (EPS). A multilayer SDN controller supports advanced-reservation scheduling of optical circuits, and the integration of storage in the core EPS increases the usage rate of optical circuits. To effectively use the OSM architecture, we propose four modifications to Hadoop, and illustrate the potential of this architecture for achieving higher compute-resource utilization while simultaneously offering users shorter job completion times. |
| 4306 | </li> |
| 4307 | <br> |
| 4308 | |
| 4309 | |
| 4310 | |
| 4311 | <li> |
5513 | | <li> |
5514 | | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b>, |
5515 | | "An SDN-supported collaborative approach for DDoS flooding detection and containment." |
5516 | | Military Communications Conference, MILCOM 2015 - 2015 IEEE, IEEE, |
5517 | | 2015. |
5518 | | doi:10.1109/milcom.2015.7357519. |
5519 | | </li> |
5520 | | <br> |
5521 | | |
5522 | | |
| 5561 | |
| 5562 | |
| 5563 | <li> |
| 5564 | <b>Chin, Tommy and Xiong, Kaiqi</b>, |
| 5565 | "MPBSD: A Moving Target Defense Approach for Base Station Security in Wireless Sensor Networks." |
| 5566 | Wireless Algorithms, Systems, and Applications, Springer International Publishing, |
| 5567 | 2016. |
| 5568 | doi:10.1007/978-3-319-42836-9_43. |
| 5569 | </li> |
| 5570 | <br> |
6050 | | "The design of an instrumentation system for federated and virtualized network testbeds." |
6051 | | Network Operations and Management Symposium (NOMS), 2012 IEEE, IEEE, |
6052 | | 2012. |
6053 | | doi:10.1109/NOMS.2012.6212061. |
6054 | | </li> |
6055 | | <br> |
6056 | | |
6057 | | <li> |
6058 | | <b>Griffioen, J. and Fei, Zongming and Nasir, H. and Wu, Xiongqi and Reed, J. and Carpenter, C.</b>, |
| 6093 | </li> |
| 6094 | <br> |
| 6095 | |
| 6096 | <li> |
| 6097 | <b>Griffioen, J. and Fei, Zongming and Nasir, H. and Wu, Xiongqi and Reed, J. and Carpenter, C.</b>, |
| 6098 | "The design of an instrumentation system for federated and virtualized network testbeds." |
| 6099 | Network Operations and Management Symposium (NOMS), 2012 IEEE, IEEE, |
| 6100 | 2012. |
| 6101 | doi:10.1109/NOMS.2012.6212061. |
| 6842 | "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
| 6843 | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| 6844 | 2014. |
| 6845 | doi:10.1109/itc.2014.6932970. |
| 6846 | </li> |
| 6847 | <br> |
| 6848 | |
| 6849 | <li> |
| 6850 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b>, |
6807 | | </li> |
6808 | | <br> |
6809 | | |
6810 | | <li> |
6811 | | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b>, |
6812 | | "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
6813 | | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
6814 | | 2014. |
6815 | | doi:10.1109/itc.2014.6932970. |