| 54 | </li> |
| 55 | <br> |
| 56 | |
| 57 | |
| 58 | |
| 59 | <li> |
| 60 | <b>Abdelhadi, Ahmed and Rechia, Felipe and Narayanan, Arvind and Teixeira, Thiago and Lent, Ricardo and Benhaddou, Driss and Lee, Hyunwoo and Clancy, T. Charles</b> |
| 61 | , "Position estimation of robotic mobile nodes in wireless testbed using GENI." |
| 62 | 2016 Annual IEEE Systems Conference (SysCon), IEEE, |
| 63 | 2016. |
| 64 | doi:10.1109/syscon.2016.7490652. |
| 65 | <a href="http://dx.doi.org/10.1109/syscon.2016.7490652">http://dx.doi.org/10.1109/syscon.2016.7490652</a> |
| 66 | <br><br><b>Abstract: </b>We present a low complexity experimental RF-based indoor localization system based on the collection and processing of WiFi RSSI signals and processing using a RSS-based multi-lateration algorithm to determine a robotic mobile node's location. We use a real indoor wireless testbed called w-iLab.t that is deployed in Zwijnaarde, Ghent, Belgium. One of the unique attributes of this testbed is that it provides tools and interfaces using Global Environment for Network Innovations (GENI) project to easily create reproducible wireless network experiments in a controlled environment. We provide a low complexity algorithm to estimate the location of the mobile robots in the indoor environment. In addition, we provide a comparison between some of our collected measurements with their corresponding location estimation and the actual robot location. The comparison shows an accuracy between 0.65 and 5 meters. |
| 125 | <b>Aleroud, Ahmad and Alsmadi, Izzat</b> |
| 126 | , "Identifying DoS attacks on software defined networks: A relation context approach." |
| 127 | NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE, |
| 128 | 2016. |
| 129 | doi:10.1109/noms.2016.7502914. |
| 130 | <a href="http://dx.doi.org/10.1109/noms.2016.7502914">http://dx.doi.org/10.1109/noms.2016.7502914</a> |
| 131 | <br><br><b>Abstract: </b>The recent emerge of Software Defined Networking (SDN) promotes both supporters and opponents to further explore this network architecture. One of the main attributes that characterize SDN is the significant role of software to manage and control the architecture. There are four major concerns for such software dominant role, security, performance, reliability, and fault tolerance. Among them security is considered a major concern. SDNs security concerns include attacks on the control plane layer such as DoS attacks. This paper presents an inference-relation context based technique for the detection of DoS attacks on SDNs. The proposed technique utilizes contextual similarity with existing attack patterns to identify DoS in an OpenFlow infrastructure. A validation of the proposed technique has been performed using a several benchmark datasets yielding promising results. |
| 132 | </li> |
| 133 | <br> |
| 134 | |
| 135 | |
| 136 | |
| 137 | <li> |
| 698 | , "Cont2: Social-Aware Content and Contact Based File Search in Delay Tolerant Networks." |
| 699 | Proceedings of the 2013 42Nd International Conference on Parallel Processing, IEEE Computer Society, Washington, DC, USA, |
| 700 | 2013. |
| 701 | doi:10.1109/icpp.2013.28. |
| 702 | <a href="http://dx.doi.org/10.1109/icpp.2013.28">http://dx.doi.org/10.1109/icpp.2013.28</a> |
| 703 | <br><br><b>Abstract: </b>In this paper, we focus on distributed file search over a delay tolerant network (DTN) formed by mobile devices that exhibit the characteristics of social networks. Current file search methods in MANETs/DTNs are either content-based or contact-based. The former builds routing tables for node contents but is not resilient to high node mobility, while the latter exploits node contact patterns in the social networks but may lead to high latency. Recent research also reveal the importance of interests in realizing efficient file dissemination in DTNs. In this paper, we first analyze node interest and mobility from real traces, which confirms the shortcomings of a contact based method and show the importance of considering both content/interest and contact in file search. We then propose Cont2, a social-aware file search method which leverages both node social interests (content) and contact patterns to enhance search efficiency. First, considering people with common interests tend to share files and gather together, Cont2 virtually groups common-interest nodes into a community to direct file search. Second, considering human mobility follows a certain pattern, Cont2 exploits nodes that have high contact frequency with the queried content. Third, Cont2 also exploits active nodes that have more connections to others as a complementary approach to expedite file search. Trace-driven experimental on the real-world GENI test bed and NS-2 simulator show that Cont2 can significantly improve the search efficiency compared to current methods. |
| 704 | </li> |
| 705 | <br> |
| 706 | |
| 707 | <li> |
| 708 | <b>Chen, Kang and Shen, Haiying</b> |
678 | | </li> |
679 | | <br> |
680 | | |
681 | | <li> |
682 | | <b>Chen, Kang and Shen, Haiying</b> |
683 | | , "Cont2: Social-Aware Content and Contact Based File Search in Delay Tolerant Networks." |
684 | | Proceedings of the 2013 42Nd International Conference on Parallel Processing, IEEE Computer Society, Washington, DC, USA, |
685 | | 2013. |
686 | | doi:10.1109/icpp.2013.28. |
687 | | <a href="http://dx.doi.org/10.1109/icpp.2013.28">http://dx.doi.org/10.1109/icpp.2013.28</a> |
688 | | <br><br><b>Abstract: </b>In this paper, we focus on distributed file search over a delay tolerant network (DTN) formed by mobile devices that exhibit the characteristics of social networks. Current file search methods in MANETs/DTNs are either content-based or contact-based. The former builds routing tables for node contents but is not resilient to high node mobility, while the latter exploits node contact patterns in the social networks but may lead to high latency. Recent research also reveal the importance of interests in realizing efficient file dissemination in DTNs. In this paper, we first analyze node interest and mobility from real traces, which confirms the shortcomings of a contact based method and show the importance of considering both content/interest and contact in file search. We then propose Cont2, a social-aware file search method which leverages both node social interests (content) and contact patterns to enhance search efficiency. First, considering people with common interests tend to share files and gather together, Cont2 virtually groups common-interest nodes into a community to direct file search. Second, considering human mobility follows a certain pattern, Cont2 exploits nodes that have high contact frequency with the queried content. Third, Cont2 also exploits active nodes that have more connections to others as a complementary approach to expedite file search. Trace-driven experimental on the real-world GENI test bed and NS-2 simulator show that Cont2 can significantly improve the search efficiency compared to current methods. |
| 787 | , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." |
| 788 | Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, |
| 789 | 2015. |
| 790 | doi:10.1109/icdcsw.2015.27. |
| 791 | <a href="http://dx.doi.org/10.1109/icdcsw.2015.27">http://dx.doi.org/10.1109/icdcsw.2015.27</a> |
| 792 | <br><br><b>Abstract: </b>Software-defined networking (SDN) and Open Flow have been driving new security applications and services. However, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. In this paper, we discuss a novel attack detection approach that coordinates monitors distributed over a network and controllers centralized on an SDN Open Virtual Switch (OVS), selectively inspecting network packets on demand. With different scale of network views and information availability, these two elements collaboratively detect signature constituents of an attack. Therefore, this approach is able to quickly issue an alert against potential threats followed by careful verification for high accuracy, while balancing the workload on the OVS. We have applied this method for detection and mitigation of TCP SYN flood attacks on Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful toward a systematic methodology of SDN-supported attack detection and containment. |
| 793 | </li> |
| 794 | <br> |
| 795 | |
| 796 | <li> |
| 797 | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> |
770 | | <li> |
771 | | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> |
772 | | , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." |
773 | | Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, |
774 | | 2015. |
775 | | doi:10.1109/icdcsw.2015.27. |
776 | | <a href="http://dx.doi.org/10.1109/icdcsw.2015.27">http://dx.doi.org/10.1109/icdcsw.2015.27</a> |
777 | | <br><br><b>Abstract: </b>Software-defined networking (SDN) and Open Flow have been driving new security applications and services. However, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. In this paper, we discuss a novel attack detection approach that coordinates monitors distributed over a network and controllers centralized on an SDN Open Virtual Switch (OVS), selectively inspecting network packets on demand. With different scale of network views and information availability, these two elements collaboratively detect signature constituents of an attack. Therefore, this approach is able to quickly issue an alert against potential threats followed by careful verification for high accuracy, while balancing the workload on the OVS. We have applied this method for detection and mitigation of TCP SYN flood attacks on Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful toward a systematic methodology of SDN-supported attack detection and containment. |
| 807 | |
| 808 | |
| 809 | <li> |
| 810 | <b>Chin, Tommy and Xiong, Kaiqi</b> |
| 811 | , "Dynamic generation containment systems (DGCS): A Moving Target Defense approach." |
| 812 | 2016 3rd International Workshop on Emerging Ideas and Trends in Engineering of Cyber-Physical Systems (EITEC), IEEE, |
| 813 | 2016. |
| 814 | doi:10.1109/eitec.2016.7503690. |
| 815 | <a href="http://dx.doi.org/10.1109/eitec.2016.7503690">http://dx.doi.org/10.1109/eitec.2016.7503690</a> |
| 816 | <br><br><b>Abstract: </b>Supervisory Control and Data Acquisition (SCADA) systems are critical assets to public utility and manufacturing organizations. These systems, although critical, are prone to numerous cyber security related threats and attacks. To combat such challenges, we propose a Dynamic Generated Containment System (DGCS), a moving target defense model as a method of threat evasion. Under the proposed approach, we employ the use of intrusion detection systems (IDS) in conjunction with virtualization solution - Docker. The proposed approach provides an individual Docker container for each threat detected by our IDS. We conduct several experiments using high performance computing systems to measure and demonstrate our proposed approach. |
| 1494 | <li> |
| 1495 | <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b> |
| 1496 | , "QoE management in DASH systems using the segment aware rate adaptation algorithm." |
| 1497 | NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE, |
| 1498 | 2016. |
| 1499 | doi:10.1109/noms.2016.7502805. |
| 1500 | <a href="http://dx.doi.org/10.1109/noms.2016.7502805">http://dx.doi.org/10.1109/noms.2016.7502805</a> |
| 1501 | <br><br><b>Abstract: </b>Dynamic Adaptive Streaming over HTTP (DASH) enables the video player to adapt the bitrate of the video while streaming to ensure playback without interruptions even with varying throughput. A DASH server hosts multiple representations of the same video, each of which is broken down into small segments of fixed playback duration. The video bitrate adaptation is purely driven by the player at the endhost. Typically, the player employs an Adaptive Bitrate (ABR) algorithm, that determines the most appropriate representation for the next segment to be downloaded, based on the current network conditions and user preferences. The aim of an ABR algorithm is to dynamically manage the Quality of Experience (QoE) of the user during the playback. ABR algorithms manage the QoE by maximizing the bitrate while at the same time trying to minimize the other QoE metrics: playback start time, duration and number of buffering events, and the number of bitrate switching events. Typically, the ABR algorithms manage the QoE by using the measured network throughput and buffer occupancy to adapt the playback bitrate. However, due to the video encoding schemes employed, the sizes of the individual segments may vary significantly. For low bandwidth networks, fluctuation in the segment sizes results in inaccurate estimation the expected segment fetch times, thereby resulting in inaccurate estimation of the optimum bitrate. In this paper we demonstrate how the Segment-Aware Rate Adaptation (SARA) algorithm, that considers the measured throughput, buffer occupancy, and the variation in segment sizes helps in better management of the users' QoE in a DASH system. By comparing with a typical throughput-based and buffer-based adaptation algorithm under varying network conditions, we demonstrate that SARA manages the QoE better, especially in a low bandwidth network. We also developed AStream, an open-source Python-based emulated DASH-video player that was used to evaluate three different ABR algor- thms and measure the QoE metrics with each of them. |
| 1502 | </li> |
| 1503 | <br> |
| 1504 | |
| 1638 | <b>Koning, Ralph and de Graaff, Ben and de Laat, Cees and Meijer, Robert and Grosso, Paola</b> |
| 1639 | , "Interactive analysis of SDN-driven defence against distributed denial of service attacks." |
| 1640 | 2016 IEEE NetSoft Conference and Workshops (NetSoft), IEEE, |
| 1641 | 2016. |
| 1642 | doi:10.1109/netsoft.2016.7502489. |
| 1643 | <a href="http://dx.doi.org/10.1109/netsoft.2016.7502489">http://dx.doi.org/10.1109/netsoft.2016.7502489</a> |
| 1644 | <br><br><b>Abstract: </b>The Secure Autonomous Response Networks (SARNET) framework introduces a mechanism to respond autonomously to security attacks in Software Defined Networks (SDN). Still the range of responses possible and their effectiveness need to be properly evaluated such that the decision making process and the self-learning capability of such systems are optimized. To this purpose we developed a touch-table driven interactive SARNET prototype, named VNET, and we demonstrated its use through real-time monitoring and control of real and virtualised networks. By observing users interacting with the system at SC15 in Austin, we concluded that in a SDN it is possible to achieve high effectiveness of responses by carefully choosing a relatively minor number of actions. |
| 1645 | </li> |
| 1646 | <br> |
| 1647 | |
| 1648 | |
| 1649 | |
| 1650 | <li> |
| 1665 | , "Performance of GENI Cloud Testbeds for Real Time Scientific Application." |
| 1666 | First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, |
| 1667 | 2012. |
| 1668 | |
| 1669 | |
| 1670 | <br><br><b>Abstract: </b>Dedicating high end servers for short-term execution of scientific applications such as weather forecasting wastes resources. Cloud platforms IaaS model seems well suited for applications which are executed on an irregular basis and for short duration. In this paper, we evaluate the performance of research testbed cloud platforms such as GENICloud and ORCA cloud clusters for our real-time scientific application of short-term weather forecasting called Nowcasting. In this paper, we evaluate the network capabilities of these research cloud testbeds for our real-time application of weather forecasting. In addition, we evaluate the computation time of executing Nowcasting on each cloud platform for weather data collected from real weather events. We also evaluate the total time taken to generate and transmit short-term forecast images to end users with live data from our own radar on campus. We also compare the performance of each of these clusters for Nowcasting with commercial cloud services such as Amazon's EC2. The results obtained from our measurement show that cloud testbeds are suitable for real-time application experiments to be carried out on a cloud platform. |
| 1671 | </li> |
| 1672 | <br> |
| 1673 | |
| 1674 | <li> |
| 1675 | <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b> |
1606 | 1680 | <a href="http://dx.doi.org/10.1109/lcn.2012.6423665">http://dx.doi.org/10.1109/lcn.2012.6423665</a> |
1607 | 1681 | <br><br><b>Abstract: </b>Dedicating high-end servers for executing scientific applications that run intermittently, such as severe weather detection or generalized weather forecasting, wastes resources. While the Infrastructure-as-a-Service (IaaS) model used by today's cloud platforms is well-suited for the bursty computational demands of these applications, it is unclear if the network capabilities of today's cloud platforms are sufficient. In this paper, we analyze the networking capabilities of multiple commercial (Amazon's EC2 and Rackspace) and research (GENICloud and ExoGENI cloud) platforms in the context of a Nowcasting application, a forecasting algorithm for highly accurate, near-term, e.g., 5-20 minutes, weather predictions. The application has both computational and network requirements. While it executes rarely, whenever severe weather approaches, it benefits from an IaaS model; However, since its results are time-critical, enough bandwidth must be available to transmit radar data to cloud platforms before it becomes stale. We conduct network capacity measurements between radar sites and cloud platforms throughout the country. Our results indicate that ExoGENI cloud performs the best for both serial and parallel data transfer with an average throughput of 110.22 Mbps and 17.2 Mbps, respectively. We also found that the cloud services perform better in the distributed data transfer case, where a subset of nodes transmit data in parallel to a cloud instance. Ultimately, we conclude that commercial and research clouds are capable of providing sufficient bandwidth for our real-time Nowcasting application. |
1608 | | </li> |
1609 | | <br> |
1610 | | |
1611 | | <li> |
1612 | | <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b> |
1613 | | , "Performance of GENI Cloud Testbeds for Real Time Scientific Application." |
1614 | | First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, |
1615 | | 2012. |
1616 | | |
1617 | | |
1618 | | <br><br><b>Abstract: </b>Dedicating high end servers for short-term execution of scientific applications such as weather forecasting wastes resources. Cloud platforms IaaS model seems well suited for applications which are executed on an irregular basis and for short duration. In this paper, we evaluate the performance of research testbed cloud platforms such as GENICloud and ORCA cloud clusters for our real-time scientific application of short-term weather forecasting called Nowcasting. In this paper, we evaluate the network capabilities of these research cloud testbeds for our real-time application of weather forecasting. In addition, we evaluate the computation time of executing Nowcasting on each cloud platform for weather data collected from real weather events. We also evaluate the total time taken to generate and transmit short-term forecast images to end users with live data from our own radar on campus. We also compare the performance of each of these clusters for Nowcasting with commercial cloud services such as Amazon's EC2. The results obtained from our measurement show that cloud testbeds are suitable for real-time application experiments to be carried out on a cloud platform. |
| 2001 | , "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
| 2002 | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| 2003 | 2014. |
| 2004 | doi:10.1109/itc.2014.6932970. |
| 2005 | <a href="http://dx.doi.org/10.1109/itc.2014.6932970">http://dx.doi.org/10.1109/itc.2014.6932970</a> |
| 2006 | <br><br><b>Abstract: </b>Software Defined Networks (SDNs), primarily based on OpenFlow, are being deployed in single domain networks around the world. The popularity of SDNs has given rise to multiple considerations about designing, implementing, and operating Software-Defined Network Exchanges (SDXs), to enable SDNs to interconnect SDN islands and to extend SDNs across multiple domains. These goals can be accomplished only by developing new techniques that extend the single domain orientation of current SDN/OpenFlow approaches to include capabilities for multidomain control, including those for resource discovery, signaling, and dynamic provisioning. Several networking research communities have begun to investigate these concepts. Early architectural models of SDXs have been designed and implemented as prototypes. These SDXs are being used to conduct experiments and to demonstrate the potentials of SDXs. |
| 2007 | </li> |
| 2008 | <br> |
| 2009 | |
| 2010 | <li> |
| 2011 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
1942 | 2016 | <a href="http://dx.doi.org/10.1016/j.bjp.2013.12.024">http://dx.doi.org/10.1016/j.bjp.2013.12.024</a> |
1943 | 2017 | <br><br><b>Abstract: </b>Large scale national and international experimental research environments are required to advance communication services and supporting network architecture, technology, and infrastructure. Theories and concepts are often explored using simulation and modeling techniques within labs or on small scale testbeds. However, while such testbeds are valuable resources for the research process, these facilities alone cannot provide an appropriate approximation of the real world conditions required to explore ideas at scale. Very large scale global, experimental network research capabilities are required to deeply investigate innovative concepts. For many years, network testbeds were created to address fairly specific, well defined, limited research goals, and they were implemented for fairly short periods. Recently, taking advantage of a number of macro information technology trends, such as virtualization and programmable resources, several network research communities have been developing innovative types of network research environments. Instead of designing traditional network testbeds, research communities are designing large scale, highly flexible distributed platforms that can be used to create many different types of testbeds. Also, rather than creating short term testbeds for limited research objectives, these new environments are being designed as long term persistent resources to support many types of experimental research. This paper describes the motivations for this trend, provides several examples of large scale distributed network research environments based on the Global Lambda Integrated Facility (GLIF) and the StarLight Exchange Facility, including the Global Environment for Network Innovation (GENI), and indicates emerging future trends for these types of environments. |
1944 | | </li> |
1945 | | <br> |
1946 | | |
1947 | | <li> |
1948 | | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
1949 | | , "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
1950 | | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
1951 | | 2014. |
1952 | | doi:10.1109/itc.2014.6932970. |
1953 | | <a href="http://dx.doi.org/10.1109/itc.2014.6932970">http://dx.doi.org/10.1109/itc.2014.6932970</a> |
1954 | | <br><br><b>Abstract: </b>Software Defined Networks (SDNs), primarily based on OpenFlow, are being deployed in single domain networks around the world. The popularity of SDNs has given rise to multiple considerations about designing, implementing, and operating Software-Defined Network Exchanges (SDXs), to enable SDNs to interconnect SDN islands and to extend SDNs across multiple domains. These goals can be accomplished only by developing new techniques that extend the single domain orientation of current SDN/OpenFlow approaches to include capabilities for multidomain control, including those for resource discovery, signaling, and dynamic provisioning. Several networking research communities have begun to investigate these concepts. Early architectural models of SDXs have been designed and implemented as prototypes. These SDXs are being used to conduct experiments and to demonstrate the potentials of SDXs. |
| 2219 | <b>Nakauchi, Kiyohide and Nishinaga, Nozomu</b> |
| 2220 | , "Software-defined exchange for the virtualized WiFi network towards future Mobile Cloud services." |
| 2221 | 2016 IEEE International Conference on Communications Workshops (ICC), IEEE, |
| 2222 | 2016. |
| 2223 | doi:10.1109/iccw.2016.7503875. |
| 2224 | <a href="http://dx.doi.org/10.1109/iccw.2016.7503875">http://dx.doi.org/10.1109/iccw.2016.7503875</a> |
| 2225 | <br><br><b>Abstract: </b>This paper proposes a software-defined exchange (SDX) scheme for the federation of the virtualized WiFi system and the VNode system, a deeply programmable network virtualization platform, to facilitate Mobile Cloud Computing (MCC) over SDN. We envision the future MCC services, where QoE of the services is further enhanced by SDN's capabilities such as auto-scaling of the network resources to accommodate fluctuated traffic, and seamless migration of server-side programs to the network edge. Towards the future MCC, a cross-domain federated virtual network (slice) across wireless and wired domains is needed, while individual slice operations and policies in each domain should be maintained for supporting the diversity of virtualization technologies. Though some SDX schemes have been proposed in the literature, they implicitly assume inter-connection of virtualized wired domains and it is difficult to apply them to virtualized wireless domains. To address this issue, in this paper we focus on the federation between the VNode and the virtualized WiFi platform through the Slice Exchange Point (SEP) framework as a case study, and specifically propose the WiFi portal function that enables the SEP to inter-connect a VNode slice and a WiFi slice by translation between the common slice description defined by SEP and the WiFi-specific one. This paper shows the design of the WiFi portal and its implementation on the virtualized WiFi prototype system. We build an experimental system using the two virtualized WiFi base stations and four VNode nodes, and demonstrate a wide-area federated slice can be dynamically built in 238 seconds without any manual operation. |
| 2226 | </li> |
| 2227 | <br> |
| 2228 | |
| 2229 | |
| 2230 | |
| 2231 | <li> |
| 2335 | , "Performance Analysis of DDoS Detection Methods on Real Network." |
| 2336 | First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, |
| 2337 | 2012. |
| 2338 | |
| 2339 | |
| 2340 | <br><br><b>Abstract: </b>Distributed Denial of Service (DDoS) attacks are major security threats to the Internet. The distributed structure of these attacks makes it difficult to distinguish between legitimate and attack traffic, making detection difficult. In addition to this challenge, researchers also have to study and find countermeasures against these attacks without using an operational network for testing, since attacks on operational networks inconvenience users. In this paper, we propose a method to perform DDoS analysis on real hardware using real traffic without jeopardizing the original network. We implement our experiments on the Geni testbed using Openflow. We present results from DDoS detection methods using operational traffic. |
| 2341 | </li> |
| 2342 | <br> |
| 2343 | |
| 2344 | <li> |
| 2345 | <b>Ozcelik, Ilker and Brooks, Richard R.</b> |
2265 | | </li> |
2266 | | <br> |
2267 | | |
2268 | | <li> |
2269 | | <b>Ozcelik, Ilker and Brooks, Richard R.</b> |
2270 | | , "Performance Analysis of DDoS Detection Methods on Real Network." |
2271 | | First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, |
2272 | | 2012. |
2273 | | |
2274 | | |
2275 | | <br><br><b>Abstract: </b>Distributed Denial of Service (DDoS) attacks are major security threats to the Internet. The distributed structure of these attacks makes it difficult to distinguish between legitimate and attack traffic, making detection difficult. In addition to this challenge, researchers also have to study and find countermeasures against these attacks without using an operational network for testing, since attacks on operational networks inconvenience users. In this paper, we propose a method to perform DDoS analysis on real hardware using real traffic without jeopardizing the original network. We implement our experiments on the Geni testbed using Openflow. We present results from DDoS detection methods using operational traffic. |
3141 | | , "PrimoGENI for hybrid network simulation and emulation experiments in GENI." |
3142 | | Journal of Simulation, |
3143 | | 2012. |
3144 | | doi:10.1057/jos.2012.5. |
3145 | | <a href="http://dx.doi.org/10.1057/jos.2012.5">http://dx.doi.org/10.1057/jos.2012.5</a> |
3146 | | <br><br><b>Abstract: </b>The Global Environment for Network Innovations (GENI) is a community-driven research and development effort to build a collaborative and exploratory network experimentation platform—a 'virtual laboratory' for the design, implementation, and evaluation of future networks. The PrimoGENI project enables real-time network simulation by extending an existing network simulator to become part of the GENI federation to support large-scale experiments involving physical, simulated, and emulated network entities. In this paper, we describe a novel design of PrimoGENI, which aims at supporting realistic, scalable, and flexible network experiments with real-time simulation and emulation capabilities. We present a flexible emulation infrastructure that allows both remote client machines, local cluster nodes running virtual machines, and external networks to seamlessly interoperate with the simulated network running within a designated 'slice' of resources. We present the results of our preliminary validation and performance studies to demonstrate the capabilities as well as limitations of our approach. |
3147 | | </li> |
3148 | | <br> |
3149 | | |
3150 | | <li> |
3151 | | <b>Van Vorst, N. and Erazo, M. and Liu, J.</b> |
| 3223 | </li> |
| 3224 | <br> |
| 3225 | |
| 3226 | <li> |
| 3227 | <b>Van Vorst, N. and Erazo, M. and Liu, J.</b> |
| 3228 | , "PrimoGENI for hybrid network simulation and emulation experiments in GENI." |
| 3229 | Journal of Simulation, |
| 3230 | 2012. |
| 3231 | doi:10.1057/jos.2012.5. |
| 3232 | <a href="http://dx.doi.org/10.1057/jos.2012.5">http://dx.doi.org/10.1057/jos.2012.5</a> |
| 3233 | <br><br><b>Abstract: </b>The Global Environment for Network Innovations (GENI) is a community-driven research and development effort to build a collaborative and exploratory network experimentation platform—a 'virtual laboratory' for the design, implementation, and evaluation of future networks. The PrimoGENI project enables real-time network simulation by extending an existing network simulator to become part of the GENI federation to support large-scale experiments involving physical, simulated, and emulated network entities. In this paper, we describe a novel design of PrimoGENI, which aims at supporting realistic, scalable, and flexible network experiments with real-time simulation and emulation capabilities. We present a flexible emulation infrastructure that allows both remote client machines, local cluster nodes running virtual machines, and external networks to seamlessly interoperate with the simulated network running within a designated 'slice' of resources. We present the results of our preliminary validation and performance studies to demonstrate the capabilities as well as limitations of our approach. |
| 3488 | , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service." |
| 3489 | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| 3490 | 2014. |
| 3491 | doi:10.1109/itc.2014.6932973. |
| 3492 | <a href="http://dx.doi.org/10.1109/itc.2014.6932973">http://dx.doi.org/10.1109/itc.2014.6932973</a> |
| 3493 | <br><br><b>Abstract: </b>In this paper, we study the problem of provisioning large-scale virtual clusters over federated clouds connected by multi-domain, layer-2 wide area networks. We first present the virtual cluster request abstraction and the abstraction models for substrate resource pools. Based on these two abstraction models, we developed a novel layer-2 exchange mechanism and an implementation of it in a multi-domain networked cloud environment. The design of the mechanism takes into consideration the realistic constraints in current network and cloud systems. We show that efficient cluster splitting, cloud data center selection and resource allocation algorithms can be developed to provision large-scale virtual clusters across cloud sites. A prototype system has been deployed and integrated into the ExoGENI testbed for about a year, and is being heavily used by scientific and data analytic applications. |
| 3494 | </li> |
| 3495 | <br> |
| 3496 | |
| 3497 | <li> |
| 3498 | <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> |
3418 | | </li> |
3419 | | <br> |
3420 | | |
3421 | | <li> |
3422 | | <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> |
3423 | | , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service." |
3424 | | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
3425 | | 2014. |
3426 | | doi:10.1109/itc.2014.6932973. |
3427 | | <a href="http://dx.doi.org/10.1109/itc.2014.6932973">http://dx.doi.org/10.1109/itc.2014.6932973</a> |
3428 | | <br><br><b>Abstract: </b>In this paper, we study the problem of provisioning large-scale virtual clusters over federated clouds connected by multi-domain, layer-2 wide area networks. We first present the virtual cluster request abstraction and the abstraction models for substrate resource pools. Based on these two abstraction models, we developed a novel layer-2 exchange mechanism and an implementation of it in a multi-domain networked cloud environment. The design of the mechanism takes into consideration the realistic constraints in current network and cloud systems. We show that efficient cluster splitting, cloud data center selection and resource allocation algorithms can be developed to provision large-scale virtual clusters across cloud sites. A prototype system has been deployed and integrated into the ExoGENI testbed for about a year, and is being heavily used by scientific and data analytic applications. |
| 3737 | <b>Abdelhadi, Ahmed and Rechia, Felipe and Narayanan, Arvind and Teixeira, Thiago and Lent, Ricardo and Benhaddou, Driss and Lee, Hyunwoo and Clancy, T. Charles</b> |
| 3738 | , "Position estimation of robotic mobile nodes in wireless testbed using GENI." |
| 3739 | 2016 Annual IEEE Systems Conference (SysCon), IEEE, |
| 3740 | 2016. |
| 3741 | doi:10.1109/syscon.2016.7490652. |
| 3742 | </li> |
| 3743 | <br> |
| 3744 | |
| 3745 | |
| 3746 | |
| 3747 | <li> |
4261 | | <li> |
4262 | | <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> |
4263 | | , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." |
4264 | | Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, |
4265 | | 2015. |
4266 | | doi:10.1109/icdcsw.2015.27. |
| 4368 | |
| 4369 | |
| 4370 | <li> |
| 4371 | <b>Chin, Tommy and Xiong, Kaiqi</b> |
| 4372 | , "Dynamic generation containment systems (DGCS): A Moving Target Defense approach." |
| 4373 | 2016 3rd International Workshop on Emerging Ideas and Trends in Engineering of Cyber-Physical Systems (EITEC), IEEE, |
| 4374 | 2016. |
| 4375 | doi:10.1109/eitec.2016.7503690. |
| 5378 | , "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
| 5379 | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
| 5380 | 2014. |
| 5381 | doi:10.1109/itc.2014.6932970. |
| 5382 | </li> |
| 5383 | <br> |
| 5384 | |
| 5385 | <li> |
| 5386 | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
5253 | | </li> |
5254 | | <br> |
5255 | | |
5256 | | <li> |
5257 | | <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> |
5258 | | , "Software-Defined Network Exchanges (SDXs): Architecture, services, capabilities, and foundation technologies." |
5259 | | Teletraffic Congress (ITC), 2014 26th International, IEEE, |
5260 | | 2014. |
5261 | | doi:10.1109/itc.2014.6932970. |