Changes between Version 48 and Version 49 of GENIBibliography
- Timestamp:
- 11/28/16 17:04:43 (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIBibliography
v48 v49 902 902 <li> 903 903 <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> 904 , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." 905 Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, 906 2015. 907 doi:10.1109/icdcsw.2015.27. 908 <a href="http://dx.doi.org/10.1109/icdcsw.2015.27">http://dx.doi.org/10.1109/icdcsw.2015.27</a> 909 <br><br><b>Abstract: </b>Software-defined networking (SDN) and Open Flow have been driving new security applications and services. However, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. In this paper, we discuss a novel attack detection approach that coordinates monitors distributed over a network and controllers centralized on an SDN Open Virtual Switch (OVS), selectively inspecting network packets on demand. With different scale of network views and information availability, these two elements collaboratively detect signature constituents of an attack. Therefore, this approach is able to quickly issue an alert against potential threats followed by careful verification for high accuracy, while balancing the workload on the OVS. We have applied this method for detection and mitigation of TCP SYN flood attacks on Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful toward a systematic methodology of SDN-supported attack detection and containment. 910 </li> 911 <br> 912 913 <li> 914 <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> 904 915 , "An SDN-supported collaborative approach for DDoS flooding detection and containment." 905 916 Military Communications Conference, MILCOM 2015 - 2015 IEEE, IEEE, … … 908 919 <a href="http://dx.doi.org/10.1109/milcom.2015.7357519">http://dx.doi.org/10.1109/milcom.2015.7357519</a> 909 920 <br><br><b>Abstract: </b>Software Defined Networking (SDN) has the potential to enable novel security applications that support flexible, on-demand deployment of system elements. It can offer targeted forensic evidence collection and investigation of computer network attacks. Such unique capabilities are instrumental to network intrusion detection that is challenged by large volumes of data and complex network topologies. This paper presents an innovative approach that coordinates distributed network traffic Monitors and attack Correlators supported by Open Virtual Switches (OVS). The Monitors conduct anomaly detection and the Correlators perform deep packet inspection for attack signature recognition. These elements take advantage of complementary views and information availability on both the data and control planes. Moreover, they collaboratively look for network flooding attack signature constituents that possess different characteristics in the level of information abstraction. Therefore, this approach is able to not only quickly raise an alert against potential threats, but also follow it up with careful verification to reduce false alarms. We experiment with this SDN-supported collaborative approach to detect TCP SYN flood attacks on the Global Environment for Network Innovations (GENI), a realistic virtual testbed. The response times and detection accuracy, in the context of a small to medium corporate network, have demonstrated its effectiveness and scalability. 910 </li>911 <br>912 913 <li>914 <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b>915 , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)."916 Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE,917 2015.918 doi:10.1109/icdcsw.2015.27.919 <a href="http://dx.doi.org/10.1109/icdcsw.2015.27">http://dx.doi.org/10.1109/icdcsw.2015.27</a>920 <br><br><b>Abstract: </b>Software-defined networking (SDN) and Open Flow have been driving new security applications and services. However, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. In this paper, we discuss a novel attack detection approach that coordinates monitors distributed over a network and controllers centralized on an SDN Open Virtual Switch (OVS), selectively inspecting network packets on demand. With different scale of network views and information availability, these two elements collaboratively detect signature constituents of an attack. Therefore, this approach is able to quickly issue an alert against potential threats followed by careful verification for high accuracy, while balancing the workload on the OVS. We have applied this method for detection and mitigation of TCP SYN flood attacks on Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful toward a systematic methodology of SDN-supported attack detection and containment.921 921 </li> 922 922 <br> … … 1417 1417 1418 1418 <li> 1419 <b>Gosain, Abhimanyu and Seskar, Ivan</b> 1420 , "GENI Wireless Testbed: A Flexible Open Ecosystem for Wireless Communications Research: Demo." 1421 Proceedings of the 22Nd Annual International Conference on Mobile Computing and Networking, New York City, New York, ACM, New York, NY, USA, 1422 2016. 1423 doi:10.1145/2973750.2985627. 1424 <a href="http://dx.doi.org/10.1145/2973750.2985627">http://dx.doi.org/10.1145/2973750.2985627</a> 1425 <br><br><b>Abstract: </b>This demo presents the architecture of GENI (Global Environment of Network Innovations) [1] edge cloud computing network in the form of compute and storage resources, a mobile 4G LTE edge and a high speed campus network connecting these components. GENI's edge computing strategy proceeds by deploying self-contained packages of network, computing, storage resources, or GENI Racks [2] connected via high speed fiber to LTE BS(s) across twelve campuses in the US, all interconnected via a nationwide research network. The GENI mobile computing resource manager is based on the Orbit Management framework (OMF) [3] and provides seamless access to the edge computing resources via the GENI Portal for experimentation, scheduling, data collection and processing. 1426 </li> 1427 <br> 1428 1429 1430 1431 <li> 1419 1432 <b>Grandl, Robert and Han, Dongsu and Lee, Suk B. and Lim, Hyeontaek and Machado, Michel and Mukerjee, Matthew and Naylor, David</b> 1420 1433 , "Supporting network evolution and incremental deployment with XIA." … … 1545 1558 1546 1559 <li> 1560 <b>Hartpence, Bruce and Rosario, Rossi</b> 1561 , "Software Defined Networking for Systems and Network Administration Programs." 1562 The USENIX Journal of Education in System Administration, 1563 2016. 1564 1565 <a href="https://www.usenix.org/sites/default/files/jesa_0201_issue.pdf#page=21">https://www.usenix.org/sites/default/files/jesa_0201_issue.pdf#page=21</a> 1566 <br><br><b>Abstract: </b>Academic programs can be very successful when they include industry best practices, innovations and techniques in addition to theory and background. This approach has historically been a tenet of the networking and systems administration program at the Rochester Institute of Technology. Software-defined networking is an excellent example of a technology which combines theory and emerging practice. Software Defined Networking or SDN includes components that stretch across networking and systems administration curricula including servers or controllers, virtualization, OpenFlow enabled network elements, communication pathways, opportunities for automation, telemetry from the network, dynamic response to system demand and more. These characteristics, and because SDN experiments and courses can be implemented in either virtual or non-virtual facilities, make SDN an outstanding platform for teaching the principles of network and systems administration. Graduate students can also take advantage of the environment encompassed by SDN topologies to further their understanding of systems design, management, testing and communication protocols. This paper will describe some of the SDN projects run at the Rochester Institute of Technology (RIT), the impact on curriculum and some of the environments used. The challenges associated with running the projects and courses within a lab environment will also be illustrated. How and why many of the ideas and new industrial developments were integrated into the classroom will be central to the ideas presented. 1567 </li> 1568 <br> 1569 1570 1571 1572 <li> 1547 1573 <b>Hemmings, Matt and Krahn, Robert and Lary, David and McGeer, Rick and Ricart, Glenn and Röder, Marko</b> 1548 1574 , "The Ignite Distributed Collaborative Scientific Visualization System." … … 1702 1728 <li> 1703 1729 <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b> 1730 , "QoE management in DASH systems using the segment aware rate adaptation algorithm." 1731 NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE, 1732 2016. 1733 doi:10.1109/noms.2016.7502805. 1734 <a href="http://dx.doi.org/10.1109/noms.2016.7502805">http://dx.doi.org/10.1109/noms.2016.7502805</a> 1735 <br><br><b>Abstract: </b>Dynamic Adaptive Streaming over HTTP (DASH) enables the video player to adapt the bitrate of the video while streaming to ensure playback without interruptions even with varying throughput. A DASH server hosts multiple representations of the same video, each of which is broken down into small segments of fixed playback duration. The video bitrate adaptation is purely driven by the player at the endhost. Typically, the player employs an Adaptive Bitrate (ABR) algorithm, that determines the most appropriate representation for the next segment to be downloaded, based on the current network conditions and user preferences. The aim of an ABR algorithm is to dynamically manage the Quality of Experience (QoE) of the user during the playback. ABR algorithms manage the QoE by maximizing the bitrate while at the same time trying to minimize the other QoE metrics: playback start time, duration and number of buffering events, and the number of bitrate switching events. Typically, the ABR algorithms manage the QoE by using the measured network throughput and buffer occupancy to adapt the playback bitrate. However, due to the video encoding schemes employed, the sizes of the individual segments may vary significantly. For low bandwidth networks, fluctuation in the segment sizes results in inaccurate estimation the expected segment fetch times, thereby resulting in inaccurate estimation of the optimum bitrate. In this paper we demonstrate how the Segment-Aware Rate Adaptation (SARA) algorithm, that considers the measured throughput, buffer occupancy, and the variation in segment sizes helps in better management of the users' QoE in a DASH system. By comparing with a typical throughput-based and buffer-based adaptation algorithm under varying network conditions, we demonstrate that SARA manages the QoE better, especially in a low bandwidth network. We also developed AStream, an open-source Python-based emulated DASH-video player that was used to evaluate three different ABR algor- thms and measure the QoE metrics with each of them. 1736 </li> 1737 <br> 1738 1739 <li> 1740 <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b> 1704 1741 , "SARA: Segment aware rate adaptation algorithm for dynamic adaptive streaming over HTTP." 1705 1742 Communication Workshop (ICCW), 2015 IEEE International Conference on, IEEE, … … 1708 1745 <a href="http://dx.doi.org/10.1109/iccw.2015.7247436">http://dx.doi.org/10.1109/iccw.2015.7247436</a> 1709 1746 <br><br><b>Abstract: </b>Dynamic adaptive HTTP (DASH) based streaming is steadily becoming the most popular online video streaming technique. DASH streaming provides seamless playback by adapting the video quality to the network conditions during the video playback. A DASH server supports adaptive streaming by hosting multiple representations of the video and each representation is divided into small segments of equal playback duration. At the client end, the video player uses an adaptive bitrate selection (ABR) algorithm to decide the bitrate to be selected for each segment depending on the current network conditions. Currently, proposed ABR algorithms ignore the fact that the segment sizes significantly vary for a given video bitrate. Due to this, even though an ABR algorithm is able to measure the network bandwidth, it may fail to predict the time to download the next segment In this paper, we propose a segment-aware rate adaptation (SARA) algorithm that considers the segment size variation in addition to the estimated path bandwidth and the current buffer occupancy to accurately predict the time required to download the next segment We also developed an open source Python based emulated DASH video player, that was used to compare the performance of SARA and a basic ABR. Our results show that SARA provides a significant gain over the basic algorithm in the video quality delivered, without noticeably impacting the video switching rates. 1710 </li>1711 <br>1712 1713 <li>1714 <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b>1715 , "QoE management in DASH systems using the segment aware rate adaptation algorithm."1716 NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE,1717 2016.1718 doi:10.1109/noms.2016.7502805.1719 <a href="http://dx.doi.org/10.1109/noms.2016.7502805">http://dx.doi.org/10.1109/noms.2016.7502805</a>1720 <br><br><b>Abstract: </b>Dynamic Adaptive Streaming over HTTP (DASH) enables the video player to adapt the bitrate of the video while streaming to ensure playback without interruptions even with varying throughput. A DASH server hosts multiple representations of the same video, each of which is broken down into small segments of fixed playback duration. The video bitrate adaptation is purely driven by the player at the endhost. Typically, the player employs an Adaptive Bitrate (ABR) algorithm, that determines the most appropriate representation for the next segment to be downloaded, based on the current network conditions and user preferences. The aim of an ABR algorithm is to dynamically manage the Quality of Experience (QoE) of the user during the playback. ABR algorithms manage the QoE by maximizing the bitrate while at the same time trying to minimize the other QoE metrics: playback start time, duration and number of buffering events, and the number of bitrate switching events. Typically, the ABR algorithms manage the QoE by using the measured network throughput and buffer occupancy to adapt the playback bitrate. However, due to the video encoding schemes employed, the sizes of the individual segments may vary significantly. For low bandwidth networks, fluctuation in the segment sizes results in inaccurate estimation the expected segment fetch times, thereby resulting in inaccurate estimation of the optimum bitrate. In this paper we demonstrate how the Segment-Aware Rate Adaptation (SARA) algorithm, that considers the measured throughput, buffer occupancy, and the variation in segment sizes helps in better management of the users' QoE in a DASH system. By comparing with a typical throughput-based and buffer-based adaptation algorithm under varying network conditions, we demonstrate that SARA manages the QoE better, especially in a low bandwidth network. We also developed AStream, an open-source Python-based emulated DASH-video player that was used to evaluate three different ABR algor- thms and measure the QoE metrics with each of them.1721 1747 </li> 1722 1748 <br> … … 1882 1908 <li> 1883 1909 <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b> 1884 , "Performance of GENI Cloud Testbeds for Real Time Scientific Application."1885 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles,1886 2012.1887 1888 1889 <br><br><b>Abstract: </b>Dedicating high end servers for short-term execution of scientific applications such as weather forecasting wastes resources. Cloud platforms IaaS model seems well suited for applications which are executed on an irregular basis and for short duration. In this paper, we evaluate the performance of research testbed cloud platforms such as GENICloud and ORCA cloud clusters for our real-time scientific application of short-term weather forecasting called Nowcasting. In this paper, we evaluate the network capabilities of these research cloud testbeds for our real-time application of weather forecasting. In addition, we evaluate the computation time of executing Nowcasting on each cloud platform for weather data collected from real weather events. We also evaluate the total time taken to generate and transmit short-term forecast images to end users with live data from our own radar on campus. We also compare the performance of each of these clusters for Nowcasting with commercial cloud services such as Amazon's EC2. The results obtained from our measurement show that cloud testbeds are suitable for real-time application experiments to be carried out on a cloud platform.1890 </li>1891 <br>1892 1893 <li>1894 <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b>1895 1910 , "Network capabilities of cloud services for a real time scientific application." 1896 1911 37th Annual IEEE Conference on Local Computer Networks, Clearwater Beach, FL, USA, IEEE, … … 1899 1914 <a href="http://dx.doi.org/10.1109/lcn.2012.6423665">http://dx.doi.org/10.1109/lcn.2012.6423665</a> 1900 1915 <br><br><b>Abstract: </b>Dedicating high-end servers for executing scientific applications that run intermittently, such as severe weather detection or generalized weather forecasting, wastes resources. While the Infrastructure-as-a-Service (IaaS) model used by today's cloud platforms is well-suited for the bursty computational demands of these applications, it is unclear if the network capabilities of today's cloud platforms are sufficient. In this paper, we analyze the networking capabilities of multiple commercial (Amazon's EC2 and Rackspace) and research (GENICloud and ExoGENI cloud) platforms in the context of a Nowcasting application, a forecasting algorithm for highly accurate, near-term, e.g., 5-20 minutes, weather predictions. The application has both computational and network requirements. While it executes rarely, whenever severe weather approaches, it benefits from an IaaS model; However, since its results are time-critical, enough bandwidth must be available to transmit radar data to cloud platforms before it becomes stale. We conduct network capacity measurements between radar sites and cloud platforms throughout the country. Our results indicate that ExoGENI cloud performs the best for both serial and parallel data transfer with an average throughput of 110.22 Mbps and 17.2 Mbps, respectively. We also found that the cloud services perform better in the distributed data transfer case, where a subset of nodes transmit data in parallel to a cloud instance. Ultimately, we conclude that commercial and research clouds are capable of providing sufficient bandwidth for our real-time Nowcasting application. 1916 </li> 1917 <br> 1918 1919 <li> 1920 <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b> 1921 , "Performance of GENI Cloud Testbeds for Real Time Scientific Application." 1922 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, 1923 2012. 1924 1925 1926 <br><br><b>Abstract: </b>Dedicating high end servers for short-term execution of scientific applications such as weather forecasting wastes resources. Cloud platforms IaaS model seems well suited for applications which are executed on an irregular basis and for short duration. In this paper, we evaluate the performance of research testbed cloud platforms such as GENICloud and ORCA cloud clusters for our real-time scientific application of short-term weather forecasting called Nowcasting. In this paper, we evaluate the network capabilities of these research cloud testbeds for our real-time application of weather forecasting. In addition, we evaluate the computation time of executing Nowcasting on each cloud platform for weather data collected from real weather events. We also evaluate the total time taken to generate and transmit short-term forecast images to end users with live data from our own radar on campus. We also compare the performance of each of these clusters for Nowcasting with commercial cloud services such as Amazon's EC2. The results obtained from our measurement show that cloud testbeds are suitable for real-time application experiments to be carried out on a cloud platform. 1901 1927 </li> 1902 1928 <br> … … 2281 2307 <li> 2282 2308 <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> 2309 , "Creating environments for innovation: Designing and implementing advanced experimental network research testbeds based on the Global Lambda Integrated Facility and the StarLight Exchange." 2310 Computer Networks, 2311 2014. 2312 doi:10.1016/j.bjp.2013.12.024. 2313 <a href="http://dx.doi.org/10.1016/j.bjp.2013.12.024">http://dx.doi.org/10.1016/j.bjp.2013.12.024</a> 2314 <br><br><b>Abstract: </b>Large scale national and international experimental research environments are required to advance communication services and supporting network architecture, technology, and infrastructure. Theories and concepts are often explored using simulation and modeling techniques within labs or on small scale testbeds. However, while such testbeds are valuable resources for the research process, these facilities alone cannot provide an appropriate approximation of the real world conditions required to explore ideas at scale. Very large scale global, experimental network research capabilities are required to deeply investigate innovative concepts. For many years, network testbeds were created to address fairly specific, well defined, limited research goals, and they were implemented for fairly short periods. Recently, taking advantage of a number of macro information technology trends, such as virtualization and programmable resources, several network research communities have been developing innovative types of network research environments. Instead of designing traditional network testbeds, research communities are designing large scale, highly flexible distributed platforms that can be used to create many different types of testbeds. Also, rather than creating short term testbeds for limited research objectives, these new environments are being designed as long term persistent resources to support many types of experimental research. This paper describes the motivations for this trend, provides several examples of large scale distributed network research environments based on the Global Lambda Integrated Facility (GLIF) and the StarLight Exchange Facility, including the Global Environment for Network Innovation (GENI), and indicates emerging future trends for these types of environments. 2315 </li> 2316 <br> 2317 2318 <li> 2319 <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> 2283 2320 , "Next Generation Virtual Network Architecture for Multi-tenant Distributed Clouds: Challenges and Emerging Techniques." 2284 2321 Proceedings of the 4th Workshop on Distributed Cloud Computing, Chicago, Illinois, ACM, New York, NY, USA, … … 2287 2324 <a href="http://dx.doi.org/10.1145/2955193.2955194">http://dx.doi.org/10.1145/2955193.2955194</a> 2288 2325 <br><br><b>Abstract: </b>Providing services for multiple tenants within a single or federated distributed cloud environment requires a variety of special considerations related to network design, provisioning, and operations. Especially important are multiple topics concerning the implementation of multiple parallel programmable virtual networks for large numbers of tenants, who require autonomous management, control, and data planes. This paper provides an overview of some of the challenges that arise from developing and implementing parallel programmable virtual networks, describes experiences with several experimental techniques for addressing those challenges based on large scale distributed testbeds, and presents the results of the experiments that were conducted. Distributed environments used include a distributed cloud testbed, the Chameleon Cloud, sponsored by the National Science Foundation's NSFCloud program, the NSF's Global Environment for Network Innovations (GENI), an international distributed OpenFlow testbed, and the Open Science Data Cloud. 2289 </li>2290 <br>2291 2292 <li>2293 <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b>2294 , "Creating environments for innovation: Designing and implementing advanced experimental network research testbeds based on the Global Lambda Integrated Facility and the StarLight Exchange."2295 Computer Networks,2296 2014.2297 doi:10.1016/j.bjp.2013.12.024.2298 <a href="http://dx.doi.org/10.1016/j.bjp.2013.12.024">http://dx.doi.org/10.1016/j.bjp.2013.12.024</a>2299 <br><br><b>Abstract: </b>Large scale national and international experimental research environments are required to advance communication services and supporting network architecture, technology, and infrastructure. Theories and concepts are often explored using simulation and modeling techniques within labs or on small scale testbeds. However, while such testbeds are valuable resources for the research process, these facilities alone cannot provide an appropriate approximation of the real world conditions required to explore ideas at scale. Very large scale global, experimental network research capabilities are required to deeply investigate innovative concepts. For many years, network testbeds were created to address fairly specific, well defined, limited research goals, and they were implemented for fairly short periods. Recently, taking advantage of a number of macro information technology trends, such as virtualization and programmable resources, several network research communities have been developing innovative types of network research environments. Instead of designing traditional network testbeds, research communities are designing large scale, highly flexible distributed platforms that can be used to create many different types of testbeds. Also, rather than creating short term testbeds for limited research objectives, these new environments are being designed as long term persistent resources to support many types of experimental research. This paper describes the motivations for this trend, provides several examples of large scale distributed network research environments based on the Global Lambda Integrated Facility (GLIF) and the StarLight Exchange Facility, including the Global Environment for Network Innovation (GENI), and indicates emerging future trends for these types of environments.2300 2326 </li> 2301 2327 <br> … … 2669 2695 <li> 2670 2696 <b>Ozcelik, Ilker and Brooks, Richard R.</b> 2671 , " Performance Analysis of DDoS Detection Methods on Real Network."2672 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles,2673 201 2.2674 2675 2676 <br><br><b>Abstract: </b> Distributed Denial of Service (DDoS) attacks are major security threats to the Internet. The distributed structure of these attacks makes it difficult to distinguish between legitimate and attack traffic, making detection difficult. In addition to this challenge, researchers also have to study and find countermeasures against these attacks without using an operational network for testing, since attacks on operational networks inconvenience users. In this paper, we propose a method to perform DDoS analysis on real hardware using real traffic without jeopardizing the original network. We implement our experiments on the Geni testbed using Openflow. We present results from DDoS detection methods using operational traffic.2697 , "Operational System Testing for Designed in Security." 2698 Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tennessee, ACM, New York, NY, USA, 2699 2013. 2700 doi:10.1145/2459976.2460038. 2701 <a href="http://dx.doi.org/10.1145/2459976.2460038">http://dx.doi.org/10.1145/2459976.2460038</a> 2702 <br><br><b>Abstract: </b>To design secure systems, one needs to understand how attackers use system vulnerabilities in their favor. This requires testing vulnerabilities on operational systems. However, working on operational systems is not always possible because of the risk of disturbance. In this study, we introduce an approach to experimenting using operational system data and performing real attacks without disturbing the original system. We applied this approach to a network security experiment and tested the performance of three detection methods. The approach used in this study can be used when developing systems with Designed-in Security to identify and test system vulnerabilities. 2677 2703 </li> 2678 2704 <br> … … 2691 2717 <li> 2692 2718 <b>Ozcelik, Ilker and Brooks, Richard R.</b> 2693 , " Operational System Testing for Designed in Security."2694 Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tennessee, ACM, New York, NY, USA,2695 201 3.2696 doi:10.1145/2459976.2460038. 2697 <a href="http://dx.doi.org/10.1145/2459976.2460038">http://dx.doi.org/10.1145/2459976.2460038</a> 2698 <br><br><b>Abstract: </b> To design secure systems, one needs to understand how attackers use system vulnerabilities in their favor. This requires testing vulnerabilities on operational systems. However, working on operational systems is not always possible because of the risk of disturbance. In this study, we introduce an approach to experimenting using operational system data and performing real attacks without disturbing the original system. We applied this approach to a network security experiment and tested the performance of three detection methods. The approach used in this study can be used when developing systems with Designed-in Security to identify and test system vulnerabilities.2719 , "Performance Analysis of DDoS Detection Methods on Real Network." 2720 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, 2721 2012. 2722 2723 2724 <br><br><b>Abstract: </b>Distributed Denial of Service (DDoS) attacks are major security threats to the Internet. The distributed structure of these attacks makes it difficult to distinguish between legitimate and attack traffic, making detection difficult. In addition to this challenge, researchers also have to study and find countermeasures against these attacks without using an operational network for testing, since attacks on operational networks inconvenience users. In this paper, we propose a method to perform DDoS analysis on real hardware using real traffic without jeopardizing the original network. We implement our experiments on the Geni testbed using Openflow. We present results from DDoS detection methods using operational traffic. 2699 2725 </li> 2700 2726 <br> … … 3754 3780 3755 3781 <li> 3782 <b>Vanhove, Thomas and Seghbroeck, Gregory V. and Wauters, Tim and Turck, Filip D. and Vermeulen, Brecht and Demeester, Piet</b> 3783 , "Tengu: An Experimentation Platform for Big Data Applications." 3784 2015 IEEE 35th International Conference on Distributed Computing Systems Workshops, Columbus, OH, USA, IEEE, 3785 2015. 3786 doi:10.1109/icdcsw.2015.19. 3787 <a href="http://dx.doi.org/10.1109/icdcsw.2015.19">http://dx.doi.org/10.1109/icdcsw.2015.19</a> 3788 <br><br><b>Abstract: </b>Big data applications have stringent service requirements for scalability and fault-tolerance and involve high volumes of data, high processing speeds and large varieties of database technologies. In order to test big data management solutions, large experimentation facilities are needed, which are expensive in terms of both resource cost and configuration time. This paper presents Tengu, an experimentation platform for big data applications that can automatically be instantiated on GENI (US federation of test beds) and Fed FIRE (EU federation of test beds)compatible test beds. Tengu allows for automatic deployments of several data processing, storage and cloud technologies, including Hadoop, Storm and Open Stack. The paper discusses the Tengu architecture, the Tengu-as-a-service approach and a demonstration of an automated instantiation of the Tengu experimentation suite on the Virtual Wall, a large-scale Emulab testbed at the Minds research institute in Europe. 3789 </li> 3790 <br> 3791 3792 3793 3794 <li> 3756 3795 <b>Velusamy, G. and Gurkan, D. and Narayan, S. and Baily, S.</b> 3757 3796 , "Fault-Tolerant OpenFlow-Based Software Switch Architecture with LINC Switches for a Reliable Network Data Exchange." … … 3989 4028 <li> 3990 4029 <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> 4030 , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service." 4031 Teletraffic Congress (ITC), 2014 26th International, IEEE, 4032 2014. 4033 doi:10.1109/itc.2014.6932973. 4034 <a href="http://dx.doi.org/10.1109/itc.2014.6932973">http://dx.doi.org/10.1109/itc.2014.6932973</a> 4035 <br><br><b>Abstract: </b>In this paper, we study the problem of provisioning large-scale virtual clusters over federated clouds connected by multi-domain, layer-2 wide area networks. We first present the virtual cluster request abstraction and the abstraction models for substrate resource pools. Based on these two abstraction models, we developed a novel layer-2 exchange mechanism and an implementation of it in a multi-domain networked cloud environment. The design of the mechanism takes into consideration the realistic constraints in current network and cloud systems. We show that efficient cluster splitting, cloud data center selection and resource allocation algorithms can be developed to provision large-scale virtual clusters across cloud sites. A prototype system has been deployed and integrated into the ExoGENI testbed for about a year, and is being heavily used by scientific and data analytic applications. 4036 </li> 4037 <br> 4038 4039 <li> 4040 <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> 3991 4041 , "Capacity of Inter-cloud Layer-2 Virtual Networking." 3992 4042 Proceedings of the 2014 ACM SIGCOMM Workshop on Distributed Cloud Computing, Chicago, Illinois, USA, ACM, New York, NY, USA, … … 3995 4045 <a href="http://dx.doi.org/10.1145/2627566.2627573">http://dx.doi.org/10.1145/2627566.2627573</a> 3996 4046 <br><br><b>Abstract: </b>Due to the economy of scale of Ethernet networks and available dynamic circuit capability from the major national research and educational networks, VLAN (Virtual LAN) based virtual networking solution has been successfully adopted in some advanced distributed cloud systems. However, there are two major constraints in this adaptation: (1) dynamic circuit service is far from pervasive; (2) there is only limited VLAN tags offered by regional network service providers. In this paper, after examining layer-2 networking in large-scale distributed cloud environments, we present a graph theoretical model to study the network capacity in terms of the number of inter-cloud connections that can co-exist. We further design the algorithms to achieve this capacity for both point-to-point and multi-point inter-cloud connections in both static and dynamic scenarios. We also study a general topology embedding problem based on this model. As tagging is a common mechanism for isolating communication channels in other network layers, the proposed models and algorithms can be extended to optical and IP networks. 3997 </li>3998 <br>3999 4000 <li>4001 <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b>4002 , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service."4003 Teletraffic Congress (ITC), 2014 26th International, IEEE,4004 2014.4005 doi:10.1109/itc.2014.6932973.4006 <a href="http://dx.doi.org/10.1109/itc.2014.6932973">http://dx.doi.org/10.1109/itc.2014.6932973</a>4007 <br><br><b>Abstract: </b>In this paper, we study the problem of provisioning large-scale virtual clusters over federated clouds connected by multi-domain, layer-2 wide area networks. We first present the virtual cluster request abstraction and the abstraction models for substrate resource pools. Based on these two abstraction models, we developed a novel layer-2 exchange mechanism and an implementation of it in a multi-domain networked cloud environment. The design of the mechanism takes into consideration the realistic constraints in current network and cloud systems. We show that efficient cluster splitting, cloud data center selection and resource allocation algorithms can be developed to provision large-scale virtual clusters across cloud sites. A prototype system has been deployed and integrated into the ExoGENI testbed for about a year, and is being heavily used by scientific and data analytic applications.4008 4047 </li> 4009 4048 <br> … … 4194 4233 4195 4234 <li> 4235 <b>Zhao, Shuai and Sydney, Ali and Medhi, Deep</b> 4236 , "Building Application-Aware Network Environments Using SDN for Optimizing Hadoop Applications." 4237 Proceedings of the 2016 Conference on ACM SIGCOMM 2016 Conference, Florianopolis, Brazil, ACM, New York, NY, USA, 4238 2016. 4239 doi:10.1145/2934872.2959059. 4240 <a href="http://dx.doi.org/10.1145/2934872.2959059">http://dx.doi.org/10.1145/2934872.2959059</a> 4241 <br><br><b>Abstract: </b>Hadoop has become the de facto standard for Big Data analytics, especially for workloads that use the MapReduce (M/R) framework. However, the lack of network awareness of the default MapReduce resource manager in Hadoop can cause unbalanced job scheduling, network bottleneck, and eventually increase the Hadoop run time if Hadoop nodes are clustered in several geographically distributed locations. In this paper, we present an application-aware network approach using software-defined networking (SDN) for distributed Hadoop clusters. We develop the SDN applications for this environment that consider network topology discovery, traffic monitoring, and flow rerouting in addition to loop avoidance mechanisms. 4242 </li> 4243 <br> 4244 4245 4246 4247 <li> 4196 4248 <b>Zhuang, Yanyan and Rafetseder, A. and Cappos, J.</b> 4197 4249 , "Experience with Seattle: A Community Platform for Research and Education." … … 4952 5004 <li> 4953 5005 <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> 5006 , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)." 5007 Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE, 5008 2015. 5009 doi:10.1109/icdcsw.2015.27. 5010 </li> 5011 <br> 5012 5013 <li> 5014 <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b> 4954 5015 , "An SDN-supported collaborative approach for DDoS flooding detection and containment." 4955 5016 Military Communications Conference, MILCOM 2015 - 2015 IEEE, IEEE, 4956 5017 2015. 4957 5018 doi:10.1109/milcom.2015.7357519. 4958 </li>4959 <br>4960 4961 <li>4962 <b>Chin, Tommy and Mountrouidou, Xenia and Li, Xiangyang and Xiong, Kaiqi</b>4963 , "Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking (SDN)."4964 Distributed Computing Systems Workshops (ICDCSW), 2015 IEEE 35th International Conference on, IEEE,4965 2015.4966 doi:10.1109/icdcsw.2015.27.4967 5019 </li> 4968 5020 <br> … … 5387 5439 5388 5440 <li> 5441 <b>Gosain, Abhimanyu and Seskar, Ivan</b> 5442 , "GENI Wireless Testbed: A Flexible Open Ecosystem for Wireless Communications Research: Demo." 5443 Proceedings of the 22Nd Annual International Conference on Mobile Computing and Networking, New York City, New York, ACM, New York, NY, USA, 5444 2016. 5445 doi:10.1145/2973750.2985627. 5446 </li> 5447 <br> 5448 5449 5450 5451 <li> 5389 5452 <b>Grandl, Robert and Han, Dongsu and Lee, Suk B. and Lim, Hyeontaek and Machado, Michel and Mukerjee, Matthew and Naylor, David</b> 5390 5453 , "Supporting network evolution and incremental deployment with XIA." … … 5495 5558 5496 5559 <li> 5560 <b>Hartpence, Bruce and Rosario, Rossi</b> 5561 , "Software Defined Networking for Systems and Network Administration Programs." 5562 The USENIX Journal of Education in System Administration, 5563 2016. 5564 5565 </li> 5566 <br> 5567 5568 5569 5570 <li> 5497 5571 <b>Hemmings, Matt and Krahn, Robert and Lary, David and McGeer, Rick and Ricart, Glenn and Röder, Marko</b> 5498 5572 , "The Ignite Distributed Collaborative Scientific Visualization System." … … 5628 5702 <li> 5629 5703 <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b> 5704 , "QoE management in DASH systems using the segment aware rate adaptation algorithm." 5705 NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE, 5706 2016. 5707 doi:10.1109/noms.2016.7502805. 5708 </li> 5709 <br> 5710 5711 <li> 5712 <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b> 5630 5713 , "SARA: Segment aware rate adaptation algorithm for dynamic adaptive streaming over HTTP." 5631 5714 Communication Workshop (ICCW), 2015 IEEE International Conference on, IEEE, 5632 5715 2015. 5633 5716 doi:10.1109/iccw.2015.7247436. 5634 </li>5635 <br>5636 5637 <li>5638 <b>Juluri, Parikshit and Tamarapalli, Venkatesh and Medhi, Deep</b>5639 , "QoE management in DASH systems using the segment aware rate adaptation algorithm."5640 NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, IEEE,5641 2016.5642 doi:10.1109/noms.2016.7502805.5643 5717 </li> 5644 5718 <br> … … 5780 5854 <li> 5781 5855 <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b> 5856 , "Network capabilities of cloud services for a real time scientific application." 5857 37th Annual IEEE Conference on Local Computer Networks, Clearwater Beach, FL, USA, IEEE, 5858 2012. 5859 doi:10.1109/lcn.2012.6423665. 5860 </li> 5861 <br> 5862 5863 <li> 5864 <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b> 5782 5865 , "Performance of GENI Cloud Testbeds for Real Time Scientific Application." 5783 5866 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, 5784 5867 2012. 5785 5868 5786 </li>5787 <br>5788 5789 <li>5790 <b>Krishnappa, Dilip K. and Lyons, Eric and Irwin, David and Zink, Michael</b>5791 , "Network capabilities of cloud services for a real time scientific application."5792 37th Annual IEEE Conference on Local Computer Networks, Clearwater Beach, FL, USA, IEEE,5793 2012.5794 doi:10.1109/lcn.2012.6423665.5795 5869 </li> 5796 5870 <br> … … 6117 6191 <li> 6118 6192 <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> 6193 , "Creating environments for innovation: Designing and implementing advanced experimental network research testbeds based on the Global Lambda Integrated Facility and the StarLight Exchange." 6194 Computer Networks, 6195 2014. 6196 doi:10.1016/j.bjp.2013.12.024. 6197 </li> 6198 <br> 6199 6200 <li> 6201 <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b> 6119 6202 , "Next Generation Virtual Network Architecture for Multi-tenant Distributed Clouds: Challenges and Emerging Techniques." 6120 6203 Proceedings of the 4th Workshop on Distributed Cloud Computing, Chicago, Illinois, ACM, New York, NY, USA, 6121 6204 2016. 6122 6205 doi:10.1145/2955193.2955194. 6123 </li>6124 <br>6125 6126 <li>6127 <b>Mambretti, Joe and Chen, Jim and Yeh, Fei</b>6128 , "Creating environments for innovation: Designing and implementing advanced experimental network research testbeds based on the Global Lambda Integrated Facility and the StarLight Exchange."6129 Computer Networks,6130 2014.6131 doi:10.1016/j.bjp.2013.12.024.6132 6206 </li> 6133 6207 <br> … … 6445 6519 <li> 6446 6520 <b>Ozcelik, Ilker and Brooks, Richard R.</b> 6447 , " Performance Analysis of DDoS Detection Methods on Real Network."6448 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles,6449 201 2.6450 6521 , "Operational System Testing for Designed in Security." 6522 Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tennessee, ACM, New York, NY, USA, 6523 2013. 6524 doi:10.1145/2459976.2460038. 6451 6525 </li> 6452 6526 <br> … … 6463 6537 <li> 6464 6538 <b>Ozcelik, Ilker and Brooks, Richard R.</b> 6465 , " Operational System Testing for Designed in Security."6466 Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tennessee, ACM, New York, NY, USA,6467 201 3.6468 doi:10.1145/2459976.2460038. 6539 , "Performance Analysis of DDoS Detection Methods on Real Network." 6540 First GENI Research and Educational Experiment Workshop (GREE 2012), Los Angeles, 6541 2012. 6542 6469 6543 </li> 6470 6544 <br> … … 7362 7436 7363 7437 <li> 7438 <b>Vanhove, Thomas and Seghbroeck, Gregory V. and Wauters, Tim and Turck, Filip D. and Vermeulen, Brecht and Demeester, Piet</b> 7439 , "Tengu: An Experimentation Platform for Big Data Applications." 7440 2015 IEEE 35th International Conference on Distributed Computing Systems Workshops, Columbus, OH, USA, IEEE, 7441 2015. 7442 doi:10.1109/icdcsw.2015.19. 7443 </li> 7444 <br> 7445 7446 7447 7448 <li> 7364 7449 <b>Velusamy, G. and Gurkan, D. and Narayan, S. and Baily, S.</b> 7365 7450 , "Fault-Tolerant OpenFlow-Based Software Switch Architecture with LINC Switches for a Reliable Network Data Exchange." … … 7561 7646 <li> 7562 7647 <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> 7648 , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service." 7649 Teletraffic Congress (ITC), 2014 26th International, IEEE, 7650 2014. 7651 doi:10.1109/itc.2014.6932973. 7652 </li> 7653 <br> 7654 7655 <li> 7656 <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b> 7563 7657 , "Capacity of Inter-cloud Layer-2 Virtual Networking." 7564 7658 Proceedings of the 2014 ACM SIGCOMM Workshop on Distributed Cloud Computing, Chicago, Illinois, USA, ACM, New York, NY, USA, 7565 7659 2014. 7566 7660 doi:10.1145/2627566.2627573. 7567 </li>7568 <br>7569 7570 <li>7571 <b>Xin, Yufeng and Baldin, Ilya and Heermann, Chris and Mandal, Anirban and Ruth, Paul</b>7572 , "Scaling up applications over distributed clouds with dynamic layer-2 exchange and broadcast service."7573 Teletraffic Congress (ITC), 2014 26th International, IEEE,7574 2014.7575 doi:10.1109/itc.2014.6932973.7576 7661 </li> 7577 7662 <br> … … 7734 7819 7735 7820 <li> 7821 <b>Zhao, Shuai and Sydney, Ali and Medhi, Deep</b> 7822 , "Building Application-Aware Network Environments Using SDN for Optimizing Hadoop Applications." 7823 Proceedings of the 2016 Conference on ACM SIGCOMM 2016 Conference, Florianopolis, Brazil, ACM, New York, NY, USA, 7824 2016. 7825 doi:10.1145/2934872.2959059. 7826 </li> 7827 <br> 7828 7829 7830 7831 <li> 7736 7832 <b>Zhuang, Yanyan and Rafetseder, A. and Cappos, J.</b> 7737 7833 , "Experience with Seattle: A Community Platform for Research and Education."