Making data the first class entity, Information-Centric Networking (ICN) replaces conventional host-to-host model with content sharing model. However, the huge amount of content and the volatility of replicas cached across the Internet pose significant challenges for addressing content only by name. In this paper, we propose a topology-aware name-based routing protocol which combines the benefits of location-oriented routing and content-centric routing together. We adopt a URL-like naming scheme, which defines register locations and content identifier. Node with copies sends Register messages towards a register using location-oriented routing protocols. All en-path routers record forwarding entries in forwarding table (FIB) as the "bread crumb" to this content. Following the bread crumb, routers know the "best" topology path to the available copies. An Interest is either forwarded towards a "known" copy by the content identifier, or towards the register nodes where it would find the bread crumb to the "best" copies. Compared with the existing flooding or name resolution methods, Our design shows a good potential in terms of scalability, availability and overhead.
{"title":"Topology-aware content-centric networking","authors":"Xinggong Zhang, Tong Niu, F. Lao, Zongming Guo","doi":"10.1145/2486001.2491729","DOIUrl":"https://doi.org/10.1145/2486001.2491729","url":null,"abstract":"Making data the first class entity, Information-Centric Networking (ICN) replaces conventional host-to-host model with content sharing model. However, the huge amount of content and the volatility of replicas cached across the Internet pose significant challenges for addressing content only by name. In this paper, we propose a topology-aware name-based routing protocol which combines the benefits of location-oriented routing and content-centric routing together. We adopt a URL-like naming scheme, which defines register locations and content identifier. Node with copies sends Register messages towards a register using location-oriented routing protocols. All en-path routers record forwarding entries in forwarding table (FIB) as the \"bread crumb\" to this content. Following the bread crumb, routers know the \"best\" topology path to the available copies. An Interest is either forwarded towards a \"known\" copy by the content identifier, or towards the register nodes where it would find the bread crumb to the \"best\" copies. Compared with the existing flooding or name resolution methods, Our design shows a good potential in terms of scalability, availability and overhead.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"230 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114151606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article investigates whether individual users are more likely to display malicious behavior after receiving social reinforcement from friends in their online social networks. We analyze the dynamics of game bot diffusion on the basis of real data supplied by a major massively multiplayer online role-playing game company. We find that the social reinforcement, measured by the ratio of bot friends over total friends, affects the likelihood of game bot adoption and the commitment in terms of usage time.
{"title":"The contagion of malicious behaviors in online games","authors":"Jiyoung Woo, Ah Reum Kang, H. Kim","doi":"10.1145/2486001.2491712","DOIUrl":"https://doi.org/10.1145/2486001.2491712","url":null,"abstract":"This article investigates whether individual users are more likely to display malicious behavior after receiving social reinforcement from friends in their online social networks. We analyze the dynamics of game bot diffusion on the basis of real data supplied by a major massively multiplayer online role-playing game company. We find that the social reinforcement, measured by the ratio of bot friends over total friends, affects the likelihood of game bot adoption and the commitment in terms of usage time.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121582953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In OpenFlow, multiple switches share the same control plane which is centralized at what is called the OpenFlow controller. A switch only consists of a forwarding plane. Rules for forwarding individual packets (called flow entries in OpenFlow) are pushed from the controller to the switches. In a network with a high arrival rate of new flows, such as in a data center, the control traffic between the switch and controller can become very high. As a consequence, routing of new flows will be slow. One way to reduce control traffic is to use wildcarded flow entries. Wildcard flow entries can be used to create default routes in the network. However, since switches do not keep track of flows covered by a wildcard flow entry, the controller no longer has knowledge about individual flows. To find out about these individual flows we propose an extension to the current OpenFlow standard to enable packet sampling of wildcard flow entries.
{"title":"Which flows are hiding behind my wildcard rule?: adding packet sampling to openflow","authors":"P. Wette, H. Karl","doi":"10.1145/2534169.2491710","DOIUrl":"https://doi.org/10.1145/2534169.2491710","url":null,"abstract":"In OpenFlow, multiple switches share the same control plane which is centralized at what is called the OpenFlow controller. A switch only consists of a forwarding plane. Rules for forwarding individual packets (called flow entries in OpenFlow) are pushed from the controller to the switches. In a network with a high arrival rate of new flows, such as in a data center, the control traffic between the switch and controller can become very high. As a consequence, routing of new flows will be slow. One way to reduce control traffic is to use wildcarded flow entries. Wildcard flow entries can be used to create default routes in the network. However, since switches do not keep track of flows covered by a wildcard flow entry, the controller no longer has knowledge about individual flows. To find out about these individual flows we propose an extension to the current OpenFlow standard to enable packet sampling of wildcard flow entries.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125824961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Susha Jain, Alok Kumar, Subhasree Mandal, J. Ong, L. Poutievski, Arjun Singh, Subbaiah Venkata, Jim Wanderer, Junlan Zhou, Min Zhu, J. Zolla, Urs Hölzle, Stephen Stuart, Amin Vahdat
We present the design, implementation, and evaluation of B4, a private WAN connecting Google's data centers across the planet. B4 has a number of unique characteristics: i) massive bandwidth requirements deployed to a modest number of sites, ii) elastic traffic demand that seeks to maximize average bandwidth, and iii) full control over the edge servers and network, which enables rate limiting and demand measurement at the edge. These characteristics led to a Software Defined Networking architecture using OpenFlow to control relatively simple switches built from merchant silicon. B4's centralized traffic engineering service drives links to near 100% utilization, while splitting application flows among multiple paths to balance capacity against application priority/demands. We describe experience with three years of B4 production deployment, lessons learned, and areas for future work.
{"title":"B4: experience with a globally-deployed software defined wan","authors":"Susha Jain, Alok Kumar, Subhasree Mandal, J. Ong, L. Poutievski, Arjun Singh, Subbaiah Venkata, Jim Wanderer, Junlan Zhou, Min Zhu, J. Zolla, Urs Hölzle, Stephen Stuart, Amin Vahdat","doi":"10.1145/2486001.2486019","DOIUrl":"https://doi.org/10.1145/2486001.2486019","url":null,"abstract":"We present the design, implementation, and evaluation of B4, a private WAN connecting Google's data centers across the planet. B4 has a number of unique characteristics: i) massive bandwidth requirements deployed to a modest number of sites, ii) elastic traffic demand that seeks to maximize average bandwidth, and iii) full control over the edge servers and network, which enables rate limiting and demand measurement at the edge. These characteristics led to a Software Defined Networking architecture using OpenFlow to control relatively simple switches built from merchant silicon. B4's centralized traffic engineering service drives links to near 100% utilization, while splitting application flows among multiple paths to balance capacity against application priority/demands. We describe experience with three years of B4 production deployment, lessons learned, and areas for future work.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127491932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Exchanging the channel state information (CSI) in a multiuser WLAN is considered an extremely expensive overhead. A possible solution to reduce the overhead is to notify the analog value of the CSI, which is also known as analog channel feedback. It however only allows nodes to overhear an imperfect channel information. While some previous studies have theoretically analyzed the performance of analog channel feedback, this work aims at addressing issues of realizing it in practice and empirically demonstrating its effectiveness. Our prototype implementation using USRP-N200 shows that analog channel feedback produces a small error comparable to that of estimating CSI using reciprocity, but however can be applied to more general scenarios.
{"title":"An empirical study of analog channel feedback","authors":"Wei-Liang Shen, K. Lin, Ming-Syan Chen","doi":"10.1145/2486001.2491716","DOIUrl":"https://doi.org/10.1145/2486001.2491716","url":null,"abstract":"Exchanging the channel state information (CSI) in a multiuser WLAN is considered an extremely expensive overhead. A possible solution to reduce the overhead is to notify the analog value of the CSI, which is also known as analog channel feedback. It however only allows nodes to overhear an imperfect channel information. While some previous studies have theoretically analyzed the performance of analog channel feedback, this work aims at addressing issues of realizing it in practice and empirically demonstrating its effectiveness. Our prototype implementation using USRP-N200 shows that analog channel feedback produces a small error comparable to that of estimating CSI using reciprocity, but however can be applied to more general scenarios.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"262 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116373569","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mao Yang, Yong Li, Depeng Jin, L. Su, Shaowu Ma, Lieguang Zeng
With the rapid growth of the demands for mobile data, wireless network faces several challenges, such as lack of efficient interconnection among heterogeneous wireless networks, and shortage of customized QoS guarantees between services. The fundamental reason for these challenges is that the radio access network (RAN) is closed and ossified. We propose OpenRAN, an architecture for software-defined RAN via virtualization. It achieves complete virtualization and programmability vertically, and benefits the convergence of heterogeneous network horizontally. It provides open, controllable, flexible and evolvable wireless networks.
{"title":"OpenRAN: a software-defined ran architecture via virtualization","authors":"Mao Yang, Yong Li, Depeng Jin, L. Su, Shaowu Ma, Lieguang Zeng","doi":"10.1145/2486001.2491732","DOIUrl":"https://doi.org/10.1145/2486001.2491732","url":null,"abstract":"With the rapid growth of the demands for mobile data, wireless network faces several challenges, such as lack of efficient interconnection among heterogeneous wireless networks, and shortage of customized QoS guarantees between services. The fundamental reason for these challenges is that the radio access network (RAN) is closed and ossified. We propose OpenRAN, an architecture for software-defined RAN via virtualization. It achieves complete virtualization and programmability vertically, and benefits the convergence of heterogeneous network horizontally. It provides open, controllable, flexible and evolvable wireless networks.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115541147","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Stevens Le Blond, D. Choffnes, Wenxuan Zhou, P. Druschel, Hitesh Ballani, P. Francis
Existing IP anonymity systems tend to sacrifice one of low latency, high bandwidth, or resistance to traffic-analysis. High-latency mix-nets like Mixminion batch messages to resist traffic-analysis at the expense of low latency. Onion routing schemes like Tor deliver low latency and high bandwidth, but are not designed to withstand traffic analysis. Designs based on DC-nets or broadcast channels resist traffic analysis and provide low latency, but are limited to low bandwidth communication. In this paper, we present the design, implementation, and evaluation of Aqua, a high-bandwidth anonymity system that resists traffic analysis. We focus on providing strong anonymity for BitTorrent, and evaluate the performance of Aqua using traces from hundreds of thousands of actual BitTorrent users. We show that Aqua achieves latency low enough for efficient bulk TCP flows, bandwidth sufficient to carry BitTorrent traffic with reasonable efficiency, and resistance to traffic analysis within anonymity sets of hundreds of clients. We conclude that Aqua represents an interesting new point in the space of anonymity network designs.
{"title":"Towards efficient traffic-analysis resistant anonymity networks","authors":"Stevens Le Blond, D. Choffnes, Wenxuan Zhou, P. Druschel, Hitesh Ballani, P. Francis","doi":"10.1145/2486001.2486002","DOIUrl":"https://doi.org/10.1145/2486001.2486002","url":null,"abstract":"Existing IP anonymity systems tend to sacrifice one of low latency, high bandwidth, or resistance to traffic-analysis. High-latency mix-nets like Mixminion batch messages to resist traffic-analysis at the expense of low latency. Onion routing schemes like Tor deliver low latency and high bandwidth, but are not designed to withstand traffic analysis. Designs based on DC-nets or broadcast channels resist traffic analysis and provide low latency, but are limited to low bandwidth communication. In this paper, we present the design, implementation, and evaluation of Aqua, a high-bandwidth anonymity system that resists traffic analysis. We focus on providing strong anonymity for BitTorrent, and evaluate the performance of Aqua using traces from hundreds of thousands of actual BitTorrent users. We show that Aqua achieves latency low enough for efficient bulk TCP flows, bandwidth sufficient to carry BitTorrent traffic with reasonable efficiency, and resistance to traffic analysis within anonymity sets of hundreds of clients. We conclude that Aqua represents an interesting new point in the space of anonymity network designs.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"89 10","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114128105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Session details: Content delivery and congestion control 1","authors":"Georgios Smaragdakis","doi":"10.1145/3261533","DOIUrl":"https://doi.org/10.1145/3261533","url":null,"abstract":"","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114539896","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Emulated networks enable educators, researchers, and operators to conduct realistic network scenarios on commodity hardware. However each network device must be configured, typically in a low-level syntax. This time-consuming and error-prone process limits scalability and discourages repeated experimentation. This demonstration will show a platform to automate emulated network configuration and measurement, making large-scale network experimentation accessible.
{"title":"Automated configuration and measurement of emulated networks with AutoNetkit","authors":"Simon Knight","doi":"10.1145/2486001.2491692","DOIUrl":"https://doi.org/10.1145/2486001.2491692","url":null,"abstract":"Emulated networks enable educators, researchers, and operators to conduct realistic network scenarios on commodity hardware. However each network device must be configured, typically in a low-level syntax. This time-consuming and error-prone process limits scalability and discourages repeated experimentation. This demonstration will show a platform to automate emulated network configuration and measurement, making large-scale network experimentation accessible.","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"177 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114083980","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Aaron Gember, Robert Grandl, Junaid Khalid, Aditya Akella
Middleboxes (MBs) are used widely to ensure security (e.g., intrusion detection systems), improve performance (e.g., WAN optimizers), and provide other novel network functionality [4, 6]. Recently, researchers have proposed several new architectures for MB deployment, including Stratos [2], CoMb [4], and APLOMB [6]. These frameworks all advocate dynamic deployment of software-based MBs with the goal of increasing flexibility, improving efficiency, and reducing management overhead. However, approaches for controlling the behavior of MBs (i.e., how MBs examine and modify network traffic) remain limited. Today, configuration policies and parameters are manipulated using narrow, MB-specific configuration interfaces, while internal algorithms and state are completely inaccessible and unmodifiable. This apparent lack of finegrained control over MBs and their state precludes correct and performant implementation of control scenarios that involve re-allocating live flows across MBs: e.g., server migration, scale up/down of MBs to meet cost-performance trade-offs, recovery from network or MB failures, etc. Several key requirements must be satisfied to effectively support the above scenarios. To illustrate these requirements, we consider a scenario where MB instances are added and removed based on current network load [2] (Figure 1). When scaling up, some in-progress flows may need to be moved to a new MB instance to reduce the load on the original instance. To preserve the correctness and fidelity of MB operations, the new instance must receive the internal MB state associated with the moved flows, while the old instance still has the internal state associated with the remaining flows. For some MBs (e.g., an intrusion prevention
{"title":"Design and implementation of a framework for software-defined middlebox networking","authors":"Aaron Gember, Robert Grandl, Junaid Khalid, Aditya Akella","doi":"10.1145/2486001.2491686","DOIUrl":"https://doi.org/10.1145/2486001.2491686","url":null,"abstract":"Middleboxes (MBs) are used widely to ensure security (e.g., intrusion detection systems), improve performance (e.g., WAN optimizers), and provide other novel network functionality [4, 6]. Recently, researchers have proposed several new architectures for MB deployment, including Stratos [2], CoMb [4], and APLOMB [6]. These frameworks all advocate dynamic deployment of software-based MBs with the goal of increasing flexibility, improving efficiency, and reducing management overhead. However, approaches for controlling the behavior of MBs (i.e., how MBs examine and modify network traffic) remain limited. Today, configuration policies and parameters are manipulated using narrow, MB-specific configuration interfaces, while internal algorithms and state are completely inaccessible and unmodifiable. This apparent lack of finegrained control over MBs and their state precludes correct and performant implementation of control scenarios that involve re-allocating live flows across MBs: e.g., server migration, scale up/down of MBs to meet cost-performance trade-offs, recovery from network or MB failures, etc. Several key requirements must be satisfied to effectively support the above scenarios. To illustrate these requirements, we consider a scenario where MB instances are added and removed based on current network load [2] (Figure 1). When scaling up, some in-progress flows may need to be moved to a new MB instance to reduce the load on the original instance. To preserve the correctness and fidelity of MB operations, the new instance must receive the internal MB state associated with the moved flows, while the old instance still has the internal state associated with the remaining flows. For some MBs (e.g., an intrusion prevention","PeriodicalId":159374,"journal":{"name":"Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM","volume":"197 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114428066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: