Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089033
Xiaojun Feng, Jin Zhang, Qian Zhang, Bo Li
The promise of high speed (over 1Gbps) wireless transmission rate at the physical layer can be significantly compromised with the current design in 802.11 DCF. There are three overheads in the 802.11 MAC that contribute to the performance degradation: DIFS, random backoff and ACK. Motivated by the current progress in OFDM and self-interference cancellation technologies, in this poster, we propose a novel MAC design called REPICK (REversed contention and PIggy-backed ACK) to collectively address these problems. The key idea in our proposal is to take advantage of OFDM subcarriers in the frequency domain to enhance the MAC efficiency. Specifically, in REPICK, we propose a novel reverse contention algorithm which enables receivers to contend for channel access with subcarriers in the frequency domain (reversed contention). We also design a mechanism which allows ACKs from receivers to be piggy-backed through subcarriers together with the contention information (piggy-backed ACK). We demonstrate REPICK's efficiency through both analysis and simulations.
{"title":"REPICK: Random access MAC with reversed contention and Piggy-backed ACK","authors":"Xiaojun Feng, Jin Zhang, Qian Zhang, Bo Li","doi":"10.1109/ICNP.2011.6089033","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089033","url":null,"abstract":"The promise of high speed (over 1Gbps) wireless transmission rate at the physical layer can be significantly compromised with the current design in 802.11 DCF. There are three overheads in the 802.11 MAC that contribute to the performance degradation: DIFS, random backoff and ACK. Motivated by the current progress in OFDM and self-interference cancellation technologies, in this poster, we propose a novel MAC design called REPICK (REversed contention and PIggy-backed ACK) to collectively address these problems. The key idea in our proposal is to take advantage of OFDM subcarriers in the frequency domain to enhance the MAC efficiency. Specifically, in REPICK, we propose a novel reverse contention algorithm which enables receivers to contend for channel access with subcarriers in the frequency domain (reversed contention). We also design a mechanism which allows ACKs from receivers to be piggy-backed through subcarriers together with the contention information (piggy-backed ACK). We demonstrate REPICK's efficiency through both analysis and simulations.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124421789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089069
Xinyu Zhang, K. Shin
Emerging WLAN standards have been incorporating a variety of channel widths ranging from 5MHz to 160MHz, in order to match the diverse traffic demands on different networks. Unfortunately, the current 802.11 MAC/PHY is not designed for the coexistence of variable-width channels. Overlapping narrowband channels may block an entire wide-band channel, resulting in severe spectrum underutilization and even starvation of WLANs on the wide-band. A similar peril exists when a WLAN partially overlaps its channel with multiple orthogonal WLANs. In this paper, we propose to solve the problem of partial spectrum sharing using Adaptive Subcarrier Nulling (ASN). ASN builds on the 802.11 OFDM PHY, but allows the radios to sense, transmit, detect, and decode packets through spectrum fragments, or subbands. An ASN transmitter can adapt its spectrum usage on a per-packet basis, by nulling the subbands used by neighboring WLANs, and sending packets through the remaining idle subbands. ASN preserves the 802.11 CSMA/CA primitives while allowing users to contend for access to each subband, and can opportunistically exploit the merits of wide-band channels via spectrum aggregation. We have implemented and evaluated ASN on the GNURadio/USRP platform. Our experimental results have shown ASN to achieve detection and decoding performance comparable to the legacy 802.11. Our detailed simulation in ns-2 further shows that ASN substantially improves the efficiency and fairness of spectrum sharing for multi-cell WLANs.
{"title":"Adaptive Subcarrier Nulling: Enabling partial spectrum sharing in wireless LANs","authors":"Xinyu Zhang, K. Shin","doi":"10.1109/ICNP.2011.6089069","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089069","url":null,"abstract":"Emerging WLAN standards have been incorporating a variety of channel widths ranging from 5MHz to 160MHz, in order to match the diverse traffic demands on different networks. Unfortunately, the current 802.11 MAC/PHY is not designed for the coexistence of variable-width channels. Overlapping narrowband channels may block an entire wide-band channel, resulting in severe spectrum underutilization and even starvation of WLANs on the wide-band. A similar peril exists when a WLAN partially overlaps its channel with multiple orthogonal WLANs. In this paper, we propose to solve the problem of partial spectrum sharing using Adaptive Subcarrier Nulling (ASN). ASN builds on the 802.11 OFDM PHY, but allows the radios to sense, transmit, detect, and decode packets through spectrum fragments, or subbands. An ASN transmitter can adapt its spectrum usage on a per-packet basis, by nulling the subbands used by neighboring WLANs, and sending packets through the remaining idle subbands. ASN preserves the 802.11 CSMA/CA primitives while allowing users to contend for access to each subband, and can opportunistically exploit the merits of wide-band channels via spectrum aggregation. We have implemented and evaluated ASN on the GNURadio/USRP platform. Our experimental results have shown ASN to achieve detection and decoding performance comparable to the legacy 802.11. Our detailed simulation in ns-2 further shows that ASN substantially improves the efficiency and fairness of spectrum sharing for multi-cell WLANs.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123089363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089060
Marios Kokkodis, M. Faloutsos, A. Markopoulou
Has the behavior of spammers changed over the last few years? To answer this question, we conduct a study from three recent data sources. Specifically, we focus on the following broad questions: (a) how are email addresses harvested, (b) where is spam coming from, and (c) how does spam evolve over time. First, we discuss whether spammers still use email harvesting: 34% of the honeypot accounts we publicised received spam after 72 days on average. Interestingly, we find that simple email address obfuscation is quite effective against harvesting. Second, we identify significant skew in the spatial distribution of the origin of spam in both the IP-level and AS-level of granularity. We find that 20% of the active IPs are responsible for 80% of the total volume of spam and that 10% of the spamming ASes are responsible for the 90% of the volume. Finally, we study the temporal characteristics of the spamming IPs and find that spam activity has spread to new /8 subnetworks since 2006. Considering these spatio-temporal trends, the future of anti-spam is mixed: the current skewed spatial distribution of spam sources could be helpful in filtering spam, but the fact that spam sources are spreading in the IP space is a worrisome sign.
{"title":"Network-level characteristics of spamming: An empirical analysis","authors":"Marios Kokkodis, M. Faloutsos, A. Markopoulou","doi":"10.1109/ICNP.2011.6089060","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089060","url":null,"abstract":"Has the behavior of spammers changed over the last few years? To answer this question, we conduct a study from three recent data sources. Specifically, we focus on the following broad questions: (a) how are email addresses harvested, (b) where is spam coming from, and (c) how does spam evolve over time. First, we discuss whether spammers still use email harvesting: 34% of the honeypot accounts we publicised received spam after 72 days on average. Interestingly, we find that simple email address obfuscation is quite effective against harvesting. Second, we identify significant skew in the spatial distribution of the origin of spam in both the IP-level and AS-level of granularity. We find that 20% of the active IPs are responsible for 80% of the total volume of spam and that 10% of the spamming ASes are responsible for the 90% of the volume. Finally, we study the temporal characteristics of the spamming IPs and find that spam activity has spread to new /8 subnetworks since 2006. Considering these spatio-temporal trends, the future of anti-spam is mixed: the current skewed spatial distribution of spam sources could be helpful in filtering spam, but the fact that spam sources are spreading in the IP space is a worrisome sign.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127133418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089056
Kang-Peng Chen, Haiying Shen
File sharing applications in mobile ad hoc networks (MANETs) have attracted more and more attention in recent years. The efficiency of file querying suffers from the distinctive properties of MANETs including node mobility and limited communication range and resource. An intuitive method to alleviate this problem is to create file replicas in the network. However, despite the efforts on file replication, no research has focused on the global optimal replica sharing with minimum average querying delay. Specifically, current file replication protocols in MANETs have two shortcomings. First, they lack a rule to allocate limited resource to different files in order to minimize the average querying delay. Second, they simply consider storage as resource for replicas, but neglect the fact that the file holders' frequency of meeting other nodes also plays an important role in determining file availability. A node having a higher meeting frequency with others provides higher availability to its files. In this paper, we introduce a new concept of resource for file replication, which considers both node storage and meeting frequency. We theoretically study the influence of resource allocation on the average querying delay and derive a resource allocation rule to minimize the average querying delay. We further propose a distributed file replication protocol that follows the rule. The trace-driven experiments on both the real-world GENI testbed and NS-2 show that our protocol can achieve shorter average querying delay at lower cost than current replication protocols, which justifies the correctness of our theoretical analysis and the effectiveness of the proposed protocol.
{"title":"Global optimization of file availability through replication for efficient file sharing in MANETs","authors":"Kang-Peng Chen, Haiying Shen","doi":"10.1109/ICNP.2011.6089056","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089056","url":null,"abstract":"File sharing applications in mobile ad hoc networks (MANETs) have attracted more and more attention in recent years. The efficiency of file querying suffers from the distinctive properties of MANETs including node mobility and limited communication range and resource. An intuitive method to alleviate this problem is to create file replicas in the network. However, despite the efforts on file replication, no research has focused on the global optimal replica sharing with minimum average querying delay. Specifically, current file replication protocols in MANETs have two shortcomings. First, they lack a rule to allocate limited resource to different files in order to minimize the average querying delay. Second, they simply consider storage as resource for replicas, but neglect the fact that the file holders' frequency of meeting other nodes also plays an important role in determining file availability. A node having a higher meeting frequency with others provides higher availability to its files. In this paper, we introduce a new concept of resource for file replication, which considers both node storage and meeting frequency. We theoretically study the influence of resource allocation on the average querying delay and derive a resource allocation rule to minimize the average querying delay. We further propose a distributed file replication protocol that follows the rule. The trace-driven experiments on both the real-world GENI testbed and NS-2 show that our protocol can achieve shorter average querying delay at lower cost than current replication protocols, which justifies the correctness of our theoretical analysis and the effectiveness of the proposed protocol.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121561799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089045
Tao Feng, J. Bi, Hongyu Hu
By analyzing challenges of current OpenFlow in production network, we propose three extensions of OpenFlow about FlowTable, control mode and OpenFlow protocol. Based on these extensions, a commercial OpenFlow-enabled router, named OpenRouter, is designed and implemented using only available and existing hardware in a commercial router. OpenRouter brings the abilities of control openness, integration of inside/outside protocols, and flexibility of OpenFlow message structure, low-cost implementation and deployment. We expect OpenRouter may accelerate the large-scale application and deployment of OpenFlow in production network.
{"title":"OpenRouter: OpenFlow extension and implementation based on a commercial router","authors":"Tao Feng, J. Bi, Hongyu Hu","doi":"10.1109/ICNP.2011.6089045","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089045","url":null,"abstract":"By analyzing challenges of current OpenFlow in production network, we propose three extensions of OpenFlow about FlowTable, control mode and OpenFlow protocol. Based on these extensions, a commercial OpenFlow-enabled router, named OpenRouter, is designed and implemented using only available and existing hardware in a commercial router. OpenRouter brings the abilities of control openness, integration of inside/outside protocols, and flexibility of OpenFlow message structure, low-cost implementation and deployment. We expect OpenRouter may accelerate the large-scale application and deployment of OpenFlow in production network.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"122 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128008251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089058
Honggang Zhang, Sudarshan Vasudevan, Ran Li, D. Towsley
We present an argument in favor of forming coalitions of peers in a data swarming system consisting of peers with different upload capacities. A coalition is a set of peers with the same upload capacity that explicitly cooperate with other peers inside the coalition via choking and capacity allocation strategies. Further, each peer interacts with other peers outside its coalition via potentially distinct choking and capacity allocation strategies. This paper focuses on the efficiency of different choking strategies, assuming that peers do not share data with other peers outside their coalitions. We first develop an analytical model that accurately predicts the performance of a coalition of peers adopting BitTorrent's Tit-for-Tat choking strategy. Our model highlights a number of inefficiencies of Tit-for-Tat strategy. Accordingly, we propose a random choking strategy, and show that it can help a coalition achieve near-optimal performance and it significantly outperforms not only Tit-for-Tat strategy but also unchoke-all strategy. Using cooperative game theory, we prove the existence of stable coalitions, and demonstrate the convergence of the dynamic coalition formation process when peers use our cooperation-aware better response strategy. Using extensive simulations, we demonstrate significant performance benefits due to coalition formation.
{"title":"A case for coalitions in data swarming systems","authors":"Honggang Zhang, Sudarshan Vasudevan, Ran Li, D. Towsley","doi":"10.1109/ICNP.2011.6089058","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089058","url":null,"abstract":"We present an argument in favor of forming coalitions of peers in a data swarming system consisting of peers with different upload capacities. A coalition is a set of peers with the same upload capacity that explicitly cooperate with other peers inside the coalition via choking and capacity allocation strategies. Further, each peer interacts with other peers outside its coalition via potentially distinct choking and capacity allocation strategies. This paper focuses on the efficiency of different choking strategies, assuming that peers do not share data with other peers outside their coalitions. We first develop an analytical model that accurately predicts the performance of a coalition of peers adopting BitTorrent's Tit-for-Tat choking strategy. Our model highlights a number of inefficiencies of Tit-for-Tat strategy. Accordingly, we propose a random choking strategy, and show that it can help a coalition achieve near-optimal performance and it significantly outperforms not only Tit-for-Tat strategy but also unchoke-all strategy. Using cooperative game theory, we prove the existence of stable coalitions, and demonstrate the convergence of the dynamic coalition formation process when peers use our cooperation-aware better response strategy. Using extensive simulations, we demonstrate significant performance benefits due to coalition formation.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124079981","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089077
Erik Kline, A. Afanasyev, P. Reiher
Denial-of-service (DoS) attacks continue to be a major problem on the Internet. While many defense mechanisms have been created, they all have significant deployment issues. This paper introduces a novel method that overcomes these issues, allowing a small number of deployed DoS defenses to act as secure on-demand shields for any node on the Internet. The proposed method is based on rerouting any packet addressed to a protected autonomous system (AS) through an intermediate filtering node — a shield. In this way, all potentially harmful traffic could be discarded before reaching the destination. The mechanisms for packet rerouting use existing routing techniques and do not require any kind of modification to the deployed protocols or routers. To make the proposed system feasible, from both deployment and usage points of view, traffic rerouting and outsourced filtering could be provided as an insurance-style on-demand service.
{"title":"Shield: DoS filtering using traffic deflecting","authors":"Erik Kline, A. Afanasyev, P. Reiher","doi":"10.1109/ICNP.2011.6089077","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089077","url":null,"abstract":"Denial-of-service (DoS) attacks continue to be a major problem on the Internet. While many defense mechanisms have been created, they all have significant deployment issues. This paper introduces a novel method that overcomes these issues, allowing a small number of deployed DoS defenses to act as secure on-demand shields for any node on the Internet. The proposed method is based on rerouting any packet addressed to a protected autonomous system (AS) through an intermediate filtering node — a shield. In this way, all potentially harmful traffic could be discarded before reaching the destination. The mechanisms for packet rerouting use existing routing techniques and do not require any kind of modification to the deployed protocols or routers. To make the proposed system feasible, from both deployment and usage points of view, traffic rerouting and outsourced filtering could be provided as an insurance-style on-demand service.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128446762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089040
R. Paul, Victor C. Valgenti, Min Sik Kim
Due the significant need for real-time anonymization we propose Real-time Netshuffle [1]; a complete graph distortion technique designed to mitigate risk to inference attacks in traffic anonymization. Real-time Netshuffle provides an additional layer of security, in concert with other on-line traffic anonymization techniques, while imposing only minimal damage to the empirical value of the data.
{"title":"Real-time Netshuffle: Graph distortion for on-line anonymization","authors":"R. Paul, Victor C. Valgenti, Min Sik Kim","doi":"10.1109/ICNP.2011.6089040","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089040","url":null,"abstract":"Due the significant need for real-time anonymization we propose Real-time Netshuffle [1]; a complete graph distortion technique designed to mitigate risk to inference attacks in traffic anonymization. Real-time Netshuffle provides an additional layer of security, in concert with other on-line traffic anonymization techniques, while imposing only minimal damage to the empirical value of the data.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129967296","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089042
Yangyang Wang, J. Bi, Jianping Wu
As Internet growth, more and more prefix fragments are announced into the global routing system due to operational reasons of inconsecutive address allocation, multihoming, and traffic engineering. The BGP routing table size in Default Free Zone (DFZ) fast growth will consume more memory space and computational capacity. It has been known that Internet will face with routing scalability issue, especially in the large address space (e.g., IPv6) deployment. In this paper, we propose an innovation to BGP, named Aggregation-aware Inter-Domain Routing (AIDR). It will take the prefix aggregation into account to make tradeoff in the best route selection. We evaluate the effect of AIDR on global routing system using the BGP traces from RouteViews and RIPE. It shows that, averagely, AIDR-based aggregation can reduce to roughly 15%∼35% of original routing table size under the 2.0 AS path stretch constraint, and to 25%∼40% with no AS path stretch.
{"title":"AIDR: Aggregation of BGP routing table with AS path stretch","authors":"Yangyang Wang, J. Bi, Jianping Wu","doi":"10.1109/ICNP.2011.6089042","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089042","url":null,"abstract":"As Internet growth, more and more prefix fragments are announced into the global routing system due to operational reasons of inconsecutive address allocation, multihoming, and traffic engineering. The BGP routing table size in Default Free Zone (DFZ) fast growth will consume more memory space and computational capacity. It has been known that Internet will face with routing scalability issue, especially in the large address space (e.g., IPv6) deployment. In this paper, we propose an innovation to BGP, named Aggregation-aware Inter-Domain Routing (AIDR). It will take the prefix aggregation into account to make tradeoff in the best route selection. We evaluate the effect of AIDR on global routing system using the BGP traces from RouteViews and RIPE. It shows that, averagely, AIDR-based aggregation can reduce to roughly 15%∼35% of original routing table size under the 2.0 AS path stretch constraint, and to 25%∼40% with no AS path stretch.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"181 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116141421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-10-17DOI: 10.1109/ICNP.2011.6089053
Xinwen Zhang, Katharine Chang, Huijun Xiong, Yonggang Wen, G. Shi, Guoqiang Wang
Trust and security have been considered as built-in properties for future Internet architecture. Leveraging the concept of named content in recently proposed information centric network, we propose a name-based trust and security protection mechanism. Our scheme is built with identity-based cryptography (IBC), where the identity of a user or device can act as a public key string. Uniquely, in named content network such as content-centric network (CCN), a content name or its prefixes can be used as public identities, with which content integrity and authenticity can be achieved with IBC algorithms. The trust of a content is seamlessly integrated with the verification of the content's integrity and authenticity with its name or prefix, instead of the public key certificate of its publisher. In addition, flexible confidentiality protection is enabled between content publishers and consumers. For scalable deployment purpose, we further propose to use a hybrid scheme combined with traditional public-key infrastructure (PKI) and IBC. We have implemented this scheme with CCNx open source project on Android.
{"title":"Towards name-based trust and security for content-centric network","authors":"Xinwen Zhang, Katharine Chang, Huijun Xiong, Yonggang Wen, G. Shi, Guoqiang Wang","doi":"10.1109/ICNP.2011.6089053","DOIUrl":"https://doi.org/10.1109/ICNP.2011.6089053","url":null,"abstract":"Trust and security have been considered as built-in properties for future Internet architecture. Leveraging the concept of named content in recently proposed information centric network, we propose a name-based trust and security protection mechanism. Our scheme is built with identity-based cryptography (IBC), where the identity of a user or device can act as a public key string. Uniquely, in named content network such as content-centric network (CCN), a content name or its prefixes can be used as public identities, with which content integrity and authenticity can be achieved with IBC algorithms. The trust of a content is seamlessly integrated with the verification of the content's integrity and authenticity with its name or prefix, instead of the public key certificate of its publisher. In addition, flexible confidentiality protection is enabled between content publishers and consumers. For scalable deployment purpose, we further propose to use a hybrid scheme combined with traditional public-key infrastructure (PKI) and IBC. We have implemented this scheme with CCNx open source project on Android.","PeriodicalId":202059,"journal":{"name":"2011 19th IEEE International Conference on Network Protocols","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132735566","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: