Your search keyword '"Minseok Kwon"' showing total 13 results

1. Security Vulnerabilities of Server-Centric Wireless Datacenters

Author

Andres Kwasinski, Minseok Kwon, Sayed Ashraf Mamun, Amlan Ganguly, and Panos P. Markopoulos

Subjects

Computer science, Emerging technologies, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Denial-of-service attack, Eavesdropping, Jamming, 02 engineering and technology, Computer security, computer.software_genre, Wireless security, Networking hardware, Power consumption, Data_FILES, 0202 electrical engineering, electronic engineering, information engineering, Wireless, 020201 artificial intelligence & image processing, business, computer

Abstract

Wireless datacenter network is an emerging technology. Recent works have shown that by utilizing millimeter wave (mmWave) wireless communication, the power consumption of the networking equipment of datacenters can be reduced drastically. However, security of a datacenter is one of the highest design priorities. Many studies on the security of wired datacenters including identifying the possible threats and solutions have been explored in the literature. On the contrary, being an emerging technology, no study has been conducted on the security for the wireless datacenters. Moreover, being a wireless system, it also inherits most of the threats of a typical wireless system if not all. So, in order to successfully realize wireless datacenter architectures, it is essential to do an extensive investigation of the system from a security perspective. In this paper, we have done an extensive study on the possible threats and their impact on the wireless datacenter network. We showed that eavesdropping, denial of services, and jamming attacks are the most critical security threats for wireless datacenters.

Published

2020

2. Detecting BGP Route Anomalies with Deep Learning

Author

Kyle McGlynn, Hrishikesh B. Acharya, and Minseok Kwon

Subjects

Network administrator, business.industry, Computer science, Deep learning, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Feature extraction, IP forwarding, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, ENCODE, Border Gateway Protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, The Internet, Anomaly detection, Artificial intelligence, business, computer

Abstract

Fake or mistaken BGP updates can cause serious damage to Internet routing. We note that an expert network administrator can develop a “gut feeling” that lets them identify mistaken or attack updates. Might it be possible to capture such intuition in a learning-based anomaly detection mechanism? Our idea is that good route updates share characteristics which bad updates do not, and even if such characteristics are subtle (i.e. cannot be captured in clear rules), they can be learned. More specifically, an auto-encoder (trained on known-good BGP routing data) will successfully encode good route updates, but will perform more poorly with random or malicious updates. In our system, we use two auto-encoders, each trained to detect a specific type of anomalous BGP update. If either auto-encoder performs poorly (i.e. shows large differences between input and output), we report the BGP update as likely-anomalous. Our detector shows promising early results in identifying anomalous MOAS conflicts as well as prefix hijack attacks.

Published

2019

3. Dynamic Vehicular Route Guidance Using Traffic Prediction Information

Author

Jaegeun Park, Minseok Kwon, Yongsoon Eun, and Kwangsoo Kim

Subjects

050210 logistics & transportation, Static routing, Dynamic Source Routing, Article Subject, Computer Networks and Communications, business.industry, Computer science, Equal-cost multi-path routing, Routing table, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 05 social sciences, Real-time computing, 020206 networking & telecommunications, Geographic routing, TK5101-6720, 02 engineering and technology, Computer Science Applications, Link-state routing protocol, 0502 economics and business, Multipath routing, Telecommunication, 0202 electrical engineering, electronic engineering, information engineering, Destination-Sequenced Distance Vector routing, business, Computer network

Abstract

We propose a dynamic vehicular routing algorithm with traffic prediction for improved routing performance. The primary idea of our algorithm is to use real-time as well as predictive traffic information provided by a central routing controller. In order to evaluate the performance, we develop a microtraffic simulator that provides road networks created from real maps, routing algorithms, and vehicles that travel from origins to destinations depending on traffic conditions. The performance is evaluated by newly defined metric that reveals travel time distributions more accurately than a commonly used metric of mean travel time. Our simulation results show that our dynamic routing algorithm with prediction outperforms both Static and Dynamic without prediction routing algorithms under various traffic conditions and road configurations. We also include traffic scenarios where not all vehicles comply with our dynamic routing with prediction strategy, and the results suggest that more than half the benefit of the new routing algorithm is realized even when only 30% of the vehicles comply.

Published

2016

4. An Energy-Efficient, Wireless Top-of-Rack to Top-of-Rack Datacenter Network Using 60GHz Links

Author

Amlan Ganguly, Siva Shankar Chandrasekaran, Minseok Kwon, Sayed Ashraf Mamun, Md. Shahriar Shamim, and Sree Gowrishankar Umamaheswaran

Subjects

business.industry, Wireless network, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020208 electrical & electronic engineering, 020206 networking & telecommunications, 02 engineering and technology, Complex network, Rack, Server, Low-power electronics, 0202 electrical engineering, electronic engineering, information engineering, Wireless, Transceiver, business, Computer network, Efficient energy use

Abstract

Datacenters have become the digital backbone of the modern society and consume enormous amounts of power. Significant portion of the power consumption is due to the power hungry switching fabric necessary for communication in the datacenter. Additionally, the complex cabling in traditional datacenters pose design and maintenance challenges and increase the energy cost of the cooling infrastructure by obstructing the flow of chilled air. Recent research on wireless datacenters have proposed interconnecting rows of racks at the top-of-rack (ToR) level via wireless links to eliminate the need for complex network of power hungry routers and cables. Links are established using either highly directional phased array antennas or narrow-beam horned antennas between those ToR entities. ToR-to-ToR wireless links have also been used to augment existing wired networks, improving overall performance characteristics. All these wireless approaches advocate the use of 60GHz line-of-sight (LoS) communication paths between antennas for the establishment of reliable wireless channels. In this work, we explore the feasibility of a ToR-to-ToR wireless network for a small to medium-scale datacenter from the perspective of system-level performance. We evaluate a ToR-to-ToR wireless datacenter network (DCN) for network-level data rate and overall power consumption and compare it to a traditional fat-tree based DCN. We find that the ToR-to-ToR wireless DCN can sustain similar data rates for typical query based applications and consume less power compared to that of traditional datacenters.

Published

2017

5. Synergy: An overlay internetworking architecture and implementation

Author

Sonia Fahmy and Minseok Kwon

Subjects

Routing protocol, Multicast, Computer Networks and Communications, Computer science, business.industry, Quality of service, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Overlay network, Peer-to-peer, computer.software_genre, Peering, Scalability, business, Internetworking, computer, Information Systems, Computer network

Abstract

A multitude of overlay network designs for resilient routing, multicasting, quality of service, content distribution, storage, and object location have been proposed. Overlay networks offer several attractive features, including ease of deployment, flexibility, adaptivity, and an infrastructure for collaboration among hosts. In this paper, we explore cooperation among co-existing, possibly heterogeneous, overlay networks. We discuss a spectrum of cooperative forwarding and information sharing services, and investigate the associated scalability, heterogeneity, and security problems. Motivated by these services, we design Synergy, a utility-based overlay internetworking architecture that fosters overlay cooperation. Our architecture promotes fair peering relationships to achieve synergism. Results from Internet experiments with cooperative forwarding overlays indicate that our Synergy prototype improves delay, throughput, and loss performance, while maintaining the autonomy and heterogeneity of individual overlay networks.

Published

2010

6. Characterizing Overlay Multicast Networks and Their Costs

Author

Sonia Fahmy and Minseok Kwon

Subjects

Overlay multicast, Protocol Independent Multicast, Multicast, Computer Networks and Communications, computer.internet_protocol, Computer science, business.industry, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Overlay network, Internet topology, Computer Science Applications, Source-specific multicast, Key-based routing, IP multicast, Xcast, Electrical and Electronic Engineering, Unicast, business, computer, Software, Computer network

Abstract

Overlay networks among cooperating hosts have recently emerged as a viable solution to several challenging problems, including multicasting, routing, content distribution, and peer-to-peer services. Application-level overlays, however, incur a performance penalty over router-level solutions. This paper quantifies and explains this performance penalty for overlay multicast trees via: 1) Internet experimental data; 2) simulations; and 3) theoretical models. We compare a number of overlay multicast protocols with respect to overlay tree structure, and underlying network characteristics. Experimental data and simulations illustrate that the mean number of hops and mean per-hop delay between parent and child hosts in overlay trees generally decrease as the level of the host in the overlay tree increases. Overlay multicast routing strategies, overlay host distribution, and Internet topology characteristics are identified as three primary causes of the observed phenomenon. We show that this phenomenon yields overlay tree cost savings: Our results reveal that the normalized cost L(n)/U(n) is propn0.9 for small n, where L(n) is the total number of hops in all overlay links, U(n) is the average number of hops on the source to receiver unicast paths, and n is the number of members in the overlay multicast session. This can be compared to an IP multicast cost proportional to n0.6 to n0.8

Published

2007

7. Distributed tries for load balancing in peer-to-peer systems

Author

Minseok Kwon and Gahyun Park

Subjects

Load management, Computer science, business.industry, Kademlia, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Trie, Overlay network, Load balancing (computing), business, Data structure, Partition (database), Hash table, Computer network

Abstract

In structured peer-to-peer (p2p) systems, distributed hash tables (DHTs) often partition the ID space into disjoint intervals with each interval assigned to the corresponding node. While nodes join and leave dynamically, one of the hard challenges posed by DHTs is load balancing across the ID space. Tries are known to be a viable data structure such that a balanced trie implies balanced intervals in the ID space. We establish a distributed trie as a deployable overlay network that connects the IDs of participating nodes. We propose a decentralized, efficient, and low-cost algorithm that balances ID intervals in DHTs using the trie. Our scheme allows a node to join or leave the system at a low cost, R + Θ(log log n), where R denotes the message routing cost in DHTs and n is the number of nodes. Compared to the prior ID assignment schemes that require R + Θ(log n) at best for the same operations, our new algorithm reduces the additional cost incurred to maintain the ID space balanced by a factor of Θ(log n/log log n). In our analysis and experiments, we show that the ID space is indeed well-balanced such that the ratio between the largest interval and the smallest is at most 8 with high probability. Finally, we discuss applications of the distributed trie to item load balancing and the multiple choice paradigm.

Published

2010

8. Secure routing in peer-to-peer distributed hash tables

Author

Minseok Kwon and Keith Needels

Subjects

Primary clustering, business.industry, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Hash function, Hash table, Hash tree, Content addressable network, SHA-2, Key-based routing, Cryptographic hash function, Hash chain, Chord (peer-to-peer), business, Computer network

Abstract

Distributed hash tables (DHTs) provide efficient and scalable lookup mechanisms for locating data in peer-to-peer (p2p) networks. Several issues, however, prevent DHT-based p2p networks from being widely deployed -- one of which is security. Malicious peers may modify, drop, misroute lookup requests, or even collude to deny the availability of target data. To address these security concerns, we propose an extension to Chord named Sechord. The main idea is that the source can determine whether the next hop is valid or invalid by estimating how far the next hop is from its finger pointer. If the next hop is too far away from the finger pointer, especially compared to the average distance between two consecutive peers, the source can infer some ongoing malicious activities. Our modifications require no trust between two nodes except node join. Moreover, each node utilizes locally available information to evaluate hops encountered during the lookup routing process for validity. These modifications have been implemented and evaluated in the presence of malicious nodes. Our results show that Sechord significantly enhances the security of structured p2p systems at the expense of slightly increased hop count.

Published

2009

9. Vulnerabilities of the Real-Time Transport (RTP) Protocol for Voice over IP (VoIP) Traffic

Author

Mike Adams and Minseok Kwon

Subjects

Public switched telephone network, Voice over IP, Telephone network, business.industry, Network packet, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Vulnerability, Computer security, computer.software_genre, RTP Control Protocol, business, computer, Jitter, Computer network

Abstract

Over the past decade, Voice over IP (VoIP) has revolutionalized the telecommunications industry. VoIP has become more prevalent than ever, and consequently more users have switched to IP-based data networks for their telephone use from the analogue Public Switched Telephone Network (PSTN). One challenge, though, is to secure and protect these VoIP connections. In this paper, we investigate a new approach to demonstrate the vulnerability of VoIP connections. Our approach monitors real-time data streams (e.g., RTP), and inserts packets containing fraudulent voice data at expected times estimated from the monitoring. As false packets are well-aligned with original packets, we can maximize the effects of the test while minimizing the number of inserted packets. This minimal number of false packets also helps eschew the detection efforts of denial-of-service defense mechanisms. Our results indicate that the inserted packets at desired times can indeed disrupt the original RTP stream without any noticeable traffic increase.

Published

2009

10. RODMRP: Resilient On-Demand Multicast Routing Protocol

Author

Minseok Kwon and D. Pathirana

Subjects

Routing protocol, Protocol Independent Multicast, Multicast, Computer science, Network packet, Wireless ad hoc network, business.industry, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Packet forwarding, Mobile ad hoc network, ODMRP, Optimized Link State Routing Protocol, Unicast, business, Computer network

Abstract

ODMRP (on-demand multicast routing protocol) [S. Lee et al., 1999] [S.J. Lee et al., 2000] [S. Ho et al., 2000] is a popular multicast protocol for wireless ad hoc networks. The strengths of ODMRP are simplicity, high packet delivery ratio, and non-dependency on a specific unicast protocol. ODMRP floods a route request over the entire network to select a set of forwarding nodes for packet delivery. However, a single forwarding path is vulnerable to node failures, which are common due to the dynamic nature of mobile ad hoc networks. Furthermore, a set of misbehaving or malicious nodes can create network partitions and mount denial-of-service (DoS) attacks. We propose a ODMRP-based wireless multicast protocol named RODMRP that offers more reliable forwarding paths in face of node and network failures. A subset of the nodes that are not on forwarding paths rebroadcast received packets to nodes in their neighborhoods to overcome perceived node failures. This rebroadcasting creates redundant forwarding paths to circumvent failed areas in the network. Each node makes this forwarding decision probabilistically. Our simulation results indicate that RODMRP improves packet delivery ratio with minimal overheads, while retaining the original strengths of ODMRP.

Published

2007

11. Synergy: an overlay internetworking architecture

Author

Sonia Fahmy and Minseok Kwon

Subjects

Multicast, business.industry, Computer science, Quality of service, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Overlay network, Throughput, Overlay, Peering, The Internet, business, Internetworking, Computer network

Abstract

A multitude of overlay network designs for resilient routing, multicasting, quality of service, content distribution, storage, and object location have been recently proposed. Overlay networks offer several attractive features, including ease of deployment, flexibility, adaptivity, and an infrastructure for collaboration among hosts. In this paper, we explore cooperation among co-existing, possibly heterogeneous, overlay networks. We design Synergy, a utility-based overlay internetworking architecture that fosters overlay cooperation. Our architecture promotes fair peering relationships to achieve synergism. Results from Internet experiments with cooperative forwarding overlays indicate that our Synergy prototype improves delay, throughput, and loss performance, while maintaining the autonomy and heterogeneity of individual overlay networks.

Published

2006

12. Characterizing overlay multicast networks

Author

Sonia Fahmy and Minseok Kwon

Subjects

Router, Overlay multicast, Multicast, Protocol Independent Multicast, business.industry, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Overlay network, Internet topology, Xcast, Unicast, business, Computer network

Abstract

Overlay networks among cooperating hosts have recently emerged as a viable solution to several challenging problems, including multicasting, routing, content distribution, and peer-to-peer services. Application-level overlays, however, incur a performance penalty over router level solutions. This paper characterizes this performance penalty for overlay multicast trees via experimental data, simulations, and theoretical models. Experimental data and simulations illustrate that (i) the average delay and the number of hops between parent and child hosts in overlay trees generally decrease, and (ii) the degree of hosts generally decreases, as the level of the host in the overlay tree increases. Overlay multicast routing strategies, together with power-law and small-world Internet topology characteristics, are causes of the observed phenomena. We compare three overlay multicast protocols with respect to latency, bandwidth, router degrees, and host degrees. We also quantify the overlay tree cost. Results reveal that L(n)/U(n) /spl prop/ n/sub 0.9/ for small n, where L(n) is the total number of hops in all overlay links, U(n) is the average number of hops on the source to receiver unicast paths, and n is the number of members in the overlay multicast session.

Published

2004

13. Topology-aware overlay networks for group communication

Author

Sonia Fahmy and Minseok Kwon

Subjects

Protocol Independent Multicast, Multicast, Computer science, business.industry, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Distance Vector Multicast Routing Protocol, Overlay network, Topology, Source-specific multicast, Multicast address, Xcast, business, Pragmatic General Multicast, Computer network

Abstract

We propose an application level multicast approach, Topology Aware Grouping (TAG), which exploits underlying network topology information to build efficient overlay networks among multicast group members. TAG uses information about path overlap among members to construct a tree that reduces the overlay relative delay penalty, and reduces the number of duplicate copies of a packet on the same link. We study the properties of TAG, and model and experiment with its economies of scale factor to quantify its benefits compared to unicast and IP multicast. We also compare the TAG approach with the ESM approach in a variety of simulation configurations including a number of real Internet topologies and generated topologies. Our results indicate the effectiveness of the algorithm in reducing delays and duplicate packets, with reasonable algorithm time and space complexities.

Published

2002