Your search keyword '"Core router"' showing total 1,081 results

1. Defense mechanisms against Distributed Denial of Service attacks:Comparative Review

Author

Fahad Alatawi

Subjects

cybersecurity, cybercrimes, ddos, ddos detection, source based, core router, victim-based, review ddos, Criminal law and procedure, K5000-5582, Cybernetics, Q300-390

Abstract

Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.

Published

2021

2. Flow Characteristic-Aware Cache Replacement Policy for Packet Processing Cache

Author

Yamaki, Hayato, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Arai, Kohei, editor, Kapoor, Supriya, editor, and Bhatia, Rahul, editor

Published

2019

3. Design for Energy-Aware IP Over WDM Networks with Hibernation Mode and Group-Node Techniques

Author

Warip, M. N. M., Andonovic, Ivan, Glesk, Ivan, Badlishah Ahmad, R., Ehkan, P., Ahmed, Mohamed Elshaikh Elobaid Said, Elias, Shamsul Jamel, Zakaria, Fazrul Faiz, Sulaiman, Hamzah Asyrani, editor, Othman, Mohd Azlishah, editor, Othman, Mohd Fairuz Iskandar, editor, Rahim, Yahaya Abd, editor, and Pee, Naim Che, editor

Published

2015

4. Measuring and Characterizing IPv6 Router Availability

Author

Beverly, Robert, Luckie, Matthew, Mosley, Lorenza, Claffy, Kc, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Mirkovic, Jelena, editor, and Liu, Yong, editor

Published

2015

5. Integrated optimization of test case selection and sequencing for reliability testing of the mainboard of Internet backbone routers

Author

Hanxiao Zhang and Yan-Fu Li

Subjects

Router, Information Systems and Management, General Computer Science, business.industry, Computer science, Reliability (computer networking), Internet backbone, Software maintenance, Management Science and Operations Research, Industrial and Manufacturing Engineering, Reliability engineering, Test case, Core router, Modeling and Simulation, Regression testing, The Internet, business

Abstract

Internet backbone refers to the principal data routes between large, strategically interconnected networks and core routers on the Internet. Internet backbone router is essentially the core router of Internet backbone and its performance is mainly relevant to the reliability of its mainboard. The mainboard is an embedded system consisting of hardware and software. Its reliability testing involves executing a number of test cases, which are designed to expose potential defects, under harsh environmental conditions. The testing process is largely prolonged due to the dramatic increase of the number of test cases, mainly due to the continuous increase and upgrade of its functional modules. Thus, there is a big demand from industry to improve the reliability testing efficiency and effectiveness. In this work, we exploit the principles of regression testing in software maintenance: test case selection and prioritization, and construct two testing planning models to largely reduce the testing time as well as to improve the effectiveness of failure detections. The former is a two-step model we introduced in previous work that optimizes test case selection and test case sequencing sequentially. The latter, an integrated model is newly developed, optimizing the test case selection and sequencing simultaneously with the precedence constraints among the test cases. Moreover, we propose exact algorithms based on branch-and-price for solving these two models. Finally, we present a case study demonstrating that the integrated model outperforms the two-step method and the advantage is more significant if the sequencing objective has greater weight in the integrated objective function.

Published

2022

6. An Effective and Lightweight Countermeasure Scheme to Multiple Network Attacks in NDN

Author

Guoxin Lv, Zhaoyang Heng, Yang Yue, Haiying Shen, Dapeng Qu, and Qu Shijun

Subjects

Router, Computer Networks and Communications, Computer science, business.industry, Cache pollution, Security token, Computer Science Applications, Flooding (computer networking), Core router, Overhead (computing), Network performance, DNS spoofing, Electrical and Electronic Engineering, business, Software, Computer network

Abstract

In Named Data Networking, cache pollution, cache poisoning and interest flooding are three popular types of attacks that can drastically degrade the network performance. However, previous methods for mitigating these attacks are not sufficiently effective or efficient. Also, they cannot simultaneously handle the three attacks, or the case that core routers or edge routers are compromised. To handle these problems, we propose an effective and lightweight countermeasure scheme. It consists of token-based router monitoring policy (TRM), hierarchical consensus-based trust management (HCT), and popularity-based probabilistic caching and caching replacement policy (PPC). In TRM, each edge router monitors and evaluates each data requester's probability of launching the cache pollution attack and each data provider's probability of launching the cache poisoning attack, and accordingly assigns, rewards and penalizes tokens to them to control their data request and data provision activities. Thus, the interest flooding attack can also be mitigated by limiting the consumption of tokens. In HCT, each core router manages its directly connected edge routers using TRM, and the core routers trust each other through adopting the concept of consensus in Blockchain. Thus, the edge and core routers executing monitoring and evaluation are trustable. PPC uses probabilistic caching and caching replacement based on the popularity of received content to further mitigate the attacks and reduce caching and data verification overhead. Results from simulation experiments demonstrate that our proposed scheme has better performance, in terms of interest satisfaction ratio and average end-to-end delay than current mechanisms.

Published

2022

7. The Internet Geographical PoP Level Maps

Author

Shavitt, Yuval, Zilberman, Noa, Gilbert, Thomas, editor, Kirkilionis, Markus, editor, and Nicolis, Gregoire, editor

Published

2013

8. Autonomic Computing to Manage Green Core Networks with Quality of Service

Author

Sharrock, Remi, Monteil, Thierry, Stolf, Patricia, Brun, Olivier, Pierson, Jean-Marc, editor, Da Costa, Georges, editor, and Dittmann, Lars, editor

Published

2013

9. A Network Optimization Model for Multi-layer IP/MPLS over OTN/DWDM Networks

Author

Katib, Iyad, Medhi, Deep, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Nunzi, Giorgio, editor, Scoglio, Caterina, editor, and Li, Xing, editor

Published

2009

10. Mitigación de vulnerabilidades en la red central de un ISP: Un caso de estudio

Author

Byron Mauricio Palate and Diego Avila-Pesantez

Subjects

Router, Firewall (construction), Core router, Brute-force attack, Network packet, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Confidentiality, Denial-of-service attack, Routing (electronic design automation), Computer security, computer.software_genre, computer

Abstract

Cybersecurity incidents in ISP (Internet Service Provider) infrastructure have grown significantly and it is necessary to identify vulnerabilities that need immediate protection. In this environment, the firewall can filter data packets, analyzing the headers and deciding about the routing of the packet based on the established rules. This device is very essential in an ISP network because it mitigates the vulnerabilities coming from the network, maintaining a higher degree of computer security for your internal network, thus guaranteeing the availability, integrity, and confidentiality of the information. In the case study, a Mikrotik brand infrastructure was selected with a proprietary operating system called RouterOS, which will function as a core router, where the security rules will be applied to your firewall for each type of attack that will be generated against the router. , whether they are internal or external attacks on the network, avoiding causing serious security failures such as being the victim of a DoS (Denial of Service) attack, brute force attacks, etc. As a result, a 50% decrease in CPU consumption was obtained in each attack generated, thus achieving the proper functioning of the network infrastructure and guaranteeing stability and availability of the communications network.

Published

2021

11. The Curse of Ease of Access to the Internet

Author

Ramamohanarao, Kotagiri, Gupta, Kapil Kumar, Peng, Tao, Leckie, Christopher, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, McDaniel, Patrick, editor, and Gupta, Shyam K., editor

Published

2007

12. Offloading IP Flows onto Lambda-Connections

Author

Fioreze, Tiago, Wolbers, Mattijs Oude, van de Meent, Remco, Pras, Aiko, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Clemm, Alexander, editor, Granville, Lisandro Zambenedetti, editor, and Stadler, Rolf, editor

Published

2007

13. A Quantitative QoS Routing Model for Diffserv Aware MPLS Networks

Author

Mantar, Haci A., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Parr, Gerard, editor, Malone, David, editor, and Ó Foghlú, Mícheál, editor

Published

2006

14. A Tree-Based Distributed Model for BGP Route Processing

Author

Wu, Kun, Wu, Jianping, Xu, Ke, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Gerndt, Michael, editor, and Kranzlmüller, Dieter, editor

Published

2006

15. Analysis and Simulation of the Signaling Protocols for the DiffServ Framework

Author

Sayenko, A., Alanen, O., Karppinen, O., Hämäläinen, T., Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Dough, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Koucheryavy, Yevgeni, editor, Harju, Jarmo, editor, and Iversen, Villy B., editor

Published

2006

16. Building a Terabit Router with XD Networks

Author

Gu, Huaxi, Liu, Zengji, Yang, Jungang, Qiu, Zhiliang, Kang, Guochang, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Srikanthan, Thambipillai, editor, Xue, Jingling, editor, and Chang, Chip-Hong, editor

Published

2005

17. A Practical Method for the Efficient Resolution of Congestion in an On-path Reduced-State Signalling Environment

Author

Császár, András, Takács, Attila, Báder, Attila, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, de Meer, Hermann, editor, and Bhatti, Nina, editor

Published

2005

18. Generating, Flooding and Ageing LSPs

Author

Gredler, Hannes and Goralski, Walter

Published

2005

19. Traffic Engineering and MPLS

Author

Gredler, Hannes and Goralski, Walter

Published

2005

20. Discussion on IP Network Equipment Multi-Service Stressing Test Method

Author

Huanan Chen, Subin Wang, and Aifeng Xu

Subjects

IP network equipment, core router, multi-service stressing, test method, Telecommunication, TK5101-6720, Technology

Abstract

Referred to the development trend of the communication industry, the changes of IP network equipment testing requirements were analyzed and the limitations of the traditional testing method were explained. Through evolution of carrier's business in the future, a new method of IP network equipment business superposition test was put forward, and the core router was introduced to establish multi-service overlay test model and realization process. The multi-service stressing test case about the core router was discussed in detail. A more feasible test solution for the carrier was provided by comparing with the traditional test results at last.

Published

2014

21. A Methodology for Deriving Per-Flow End-to-End Delay Bounds in Sink-Tree DiffServ Domains with FIFO Multiplexing

Author

Lenzini, Luciano, Martorini, Linda, Mingozzi, Enzo, Stea, Giovanni, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Aykanat, Cevdet, editor, Dayar, Tuǧrul, editor, and Körpeoğlu, İbrahim, editor

Published

2004

22. Policy-Based Differentiated QoS Provisioning for DiffServ Enabled IP Networks

Author

Cha, Si-Ho, Lee, Jong-Eon, Choi, WoongChul, Lee, Jae-Oh, Cho, Kuk-Hyun, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Kahng, Hyun-Kook, editor, and Goto, Shigeki, editor

Published

2004

23. 8 Prototype Implementation Description

Author

Stoica, Ion, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Stoica, Ion

Published

2004

24. 9 Conclusions and Future Work

Author

Stoica, Ion, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Stoica, Ion

Published

2004

25. LMPS: Localized Multi-path Selection for QoS Routing in VoIP Networks

Author

Elsayed, Khaled M. F., Fadel, Hassan, Nassar, Amin M., Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Mitrou, Nikolas, editor, Kontovasilis, Kimon, editor, Rouskas, George N., editor, Iliadis, Ilias, editor, and Merakos, Lazaros, editor

Published

2004

26. A Policy-Based QoS Management Framework for Differentiated Services Networks

Author

Cha, Si-Ho, Lee, Jae-Oh, Lee, Dong-Ho, Cho, Kuk-Hyun, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Kahng, Hyun-Kook, editor

Published

2003

27. Providing Deterministic End-to-End Fairness Guarantees in Core-Stateless Networks

Author

Kaur, Jasleen, Vin, Harrick, Jeffay, Kevin, editor, Stoica, Ion, editor, and Wehrle, Klaus, editor

Published

2003

28. Scalable Support for Source Specific Multicast in Differentiated Services Networks

Author

Wang, Ning, Pavlou, George, Papantoni, Konstantina, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Stiller, Burkhard, editor, Carle, Georg, editor, Karsten, Martin, editor, and Reichl, Peter, editor

Published

2003

29. DQM: An Overlay Scheme for Quality of Service Differentiation in Source Specific Multicast

Author

Wang, Ning, Pavlou, George, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Marsan, Marco Ajmone, editor, Corazza, Giorgio, editor, Listanti, Marco, editor, and Roveri, Aldo, editor

Published

2003

30. Next-Generation OSS

Author

Jain, Shailendra, Hayward, Mark, Kumar, Sharad, Jain, Shailendra, Hayward, Mark, and Kumar, Sharad

Published

2003

31. A Control-Theoretical Approach for Fair Share Computation in Core-Stateless Networks

Author

Ngin, Hoon-Tong, Tham, Chen-Khong, Goos, G., editor, Hartmanis, J., editor, van Leeuwen, J., editor, Stiller, Burkhard, editor, Smirnow, Michael, editor, Karsten, Martin, editor, and Reichl, Peter, editor

Published

2002

32. A New IP Multicast QoS Model on IP Based Networks

Author

Eissa, Hussein Sherif, Kamel, Tarek, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Lorenz, Pascal

Published

2001

33. Achieving End-to-End Throughput Guarantee for Individual TCP Flows in a Differentiated Services Network

Author

He, X., Che, H., Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Lorenz, Pascal, editor

Published

2001

34. Aggregated Multicast with Inter-Group Tree Sharing

Author

Fei, Aiguo, Cui, Junhong, Gerla, Mario, Faloutsos, Michalis, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Crowcroft, Jon, editor, and Hofmann, Markus, editor

Published

2001

35. Scalable IP Multicast Sender Access Control for Bi-directional Trees

Author

Wang, Ning, Pavlou, George, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Crowcroft, Jon, editor, and Hofmann, Markus, editor

Published

2001

36. Endpoint Admission Control over Assured Forwarding PHBs and Its Performance over RED Implementations

Author

Bianchi, Giuseppe, Blefari-Melazzi, Nicola, Mancuso, Vincenzo, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, and Palazzo, Sergio, editor

Published

2001

37. SMART: A Scalable Multipath Architecture for Intra-domain QoS Provisioning

Author

Vutukury, Srinivas, Garcia-Luna-Aceves, Jose J., Goos, Gerhard, Series editor, Hartmanis, Juris, Series editor, van Leeuwen, Jan, Series editor, Marsan, Marco Ajmone, editor, and Bianco, Andrea, editor

Published

2001

38. PCP: An End-to-End Measurement-Based Call Admission Control for Real-Time Services over IP Networks

Author

Bianchi, Giuseppe, Borgonovo, Flaminio, Capone, Antonio, Fratta, Luigi, Petrioli, Chiara, Goos, Gerhard, Series editor, Hartmanis, Juris, Series editor, van Leeuwen, Jan, Series editor, Marsan, Marco Ajmone, editor, and Bianco, Andrea, editor

Published

2001

39. Secured Hash Based Burst Header Authentication Design for Optical Burst Switched Networks.

Author

Balamurugan, A. M., Sivasubramanian, A., and Parvathavarthini, B.

Subjects

COMPUTER networks, OPTICAL communications, DATA transmission systems, ROUTING (Computer network management), WIRELESS communications

Abstract

The optical burst switching (OBS) is a promising technology that could meet the fast growing network demand. They are featured with the ability to meet the bandwidth requirement of applications that demand intensive bandwidth. OBS proves to be a satisfactory technology to tackle the huge bandwidth constraints, but suffers from security vulnerabilities. The objective of this proposed work is to design a faster and efficient burst header authentication algorithm for core nodes. There are two important key features in this work, viz., header encryption and authentication. Since the burst header is an important in optical burst switched network, it has to be encrypted; otherwise it is be prone to attack. The proposed MD5&RC4-4S based burst header authentication algorithm runs 20.75 ns faster than the conventional algorithms. The modification suggested in the proposed RC4-4S algorithm gives a better security and solves the correlation problems between the publicly known outputs during key generation phase. The modified MD5 recommended in this work provides 7.81% better avalanche effect than the conventional algorithm. The device utilization result also shows the suitability of the proposed algorithm for header authentication in real time applications. [ABSTRACT FROM AUTHOR]

Published

2017

40. Distributed Core Multicast (DCM): A Multicast Routing Protocol for Many Groups with Few Receivers

Author

Blazević, Ljubica, Le Boudec, Jean-Yves, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Rizzo, Luigi, editor, and Fdida, Serge, editor

Published

1999

41. Self-Learning and Efficient Health-Status Analysis for a Core Router System

Author

Zhaobo Zhang, Shi Jin, Xinli Gu, and Krishnendu Chakrabarty

Subjects

Computer science, Feature extraction, Supervised learning, 02 engineering and technology, computer.software_genre, Computer Graphics and Computer-Aided Design, Autoencoder, 020202 computer hardware & architecture, Hierarchical clustering, Core router, Recurrent neural network, Binary classification, 0202 electrical engineering, electronic engineering, information engineering, Anomaly detection, Data mining, Electrical and Electronic Engineering, Precision and recall, computer, Software, Curse of dimensionality

Abstract

The health status of core router systems needs to be analyzed efficiently in order to ensure high reliability and timely error recovery. Although a large amount operational data is collected from core routers, due to high computational complexity and expensive labor cost, only a small part of this data is labeled by experts. The lack of labels is an impediment toward the adoption of supervised learning. We present an iterative self-learning procedure for assessing the health status of a core router. This procedure first computes a representative feature matrix to capture different characteristics of time-series data. Not only statistical-modeling-based features are computed from three general categories but also a recurrent neural network-based autoencoder is utilized to capture a wider range of hidden patterns. Moreover, both minimum-redundancy–maximum-relevance (mRMR) method and fully connected feedforward autoencoder are applied to further reduce dimensionality of extracted feature matrix. Hierarchical clustering is then utilized to infer labels for the unlabeled dataset. Finally, a classifier is built and iteratively updated using both labeled and unlabeled dataset. Field data collected from a set of commercial core routers are used to experimentally validate the proposed health-status analyzer. The experimental results show that the proposed feature-based self-learning health analyzer achieves higher precision and recall than the traditional supervised health analyzer as well the currently deployed rule-based health analyzer. Moreover, it achieves better performance than the three anomaly detection baseline methods under the transformed binary classification scenario.

Published

2020

42. Hierarchical Symbol-Based Health-Status Analysis Using Time-Series Data in a Core Router System

Author

Shi Jin, Xinli Gu, Krishnendu Chakrabarty, and Zhaobo Zhang

Subjects

Sequence, Computer science, Reliability (computer networking), Feature extraction, Fault tolerance, 02 engineering and technology, computer.software_genre, Computer Graphics and Computer-Aided Design, Symbol (chemistry), 020202 computer hardware & architecture, Set (abstract data type), Core router, 0202 electrical engineering, electronic engineering, information engineering, Data mining, Electrical and Electronic Engineering, computer, Software

Abstract

To ensure high reliability and rapid error recovery in commercial core router systems, a health-status analyzer is essential to monitor the different features of core routers. However, traditional health analyzers need to store a large amount of historical data in order to identify health status. The storage requirement becomes prohibitively high when we attempt to carry out long-term health-status analysis for a large number of core routers. We describe the design of a symbol-based health status analyzer that first encodes, as a symbol sequence, the long-term complex time series collected from a number of core routers, and then utilizes the symbol sequence to do health analysis. The symbolic aggregation approximation (SAX), 1d-SAX, moving-average-based trend approximation, and nonparametric symbolic approximation representation methods are implemented to encode complex time series in a hierarchical way. Hierarchical agglomerative clustering and sequitur rule discovery are implemented to learn important global and local patterns. Three classification methods including a vector-space-model-based approach are then utilized to identify the health status of core routers. Data collected from a set of commercial core router systems are used to validate the proposed health-status analyzer. The experimental results show that our symbol-based health status analyzer requires much lower storage than traditional methods, but can still maintain comparable diagnosis accuracy.

Published

2020

43. Compact and flexible resolution of CBT multicast key-distribution

Author

Matsuura, Kanta, Zheng, Yuliang, Iman, Hideki, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Masunaga, Yoshifumi, editor, Katayama, Takuya, editor, and Tsukamoto, Michiharu, editor

Published

1998

44. Anomaly Detection and Health-Status Analysis in a Core Router System

Author

Zhaobo Zhang, Xinli Gu, Shi Jin, and Krishnendu Chakrabarty

Subjects

Router, business.industry, Computer science, Reliability (computer networking), Fault tolerance, 02 engineering and technology, Communications system, 020202 computer hardware & architecture, Core router, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Anomaly detection, Electrical and Electronic Engineering, business, Software, Computer network

Abstract

Editor’s note: Rapid error discovery is crucial for timely correction mechanisms and reliable router systems. Aiming to achieve a high degree of reliability, this article presents a machine-learning framework for analyzing router time series to evaluate the health status and detect anomalies while accounting for the important temporal characteristics of complex communication systems. —Paul Bogan, University of Southern California

Published

2019

45. Changepoint-Based Anomaly Detection for Prognostic Diagnosis in a Core Router System

Author

Xinli Gu, Zhaobo Zhang, Shi Jin, and Krishnendu Chakrabarty

Subjects

Computer science, business.industry, Anomaly (natural sciences), Feature extraction, Detector, Pattern recognition, 02 engineering and technology, Computer Graphics and Computer-Aided Design, 020202 computer hardware & architecture, Core router, Outlier, 0202 electrical engineering, electronic engineering, information engineering, Anomaly detection, Artificial intelligence, Electrical and Electronic Engineering, Cluster analysis, business, Software

Abstract

Prognostic diagnosis is desirable for commercial core router systems to ensure early failure prediction and fast error recovery. The effectiveness of prognostic diagnosis depends on whether anomalies can be accurately detected before a failure occurs. However, traditional anomaly detection techniques fail to detect “outliers” when the statistical properties of the monitored data change significantly as time proceeds. We describe the design of a changepoint (CP)-based anomaly detector that first detects CPs from collected time-series data, and then utilizes these CPs to detect anomalies. Different CP detection approaches are implemented to detect various types of CPs. A clustering method is then developed to identify normal/abnormal patterns from CP windows. Data collected from a set of commercial core router systems are used to validate the proposed anomaly detector. Experimental results show that our CP-based anomaly detector achieves better performance than traditional methods in terms of two metrics, namely success ratio and nonfalse-alarm ratio.

Published

2019

46. The Researches on the Developments and Typical Application of NPs Based System.

Author

Zhiming, Liu, Lei, Xu, Gaoming, Deng, and Sheng, Li

Abstract

With the development of computer network, traditional general CPU and ASIC cannot meet the corresponding needs due to their disadvantages, nevertheless, the Network Processor(NP) finds its wide application in today's network devices because of its great balance between performance and flexibility. This paper focuses on the issues of system design and implementation of NPs. The early design method and performance evaluation of NPs are presented on the standpoint of system design, and several key application technologies of NPs are investigated in-depth. Furthermore, a core router's hardware architecture and software modules design based on NPs of is proposed. [ABSTRACT FROM PUBLISHER]

Published

2011

47. Securing Your Router

Author

Gilbert Held

Subjects

Router, Core router, Computer science, business.industry, One-armed router, business, Computer network

Published

2020

48. IPv6 Backbone Router

Author

Pascal Thubert, Charles Perkins, and Eric Levy-Abegnoli

Subjects

Router, Backbone network, computer.internet_protocol, business.industry, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Very high-speed Backbone Network Service, Subnet, Neighbor Discovery Protocol, IPv6, Core router, Routing (electronic design automation), business, computer, Computer network

Abstract

This document updates RFC 6775 and RFC 8505 in order to enable proxy services for IPv6 Neighbor Discovery by Routing Registrars called Backbone Routers. Backbone Routers are placed along the wireless edge of a Backbone, and federate multiple wireless links to form a single Multi-Link Subnet.

Published

2020

49. An Effective and Lightweight Countermeasure Scheme to Multiple Network Attacks in NDNs

Author

Yang Yue, Haiying Shen, Qu Shijun, and Dapeng Qu

Subjects

Router, 021110 strategic, defence & security studies, business.industry, Computer science, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Cache pollution, Security token, Flooding (computer networking), Core router, 0202 electrical engineering, electronic engineering, information engineering, Network performance, DNS spoofing, business, Computer network

Abstract

In Named Data Networks, cache pollution, cache poisoning and interest flooding are three popular types of attacks that can drastically degrade the network performance. However, previous methods for mitigating these attacks are not sufficiently effective or efficient. Also, they cannot simultaneously handle the three attacks. To handle these problems, we propose an effective and lightweight countermeasure scheme. It consists of token-based router monitoring policy (TRM), hierarchical consensus-based trust management (HCT), and popularity-based probabilistic caching policy (PPC). In TRM, each edge router monitors and evaluates each data requester’s probability of launching the cache pollution attack and each data provider’s probability of launching the cache poisoning attack, and accordingly assigns, rewards and penalizes tokens to them to control their data request and data provision activities. In HCT, each core router manages its directly connected edge routers using TRM, and the core routers trust each other through adopting the concept of consensus in Blockchain. PPC uses probabilistic caching based on the popularity of received content to further mitigate the attacks and reduce caching and data verification overhead. Results from simulation experiments demonstrate that our proposed scheme has better performance, in terms of interest satisfaction ratio and average end-to-end delay than current mechanisms.

Published

2020

50. Local Stability and Hopf Bifurcation Analysis for Compound TCP

Author

Debayani Ghosh, Krishna Jagannathan, and Gaurav Raina

Subjects

Router, Control and Optimization, Computer Networks and Communications, Transmission Control Protocol, Dynamical Systems (math.DS), 02 engineering and technology, Topology, symbols.namesake, Core router, Exponential stability, 020204 information systems, FOS: Mathematics, Computer Science::Networking and Internet Architecture, 0202 electrical engineering, electronic engineering, information engineering, Mathematics - Dynamical Systems, Bifurcation, Mathematics, Hopf bifurcation, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Computer Science::Performance, Control and Systems Engineering, Signal Processing, symbols, Compound TCP, Center manifold

Abstract

We conduct a local stability and Hopf bifurcation analysis for Compound TCP, with small Drop-tail buffers, in three topologies. The first topology consists of two sets of TCP flows having different round trip times, and feeding into a core router. The second topology corresponds to two queues in tandem, and consists of two distinct sets of TCP flows, regulated by a single edge router and feeding into a core router. The third topology comprises of two distinct sets of TCP flows, regulated by two separate edge routers, and feeding into a common core router. For each of these cases, we conduct a detailed local stability analysis and obtain conditions on the network and protocol parameters to ensure stability. If these conditions get marginally violated, our analysis shows that the underlying systems would lose local stability via a Hopf bifurcation. After exhibiting a Hopf, a key concern is to determine the asymptotic orbital stability of the bifurcating limit cycles. We present a detailed analytical framework to address the stability of the limit cycles, and the type of the Hopf bifurcation by invoking Poincare normal forms and the center manifold theory. We conduct packet-level simulations to highlight the existence and stability of the limit cycles in the queue size dynamics.

Published

2018