Search

Your search keyword '"Enrico Bocchi"' showing total 32 results
Start Over Author "Enrico Bocchi"
32 results on '"Enrico Bocchi"'

15. Preparing for HL-LHC: Increasing the LHCb software publication rate to CVMFS by an order of magnitude

Author

Benjamin Couturier, Dan van der Ster, Christopher Burr, Enrico Bocchi, and Jakob Blomer

Subjects
Service (systems architecture), Database, Computer science, business.industry, Physics, QC1-999, computer.software_genre, Computing and Computers, Object storage, Software, Workflow, Churn rate, Default gateway, Use case, business, computer, Garbage collection
Abstract

In the HEP community, software plays a central role in the operation of experiments’ facilities and for reconstruction jobs, with CVMFS being the service enabling the distribution of software at scale. In view of High Luminosity LHC, CVMFS developers investigated how to improve the publication workflow to support the most demanding use cases. This paper reports about recent CVMFS developments and infrastructural updates that enable faster publication into existing repositories. A new CVMFS component, the CVMFS Gateway, allows for concurrent transactions and the use of multiple publishers, increasing the overall publication rate on a single repository. Also, the repository data has been migrated to Ceph-based S3 object storage, which brings a relevant performance enhancement over the previously-used Cinder volumes. We demonstrate how recent improvements allow for faster publication of software releases in CVMFS repositories by focusing on the LHCb nightly builds use case, which is currently by far the most demanding one for the CVMFS infrastructure at CERN. The publication of nightly builds is characterized by a high churn rate, needs regular garbage collection, and requires the ability to ingest a huge amount of software files over a limited period of time.

Published
2021

16. CernVM-FS powered container hub

Author

Enrico Bocchi, Simone Mosciatti, Jakob Blomer, and Andrea Valenzuela

Subjects
business.industry, Physics, QC1-999, Node (networking), Distributed computing, Directory, Grid, Computing and Computers, Software, Workflow, Container (abstract data type), Code (cryptography), Data deduplication, business
Abstract

Containers became the de-facto standard to package and distribute modern applications and their dependencies. The HEP community demonstrates an increasing interest in such technology, with scientists encapsulating their analysis workflow and code inside a container image. The analysis is first validated on a small dataset and minimal hardware resources to then run at scale on the massive computing capacity provided by the grid. The typical approach for distributing containers consists of pulling their image from a remote registry and extracting it on the node where the container runtime (e.g., Docker, Singularity) runs. This approach, however, does not easily scale to large images and thousands of nodes. CVMFS has long been used for the efficient distribution of software directory trees at a global scale. In order to extend its optimized caching and network utilization to the distribution of containers, CVMFS recently implemented a dedicated container image ingestion service together with container runtime integrations. CVMFS ingestion is based on per-file deduplication, instead of the per-layer deduplication adopted by traditional container registries. On the client-side, CVMFS implements on-demand fetching of the chunks required for the execution of the container instead of the whole image.

Published
2021

17. Real-Life Experience with Sonidegib for Locally Advanced Basosquamous Carcinoma: A Case Series

Author

Enrico Bocchino, Simone Cappilli, Gerardo Palmisano, Andrea Paradisi, Alfredo Piccerillo, Alessandro Di Stefani, and Ketty Peris

Subjects
basosquamous carcinoma, sonic hedgehog pathway inhibitors, vismodegib, sonidegib, clinical dermatology, Dermatology, RL1-803
Abstract

Introduction: Basosquamous carcinoma is an uncommon subtype of basal cell carcinoma (BCC), characterized by aggressive local growth and metastatic potential, that mainly develops on the nose, perinasal area, and ears, representing 1.2–2.7% of all head-neck keratinocyte carcinomas. Although systemic therapy with hedgehog inhibitors (HHIs) represents the first-line medical treatment in advanced BCC, to date, no standard therapy for advanced basosquamous carcinoma has been established. Herein, we reported a case series of patients affected by locally advanced basosquamous carcinomas, who were treated with HHIs. Case Presentation: Data of 5 patients receiving HHIs for locally advanced basosquamous carcinomas were retrieved (2 women and 3 males, age range: 63–89 years, average age of 77 years). Skin lesions were located on the head-neck area; in particular, 4 tumors involved orbital and periorbital area and 1 tumor developed in the retro-auricular region. A clinical response was obtained in 3 out of 5 patients (2 partial responses and 1 complete response), while disease progression was observed in the remaining 2 patients. Hence, therapy was interrupted, switching to surgery or immunotherapy. Conclusion: Increasing evidence suggests considering HHIs for large skin tumors developing in functionally and cosmetically sensitive areas, in patients with multiple comorbidities, although their use for basosquamous carcinoma require more exploration, large cohort populations, and long follow-up assessment.

Published
2024
Full Text
View/download PDF

19. Facilitating collaborative analysis in SWAN

Author

Enrico Bocchi, Massimo Lamanna, Pere Mato, Jakub Moscicki, Hugo Gonzalez, Enric Tejedor, Danilo Piparo, and Diogo Castro

Subjects
Service (systems architecture), business.industry, Interface (Java), Software as a service, Physics, QC1-999, Cloud computing, Computing and Computers, World Wide Web, Outreach, Software, Code (cryptography), business, Cloud storage
Abstract

SWAN (Service for Web-based ANalysis) is a CERN service that allows users to perform interactive data analysis in the cloud, in a “software as a service” model. It is built upon the widely-used Jupyter notebooks, allowing users to write - and run - their data analysis using only a web browser. By connecting to SWAN, users have immediate access to storage, software and computing resources that CERN provides and that they need to do their analyses. Besides providing an easier way of producing scientific code and results, SWAN is also a great tool to create shareable content. From results that need to be reproducible, to tutorials and demonstrations for outreach and teaching, Jupyter notebooks are the ideal way of distributing this content. In one single file, users can include their code, the results of the calculations and all the relevant textual information. By sharing them, it allows others to visualize, modify, personalize or even re-run all the code. In that sense, this paper describes the efforts made to facilitate sharing in SWAN. Given the importance of collaboration in our scientific community, we have brought the sharing functionality from CERNBox, CERN’s cloud storage service, directly inside SWAN. SWAN users have available a new and redesigned interface where theycan share “Projects”: a special kind of folder containing notebooks and other files, e.g., like input datasets and images. When a user shares a Project with some other users, the latter can immediately see andwork with the contents of that project from SWAN.

Published
2019

20. Big Data Tools and Cloud Services for High Energy Physics Analysis in TOTEM Experiment

Author

Enric Tejedor, Aleksandra Mnich, Valentina Avati, Enrico Bocchi, Prasanth Kothuri, Milosz Blaszkiewicz, Enrico Guiraud, Javier Cervantes, Luca Canali, Jan Kaspar, Massimo Lamanna, Leszek Grzanka, Danilo Piparo, Shravan Murali, Maciej Malawski, Jakub Moscicki, and Diogo Castro

Subjects
Particle physics, Large Hadron Collider, 010308 nuclear & particles physics, business.industry, Computer science, Totem, Big data, Cloud computing, 01 natural sciences, 0103 physical sciences, Scalability, Leverage (statistics), Single-core, Rewriting, 010306 general physics, business
Abstract

The High Energy Physics community has been developing dedicated solutions for processing experiment data over decades. However, with recent advancements in Big Data and Cloud Services, a question of application of such technologies in the domain of physics data analysis becomes relevant. In this paper, we present our initial experience with a system that combines the use of public cloud infrastructure (Helix Nebula Science Cloud), storage and processing services developed by CERN, and off-the-shelf Big Data frameworks. The system is completely decoupled from CERN main computing facilities and provides an interactive web-based interface based on Jupyter Notebooks as the main entry-point for the users. We run a sample analysis on 4.7 TB of data from the TOTEM experiment, rewriting the analysis code to leverage the PyRoot and RDataFrame model and to take full advantage of the parallel processing capabilities offered by Apache Spark. We report on the experience collected by embracing this new analysis model: preliminary scalability results show the processing time of our dataset can be reduced from 13 hrs on a single core to 7 mins on 248 cores.

Published
2018
Full Text
View/download PDF

22. ScienceBox Converging to Kubernetes containers in production for on-premise and hybrid clouds for CERNBox, SWAN, and EOS

Author

Diogo Castro, Maciej Malawski, Luca Canali, Enrico Bocchi, Jakub T. Mościcki, Hugo Gonzalez Labrador, Prasanth Kothuri, and Piotr Mrowczynski

Subjects
Service (systems architecture), business.industry, Physics, QC1-999, Distributed computing, Integrated software, sync, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Computing and Computers, Server, Scalability, Container (abstract data type), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Orchestration (computing), business
Abstract

Container technologies are rapidly becoming the preferred way by developers and system administrators to package applications, distribute software and run services. A crucial role is played by container orchestration software such as Kubernetes, which is also the natural fit for microservice-based architectures. Complex services are re-thought as a collection of fundamental applications (each of these hosted in a separate container), while the final service is achieved by executing multiple containers at the same. The Storage Group of the IT department at CERN has been successfully exploiting containers technology as a basis of Science Box, a self-contained Docker-based version of EOS (the CERN storage technology for LHC data and users' files), CERNBox (cloud synchronization and sharing for science), and SWAN (Service for Web-based ANalysis). Science Box has been successfully deployed on multiple cloud providers, including commercial platforms such as Amazon or Open Telekom Cloud. In 2018, Science Box was at the core of a project investigating Big Data tools to analyze data from the TOTEM experiment at the LHC. In this context, a Kubernetes-managed instance of EOS, CERNBox, and SWAN has been deployed on the infrastructure provided by the Helix Nebula Science Cloud, an initiative targeting procurement of cloud resources from commercial providers and publicly funded science clouds. The infrastructure consisted of 400 CPUs, 1.5TB of memory, and 22TB of block storage. In addition, SWAN has been interfaced with a dedicated Spark cluster of ~2,000 cores to boost its computational capabilities. The deployment has been maintained for approximately 6 months during which it has been actively used by the TOTEM scientists to exploit a new interface for declarative analysis (called RDataFrame and now part of the ROOT analysis framework), which enables interactive processing of large datasets. The system provided validated physics results and achieved considerable speed-ups, effectively allowing the physicists to perform complex analysis tasks in quasi-interactive response times. We are currently investigating the feasibility of running critical production storage services at CERN in containers. We leverage the experience gained with the development of Science Box and plan to evolve our service deployment model by combining Kubernetes to orchestrate containers execution and Helm to manager their configuration. In addition, we plan to use the cloud container orchestration service provided by the Computing and Monitoring group of CERN-IT, which employs OpenStack-provided resources and embeds centralized monitoring and auto-scaling capabilities.

Published
2020
Full Text
View/download PDF

23. CERN Disk Storage Services: Report from last data taking, evolution and future outlook towards Exabyte-scale storage

Author

Cristian I. Contescu, Remy Pelletier, Julien Collet, Jakub T. Mościcki, Enrico Bocchi, Theofilos Mouratidis, Roberto Valverde Cameselle, Paul Musset, Hugo Gonzalez Labrador, Belinda Chan Kwok Cheong, Luca Mascetti, Joao Calado Vicente, Maria Arsuaga Rios, Massimo Lamanna, Jan Iven, Giuseppe Lo Presti, Daniel van der Ster, and Diogo Castro

Subjects
010308 nuclear & particles physics, business.industry, Physics, QC1-999, sync, Cloud computing, 02 engineering and technology, Software distribution, computer.software_genre, 01 natural sciences, Computing and Computers, Object storage, 0103 physical sciences, Computer data storage, Distributed data store, 0202 electrical engineering, electronic engineering, information engineering, Operating system, 020201 artificial intelligence & image processing, Disk storage, business, Cloud storage, computer
Abstract

The CERN IT Storage group operates multiple distributed storage systems to support all CERN data storage requirements: the physics data generated by LHC and non-LHC experiments; object and file storage for infrastructure services; block storage for the CERN cloud system; filesystems for general use and specialized HPC clusters; content distribution filesystem for software distribution and condition databases; and sync&share cloud storage for end-user files. The total integrated capacity of these systems exceeds 0.6 Exabyte.Large-scale experiment data taking has been supported by EOS and CASTOR for the last 10+ years. Particular highlights for 2018 include the special HeavyIon run which was the last part of the LHC Run2 Programme: the IT storage systems sustained over 10GB/s to flawlessly collect and archive more than 13 PB of data in a single month. While the tape archival continues to be handled by CASTOR, the effort to migrate the current experiment workflows to the new CERN Tape Archive system (CTA) is underway.Ceph infrastructure has operated for more than 5 years to provide block storage to CERN IT private OpenStack cloud, a shared filesystem (CephFS) to HPC clusters and NFS storage to replace commercial Filers. S3 service was introduced in 2018, following increased user requirements for S3-compatible object storage from physics experiments and IT use-cases.Since its introduction in 2014N, CERNBox has become a ubiquitous cloud storage interface for all CERN user groups: physicists, engineers and administration. CERNBox provides easy access to multi-petabyte data stores from a multitude of mobile and desktop devices and all mainstream, modern operating systems (Linux, Windows, macOS, Android, iOS). CERNBox provides synchronized storage for end-user’s devices as well as easy sharing for individual users and e-groups. CERNBox has also become a storage platform to host online applications to process the data such as SWAN (Service for Web-based Analysis) as well as file editors such as Collabora Online, Only Office, Draw.IO and more. An increasing number of online applications in the Windows infrastructure uses CIFS/SMB access to CERNBox files.CVMFS provides software repositories for all experiments across the WLCG infrastructure and has recently been optimized to efficiently handle nightlybuilds. While AFS continues to provide general-purpose filesystem for internal CERN users, especially as $HOME login area on central computing infrastructure, the migration of project and web spaces has significantly advanced.In this paper, we report on the experiences from the last year of LHC RUN2 data taking and evolution of our services in the past year.. We will highlight upcoming changes and future improvements and challenges.

Published
2020
Full Text
View/download PDF

24. CERNBox: the CERN cloud storage hub

Author

Hugo Gonzalez Labrador, Diogo Castro, Giuseppe Lo Presti, Cristian I. Contescu, Massimo Lamanna, Georgios Alexandropoulos, Enrico Bocchi, Belinda Chan, Remy Pelletier, Paul Musset, Luca Mascetti, Roberto Valverde, Edward Karavakis, and Jakub Moscicki

Subjects
010308 nuclear & particles physics, business.industry, Physics, QC1-999, Universal design, Home directory, Cloud computing, 01 natural sciences, Computing and Computers, Visualization, World Wide Web, Collaborative editing, 0103 physical sciences, Road map, Android (operating system), 010306 general physics, business, Cloud storage
Abstract

CERNBox is the CERN cloud storage hub. It allows synchronizing and sharing files on all major desktop and mobile platforms (Linux, Windows, MacOSX, Android, iOS) aiming to provide universal access and offline availability to any data stored in the CERN EOS infrastructure. With more than 16000 users registered in the system, CERNBox has responded to the high demand in our diverse community to an easily and accessible cloud storage solution that also provides integration with other CERN services for big science: visualization tools, interactive data analysis and real-time collaborative editing. Collaborative authoring of documents is now becoming standard practice with public cloud services, and within CERNBox we are looking into several options: from the collaborative editing of shared office documents with different solutions (Microsoft, OnlyOffice, Collabora) to integrating mark-down as well as LaTeX editors, to exploring the evolution of Jupyter Notebooks towards collaborative editing, where the latter leverages on the existing SWAN Physics analysis service. We report on our experience managing this technology and applicable use-cases, also in a broader scientific and research context and its future evolution with highlights on the current development status and future road map. In particular we will highlight the future move to an architecture based on micro services to easily adapt and evolve the service to the technology and usage evolution, notably to unify CERN home directory services.

Published
2019
Full Text
View/download PDF

25. Measuring the quality of experience of web users

Author

Dario Rossi, Enrico Bocchi, Luca De Cicco, Politecnico di Torino = Polytechnic of Turin (Polito), Laboratory of Information, Network and Communication Sciences (LINCS), Université Pierre et Marie Curie - Paris 6 (UPMC)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut Mines-Télécom [Paris] (IMT), Réseaux, Mobilité et Services (RMS), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris-Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Département Informatique et Réseaux (INFRES), Télécom ParisTech, and Politecnico di Bari

Subjects
Above- the-fold, Computer science, Computer Networks and Communications, media_common.quotation_subject, 02 engineering and technology, ByteIndex, computer.software_genre, ObjectIndex, Quality of experience, Quality of Experience, DOM, onLoad, TTFB, TTFP, Above-the-fold, SpeedIndex, MOS, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Software, User experience design, Web page, OnLoad, 0202 electrical engineering, electronic engineering, information engineering, Quality (business), Abovethe-fold, Hardware and Architecture, Computer Graphics and Computer-Aided Design, media_common, Measure (data warehouse), Information retrieval, business.industry, 020206 networking & telecommunications, Web, 020201 artificial intelligence & image processing, State (computer science), Data mining, business, computer
Abstract

International audience; Measuring quality of Web users experience (WebQoE) faces the following trade-off. On the one hand, current practice is to resort to metrics, such as the document completion time (onLoad), that are simple to measure though knowingly inaccurate. On the other hand, there are metrics, like Google’s SpeedIndex, that are better correlated with the actual user experience, but are quite complex to evaluate and, as such, relegated to lab experiments. In this paper, we first provide a comprehensive state of the art on the metrics and tools available for WebQoE assessment. We then apply these metrics to a representative dataset (the Alexa top-100 webpages) to better illustrate their similarities, differences, advantages and limitations. We next introduce novel metrics, inspired by Google’s SpeedIndex, that (i) offer significant advantage in terms of computational complexity, (ii) while maintaining a high correlation with the SpeedIndex at the same time. These properties makes our proposed metrics highly relevant and of practical use.

Published
2016
Full Text
View/download PDF

26. Statistical network monitoring: Methodology and application to carrier-grade NAT

Author

Ali Safari Khatouni, Maurizio Matteo Munafo, Enrico Bocchi, Stefano Traverso, Dario Rossi, Marco Mellia, Alessandro Finamore, Politecnico di Torino = Polytechnic of Turin (Polito), Laboratory of Information, Network and Communication Sciences (LINCS), Université Pierre et Marie Curie - Paris 6 (UPMC)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut Mines-Télécom [Paris] (IMT), Réseaux, Mobilité et Services (RMS), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris-Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Département Informatique et Réseaux (INFRES), and Télécom ParisTech

Subjects
Computer Networks and Communications, Computer science, Performance, Big data, Network address translation, Throughput, 02 engineering and technology, computer.software_genre, IP networks, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 0202 electrical engineering, electronic engineering, information engineering, Computer network management, Network measurements, Dimensioning, business.industry, Network packet, Quality of service, 020206 networking & telecommunications, Network monitoring, computer.file_format, Analytics, 020201 artificial intelligence & image processing, Data mining, business, BitTorrent, computer, Computer network, Private network
Abstract

International audience; When considering to passively collect and then process network traffic traces, the need to analyze raw data at several Gbps and to extract higher level indexes from the stream of packets poses typical BigData-like challenges. In this paper, we engineer a methodology to extract, collect and process passive traffic traces. In particular, we design and implement analytics that, based on a filtering process and on the building of empirical distributions, enable the comparison between two generic collections, e.g., data gathered from two different vantage points, from different populations, or at different times. The ultimate goal is to highlight statistically significant differences that could be useful to flag to incidents for the network manager.After introducing the methodology, we apply it to assess the impact of Carrier-Grade NAT (CGN), a technology that Internet Service Providers (ISPs) deploy to limit the usage of expensive public IP addresses. Since CGN may introduce connectivity issues and performance degradation, we process a large dataset of passive measurements collected from an ISP using CGN for part of its customers. We first extract detailed per-flow information by processing packets from live links. Then, we derive higher level statistics that are significant for the end-users, e.g., TCP connection setup time, HTTP response time, or BitTorrent average download throughput. At last, we contrast figures of customers being offered public or private addresses, and look for statistically significant differences. Results show that CGN does not impair quality of service in the analyzed ISP deployment. In addition, we use the collected data to derive useful figures for the proper dimensioning of the CGN and the configuration of its parameters in order to avoid impairments on end-users’ experience.

Published
2016
Full Text
View/download PDF

27. Macroscopic View of Malware in Home Networks

Author

Marco Mellia, Alessandro Finamore, Gaspar Modelo-Howard, Enrico Bocchi, Luigi Grimaudo, Sung-Ju Lee, Elena Baralis, Sabyasachi Saha, Politecnico di Torino = Polytechnic of Turin (Polito), Symantec Corporation, Laboratory of Information, Network and Communication Sciences (LINCS), Université Pierre et Marie Curie - Paris 6 (UPMC)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut Mines-Télécom [Paris] (IMT), Réseaux, Mobilité et Services (RMS), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris-Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Département Informatique et Réseaux (INFRES), and Télécom ParisTech

Subjects
Computer Networks and Communications, Malware, Network Measurement, Computer science, business.industry, Internet privacy, 020206 networking & telecommunications, 010103 numerical & computational mathematics, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Cryptovirology, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Identification (information), [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Server, 0202 electrical engineering, electronic engineering, information engineering, The Internet, 0101 mathematics, business, computer
Abstract

International audience; Malicious activities on the Web are increasingly threatening users in the Internet. Home networks are one of the prime targets of the attackers to host malwares, commonly exploited as a stepping stone to further launch a variety of attacks. Due to diversification, existing security solutions often fail to detect malicious activities which remain hidden and pose threats to users security and privacy. Characterizing behavioral patterns of known malwares can help to improve the classification accuracy of known threats. More important, since different malwares can share some commonalities, study the behavior of known malwares can enable the detection of previously unknown malicious activities. We pose the research question if it is possible to characterize such behavioral patterns analyzing the traffic from known infected clients. In this paper, we present our quest to discover such characterizations. Results show that commonalities arise but their identification may require some ingenuity. Also, more malicious activities can be found out from this analysis.

Published
2015
Full Text
View/download PDF

28. Impact of Carrier-Grade NAT on Web Browsing

Author

Ali Safari Khatouni, Maurizio Matteo Munafo, Enrico Bocchi, Valeria Di Gennaro, Dario Rossi, Alessandro Finamore, Stefano Traverso, Marco Mellia, Télécom Paristech, Admin, Politecnico di Torino = Polytechnic of Turin (Polito), Laboratory of Information, Network and Communication Sciences (LINCS), Université Pierre et Marie Curie - Paris 6 (UPMC)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut Mines-Télécom [Paris] (IMT), Réseaux, Mobilité et Services (RMS), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris-Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Département Informatique et Réseaux (INFRES), and Télécom ParisTech

Subjects
computer.internet_protocol, Computer science, 02 engineering and technology, Computer security, computer.software_genre, Carrier-grade NAT, Network Measurement, Internet, computer networks, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Web navigation, IP address management, IPv4 address exhaustion, [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Bogon filtering, IPv4, IPv6 deployment, NAT traversal, The Internet, business, Telecommunications, computer, Network address translation
Abstract

International audience; Public IPv4 addresses are a scarce resource. WhileIPv6 adoption is lagging, Network Address Translation (NAT)technologies have been deployed over the last years to alleviateIPv4 exiguity and their high rental cost. In particular, Carrier-Grade NAT (CGN) is a well known solution to mask a wholeISP network behind a limited amount of public IP addresses,significantly reducing expenses.Despite its economical benefits, CGN can introduce connectivityissues which have sprouted a considerable effort in research,development and standardization. However, to the best of ourknowledge, little effort has been dedicated to investigate theimpact that CGN deployment may have on users’ traffic. Thispaper fills the gap. We leverage passive measurements froman ISP network deploying CGN and, by means of the Jensen-Shannon divergence, we contrast several performance metricsconsidering customers being offered public or private addresses.In particular, we gauge the impact of CGN presence on users’web browsing experience.Our results testify that CGN is a mature and stable technologyas, if properly deployed, it does not harm users’ web browsingexperience. Indeed, while our analysis lets emerge expectedstochastic differences of certain indexes (e.g., the difference inthe path hop count), the measurements related to the qualityof users’ browsing are otherwise unperturbed. Interestingly, wealso observe that CGN protects customers from unsolicited, oftenmalicious, traffic.

Published
2015

29. CERN data services for LHC computing

Author

D van der Ster, Luca Mascetti, Enrico Bocchi, Herve Rousseau, J Lopez, Xavier Espinal, Massimo Lamanna, J. Moscicki, G Lo Presti, Jan Iven, H Gonzalez, Sebastien Ponce, A Pace, A Fiorot, Andreas J. Peters, and Belinda Chan

Subjects
History, Large Hadron Collider, Computer science, 02 engineering and technology, 021001 nanoscience & nanotechnology, computer.software_genre, 01 natural sciences, Computing and Computers, Computer Science Applications, Education, 0103 physical sciences, Operating system, Data as a service, 010306 general physics, 0210 nano-technology, computer
Abstract

Dependability, resilience, adaptability and efficiency. Growing requirements require tailoring storage services and novel solutions. Unprecedented volumes of data coming from the broad number of experiments at CERN need to be quickly available in a highly scalable way for large-scale processing and data distribution while in parallel they are routed to tape for long-term archival. These activities are critical for the success of HEP experiments. Nowadays we operate at high incoming throughput (14GB/s during 2015 LHC Pb-Pb run and 11PB in July 2016) and with concurrent complex production work-loads. In parallel our systems provide the platform for the continuous user and experiment driven work-loads for large-scale data analysis, including end-user access and sharing. The storage services at CERN cover the needs of our community: EOS and CASTOR as a large-scale storage; CERNBox for end-user access and sharing; Ceph as data back-end for the CERN OpenStack infrastructure, NFS services and S3 functionality; AFS for legacy distributed-file-system services. In this paper we will summarise the experience in supporting LHC experiments and the transition of our infrastructure from static monolithic systems to flexible components providing a more coherent environment with pluggable protocols, tuneable QoS, sharing capabilities and fine grained ACLs management while continuing to guarantee dependable and robust services.

Published
2017
Full Text
View/download PDF

30. Benchmarking personal cloud storage

Author

Enrico Bocchi, Aiko Pras, Idilio Drago, Marco Mellia, Herman Slatman, Politecnico di Torino = Polytechnic of Turin (Polito), Laboratory of Information, Network and Communication Sciences (LINCS), Université Pierre et Marie Curie - Paris 6 (UPMC)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut Mines-Télécom [Paris] (IMT), Réseaux, Mobilité et Services (RMS), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris-Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Département Informatique et Réseaux (INFRES), and Télécom ParisTech

Subjects
Service (systems architecture), Engineering, Performance, Cloud Computing, Internet Traffic Monitoring, IR-87374, Cloud computing, 02 engineering and technology, Comparison, Computer security, computer.software_genre, METIS-300001, Upload, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Dropbox, business.industry, EWI-23674, Measurements, 020206 networking & telecommunications, Benchmarking, Internet traffic, Data science, Personal cloud, Benchmark (computing), business, Cloud storage, computer
Abstract

International audience; Personal cloud storage services are data-intensive applications already producing a significant share of Internet traffic. Several solutions offered by different companies attract more and more people. However, little is known about each service capabilities, architecture and – most of all – performance implications of design choices. This paper presents a methodology to study cloud storage services. We apply our methodology to compare 5 popular offers, revealing different system architectures and capabilities. The implications on performance of different designs are assessed executing a series of benchmarks. Our results show no clear winner, with all services suffering from some limitations or having potential for improvement. In some scenarios, the upload of the same file set can take seven times more, wasting twice as much capacity. Our methodology and results are useful thus as both benchmark and guideline for system design.

Published
2013
Full Text
View/download PDF

32. CLUE: Clustering for Mining Web URLs

Author

Andrea Morichetta, Hassan Metwalley, Enrico Bocchi, and Marco Mellia

Subjects
DBSCAN, Computer science, business.industry, Big Dama, 020206 networking & telecommunications, Tracking system, 02 engineering and technology, 01 natural sciences, Clustering, Field (computer science), World Wide Web, 010104 statistics & probability, Web page, Security, 0202 electrical engineering, electronic engineering, information engineering, Semantic URL, Unsupervised learning, The Internet, 0101 mathematics, business, Cluster analysis, Big Dama, Clustering, Security
Abstract

The Internet has witnessed the proliferation of applications and services that rely on HTTP as application protocol. Users play games, read emails, watch videos, chat and access web pages using their PC, which in turn downloads tens or hundreds of URLs to fetch all the objects needed to display the requested content. As result, billions of URLs are observed in the network. When monitoring the traffic, thus, it is becoming more and more important to have methodologies and tools that allow one to dig into this data and extract useful information. In this paper, we present CLUE, Clustering for URL Exploration, a methodology that leverages clustering algorithms, i.e., unsupervised techniques developed in the data mining field to extract knowledge from passive observation of URLs carried by the network. This is a challenging problem given the unstructured format of URLs, which, being strings, call for specialized approaches. Inspired by text-mining algorithms, we introduce the concept of URL-distance and use it to compose clusters of URLs using the well-known DBSCAN algorithm. Experiments on actual datasets show encouraging results. Well-separated and consistent clusters emerge and allow us to identify, e.g., malicious traffic, advertising services, and thirdparty tracking systems. In a nutshell, our clustering algorithm offers the means to get insights on the data carried by the network, with applications in the security or privacy protection fields.

Catalog

Books, media, physical & digital resources
See catalog results