Your search keyword '"Kave Salamatian"' showing total 96 results

1. Improving Open Virtual Switch Performance Through Tuple Merge Relaxation in Software Defined Networks

Author

Xinyi Zhang, Kave Salamatian, and Gaogang Xie

Subjects

Computer Networks and Communications, Electrical and Electronic Engineering

Published

2022

2. Misconfiguration-Free Compositional SDN for Cloud Networks

Author

Heng Pan, Zhenyu Li, Penghao Zhang, Penglai Cui, Kave Salamatian, and Gaogang Xie

Subjects

Electrical and Electronic Engineering

Published

2022

3. Fast Online Packet Classification With Convolutional Neural Network

Author

Yanbiao Li, Penghao Zhang, Xinyi Zhang, Gaogang Xie, Xin Wang, and Kave Salamatian

Subjects

Computer Networks and Communications, Computer science, Network packet, Hash function, Throughput, computer.software_genre, Convolutional neural network, Hash table, Computer Science Applications, Tuple space, Data mining, Electrical and Electronic Engineering, Tuple, Software-defined networking, computer, Software

Abstract

Packet classification is a critical component in network appliances. Software Defined Networking and cloud computing update the rulesets frequently for flexible policy configuration. Tuple Space Search (TSS), implemented in Open vSwitch (OVS), achieves fast rule updating at the sacrifice of the classification rate. In TSS, each tuple is managed by a hash table and classifying a packet needs to go through all hash tables. Merging tuples can reduce the number of hash tables, but inevitably increases the hash conflicts that may even worsen the classification performance in some cases. No existing algorithm meets the need of both fast packet classification and online rule updating. In this paper, we propose Convolutional Neural Network (CNN)-based Range Partition (CRP) to achieve fast packet classification and online update simultaneously. CRP exploits CNN-based image recognition to quickly partition tuples into range spaces upon the change of ruleset distribution, which reduces hash operations while avoiding rule overlapping caused by hashing many rules to the same location of the hash table. Experimental results demonstrate that CRP achieves 3.2x classification speed and 4.2x update speed on average compared with state-of-the-art algorithms. We also implement CRP in OVS. The throughput of CRP-OVS is 10x that of native OVS.

Published

2021

4. Exploiting the Community Structure of Fraudulent Keywords for Fraud Detection in Web Search

Author

Xiaohui Wang, Dong-Hui Yang, Zhenyu Li, Gaogang Xie, and Kave Salamatian

Subjects

business.industry, Computer science, Temporal correlation, Computer security, computer.software_genre, Crowdsourcing, Filter (software), Computer Science Applications, Theoretical Computer Science, Search engine, Computational Theory and Mathematics, Hardware and Architecture, Search advertising, ComputingMilieux_COMPUTERSANDSOCIETY, Revenue, Graph (abstract data type), Internet users, business, computer, Software

Abstract

Internet users heavily rely on web search engines for their intended information. The major revenue of search engines is advertisements (or ads). However, the search advertising suffers from fraud. Fraudsters generate fake traffic which does not reach the intended audience, and increases the cost of the advertisers. Therefore, it is critical to detect fraud in web search. Previous studies solve this problem through fraudster detection (especially bots) by leveraging fraudsters’ unique behaviors. However, they may fail to detect new means of fraud, such as crowdsourcing fraud, since crowd workers behave in part like normal users. To this end, this paper proposes an approach to detecting fraud in web search from the perspective of fraudulent keywords. We begin by using a unique dataset of 150 million web search logs to examine the discriminating features of fraudulent keywords. Specifically, we model the temporal correlation of fraudulent keywords as a graph, which reveals a very well-connected community structure. Next, we design DFW (detection of fraudulent keywords) that mines the temporal correlations between candidate fraudulent keywords and a given list of seeds. In particular, DFW leverages several refinements to filter out non-fraudulent keywords that co-occur with seeds occasionally. The evaluation using the search logs shows that DFW achieves high fraud detection precision (99%) and accuracy (93%). A further analysis reveals several typical temporal evolution patterns of fraudulent keywords and the co-existence of both bots and crowd workers as fraudsters for web search fraud.

Published

2021

5. Trump contre Huawei : enjeux géopolitiques de la 5G

Author

Kave Salamatian

Subjects

Geography, Planning and Development

Abstract

Le 15 mai 2019, le president des Etats-Unis signait un ordre executif sur la « securisation des technologies de l’information et la communication et de la chaine logistique ». Cette initiative constitue une etape significative dans l’escalade de la guerre commerciale a laquelle se livrent les Etats-Unis et la Chine depuis janvier 2018. Mais d’autres considerations strategiques entrent en jeu. Durant l’annee 2018 et 2019, les Etats-Unis ont appuye de tout leur poids sur leurs alliees pour qu’a leur tour ils prennent des decisions d’interdiction similaires, particulierement a l’encontre de l’entreprise Huawei. L’interdiction de Huawei aux Etats-Unis doit se comprendre dans le cadre de la transition technologique des reseaux mobiles de la quatrieme generation (4G) vers la cinquieme (5G), dont les enjeux sont a la fois geopolitiques, technologiques et economiques. L’objectif de cet article est d’analyser le cas Huawei par une approche cyberstrategique et, par ce biais, d’etudier les tenants et aboutissants de la question hautement strategique des infrastructures critiques.

Published

2020

6. Digital Routes and Borders in the Middle-East: the geopolitical underpinnings of Internet Connectivity

Author

Frederick Douzet, Louis Pétiniaud, Kave Salamatian, and Jean-Loup Samaan

Abstract

In the second half of the 2010s, the Arabian Peninsula experienced major foreign policy changes that suggested a reshuffling of the region as a security complex. This paper offers an analysis of the geography of Internet data routing in the Middle East in order to grasp cooperation in cyberspace among the States of the region and Israel. Our main hypothesis is that the architecture of connectivity can reveal the level of trust between data routing operators of different countries through existing cooperation and, then, by extension, this can serve as an indicator to measure cyber cooperation in the Middle East.

Published

2022

7. Wide-AdGraph: Detecting Ad Trackers with a Wide Dependency Chain Graph

Author

Mohammad Hossein Manshaei, Amir Hossein Kargaran, Masoud Nejad Sattary, Kave Salamatian, Mohammad Sadegh Akhondzadeh, and Mohammad Reza Heidarpour

Subjects

FOS: Computer and information sciences, Computer Science - Machine Learning, Information privacy, Computer Science - Cryptography and Security, Information retrieval, Computer science, BitTorrent tracker, Machine Learning (stat.ML), 020206 networking & telecommunications, 02 engineering and technology, Ad blocking, Machine Learning (cs.LG), Computer Science - Computers and Society, Statistics - Machine Learning, Filter (video), Computers and Society (cs.CY), Obfuscation, 0202 electrical engineering, electronic engineering, information engineering, Graph (abstract data type), 020201 artificial intelligence & image processing, Precision and recall, Cryptography and Security (cs.CR), Block (data storage)

Abstract

Websites use third-party ads and tracking services to deliver targeted ads and collect information about users that visit them. These services put users' privacy at risk, and that is why users' demand for blocking these services is growing. Most of the blocking solutions rely on crowd-sourced filter lists manually maintained by a large community of users. In this work, we seek to simplify the update of these filter lists by combining different websites through a large-scale graph connecting all resource requests made over a large set of sites. The features of this graph are extracted and used to train a machine learning algorithm with the aim of detecting ads and tracking resources. As our approach combines different information sources, it is more robust toward evasion techniques that use obfuscation or changing the usage patterns. We evaluate our work over the Alexa top-10K websites and find its accuracy to be 96.1% biased and 90.9% unbiased with high precision and recall. It can also block new ads and tracking services, which would necessitate being blocked by further crowd-sourced existing filter lists. Moreover, the approach followed in this paper sheds light on the ecosystem of third-party tracking and advertising., 9 pages, 7 figures, To appear in the 13th ACM Web Science Conference 2021 (WebSci '21), June 2021

Published

2021

8. Mapping the routes of the Internet for geopolitics: The case of Eastern Ukraine

Author

Frédérick Douzet, Loqman Salamatian, Louis Pétiniaud, Kevin Limonier, and Kave Salamatian

Subjects

Computer Networks and Communications, computer.internet_protocol, Network packet, business.industry, Ukrainian, Autonomous system (Internet), Computer security, computer.software_genre, Geopolitics, language.human_language, Variety (cybernetics), Human-Computer Interaction, Border Gateway Protocol, language, The Internet, Business, Cyberspace, computer

Abstract

In this paper, we argue that data routing is of geopolitical significance. We propose new methodologies to understand and represent the new forms of power rivalries and imbalances that occur within the lower layers of cyberspace, through the analysis of Eastern Ukraine. The Internet is a network of networks where each network is an Autonomous System (ASes). ASes are independent administrative entities controlled by a variety of actors such as governments, companies, and universities. Their administrators have to agree and communicate on paths followed by packets travelling across the Internet, which is made possible by the Border Gateway Protocol (BGP). Agreements between ASes are often confidential but BGP requires neighbouring ASes to interact with each other in order to coordinate routing through the constant release of connectivity update messages. These messages announce the availability (or withdrawal) of a sequence of ASes that can be followed to reach an IP address prefix. We select Eastern Ukraine as a case study as in 2020, six years after the beginning of the war in Donbass, data is available to analyze and map changes to data routing. In our study, we conducted a longitudinal analysis of Ukraine’s connectivity through the capture and analysis of these BGP announcements. Our results show how Donbass ASes progressively migrated from Ukraine’s cyberspace towards Russia, while still sharing connections with Ukrainian ASes. Donbass cyberspace therefore sits at the interface of Ukraine and Russia but has been relegated to the periphery of both networks; it is marginalized from the Ukrainian network but not fully integrated into the Russian network. These evolutions both reflect and affect ongoing geopolitical power rivalries in the physical world and demonstrate their strategic significance. Our methodology can be used to conduct studies in other regions subject to geopolitical open conflicts and to infer the strategies developed by states in anticipation of potential threats.

Published

2021

9. The geopolitics behind the routes data travel: a case study of Iran

Author

Kevin Limonier, Loqman Salamatian, Frédérick Douzet, and Kave Salamatian

Subjects

Social Psychology, Economy, Computer Networks and Communications, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Political Science and International Relations, Computer Science (miscellaneous), Safety, Risk, Reliability and Quality, Geopolitics, Law

Abstract

In November 2019, in the wake of political demonstrations against the regime, Iran managed to selectively cut off most traffic from the global Internet while fully operating its own domestic network. It seemingly confirmed the main hypothesis our research had led us to, based on prior observation of data routing: Iran’s architecture of connectivity enables selective censorship of international traffic. This paper examines, through the case of Iran, how states can leverage the Border Gateway Protocol (BGP) as a tool of geopolitical control and what are the trade-offs they face. This question raises a methodological question that we also address: how the analysis of BGP can infer and document these strategies of territorialization of cyberspace. The Internet is a network of networks where each network is an autonomous system. Autonomous systems (ASes) are independent administrative entities controlled by a variety of actors such as governments, companies and universities. Their administrators have to agree and communicate on the path followed by packets travelling across the Internet, which is made possible by BGP. Agreements between ASes are often confidential but BGP requires neighbouring ASes to interact with each other in order to coordinate routing through the constant release of connectivity update messages. These messages announce the availability (or withdrawal) of a sequence of ASes that can be followed to reach an IP address prefix. In our study, we inferred the structure of Iran's connectivity through the capture and analysis of these BGP announcements. We show how the particularities of Iran's BGP and connectivity structure can enable active measures, such as censorship, both internally and externally throughout the network. We argue that Iran has found a way to reconcile a priori conflicting strategic goals: developing a self-sustaining and resilient domestic Internet, but with tight control at its borders. It thus enables the regime to leverage connectivity as a tool of censorship in the face of social instability and as a tool of regional influence in the context of strategic competition.

Published

2021

10. Misconfiguration Checking for SDN: Data Structure, Theory and Algorithms

Author

Heng Pan, Penghao Zhang, Kave Salamatian, Gaogang Xie, and Zhenyu Li

Subjects

021110 strategic, defence & security studies, Focus (computing), business.industry, Computer science, 0211 other engineering and technologies, Mask, 020206 networking & telecommunications, Access control, 02 engineering and technology, Interval (mathematics), Data structure, Set (abstract data type), 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), business, Representation (mathematics), Algorithm

Abstract

Software-Defined Networking (SDN) facilitates net-work innovations with programmability. However, programming the network is error-prone no matter using low-level APIs or high-level programming languages. That said, SDN policies deployed in networks may contain misconfigurations. Prior studies focus on either traditional access control policies or network-wide states, and thus are unable to effectively detect potential misconfigurations in SDN policies with bitmask patterns and complex action behaviorsTo address this gap, this paper first presents a new data structure, minimal interval set, to represent the match patterns of rulesets. This representation serves the basis for composition algebra construction and fast misconfiguration checking. We then propose the principles and algorithms for fast and accurate con-figuration verification. We finally implement a misconfiguration checking tool in Covisor with optimisations to further reduce the overhead. Experiments with synthetic and random rulesets show its fitness for purpose.

Published

2020

11. Network Coding-based Content Retrieval based on Bloom Filter-based Content Discovery for ICN

Author

Nikolaos Thomos, Ali Marandi, Torsten Braun, and Kave Salamatian

Subjects

Information retrieval, Content retrieval, Computer science, Linear network coding, Bloom filter, Content discovery

Published

2020

12. Measuring the Fragmentation of the Internet: The Case of the Border Gateway Protocol (BGP) During the Ukrainian Crisis

Author

Thibaut Alchus, Loqman Salamatian, Frédérick Douzet, Kave Salamatian, Louis Pétiniaud, and Kevin Limonier

Subjects

Routing protocol, business.industry, Ukrainian, Context (language use), Internet traffic, Computer security, computer.software_genre, language.human_language, Political science, Border Gateway Protocol, language, The Internet, Ukrainian crisis, Cyberspace, business, computer

Abstract

This paper presents the results of a year-long research project conducted by GEODE (geode.science), a multidisciplinary team made up of geographers, computer scientists and area specialists.We developed a new methodology for mapping cyberspace in its lower layers (infrastructures and routing protocols) in order to measure and represent the level of fragmentation of the Internet in areas of geopolitical tensions using the Border Gateway Protocol (BGP). Our hypothesis was that BGP could be used for geopolitical reasons in the context of a large-scale crisis, leading to a further fragmentation of the Internet. We focused on the Ukrainian crisis.BGP is a core protocol of cyberspace that connects the tens of thousands of autonomous systems (ASes) that compose the Internet. Based on a 35-year-old technology, this protocol is easy to manipulate to re-route Internet traffic or even to cut off entire regions (BGP hijacks). Our results show actions on BGP implemented right after the 2014 Maidan Revolution, when Russian forces took control of the Crimean Peninsula and started to back separatist forces in Eastern Ukraine. In both cases, Russian authorities and separatist forces modified BGP routes in order to divert the local Internet traffic from continental Ukraine – drawing a kind of "digital frontline" consistent with the military one. The study of Donbass and of the Crimean Peninsula leads to important methodological findings to (1) define and map digital borders at the routing level; (2) analyze the strategies of actors conducting actions via BGP; (3) categorize these strategies, from traffic re-routing to cutting-off entire regions for intelligence or military purposes; and (4) anticipate future uses for BGP manipulations by identifying strategic bottlenecks within the network.

Published

2020

13. Partial Order Theory for Fast TCAM Updates

Author

Hongtao Guan, Peng He, Kave Salamatian, Gaogang Xie, Wenyuan Zhang, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, and Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Hardware_MEMORYSTRUCTURES, Matching (graph theory), Computer Networks and Communications, Network packet, Heuristic, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, 02 engineering and technology, Content-addressable memory, Upper and lower bounds, 020202 computer hardware & architecture, Computer Science Applications, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Churn rate, 0202 electrical engineering, electronic engineering, information engineering, Content-addressable storage, Algorithm design, Electrical and Electronic Engineering, Software-defined networking, Algorithm, Software

Abstract

International audience; Ternary content addressable memories (TCAMs) are frequently used for fast matching of packets against a given ruleset. While TCAMs can achieve fast matching, they are plagued by high update costs that can make them unusable in a high churn rate environment. We present, in this paper, a systematic and in-depth analysis of the TCAM update problem. We apply partial order theory to derive fundamental constraints on any rule ordering on TCAMs, which ensures correct checking against a given ruleset. This theoretical insight enables us to fully explore the TCAM update algorithms design space, to derive the optimal TCAM update algorithm (though it might not be suitable to be used in practice), and to obtain upper and lower bounds on the performance of practical update algorithms. Having lower bounds, we checked if the smallest update costs are compatible with the churn rate observed in practice, and we observed that this is not always the case. We therefore developed a heuristic based on ruleset splitting, with more than a single TCAM chip, that achieves significant update cost reductions (1.05~11.3x) compared with state-of-the-art techniques.

Published

2018

14. Characterizing and Modeling User Behavior in a Large-Scale Mobile Live Streaming System

Author

Mohamed Ali Kaafar, Zhenyu Li, Kave Salamatian, Gaogang Xie, Institute of Computing Technology, Chinese Academy of Sciences, National ICT Australia [Sydney] (NICTA), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), and ANR-10-INTB-0303,PFlower,Reconnaissance de flôt applicatif par processeur Multi-coeurs(2010)

Subjects

Computer science, Mobile computing, Mobile Web, 02 engineering and technology, Mobile communication, computer.software_genre, Live streaming, Smart phones, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Mobile station, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Mobile database, Mobile search, IEEE 802.11 Standard, Mobile technology, Electrical and Electronic Engineering, Android (operating system), Multimedia, business.industry, IMT Advanced, 020206 networking & telecommunications, Streaming media, Performance evaluation, Unique user, 020201 artificial intelligence & image processing, Mobile telephony, business, Mobile device, computer

Abstract

International audience; Abstract:In mobile live streaming systems, user are fairly limited in interaction with the streaming objects due to the constraints coming from mobile devices and event-driven nature of live content. The constraints could lead to unique user behavior characteristics, which have yet to be explored. This paper investigates over 9 million access logs collected from the PPTV live streaming system, with an emphasis on the discrepancies that might exist when users access the live streaming catalog from mobile and non-mobile terminals. We observe a much higher likelihood of abandoning sessions by mobile users, and examine the structure of abandoned sessions from the perspectives of time of day, channel content and mobile device types. Surprisingly, we find relatively low abandonment rates during peak-load time periods and a notable impact of mobile device type (i.e. Android or iOS) on the abandonment behavior. To further capture the intrinsic characteristics of user behavior, we develop a series of models for session duration, user activity and time-dynamics of user arrivals/departures. More importantly, we relate the model parameters to physical and real-life meanings. The observations and models shed light on video delivery system, telco-CDNs and mobile applications.

Published

2017

15. Index–Trie: Efficient archival and retrieval of network traffic

Author

Xin Wang, Gaogang Xie, He Taihua, Steve Uhlig, Kave Salamatian, Jingxiu Su, Guangxing Zhang, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Department of Computer Science [Stonybrook - NY], Stony Brook University [SUNY] (SBU), State University of New York (SUNY)-State University of New York (SUNY), and Queen Mary University of London (QMUL)

Subjects

Computer Networks and Communications, Computer science, Network security, business.industry, Network packet, Search engine indexing, 020206 networking & telecommunications, 02 engineering and technology, Term (time), [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Index (publishing), Traffic engineering, 020204 information systems, Trie, Data_FILES, 0202 electrical engineering, electronic engineering, information engineering, business, ComputingMilieux_MISCELLANEOUS, TRACE (psycholinguistics), Computer network

Abstract

Historical network traffic traces, both at the flow and packet level, play a significant role in many research and engineering areas, such as network security, traffic engineering and accounting. To retrieve the specific entries at a higher speed from large traces, each packet or flow should be indexed using multiple query fields during archiving. This brings challenges both in terms of archiving speed and storage consumption. We propose a network traffic indexing and querying method based on Index–Trie, to achieve fast archiving, low storage space of the indexes, and fast retrieval. We implemented a system for online trace archival and retrieval. Our experiments, performed both offline and online on backbone, campus and datacenter network traffic, demonstrate that our method outperforms the popular FastBit method. For packet traces, the Index–Trie based method can obtain an improvement up to 72% for the archiving rate, 56% lower storage consumption, and 14 times faster retrieving time. For flow traces, compared to FastBit, our system is up to 15 times faster in term of the archiving rate, 42% less storage, and 100 times faster retrieving speed. Furthermore, we extend the application of Index-Tries to log file indexing and retrieving.

Published

2017

16. A Massively Multi-Tenant Virtualized Network Intrusion Prevention Service on NFV Platform

Author

Ye Yang, Haiyang Jiang, Gaogang Xie, Hongtao Guan, Kave Salamatian, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, and Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Network Functions Virtualization, Computer science, business.industry, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, Data structure, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Virtual machine, Server, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Redundancy (engineering), 020201 artificial intelligence & image processing, Intrusion prevention system, business, computer, ComputingMilieux_MISCELLANEOUS, Computer network

Abstract

Multi-Tenancy (MT) is critical for Network Function Virtualization (NFV) platform as it reduces the cost of having network services by sharing expensive server resource among customers. This is especially critical for memory and CPU intensive services like Network Intrusion Prevention System (NIPS). In this work, we explore the issue of deploying a large-scale virtualized NIPS service on a commercial NFV platform. We observe that the scalability of NIPS service is not good when based on independent Virtual Machines (VMs). We propose a Multi-Tenant Aho-Corasick state machine data structure (MT-AC) and adapt it into NIPS to solve the issue. One MT-AC based NIPS service simultaneously checks traffic belonging to different tenants against a merged ruleset. The MT-AC data structure is very efficient as it eliminates the redundancies among tenants' signatures during the rulesets merging. Experimental results with real-world ruleset show that, in comparison with an independent VM-based solution, the MT-AC based NIPS service can support 2 to 4 times more tenants. Moreover, the throughput and latency performance of MT-AC based NIPS engine only degrades by 1%, when the tenant count increases from 8 to 128. The results validate that, the proposed MT-AC based NIPS service on NFV platform can support a large amount of tenants with a very low cost.

Published

2019

17. Adaptive Path Isolation for Elephant and Mice Flows by Exploiting Path Diversity in Datacenters

Author

Zhongcheng Li, Wei Wang, Yi Sun, Kave Salamatian, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), and ANR-10-INTB-0303,PFlower,Reconnaissance de flôt applicatif par processeur Multi-coeurs(2010)

Subjects

Computer Networks and Communications, Computer science, Virtual LAN, business.industry, Distributed computing, Data Center Network, 020206 networking & telecommunications, 02 engineering and technology, law.invention, Scheduling (computing), [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Multipath, law, 0202 electrical engineering, electronic engineering, information engineering, Traffic load, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, Trunking, Completion time, Latency (engineering), business, Flow scheduling, Path Partition, Computer network

Abstract

International audience; Resource competition and conflicts in datacenter networks (DCNs) are frequent and intense. They become inevitable when mixing elephant and mice flows on shared transmission paths, resulting in arbitration between throughput and latency and performance degradation. We propose a novel flow scheduling scheme, Freeway, that leverages on path diversity in the DCN topology to guarantee, simultaneously, mice flow completion within deadline and high network utilization. Freeway adaptively partitions the available paths into low latency and high throughput paths and provides different transmission services for each category. A M/G/1-based model is developed to theoretically obtain the highest value of average delay over the path that will guarantee for 99% of mice flows their completion time before the deadline. Based on this bound, Freeway proposes a dynamic path partitioning algorithm to adjust dynamically with varying traffic load the number of low latency and high throughput paths. While mice flows are transmitted over low latency paths using a simple equal cost multiple path (ECMP) scheduling, Freeway load balances elephant flows on different high-throughput paths. We evaluate Freeway in a series of simulation on a large scale topology and use real traces. Our evaluation results show that Freeway significantly reduces the mice flows completion time within deadlines, while achieving remarkable throughput compared with current schemes. It is remarkable that Freeway does not need any change of DCN switch fabrics or scheduling algorithms and can be deployed easily on any generic datacenter network with switches implementing VLANs and trunking.

Published

2016

18. A cartography of web tracking using DNS records

Author

Stéphane Grumbach, Jingxiu Su, Muhammad Ikram, Kave Salamatian, Zhenyu Li, Gaogang Xie, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Data61 [Canberra] (CSIRO), and Australian National University (ANU)-Commonwealth Scientific and Industrial Research Organisation [Canberra] (CSIRO)

Subjects

User information, Computer Networks and Communications, business.industry, BitTorrent tracker, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Data science, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Analytics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, The Internet, business

Abstract

Web tracking plays a crucial role in the Web ecosystem. It relies on third-party tracking actors collecting user information that are used for various applications such as advertisement and analytics, etc. With the massive growth of the Internet, understanding the geography of tracking is of strategic importance. The goal of this paper is to propose a thorough investigation of web tracking inside China taking advantage of a large dataset ( 1 0 11 records) containing two days of full DNS access from a major ISP providing both mobile and landline ADSL. Our results show that a strong Pareto principle applies on the traffic toward trackers, with only 26 trackers, representing 90% of tracking activity. We then show that although most first-party sites accessed from China are owned by Chinese corporations, large proportion of trackers belong to US ones. This raises concerns about the advertisement industry in China, and more generally shed new lights on the international data flows, the interdependency of the main actors, and the complexity of the threats for both people and states.

Published

2019

19. Web Tracking Cartography with DNS Records

Author

Muhammad Ikram, Jingxiu Su, Gaogang Xie, Zhenyu Li, Kave Salamatian, and Stéphane Grumbach

Subjects

User information, Asymmetric digital subscriber line, business.industry, BitTorrent tracker, Computer science, media_common.quotation_subject, 020206 networking & telecommunications, 02 engineering and technology, Data science, Interdependence, Analytics, Server, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, The Internet, Landline, business, media_common

Abstract

Web tracking plays a crucial role in the Web ecosystem. It relies on third-party tracking domains collecting user information for various applications such as advertisement and analytics. With the massive growth of the Internet, understanding tracking and its geographical roots is of strategic importance. The goal of this paper is to propose a thorough investigation of web tracking inside China taking advantage of a large dataset (1011 records) containing two days of full DNS access from a major ISP providing both mobile and landline ADSL. Our results show that a power law applies on the traffic of both sites and trackers with a handful of trackers, 26, representing 90% of tracking activity. We then show that although most first-party sites accessed from China are owned by Chinese corporations, large proportion of trackers belong to US ones. This raises concerns about the analytics industry in China, and more generally shed new lights on the international data flows, the interdependency of the main actors, and the complexity of the threats for both people and states.

Published

2018

20. Pull-based Bloom Filter-based Routing for Information-Centric Networks

Author

Ali Marandi, Torsten Braun, Kave Salamatian, Nikolaos Thomos, West Tehran Islamic Azad University [Tehran] (WTIAU), University of Bern, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), and Department of Computing and Electronic Systems, University of Essex, CO4 3SQ Colchester, United Kingdom

Subjects

Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Routing protocol, business.industry, Computer science, Node (networking), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, 02 engineering and technology, Bloom filter, Computer Science - Networking and Internet Architecture, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 510 Mathematics, Server, Forwarding information base, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), 020201 artificial intelligence & image processing, Routing (electronic design automation), business, 000 Computer science, knowledge & systems, ComputingMilieux_MISCELLANEOUS, Computer network

Abstract

In Named Data Networking (NDN), there is a need for routing protocols to populate Forwarding Information Base (FIB) tables so that the Interest messages can be forwarded. To populate FIBs, clients and routers require some routing information. One method to obtain this information is that network nodes exchange routing information by each node advertising the available content objects. Bloom Filter-based Routing approaches like BFR [1], use Bloom Filters (BFs) to advertise all provided content objects, which consumes valuable bandwidth and storage resources. This strategy is inefficient as clients request only a small number of the provided content objects and they do not need the content advertisement information for all provided content objects. In this paper, we propose a novel routing algorithm for NDN called pull-based BFR in which servers only advertise the demanded file names. We compare the performance of pull-based BFR with original BFR and with a flooding-assisted routing protocol. Our experimental evaluations show that pull-based BFR outperforms original BFR in terms of communication overhead needed for content advertisements, average roundtrip delay, memory resources needed for storing content advertisements at clients and routers, and the impact of false positive reports on routing. The comparisons also show that pull-based BFR outperforms flooding-assisted routing in terms of average round-trip delay.

Published

2018

21. Toward Accurate Inference of Web Activities from Passive DNS Data

Author

Chunjing Han, Stéphane Grumbach, Zhenyu Li, Jingxiu Su, Kave Salamatian, and Gaogang Xie

Subjects

060201 languages & linguistics, Asymmetric digital subscriber line, Computer science, BitTorrent tracker, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 06 humanities and the arts, 02 engineering and technology, Internet traffic, Server, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, Web application, Leverage (statistics), 020201 artificial intelligence & image processing, Cache, Landline, business, Computer network

Abstract

DNS is a critical component of Internet architecture. Almost all applications, in particular web based applications that constitute the large majority of current Internet traffic, leverage heavily on DNS. This makes DNS based measurements a promising tool for understanding global properties of Internet traffic, e.g., sites audience, traffic matrix. However, using passive DNS traces from local DNS servers is challenging because of DNS caching and NATs. The goal of this paper is twofold. First, we show how to correct the bias due to DNS cache and the wide use of NATs, to extract meaningful traffic information from DNS traces. The techniques are then used and validated over a large dataset (1011 records) containing two days of full DNS access from a major ISP providing both mobile and landline ADSL in China. Second, we focus on the tracking activity and show that although most sites accessed from China belong to Chinese corporations, most trackers belong to US ones. Mobile and ADSL platforms are alike.

Published

2018

22. Video Delivery Performance of a Large-Scale VoD System and the Implications on Content Delivery

Author

Qinghua Wu, Zhenyu Li, Kave Salamatian, Gaogang Xie, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), ANR-10-INTB-0303,PFlower,Reconnaissance de flôt applicatif par processeur Multi-coeurs(2010), and European Project: 288021,EC:FP7:ICT,FP7-ICT-2011-7,EINS(2011)

Subjects

business.industry, Computer science, Video quality, Computer Science Applications, Network planning and design, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Server, Signal Processing, Bit rate, Media Technology, The Internet, Enhanced Data Rates for GSM Evolution, Electrical and Electronic Engineering, business, Throughput (business), Internet video, Computer network

Abstract

International audience; Video delivery performance is the main factor that affects Internet video quality. Characterizing the video delivery performance, especially the delivery throughput, can help content providers as well as Internet service providers (ISPs) in system optimization and network planning. Based on a unique dataset consisting of 20 million video download speed measurements , this paper comprehensively studies the video delivery throughput of a large-scale commercial video-on- demand (VoD) system. We observe that user speed exhibits a large variation over time of day as well as across provincial locations. In particular, the worst performance of day is 30% lower than the peak performance . The analysis also reveals that video download speed has a notable impact on Internet video quality, which in turn influences user engagement . The impact, however, becomes limited when the speed increases beyond a certain threshold, which is mostly dependent on the video encoded bitrates. We further examine the interaction between Internet infrastructure and video delivery throughput using the linear regression model and find that crossing the ISP or regional network border yields 15-20% speed loss. Based on these observations , we finally evaluate the potential of edge caching and hybrid CDN-P2P in the improvement of video download performance and video quality.

Published

2015

23. A Comparative Analysis of Bloom Filter-based Routing Protocols for Information-Centric Networks

Author

Ali Marandi, Nikolaos Thomos, Kave Salamatian, Torsten Braun, University of Bern, Institute of Computer Science and Applied Mathematics (IAM), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), and Department of Computing and Electronic Systems, University of Essex, CO4 3SQ Colchester, United Kingdom

Subjects

Routing protocol, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 05 social sciences, 050801 communication & media studies, 020206 networking & telecommunications, 02 engineering and technology, Bloom filter, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 0508 media and communications, 510 Mathematics, Server, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Routing (electronic design automation), business, ComputingMilieux_MISCELLANEOUS, 000 Computer science, knowledge & systems, Computer network

Abstract

Bloom filter-based routing protocols for Named Data Networking (NDN) aim at facilitating content discovery in NDN. In this paper, we compare the performance of two Bloom filterbased routing protocols, namely BFR and COBRA. BFR is a push-based routing protocol that works based on Bloom filterbased content advertisements, while COBRA is a pull-based routing protocol that operates based on route traces left from previously retrieved content objects, which are stored in Stable Bloom Filters. In this paper, we show that BFR outperforms COBRA in terms of average memory needed for storing routing updates, average round-trip delay, normalized communication overhead, total Interest communication overhead, and mean hit distance.

Published

2018

24. Enabling automatic composition and verification of service function chain

Author

Yang Wang, Zhenyu Li, Kave Salamatian, Gaogang Xie, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, and Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Physical infrastructure, Network Functions Virtualization, Noise measurement, Computer science, Service provision, Distributed computing, 020206 networking & telecommunications, 02 engineering and technology, Physical network, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Server, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Algorithm design, Decoupling (electronics)

Abstract

International audience; NFV together with SDN promises to provide more flexible and efficient service provision methods by decoupling the network functions (NFs) from the physical network topology and devices, but requires the real-time and automatic composition and verification for service function chain (SFC). However, most of SFCs today are still typically built through manual configuration processes, which are slow and error prone. In this paper, we present a novel SFC composition framework, called Automatic Composition Toolkit (ACT). It aims to automatically detect the dependencies and conflicts between NFs, so as to compose and verify SFCs before they are enforced on the physical infrastructure.

Published

2017

25. The case for P2P mobile video system over wireless broadband networks: A practical study of challenges for a mobile video provider

Author

Kave Salamatian, Xiaobing Zhang, Gaogang Xie, Yi Sun, Yang Guo, Zhenyu Li, Jiali Lin, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

Multimedia, Computer Networks and Communications, Computer science, Mobile broadband, IMT Advanced, Mobile computing, 020206 networking & telecommunications, Mobile Web, 02 engineering and technology, computer.software_genre, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Hardware and Architecture, Mobile station, 0202 electrical engineering, electronic engineering, information engineering, Mobile search, 020201 artificial intelligence & image processing, Mobile technology, computer, Software, Information Systems, Mobile collaboration

Abstract

International audience; Mobile video is becoming extremely popular, and P2P mobile video platforms are being considered for large-scale deployment in this context. However, the design and deployment of realistic P2P video systems have to consider specific characteristics of mobile networks. In this article, we look from the viewpoint of a large-scale commercial P2P mobile video provider system, PPTV, and describe the implementation challenges of a P2P mobile video system over 3G networks. Our analysis is backed by real measurements and experience from PPTV. We extract from these measurements the characteristics of mobile videos and analyze their impact on P2P video systems. We also briefly discuss other practical issues in the design of a mobile P2P system for PPTV.

Published

2013

26. BFR: a Bloom Filter-based Routing Approach for Information-Centric Networks

Author

Torsten Braun, Ali Marandi, Nikolaos Thomos, Kave Salamatian, West Tehran Islamic Azad University [Tehran] (WTIAU), University of Bern, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), and Department of Computing and Electronic Systems, University of Essex, CO4 3SQ Colchester, United Kingdom

Subjects

Routing protocol, Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer science, business.industry, Distributed computing, 020206 networking & telecommunications, 02 engineering and technology, Bloom filter, 021001 nanoscience & nanotechnology, Electronic mail, Flooding (computer networking), Computer Science - Networking and Internet Architecture, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 510 Mathematics, Data retrieval, Robustness (computer science), Server, Shortest path problem, 0202 electrical engineering, electronic engineering, information engineering, 0210 nano-technology, business, 000 Computer science, knowledge & systems, ComputingMilieux_MISCELLANEOUS, Computer network

Abstract

Locating the demanded content is one of the major challenges in Information-Centric Networking (ICN). This process is known as content discovery. To facilitate content discovery, in this paper we focus on Named Data Networking (NDN) and propose a novel routing scheme for content discovery, called Bloom Filter-based Routing (BFR), which is fully distributed, content oriented, and topology agnostic at the intra-domain level. In BFR, origin servers advertise their content objects using Bloom filters. We compare the performance of the proposed BFR with flooding and shortest path content discovery approaches. BFR outperforms its counterparts in terms of the average round-trip delay, while it is shown to be very robust to false positive reports from Bloom filters. Also, BFR is much more robust than shortest path routing to topology changes. BFR strongly outperforms flooding and performs almost equal with shortest path routing with respect to the normalized communication costs for data retrieval and total communication overhead for forwarding Interests. All the three approaches achieve similar mean hit distance. The signalling overhead for content advertisement in BFR is much lower than the signalling overhead for calculating shortest paths in the shortest path approach. Finally, BFR requires small storage overhead for maintaining content advertisements.

Published

2017

27. Les nouveaux territoires stratégiques du cyberespace : le cas de la Russie

Author

Frédérick Douzet, Remi Geraud, Jérémy Robine, Romain Campigotto, Kevin Limonier, Kave Salamatian, Centre de recherches et d'analyses géopolitiques (CRAG), Université Paris 8 Vincennes-Saint-Denis (UP8), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Ingenico Group S.A., Laboratoire d'analyse et modélisation de systèmes pour l'aide à la décision (LAMSADE), Université Paris Dauphine-PSL-Centre National de la Recherche Scientifique (CNRS), Université Paris Dauphine-PSL, Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS), Institut français de géopolitique (IFG ), Centre d'études des mondes russe, caucasien et centre-européen (CERCEC), École des hautes études en sciences sociales (EHESS)-Centre National de la Recherche Scientifique (CNRS)-École des hautes études en sciences sociales (EHESS)-Centre National de la Recherche Scientifique (CNRS)-Centre d'études turques, ottomanes, balkaniques et centrasiatiques (CETOBAC), École des hautes études en sciences sociales (EHESS)-Collège de France (CdF)-Centre National de la Recherche Scientifique (CNRS)-Collège de France (CdF)-Centre National de la Recherche Scientifique (CNRS)-Centre de recherches et d'analyses géopolitiques (CRAG), Université Paris 8 Vincennes-Saint-Denis (UP8)-Université Paris 8 Vincennes-Saint-Denis (UP8), Laboratoire d'informatique de l'école normale supérieure (LIENS), École normale supérieure - Paris (ENS Paris)-Centre National de la Recherche Scientifique (CNRS), Centre National de la Recherche Scientifique (CNRS)-École des hautes études en sciences sociales (EHESS)-Centre National de la Recherche Scientifique (CNRS)-École des hautes études en sciences sociales (EHESS)-Centre d'études turques, ottomanes, balkaniques et centrasiatiques (CETOBaC), École des hautes études en sciences sociales (EHESS)-Collège de France (CdF (institution))-Centre National de la Recherche Scientifique (CNRS)-Collège de France (CdF (institution))-Centre National de la Recherche Scientifique (CNRS)-Centre de recherches et d'analyses géopolitiques (CRAG), Département d'informatique - ENS Paris (DI-ENS), École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Kavé, Salamatian, Centre National de la Recherche Scientifique (CNRS)-Collège de France (CdF (institution))-École des hautes études en sciences sociales (EHESS)-Centre National de la Recherche Scientifique (CNRS)-Collège de France (CdF (institution))-Centre de recherches et d'analyses géopolitiques (CRAG), École des hautes études en sciences sociales (EHESS)-Centre National de la Recherche Scientifique (CNRS)-École des hautes études en sciences sociales (EHESS)-Centre National de la Recherche Scientifique (CNRS)-Centre d'études turques, ottomanes, balkaniques et centrasiatiques (CETOBaC), École normale supérieure - Paris (ENS-PSL), and Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL)

Subjects

[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], [SHS.GEO] Humanities and Social Sciences/Geography, [SHS.GEO]Humanities and Social Sciences/Geography, ComputingMilieux_MISCELLANEOUS

Abstract

La cartographie du cyberespace represente un defi a la fois conceptuel et technique. La complexite et le caractere hautement dynamique de cet environnement necessitent le developpement de nouveaux outils intellec­tuels et cartographiques pour en representer les elements strategiques. Cet article, tire d’une etude exploratoire, propose un exemple d’approche cartogra­phique d’une des dimensions cyber d’un theâtre militaire classique et d’un adversaire etatique, a travers un cas precis : l’enjeu de la Siberie comme nouveau territoire strategique du cyberespace pour la Russie. La strategie russe de localisation des donnees s’inscrit dans une politique d’amenagement du territoire et traduit l’apprehension qu’ont les Russes de leur cyberespace : un vecteur de transmission d’informations devant etre soumis a un fort controle etatique.

Published

2017

28. Transparent flow migration for NFV

Author

Zhenyu Li, Yang Wang, Gaogang Xie, Kave Salamatian, Peng He, Institute of Computing Technology Chinese Academy of Sciences, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, and Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Flexibility (engineering), Computer science, Network packet, Distributed computing, 05 social sciences, Packet processing, 050801 communication & media studies, 020206 networking & telecommunications, Throughput, 02 engineering and technology, Parallel computing, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 0508 media and communications, Flow (mathematics), Stateful firewall, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), 10. No inequality, ComputingMilieux_MISCELLANEOUS

Abstract

NFV together with SDN provides the flexibility for NFs in the way that they are deployed and managed. The flexibility enables dynamical scale in and scale out through migrating in-process flows among NFs. Due to stateful packet processing in NFs, flow migration has to guarantee loss-free and order-preserving for both flow states and packets. Existing frameworks closely coupled state transfer and packets migration, and thus fail to achieve safe and efficient migration with low overhead. This paper presents our design and implementation of a distributed flow migration framework, Transparent Flow Migration (TFM). TFM completely decouples the state transfer and packets migrations. The decoupling allows us to optimize the two processes separately and run them in parallel. TFM implements various optimizations through the TFM box, a shim layer providing transparent packet migration to NFs. Our evaluation shows that TFM guarantees loss-free and order-preserving for both scale-in and scale-out flow migration, and outperforms existing approaches with 3× smaller migration time. Besides, TFM uses small overhead and has very limited impacts on throughput of live TCP flows.

Published

2016

29. A Comprehensive Investigation of User Privacy Leakage to Android Applications

Author

Yuming Ge, Bo Deng, Yantao Zhao, Libo Tang, Gaogang Xie, Dajiang Sheng, Yi Sun, Kave Salamatian, China academy of telecommunication research of MIIT (CAICT), Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), ZhongChuang Telecom Test (ZCTT), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), and IEEE

Subjects

Monitoring, Computer science, Internet privacy, 02 engineering and technology, Mobile communication, 01 natural sciences, Electronic mail, World Wide Web, Upload, Smart phones, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], SAFER, 0103 physical sciences, 0202 electrical engineering, electronic engineering, information engineering, Android (operating system), Private information retrieval, 010302 applied physics, business.industry, Computers, 020206 networking & telecommunications, Information sensitivity, Privacy, Security, Mobile telephony, business

Abstract

International audience; Smartphones have become an important component of everyday's life. They store a large amount of users' private and sensitive information like contacts, GPS location, messages and interests. Privacy issues are a growing concern for the phone users. However, despite an existing rich literature in privacy leakage on mobile network measurement, our empirical knowledge of users' private leakage is relatively limited. In this work, we present a large scale and comprehensive investigation spanning over 9 months of users' private information leakage that consisted of monitoring 180K popular apps coming from 50+ Chinese AppStores. In order to do this, we used a customized platform that can monitor the execution of applications running over Android system to observe in vivo privacy leakage of applications. Our key findings are that: (1) Accessing users' private information is very common among mobile apps, i.e. over 90% of apps accesses some kind of user private information, and to our surprise, almost 95% apps claimed access to private information without concretely accessing them (2) We analyzed different category of Apps and observed slight differences in the pattern of access to private information among different categories (3) Downloading apps from big Appstores does not necessarily mean safer and more private apps. We observe that local Chinese shop and Google Play generate similar observations.

Published

2016

30. Adwords management for third-parties in SEM: An optimisation model and the potential of Twitter

Author

Mohamed Ali Kaafar, Dong Wang, Zhenyu Li, Gaogang Xie, Kave Salamatian, Institute of Computing Technology, Chinese Academy of Sciences, National ICT Australia [Sydney] (NICTA), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), IEEE, and ANR-10-INTB-0303,PFlower,Reconnaissance de flôt applicatif par processeur Multi-coeurs(2010)

Subjects

Google AdWords, Operations research, Computer science, Cost per click, 02 engineering and technology, market economic analysis, Profit (economics), third-party broker, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], customer ads, 020204 information systems, Return on investment, 0202 electrical engineering, electronic engineering, information engineering, optimisation model, Twitter potential, keywords-augmented strategy, Risk aversion, third-party partners, CPC, search engine marketing, cost per click, broker customers, customer demand constraint, SEM, Portfolio, 020201 artificial intelligence & image processing, Adwords management, Project portfolio management, Weighted arithmetic mean, Markowitz portfolio management

Abstract

International audience; In Search Engine Marketing (SEM), “third-party” partners play an important intermediate role by bridging the gap between search engines and advertisers in order to optimise advertisers' campaigns in exchange of a service fee. In this paper, we present an economic analysis of the market involving a third-party broker in Google AdWords and the broker's customers. We show that in order to optimise his profit, a third-party broker should minimise the weighted average Cost Per Click (CPC) of the portfolio of keywords attached to customer's ads while still satisfying the negotiated customer's demand. To help the broker build and manage such portfolio of keywords, we develop an optimisation framework inspired from the classical Markowitz portfolio management which integrates the customer's demand constraint and enables the broker to manage the tradeoff between return on investment and risk through a single risk aversion parameter. We then propose a method to augment the keywords portfolio with relevant keywords extracted from trending and popular topics on Twitter. Our evaluation shows that such a keywords-augmented strategy is very promising and enables the broker to achieve, on average, four folds larger return on investment than with a non-augmented strategy, while still maintaining the same level of risk.

Published

2016

31. Protein structural robustness to mutations: an in silico investigation

Author

Rodrigo Dorantes-Gilardi, Laurent Vuillon, Kave Salamatian, Claire Lesieur, Chris Wymant, Mounia Achoch, Giovanni Feverati, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Laboratoire de Mathématiques (LAMA), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])-Centre National de la Recherche Scientifique (CNRS), Laboratoire de Physique Théorique d'Orsay [Orsay] (LPT), Université Paris-Sud - Paris 11 (UP11)-Centre National de la Recherche Scientifique (CNRS), Laboratoire d'Annecy-le-Vieux de Physique Théorique (LAPTH), Dynamique du pouvoir dans l'anthropocene (DATASPHERE), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Ampère, Département Bioingénierie (BioIng), Ampère (AMPERE), École Centrale de Lyon (ECL), Université de Lyon-Université de Lyon-Université Claude Bernard Lyon 1 (UCBL), Université de Lyon-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche pour l’Agriculture, l’Alimentation et l’Environnement (INRAE)-École Centrale de Lyon (ECL), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche pour l’Agriculture, l’Alimentation et l’Environnement (INRAE), ARC 6 Rhones Alpes, Centre National de la Recherche Scientifique (CNRS)-Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Centre National de la Recherche Scientifique (CNRS)-Université Paris-Sud - Paris 11 (UP11), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche pour l’Agriculture, l’Alimentation et l’Environnement (INRAE)-École Centrale de Lyon (ECL), and Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche pour l’Agriculture, l’Alimentation et l’Environnement (INRAE)

Subjects

0301 basic medicine, Models, Molecular, Protein Conformation, In silico, General Physics and Astronomy, Robustness (evolution), Proteins, Chemical interaction, Computational biology, Biology, 03 medical and health sciences, Functional integrity, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 030104 developmental biology, Protein structure, Mutation, Epistasis, Humans, Structural robustness, Computer Simulation, sense organs, Physical and Theoretical Chemistry, Amino Acids, Loss function, Algorithms

Abstract

International audience; Proteins possess qualities of robustness and adaptability to perturbations such as mutations, but occasionally fail to withstand them, resulting in loss of function. Here the structural impact of mutations is investigated independently of the functional impact. Primarily, we aim at understanding the mechanisms of structural robustness, pre-requisite for functional integrity. The structural changes due to mutations propagate from the site of mutation to residues much more distant than typical scales of chemical interactions, following a cascade mechanism. This can trigger dramatic changes or subtle ones, consistent with a loss of function and disease, or the emergence of new functions. Robustness is enhanced by changes producing alternative structures, in good agreement with the view that proteins are dynamic objects fulfilling their functions from a set of conformations. This result, robust alternative structures, is also coherent with epistasis or rescue mutations, more generally with non-additive mutational effects and compensatory mutations. To achieve this study, we have developed the first algorithm, referred to as Amino Acid Rank (AAR), which follows the structural changes associated with mutations from the site of the mutation to the entire protein structure and quantifies the changes so mutations can be ranked accordingly. Assessing the paths of changes opens the possibility to assume secondary mutations for compensatory mechanisms.

Published

2016

32. PEARL: a programmable virtual router platform

Author

Gaogang Xie, Jianhua Zhang, Zhenyu Li, Hongtao Guan, Yingke Xie, Yonggong Wang, Layong Luo, Peng He, Kave Salamatian, Kavé, Salamatian, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Computer and Communication School, Hunan University, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

Routing protocol, Programmable control, Computer Networks and Communications, Full virtualization, Computer science, Packet processing, 02 engineering and technology, computer.software_genre, law.invention, Virtual private networks, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Routing protocols, Core router, law, Internet Protocol, One-armed router, 0202 electrical engineering, electronic engineering, information engineering, Computer architecture, Electrical and Electronic Engineering, Internet, [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], Network packet, business.industry, 020206 networking & telecommunications, 020207 software engineering, Virtualization, Computer Science Applications, Embedded system, Operating system, The Internet, business, computer

Abstract

International audience; Programmable routers supporting virtualization are a key building block for bridging the gap between new Internet protocols and their deployment in real operational networks. This article presents the design and implementation of PEARL, a programmable virtual router platform with relatively high performance. It offers high flexibility by allowing users to control the configuration of both hardware and software data paths. The platform makes use of fast lookup in hardware and software exceptions in commodity multicore CPUs to achieve highspeed packet processing. Multiple isolated packet streams and virtualization techniques ensure isolation among virtual router instances.

Published

2011

33. Long range mutual information

Author

Mark Crovella, Nahur Fonseca, and Kave Salamatian

Subjects

Router, Computer Networks and Communications, business.industry, Network packet, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Volume (computing), Mutual information, Hardware and Architecture, Header, Anomaly detection, business, Traffic generation model, Software, Computer network

Abstract

Network traffic modeling generally views traffic as a superposition of flows that creates a timeseries of volume counts (e.g. of bytes or packets). What is omitted from this view of traffic is the contents of packets. Packet contents (e.g. header fields) contain considerable information that can be useful in many applications such as change and anomaly detection, and router performance evaluation. The goal of this paper is to draw attention to the problem of modeling traffic with respect to the contents of packets. In this regard, we identify a new phenomenon: long range mutual information (LRMI), which means that the dependence of the contents of a pair of packets decays as a power of the lag between them. We demonstrate that although LRMI is hard to measure, and hard to model using the mathematical tools at hand, its effects are easy to identify in real traffic, and it may have a considerable impact on a number of applications. We believe that work in modeling this phenomenon will open doors to new kinds of traffic models, and new advances in a number of applications.

Published

2008

34. Securing internet coordinate embedding systems

Author

Thierry Turletti, Mohamed Ali Kaafar, Chadi Barakat, Laurent Mathy, Walid Dabbous, and Kave Salamatian

Subjects

business.industry, Computer science, Computer Networks and Communications, Distributed computing, Node (networking), Coordinate system, Kalman filter, Filter (video), Position (vector), Embedding, Coordinate space, business, Software, Computer network

Abstract

This paper addresses the issue of the security of Internet Coordinate Systems,by proposing a general method for malicious behavior detection during coordinate computations. We first show that the dynamics of a node, in a coordinate system without abnormal or malicious behavior, can be modeled by a Linear State Space model and tracked by a Kalman filter. Then we show, that the obtained model can be generalized in the sense that the parameters of a filtercalibrated at a node can be used effectively to model and predict the dynamic behavior at another node, as long as the two nodes are not too far apart in the network. This leads to the proposal of a Surveyor infrastructure: Surveyor nodes are trusted, honest nodes that use each other exclusively to position themselves in the coordinate space, and are therefore immune to malicious behavior in the system.During their own coordinate embedding, other nodes can thenuse the filter parameters of a nearby Surveyor as a representation of normal, clean system behavior to detect and filter out abnormal or malicious activity. A combination of simulations and PlanetLab experiments are used to demonstrate the validity, generality, and effectiveness of the proposed approach for two representative coordinate embedding systems, namely Vivaldi and NPS.

Published

2007

35. User Behavior Characterization of a Large-scale Mobile Live Streaming System

Author

Gaogang Xie, Zhenyu Li, Mohamed Ali Kaafar, Kave Salamatian, Institute of Computing Technology, Chinese Academy of Sciences, National ICT Australia [Sydney] (NICTA), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), and European Project: 288021,EC:FP7:ICT,FP7-ICT-2011-7,EINS(2011)

Subjects

ACM: C.: Computer Systems Organization/C.2: COMPUTER-COMMUNICATION NETWORKS/C.2.4: Distributed Systems, Multimedia, Computer science, computer.software_genre, user activity, Live streaming, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Time of day, Mobile live streaming, Mobile search, viewing behavior, Scale (map), Mobile device, computer

Abstract

International audience; Streaming live content to mobile terminals has become prevalent. While there are extensive measurement studies of non-mobile live streaming (and in particular P2P live streaming) and video-on-demand (both mobile and non-mobile), user behavior in mobile live streaming systems is yet to be explored. This paper relies on over 4 million access logs collected from the PPTV live streaming system to study the viewing behavior and user activity pattern, with emphasis on the discrepancies that might exist when users access the live streaming system catalog from mobile and non-mobile terminals. We observe high rates of abandoned viewing sessions for mobile users and identify different reasons of that behavior for 3G-and WiFi-based views. We further examine the structure of abandoned sessions due to connection performance issues from the perspectives of time of day and mobile device types. To understand the user pattern, we analyze user activity distribution, user geographical distribution as well as user arrival/departure rates.

Published

2015

36. Traffic Analysis of Peer-to-Peer IPTV Communities

Author

Antonio Pescape, Alberto Dainotti, Alessio Botta, Giorgio Ventre, Olivier Fourmaux, Kave Salamatian, Thomas Silverston, Networks and Performance Analysis (NPA), Laboratoire d'Informatique de Paris 6 (LIP6), Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS), Thomas, Silverston, Olivier, Fourmaux, Botta, Alessio, Dainotti, Alberto, Pescape', Antonio, Ventre, Giorgio, and Kave', Salamatian

Subjects

Traffic analysis, Computer Networks and Communications, business.industry, Transmission Control Protocol, Computer science, Node (networking), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, IPTV, 02 engineering and technology, Peer-to-peer, computer.software_genre, Telecommunications network, Shared resource, 0202 electrical engineering, electronic engineering, information engineering, User Datagram Protocol, 020201 artificial intelligence & image processing, The Internet, [INFO]Computer Science [cs], business, computer, Traffic generation model, Computer network

Abstract

International audience; The Internet is currently experiencing one of the most important challenges in terms of content distribution since its first uses as a medium for content delivery: users from passive downloaders and browsers are moving towards content producers and publishers. They often distribute and retrieve multimedia contents establishing network communities. This is the case of peer-to-peer IPTV communities.In this work we present a detailed study of P2P IPTV traffic, providing useful insights on both transport- and packet-level properties as well as on the behavior of the peers inside the network. In particular, we provide novel results on the (i) ports and protocols used; (ii) differences between signaling and video traffic; (iii) behavior of the traffic at different time scales; (iv) differences between TCP and UDP traffic; (v) traffic generated and received by peers; (vi) peers neighborhood and session duration. The knowledge gained thanks to this analysis is useful for several tasks, e.g. traffic identification, understanding the performance of different P2P IPTV technologies and the impact of such traffic on network nodes and links, and building more realistic models for simulations.

Published

2009

37. Meta-algorithms for Software-Based Packet Classification

Author

Gaogang Xie, Kave Salamatian, Laurent Mathy, Peng He, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Institute of Computing Technology, Chinese Academy of Sciences, and Institut Montefiore - Département d'Electricité, Electronique et Informatique (Liège)

Subjects

Computer science, Decision trees, Decision tree, 0102 computer and information sciences, 02 engineering and technology, computer.software_genre, IP networks, 01 natural sciences, Set (abstract data type), [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Software, Algorithm design and analysis, 0202 electrical engineering, electronic engineering, information engineering, Prediction algorithms, Rule sets, business.industry, 020206 networking & telecommunications, Random access memory, Statistical classification, Memory management, 010201 computation theory & mathematics, Algorithm design, Data mining, business, Packet classification, Estimation, Algorithm, computer

Abstract

International audience; Abstract:We observe that a same rule set can induce very different memory requirement, as well as varying classification performance, when using various well known decision tree based packet classification algorithms. Worse, two similar rule sets, in terms of types and number of rules, can give rise to widely differing performance behaviour for a same classification algorithms. We identify the intrinsic characteristics of rule sets that yield such performance differences, allowing us to understand and predict the performance behaviour of a rule set for various modern packet classification algorithms. Indeed, from our observations, we are able to derive a memory consumption model and an offline algorithm capable of quickly identifying which packet classification is suited to a give rule set. By splitting a large rule set in several subsets and using different packet classification algorithms for different subsets, our Smart Split algorithm is shown to be capable of configuring a multi-component packet classification system that exhibits up to 11 times less memory consumption, as well as up to about 4× faster classification speed, than the state-of-art work [20] for large rule sets. Our Auto PC framework obtains further performance gain by avoiding splitting large rule sets if the memory size of the built decision tree is shown by the memory consumption model to be small.

Published

2014

38. Practical Bloom filter based epidemic forwarding and congestion control in DTNs: A comparative analysis

Author

Kave Salamatian, Ali Marandi, Mahdi Faghih Imani, West Tehran Islamic Azad University [Tehran] (WTIAU), b Department of Computer Engineering Science and Research Branch, Islamic Azad University, Tehran, Iran, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

Delay-tolerant networking, Computer Networks and Communications, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Congestion control, Bloom filter, Epidemic forwarding, Delay tolerant network, Network congestion, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Buffer management, business, Data transmission, Computer network

Abstract

International audience; Epidemic forwarding has been proposed as a forwarding technique to achieve opportunistic communication in delay tolerant networks (DTNs). Even if this technique is well known and widely referred, one has to address several practical problems before using it. Unfortunately, while the literature on DTNs is full of new techniques, very little has been done in comparing them. In particular, while Bloom filters have been proposed to exchange information about the buffer content prior to sending information in order to avoid redundant retransmissions, up to our knowledge no real evaluation has been provided to study the tradeoffs that exist for using Bloom filters in practice. A second practical issue in DTNs is buffer management (resulting from finite buffers) and congestion control (resulting from greedy sources). This has also been the topic of several papers that had already uncovered the difficulty to acquire accurate information mandatory to regulate the data transmission rates and buffer space. In this paper, we fill this gap. We have been implementing a simulation of different proposed congestion control schemes for epidemic forwarding in ns-3 environment. We use this simulation to compare different proposed schemes and to uncover issues that remain in each one of them. Based on this analysis, we proposed some strategies for Bloom filter management based on windowing and describe implementation tradeoffs. Afterwards, we propose a back-pressure rate control as a well as an aging based buffer managing solution to deal with congestion control. By simulating our proposed mechanisms in ns-3 both with random-waypoint mobility and realistic mobility traces coming from San-Francisco taxicabs, we show that the proposed mechanisms alleviate the challenges of using epidemic forwarding in DTNs

Published

2014

39. A Hybrid Hardware Architecture for High-speed IP Lookups and Fast Route Updates

Author

Yingke Xie, Kave Salamatian, Layong Luo, Laurent Mathy, Gaogang Xie, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Département d'Electricité, Electronique & Informatique (Institut Montefiore), Université de Liège, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

Hardware architecture, Computer Networks and Communications, Network packet, business.industry, Computer science, Pipeline (computing), 020206 networking & telecommunications, 02 engineering and technology, Parallel computing, 020202 computer hardware & architecture, Computer Science Applications, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Forwarding information base, Trie, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Electrical and Electronic Engineering, business, Throughput (business), Software, Computer network

Abstract

International audience; As network link rates are being pushed beyond 40 Gb/s, IP lookup in high-speed routers is moving to hardware. The ternary content addressable memory (TCAM)-based IP lookup engine and the static random access memory (SRAM)-based IP lookup pipeline are the two most common ways to achieve high throughput. However, route updates in both engines degrade lookup performance and may lead to packet drops. Moreover, there is a growing interest in virtual IP routers where more frequent updates happen. Finding solutions that achieve both fast lookup and low update overhead becomes critical. In this paper, we propose a hybrid IP lookup architecture to address this challenge. The architecture is based on an efficient trie partitioning scheme that divides the forwarding information base (FIB) into two prefix sets: a large disjoint leaf prefix set mapped into an external TCAM-based lookup engine and a small overlapping prefix set mapped into an on-chip SRAM-based lookup pipeline. Critical optimizations are developed on both IP lookup engines to reduce the update overhead. We show how to extend the proposed hybrid architecture to support virtual routers. Our implementation shows a throughput of 250 million lookups per second (equivalent to 128 Gb/s with 64-B packets). The update overhead is significantly lower than that of previous work, the memory consumption is reasonable, and the utilization ratio of most external TCAMs is up to 100%.

Published

2014

40. Towards practical use of Bloom Filter based IP lookup in operational network

Author

Tong Yang, Ruian Duan, Kave Salamatian, Xianda Sun, Gaogang Xie, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

Set (abstract data type), [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Computer science, business.industry, Matched filter, Bloom filter, Routing (electronic design automation), business, Data structure, Computer network

Abstract

International audience; Bloom Filter is a widely used data structure in computer science. It enables memory efficient and fast set membership queries. Bloom filter-based solutions have been proposed in the past decade for lookup in forwarding tables of backbone routers [2]. However, the main shortcomings of using Bloom Filters for lookup lie in the absence of support for deletion operations that are needed to update the forwarding tables. Counting Bloom Filter supporting deletion has therefore to be used, increasing significantly the memory requirement. Moreover, Counting Bloom Filter suffers from both false positive and false negative. In this paper, we propose to solve the issue with deletion of Bloom Filters by using a Withdrawal To annOuncement (WTO) mapping that replaces withdrawal with announcements, transforming deletions into additions or record changes. Experimental evaluation show that the proposed techniques improve largely the performance of Bloom Filter used for forwarding lookup and open way for the use of Bloom Filters in real operational settings.

Published

2014

41. A fresh look at Forwarding Information Base compression via mathematical analysis

Author

Gaogang Xie, Kave Salamatian, Tong Yang, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Virtual routing and forwarding, Dynamic Source Routing, Static routing, Computer science, Forwarding information base, Routing table, Policy-based routing, IP forwarding, Destination-Sequenced Distance Vector routing, Algorithm

Abstract

International audience; With the fast development of Internet, the size of routing table in the backbone router continues to grow rapidly. Forwarding Information Base (FIB), which is derived from routing table, is stored in line-card to conduct routing lookup. Since the line-card's memory is limited, it would be worthwhile to compress the FIB for consuming less storage. Therefore, various FIB compression algorithms are proposed [2-7]. However, there is no well-presented mathematical support for the feasibility of the FIB compression solution, nor any mathematical derivation to prove the correctness of these algorithms. To address these problems, we propose a universal mathematical method based on the Group2 theory. By defining a Group representing the Longest Prefix Matching Rule (LPM), the bound of the worst case of FIB compression solution can be figured out. Furthermore, in order to guarantee the ultimate correctness of FIB compression algorithms, Routing Table Equation Test (RTET) is proposed and implemented to verify the equivalence of the two routing tables before and after compression by traversing the 32-bit IP address space.

Published

2014

42. On the geographic patterns of a large-scale mobile video-on-demand system

Author

Gaogang Xie, Jiali Lin, Yun Jin, Mohamed Ali Kaafar, Kave Salamatian, Zhenyu Li, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire de photonique et de nanostructures (LPN), Centre National de la Recherche Scientifique (CNRS), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National de Recherche en Informatique et en Automatique (Inria)-Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria), Networks Research Group (NICTA), National ICT Australia Ltd, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), and Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon

Subjects

Consumption (economics), Multimedia, Computer science, Mobile computing, Video on demand, 020206 networking & telecommunications, Mobile Web, 02 engineering and technology, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, Bandwidth (computing), Mobile search, [INFO]Computer Science [cs], 020201 artificial intelligence & image processing, Scale (map), computer

Abstract

International audience; The widespread availability of smart mobile terminals along with the ever increasing bandwidth capabilities has promoted the popularity of mobile Internet video systems. Understanding the geographic features of mobile content consumption is of an extreme importance for the design and the performance optimization of a mobile video delivery system. This paper is a first step towards characterization of the geographic patterns of a large-scale commercial mobile video-on-demand (VoD) system, by measuring both uniformity and intensity of geographic interests on videos. In particular, we identify a geographical concentration effect of views for individual videos, which is however dependent on video popularity. We also analyze the temporal evolution trends of the geographic popularity which reveal distinct behavior of popular and non-popular videos. While the set of locations that contribute to most of the views of non-popular videos largely varies, the daily geographic popularity distribution of popular videos closely follows the distribution of global traffic and remains stable. We also examine the impact of content type and viewing sources on the geographic features of mobile videos consumption, and the correlation between content similarity and geographic locality. Finally, we provide insights into the implications of our findings.

Published

2014

43. Peut-on penser une cybergéographie ?

Author

Jérémy Robine, Kave Salamatian, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Centre de recherches et d'analyses géopolitiques (CRAG), Université Paris 8 Vincennes-Saint-Denis (UP8), and Kavé, Salamatian

Subjects

[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], [SHS.GEO] Humanities and Social Sciences/Geography, Geography, Planning and Development, cyberstratégie, [SHS.GEO]Humanities and Social Sciences/Geography, cybergéographie

Abstract

National audience; L’Internet et le cyberespace sont aujourd’hui des réalités incontournables du monde contemporain, et en géopolitique bien des événements récents en ont souligné l’importance. Cependant, ces deux termes d’Internet et de cyberespace ne se recouvrent pas. L’Internet est un réseau bâti sur du réel, composé de fibres optiques, de liaisons par satellites et de machines qui sont situées dans l’espace terrestre ; le cyberespace regroupe les applications qui exploitent l’Internet et semble s’échapper de l’espace terrestre, pour en former un nouveau. L’analyse géopolitique doit, elle aussi, distinguer ces deux plans. Tout d’abord, et au travers de quelques exemples (Iran, France, Syrie), il convient de porter un regard géographique sur les infrastructures de l’Internet. Elles peuvent être des cibles en situation de conflit et, plus généralement, leur organisation dans les territoires pose de nombreux problèmes classiques de géographie ou de géopolitique, en termes d’aménagement du territoire ou d’inégalités spatiales. Dans un second temps, et à titre d’ébauche, cet article tente d’imaginer ce que sera peut-être demain la cybergéographie, discipline visant à étudier « spatialement » le rapport des humains au cyberespace, par analogie avec la géographie qui a pour objet leurs rapports avec l’espace terrestre. Cela impliquera d’élaborer les outils d’une description du cyberespace en quelque sorte de l’intérieur, et pose de nombreuses questions abstraites et théoriques.

Published

2014

44. Mobile video popularity distributions and the potential of peer-assisted video delivery

Author

Jiali Lin, Yi Sun, Zhenyu Li, Wenjie Wang, Gaogang Xie, Kave Salamatian, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), and European Project: 288021,EC:FP7:ICT,FP7-ICT-2011-7,EINS(2011)

Subjects

Computer Networks and Communications, Computer science, Mobile computing, Mobile Web, 02 engineering and technology, Mobile communications over IP, computer.software_genre, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Mobile station, Server, 0202 electrical engineering, electronic engineering, information engineering, Mobile database, Mobile search, Mobile technology, Electrical and Electronic Engineering, Multimedia, business.industry, IMT Advanced, 020206 networking & telecommunications, Computer Science Applications, 020201 artificial intelligence & image processing, The Internet, Mobile telephony, business, Mobile device, computer, Internet video, Computer network, Mobile collaboration

Abstract

The advances in wireless communications and mobile devices have resulted in a massive growth of the video services over mobile networks. In this article, we study the potential of peer-assisted video delivery in WiFi mobile networks aimed at reducing servers? load. Our study is based on a real measurement of mobile video viewing logs from a leading Internet video provider for 14 days. We analyze viewing behavior of users with respect to three main factors for the design of peer-assisted delivery network: viewing time, user population, and user locality. We then discuss the implications of the observations. Finally, we apply the findings on a BitTorrent-like VoD system and perform experiments with the collected viewing logs to demonstrate the benefits of peer-assisted video delivery. The peer assistance can reduce the servers? load by as much as 50 percent for popular videos on average.

Published

2013

45. Scalable high-performance parallel design for network intrusion detection systems on many-core processors

Author

Haiyang Jiang, Guangxing Zhang, Gaogang Xie, Kave Salamatian, Laurent Mathy, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), Département d'Electricité, Electronique & Informatique (Institut Montefiore), and Université de Liège

Subjects

[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 050208 finance, 0502 economics and business, 05 social sciences, 050207 economics

Abstract

International audience; Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. This work explores new parallel opportunities afforded by many-core processors for high performance, scalable and inexpensive NIDS. We exploit the huge many-core computational power by adopting a hybrid parallel architecture combining data and pipeline parallelism. We also design a hybrid load balancing scheme, using both ruleset and flow space partitioning. Furthermore, the proposed design leverages particular features of the processor to break the bottlenecks. We have integrated the open source NIDS Suricata into our proposed design and evaluated its performance with synthetic traffic. The prototype exhibits almost linear speedup and can handle up to 7.2 Gbps traffic with 100-bytes packets.

Published

2013

46. Scalable TCAM-based regular expression matching with compressed finite automata

Author

Kun Huang, Linxuan Ding, Gaogang Xie, Dafang Zhang, Alex X. Liu, Kave Salamatian, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Computer and Communication School, Hunan University, Computer Science and Engineering Dept. (MSU CS), Michigan State University [East Lansing], Michigan State University System-Michigan State University System, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), and Kavé, Salamatian

Subjects

[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], 0202 electrical engineering, electronic engineering, information engineering, 020206 networking & telecommunications, 02 engineering and technology, 021001 nanoscience & nanotechnology, 0210 nano-technology

Abstract

International audience; Regular expression (RegEx) matching is a core function of deep packet inspection in modern network devices. Previous TCAM-based RegEx matching algorithms a priori assume that a deterministic finite automaton (DFA) can be built for a given set of RegEx patterns. However, practical RegEx patterns contain complex terms like wildcard closure and repeat character, and it may be impossible to build a DFA with a reasonable number of states. This results in prior work to being infeasible in practice. Moreover, TCAM-based RegEx matching is required to scale to a large-scale set of RegEx patterns. In this paper, we propose a compressed finite automaton implementation called (CFA) for scalable TCAM-based RegEx matching. CFA is designed to reduce TCAM space by using three compression techniques: transition, character, and state compressions. Experiments on realistic RegEx pattern sets show CFA highly outperforms previous solutions in terms of TCAM space, matching throughput, and TCAM power consumption.

Published

2013

47. Welcome message from the PADE chairs

Author

Ersin Uzun, Mohamed Ali Kaafar, Sebastian Ries, Niklas Carlsson, Aurélien Francillon, Artur Hecker, Roksana Boreli, Panagiotis Papadimitratos, Craig A. Shue, Arik Friedman, Sébastien Gambs, Julien Freudiger, Anirban Mahanti, Boris Köpf, Zhen Chen, Pan Hui, Melek Önen, Steve Uhlig, Hamed Haddadi, Kevin Thomas Bauer, Fabian Schneider, Abdullatif Shikfa, Gaogang Xie, Kave Salamatian, and Thorsten Strufe

Subjects

Computer science, business.industry, Padé approximant, business, Communications system, Computer network

Published

2013

48. THash: A Practical Network Optimization Scheme for DHT-based P2P Applications

Author

Jun Li, Y. Richard Yang, Yi Sun, Xiaobing Zhang, Yang Guo, Kave Salamatian, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Department of Electrical Engineering [Yale University], Yale University [New Haven], Department of Human Genetics, University of Michigan [Ann Arbor], University of Michigan System-University of Michigan System, Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), and Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry])

Subjects

Scheme (programming language), DHT, Computer Networks and Communications, Computer science, Distributed computing, Hash function, 02 engineering and technology, Upload, PPLive, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Server, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Protocol (object-oriented programming), peering guidance matrix (PGM), computer.programming_language, 020203 distributed computing, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 020206 networking & telecommunications, Fault tolerance, ALTO/P4P, Scalability, business, computer, Network optimization, Computer network

Abstract

International audience; P2P platforms have been criticized because of the heavy strain that they can inflict on costly inter-domain links of network operators. It is therefore mandatory to develop network optimization schemes for controlling the load generated by a P2P platform on an operator network. While many research efforts exist on centralized tracker-based systems, in recent years multiple DHT-based P2P platforms have been widely deployed and considered as commercial services due to their scalability and fault tolerance. Finding network optimization for DHT-based P2P applications has thereby potential large practical impacts. In this paper, we present THash, a simple scheme that implements a distributed and effective network optimization for DHT systems. THash uses standard DHT put/get semantics and utilizes a triple hash method to guide the DHT clients to choose their sharing peers in proper domains. We have implemented THash in a major commercial P2P system (PPLive), using the standard ALTO/P4P protocol as the network information source. We conducted experiments over this network in real operation and observed that compared with Native DHT, THash reduced respectively by 47.4% and 67.7% the inter-PID and inter-AS traffic, while reducing the average downloading time by 14.6% to 24.5%.

Published

2013

49. Efficient fingerprint extraction for high performance Intrusion Detection System

Author

Gaogang Xie, Kave Salamatian, Haiyang Jiang, Institute of Computing Technology [Beijing] (ICT), Chinese Academy of Sciences [Changchun Branch] (CAS), Laboratoire d'Informatique, Systèmes, Traitement de l'Information et de la Connaissance (LISTIC), Université Savoie Mont Blanc (USMB [Université de Savoie] [Université de Chambéry]), IEEE, ANR-10-INTB-0303,PFlower,Reconnaissance de flôt applicatif par processeur Multi-coeurs(2010), European Project: 288021,EC:FP7:ICT,FP7-ICT-2011-7,EINS(2011), Kavé, Salamatian, Programme Blanc International édition 2010 - Reconnaissance de flôt applicatif par processeur Multi-coeurs - - PFlower2010 - ANR-10-INTB-0303 - Blanc international 2010 - VALID, and Network of Excellence in Internet Science - EINS - - EC:FP7:ICT2011-12-01 - 2015-05-31 - 288021 - VALID

Subjects

[INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI], parallel processing, Network packet, Computer science, business.industry, Real-time computing, Feature extraction, load balancing, 020206 networking & telecommunications, Pattern recognition, Deep packet inspection, 02 engineering and technology, Intrusion detection system, Fingerprint recognition, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Intrusion detection IDS, Fingerprint, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, False positive paradox, Artificial intelligence, business, Throughput (business)

Abstract

International audience; Deep Packet Inspection (DPI) module in Intrusion Detection Systems (IDSes) consists of two components: Pre-filter and Rule Verification (RV). Pre-filter adopts Multi-Pattern Matching (MPM) engine to filter out the vast majority of benign packets and then leave a few suspicious packets with false positives into RV component. These false positives are due to the scanning process in the pre-filter: it detects the traffic in a single pass against a set of fingerprints, which are extracted from the given ruleset by selecting only a small portion of the patterns in each signature. RV component precisely checks the suspicious packets and eliminates these false positives. The performance of DPI module is related to the extracted fingerprint set. An efficient fingerprint set should improve the pre-filter throughput, and at the same time decrease the count of checking activities in RV component. We show in this paper that these two requirements cannot be simultaneously satisfied in the existing fingerprint extraction strategies. Pre-filter performance greatly benefits from smaller fingerprint set because of the more compact MPM engine. But RV component suffers from the higher rate of false positives caused by the smaller fingerprint set. We optimally trade off these two requirements with a new extraction method in this work. Through analysing a small amount of training traffic in the initial phase, our strategy gives each fingerprint candidate an empirical weight for the subsequent extraction. Experimental results obtained by integrating our proposed method into the Snort IDS show that our strategy improves the IDS average throughput by at least 69% over the latest real ruleset and real traffic.

Published

2013

50. A Multi-partitioning Approach to Building Fast and Accurate Counting Bloom Filters

Author

Wei Li, Alex X. Liu, Kave Salamatian, Kun Huang, Jie Zhang, Gaogang Xie, and Dafang Zhang

Subjects

Reduction (complexity), Set (abstract data type), Memory management, Computer science, Hash function, Overhead (computing), Parallel computing, Bloom filter, Data structure

Abstract

Bloom filters are space-efficient data structures for fast set membership queries. Counting Bloom Filters (CBFs) extend Bloom filters by allowing insertions and deletions to support dynamic sets. The performance of CBFs is critical for various applications and systems. This paper presents a novel approach to building a fast and accurate data structure called Multiple-Partitioned Counting Bloom Filter (MPCBF) that addresses large-scale data processing challenges. MPCBF is based on two ideas: reducing the number of memory accesses from k (for k hash functions) in the standard CBF to only one memory access in the basic MPCBF-1 case, and a hierarchical structure to improve the false positive rate. We also generalize MPCBF-1 to MPCBF-g to accommodate up to g memory accesses. Our simulation and implementation in MapReduce show that MPCBF outperforms the standard CBF in terms of speed and accuracy. Compared to CBF, at the same memory consumption, MPCBF significantly reduces the false positive rate by an order of magnitude, with a reduction of processing overhead by up to 85.9%.

Published

2013