Change search
Refine search result
12 1 - 50 of 65
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1. Ahlgren, B.
    et al.
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Ngai, E. C. -H
    Internet of Things for Smart Cities: Interoperability and Open Data2016In: IEEE Internet Computing, ISSN 1089-7801, E-ISSN 1941-0131, Vol. 20, no 6, p. 52-56, article id 7781549Article in journal (Refereed)
    Abstract [en]

    The Internet of Things (IoT) has become a promising technology for addressing societal challenges by connecting smart devices and leveraging Big Data analytics to create smart cities worldwide. As the IoT scales up, it's important to provide interoperability among different devices. Yet current simple standard protocols lack sufficient openness and interoperability. IoT for smart cities needs to guarantee the accessibility of open data and cloud services to allow industries and citizens to develop new services and applications. Here, the authors provide a case study of the GreenIoT platform in Uppsala, Sweden, to demonstrate the idea of interoperability and open data for smart cities.

  • 2.
    Bellagamba, Elisa
    et al.
    Ericsson Research.
    Andersson, Loa
    Ericsson AB.
    Sköldström, Pontus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Ward, Dave
    Drake, John
    Configuration of Pro-Active Operations, Administration, and Maintenance (OAM) Functions for MPLS-based Transport Networks using LSP Ping2013Other (Other (popular science, discussion, etc.))
  • 3.
    Bogdanov, Kirill
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Latency Dataset for the paper "The Nearest Replica Can Be Farther Than You Think"2015Data set
  • 4.
    Bogdanov, Kirill
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Reducing Long Tail Latencies in Geo-Distributed Systems2016Licentiate thesis, monograph (Other academic)
    Abstract [en]

    Computing services are highly integrated into modern society. Millions of people rely on these services daily for communication, coordination, trading, and accessing to information. To meet high demands, many popular services are implemented and deployed as geo-distributed applications on top of third party virtualized cloud providers. However, the nature of such deployment provides variable performance characteristics. To deliver high quality of service, such systems strive to adapt to ever-changing conditions by monitoring changes in state and making run-time decisions, such as choosing server peering, replica placement, and quorum selection.

    In this thesis, we seek to improve the quality of run-time decisions made by geo-distributed systems. We attempt to achieve this through: (1) a better understanding of the underlying deployment conditions, (2) systematic and thorough testing of the decision logic implemented in these systems, and (3) by providing a clear view into the network and system states which allows these services to perform better-informed decisions.

    We performed a long-term cross datacenter latency measurement of the Amazon EC2 cloud provider. We used this data to quantify the variability of network conditions and demonstrated its impact on the performance of the systems deployed on top of this cloud provider.

    Next, we validate an application’s decision logic used in popular storage systems by examining replica selection algorithms. We introduce GeoPerf, a tool that uses symbolic execution and lightweight modeling to perform systematic testing of replica selection algorithms. We applied GeoPerf to test two popular storage systems and we found one bug in each.

    Then, using traceroute and one-way delay measurements across EC2, we demonstrated persistent correlation between network paths and network latency. We introduce EdgeVar, a tool that decouples routing and congestion based changes in network latency. By providing this additional information, we improved the quality of latency estimation, as well as increased the stability of network path selection.

    Finally, we introduce Tectonic, a tool that tracks an application’s requests and responses both at the user and kernel levels. In combination with EdgeVar, it provides a complete view of the delays associated with each processing stage of a request and response. Using Tectonic, we analyzed the impact of sharing CPUs in a virtualized environment and can infer the hypervisor’s scheduling policies. We argue for the importance of knowing these policies and propose to use them in applications’ decision making process.

  • 5.
    Bogdanov, Kirill
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Peón-Quirós, Miguel
    Complutense University of Madrid.
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    The Nearest Replica Can Be Farther Than You Think2015In: Proceedings of the ACM Symposium on Cloud Computing 2015, Association for Computing Machinery (ACM), 2015, p. 16-29Conference paper (Refereed)
    Abstract [en]

    Modern distributed systems are geo-distributed for reasons of increased performance, reliability, and survivability. At the heart of many such systems, e.g., the widely used Cassandra and MongoDB data stores, is an algorithm for choosing a closest set of replicas to service a client request. Suboptimal replica choices due to dynamically changing network conditions result in reduced performance as a result of increased response latency. We present GeoPerf, a tool that tries to automate the process of systematically testing the performance of replica selection algorithms for geodistributed storage systems. Our key idea is to combine symbolic execution and lightweight modeling to generate a set of inputs that can expose weaknesses in replica selection. As part of our evaluation, we analyzed network round trip times between geographically distributed Amazon EC2 regions, and showed a significant number of daily changes in nearestK replica orders. We tested Cassandra and MongoDB using our tool, and found bugs in each of these systems. Finally, we use our collected Amazon EC2 latency traces to quantify the time lost due to these bugs. For example due to the bug in Cassandra, the median wasted time for 10% of all requests is above 50 ms.

  • 6.
    Bogdanov, Kirill
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Peón-Quirós, Miguel
    Complutense University of Madrid.
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Kostić, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Toward Automated Testing of Geo-Distributed Replica Selection Algorithms2015In: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, Association for Computing Machinery (ACM), 2015, p. 89-90Conference paper (Refereed)
    Abstract [en]

    Many geo-distributed systems rely on a replica selection algorithms to communicate with the closest set of replicas.  Unfortunately, the bursty nature of the Internet traffic and ever changing network conditions present a problem in identifying the best choices of replicas. Suboptimal replica choices result in increased response latency and reduced system performance. In this work we present GeoPerf, a tool that tries to automate testing of geo-distributed replica selection algorithms. We used GeoPerf to test Cassandra and MongoDB, two popular data stores, and found bugs in each of these systems.

  • 7.
    Bogdanov, Kirill
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Reda, Waleed
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab). Université catholique de Louvain.
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Canini, Marco
    KAUST.
    Kurma: Fast and Efficient Load Balancing for Geo-Distributed Storage Systems: Evaluation of Convergence and Scalability2018Report (Other academic)
    Abstract [en]

    This report provides an extended evaluation of Kurma, a practical implementation of a geo-distributed load balancer for backend storage systems. In this report we demonstrate the ability of distributed Kurma instances to accurately converge to the same solutions within 1% of the total datacenter’s capacity and the ability of Kurma to scale up to 8 datacenters using a single CPU core at each datacenter.

  • 8. Byamukama, Maximus
    et al.
    Nannono, Janet Nakato
    Ruhinda, Kabonire
    Pehrson, Björn
    KTH.
    Nsabagwa, Mary
    Akol, Roselyn
    Olsson, Robert
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Bakkabulindi, Geoffrey
    Kondela, Emmanuel
    Design Guidelines for Ultra-low Power Gateways in Environment Monitoring Wireless Sensor Networks2017In: 2017 IEEE AFRICON / [ed] Cornish, D R, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 1472-1478Conference paper (Refereed)
    Abstract [en]

    We explore techniques that can be used to reduce the power consumption of gateways in wireless sensor networks deployed in environment monitoring applications, such as Automatic Weather Stations (AWS). The challenge is the deployment of these networks in locations that are far from a consistent power source, such as a national grid. Such stations must be autonomous and power consumption must be minimized. We present test scenarios illustrating the impact of the suggested techniques. We explore hardware and software based methods of power reduction, assess the impact of each, the constraints to be expected and how to overcome them. We then provide a reference implementation of a gateway in which we integrate these techniques. We show that power consumption can be reduced by 48 - 85% when comparing best and worst case scenarios. The reference implementation we provide consumes 27mW at 3V.

  • 9.
    Cho, Jeong-woo
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Jiang, Yuming
    NTNU (Norwegian University of Science and Technology).
    Fundamentals of the Backoff Process in 802.11: Dichotomy of the Aggregation2015In: IEEE Transactions on Information Theory, ISSN 0018-9448, E-ISSN 1557-9654, Vol. 61, no 4, p. 1687-1701Article in journal (Refereed)
    Abstract [en]

    This paper discovers fundamental principles of the backoff process that governs the performance of IEEE 802.11. A simplistic principle founded upon regular variation theory is that the backoff time has a truncated Pareto-type tail distribution with an exponent of $ { (log gamma !)/log m}$ ( $boldsymbol {m}$ is the multiplicative factor and $ {gamma }$ is the collision probability). This reveals that the per-node backoff process is heavy-tailed in the strict sense for $ { gamma > 1/m^{2}}$ , and paves the way for the following unifying result. The state-of-the-art theory on the superposition of the heavy-tailed processes is applied to establish a dichotomy exhibited by the aggregate backoff process, putting emphasis on the importance of time-scales on which we view the backoff processes. While the aggregation on normal time-scales leads to a Poisson process, it is approximated by a new limiting process possessing long-range dependence (LRD) on coarse time-scales. This dichotomy turns out to be instrumental in formulating short-term fairness, extending existing formulas to arbitrary population, and to elucidate the absence of LRD in practical situations. A refined wavelet analysis is conducted to strengthen this argument.

  • 10.
    Cho, Jeong-woo
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Yi, Yung
    KAIST (Korea Advanced Institute of Science and Technology).
    On the Payoff Mechanisms in Peer-Assisted Services With Multiple Content Providers: Rationality and Fairness2014In: IEEE/ACM Transactions on Networking, ISSN 1063-6692, E-ISSN 1558-2566, Vol. 22, no 3, p. 731-744Article in journal (Refereed)
    Abstract [en]

    This paper studies an incentive structure for cooperation and its stability in peer-assisted services when there exist multiple content providers, using a coalition game-theoretic approach. We first consider a generalized coalition structure consisting of multiple providers with many assisting peers, where peers assist providers to reduce the operational cost in content distribution. To distribute the profit from cost reduction to players (i.e, providers and peers), we then establish a generalized formula for individual payoffs when a "Shapley-like" payoff mechanism is adopted. We show that the grand coalition is unstable, even when the operational cost functions are concave, which is in sharp contrast to the recently studied case of a single provider where the grand coalition is stable. We also show that irrespective of stability of the grand coalition, there always exist coalition structures that are not convergent to the grand coalition under a dynamic among coalition structures. Our results give us an incontestable fact that a provider does not tend to cooperate with other providers in peer-assisted services and is separated from them. Three facets of the noncooperative (selfish) providers are illustrated: 1) underpaid peers; 2) service monopoly; and 3) oscillatory coalition structure. Lastly, we propose a stable payoff mechanism that improves fairness of profit sharing by regulating the selfishness of the players as well as grants the content providers a limited right of realistic bargaining. Our study opens many new questions such as realistic and efficient incentive structures and the tradeoffs between fairness and individual providers' competition in peer-assisted services.

  • 11. Jeong, J.
    et al.
    Yi, Y.
    Cho, Jeong Woo
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Eun, D. Y.
    Chong, S.
    Wi-Fi Sensing: Should Mobiles Sleep Longer As They Age?2013In: 2013 Proceedings IEEE INFOCOM, 2013, p. 2328-2336Conference paper (Refereed)
    Abstract [en]

    An essential condition precedent to the success of mobile applications based on Wi-Fi (e.g., iCloud) is an energy-efficient Wi-Fi sensing. From a user's perspective, a good Wi-Fi sensing policy should depend on both inter-AP arrival and contact duration time distributions. Prior work focuses on limited cases of those two distributions (e.g., exponential) or introduces heuristic approaches such as AI (Additive Increase). In this paper, we formulate a functional optimization problem on Wi-Fi sensing under general inter-AP and contact duration distributions, and propose how each user should sense Wi-Fi APs to strike a balance between energy efficiency and performance, depending on the users' mobility pattern. To that end, we derive an optimal condition which sheds insights into the aging property, the key feature required by efficient Wi-Fi sensing polices. Guided by the analytical studies and the implications, we develop a new sensing algorithm, called WiSAG (Wi-Fi Sensing with AGing), which is demonstrated to outperform the existing sensing algorithms up to 34% through extensive trace-driven simulations using the real mobility traces gathered from smartphones.

  • 12.
    Jimenez, Raul
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Distributed Peer Discovery in Large-Scale P2P Streaming Systems: Addressing Practical Problems of P2P Deployments on the Open Internet2013Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    Peer-to-peer (P2P) techniques allow users with limited resources to distribute content to a potentially large audience by turning passive clients into peers. Peers can self-organize to distribute content to each other, increasing the scalability of the system and decreasing the publisher’s costs, compared to a publisher distributing the data himself using a content delivery network (CDN) or his own servers.

    Peer discovery is the mechanism that peers use to find each other. Peer discovery is a critical component of any P2P-based system, because P2P networks are dynamic by nature. That is, peers constantly join and leave the network and each individual peer is assumed to be unreliable. This thesis addresses practical issues in distributed peer discovery mech- anisms in the context of three different large-scale P2P streaming systems: a (1) BitTorrent-based streaming system, (2) Spotify, and (3) our own mobile P2P streaming system based on the upcoming Peer-to-peer Streaming Protocol (PPSP) Internet standard.

    We dramatically improve peer discovery performance in BitTorrent’s Mainline DHT, the largest distributed hash table (DHT) overlay on the open Internet. Our implementation’s median lookup latency is an order of magnitude lower than the best performing measurement reported in the literature and does not exhibit a long tail of high-latency lookups, which is critical for P2P streaming applications.

    We have achieved these results by studying how connectivity artifacts on the underlying network —probably caused by network address translation (NAT) gateways— affect the DHT overlay. Our measurements of more than three million nodes reveal that connectivity artifacts are widespread and can severely degrade DHT performance.

    This thesis also addresses the practical issues of integrating mobile devices into P2P streaming systems. In particular, we enable P2P on Spotify’s Android app, study how distributed peer discovery affects energy consumption, and implement and evaluate backwards-compatible modifications which dramatically reduce energy consumption on 3G.

    Then, we build the first complete system that not only is capable of streaming content to mobile devices but also allows them to publish content directly into the P2P system, even when they are behind a NAT gateway, with minimal impact on their battery and data usage.

    While our preferred approach is implementing backwards-compatible modifications, we also propose and analyze backwards-incompatible ones. The former allow us to evaluate them in the existing large-scale systems and allow developers to deploy our modifications into the actual system. The latter free us to propose deeper changes. In particular, we propose (1) a DHT-based peer discovery mechanism that improves scalability and introduces localityawareness, and (2) modifications on Spotify’s gossip-like peer discovery to better accommodate mobile devices

  • 13.
    Jimenez, Raul
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Bakker, Arno
    Delft University of Technology.
    Knutsson, Björn
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Pouwelse, Johan
    Delft University of Technology.
    Haridi, Seif
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
    Tribler Mobile: P2P Video Streaming from and to Mobile DevicesManuscript (preprint) (Other academic)
    Abstract [en]

    Peer-to-peer (P2P) mechanisms allow users with limited resources to distribute content to a large audience, without the need of intermediaries.

    These P2P mechanisms, however, appear to be ill-suited for mobile devices, given their limited resources: battery, bandwidth, and connectivity. Even Spotify, a commercial straming service where desktop clients stream about 80% of the data via P2P, does not use P2P on mobile devices.

    This paper describes Tribler Mobile, a mobile app that allows users to broadcast their own videos to potentially large audiences

    directly from their devices. Our system delegates most of the distribution tasks to boosters running on desktop computers. Our mechanisms are designed to be fully-decentralized and consider mobile devices’ limitations.

    Tribler Mobile is available as open-source software and have been installed by almost 500 users on their Android devices.

     

  • 14.
    Jimenez, Raul
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Kreitz, Gunnar
    KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS. Spotify.
    Knutsson, Björn
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Isaksson, Marcus
    Spotify.
    Haridi, Seif
    KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
    Integrating Smartphones in Spotify's Peer-Assisted Music Streaming ServiceManuscript (preprint) (Other academic)
    Abstract [en]

    Spotify is a large-scale peer-assisted music streaming service. Spotify’s P2P network serves 80% of music data to desktop clients. On the other hand, the rapidly growing number of mobile clients do not use P2P but instead stream all data from Spotify’s servers.

    We enable P2P on a Spotify mobile client and empirically eval- uate the impact of P2P protocols (in particular low-bandwidth traffic between peers) on energy consumption, both on 3G and

    Wifi. On 3G, current P2P protocols are highly energy inefficient, but simple modifications bring consumption close to the client-server configuration. On Wifi, the extra energy cost of enabling P2P is much lower.

    Finally, we propose a protocol modification to further integrate mobile devices in Spotify’s P2P network according to their capa- bilities (power source, access network). This allows us to break the artificial division between desktop and mobile platforms and dynamically adapt as resources become (un)available to the device.

     

  • 15. John, W.
    et al.
    Kern, A.
    Kind, M.
    Sköldström, Pontus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Staessens, D.
    Woesner, H.
    Splitarchitecture: SDN for the carrier domain2014In: IEEE Communications Magazine, ISSN 0163-6804, E-ISSN 1558-1896, Vol. 52, no 10, p. 146-152, article id 6917416Article in journal (Refereed)
    Abstract [en]

    The concept of SDN has emerged as a way to address numerous challenges with traditional network architectures by decoupling network control and forwarding. So far, the use cases for SDN mainly targeted data-center applications. This article considers SDN for network carriers, facing operation of large-scale networks with millions of customers, multiple technologies, and high availability demands. With specific carriergrade features such as scalability, reliability, flexibility, modularity, and virtualization in mind, the SPARC EU project has developed the SPARC SplitArchitecture concept. The SplitArchitecture control plane allows hierarchical layering of several control plane layers which can be flexibly mapped to data plane layers. Between control layers open interfaces are used. Furthermore, SplitArchitecture proposes an additional split of forwarding and processing functions in data path elements, enabling switch based OAM functionality and handling of tunneling techniques. The SplitArchitecture concept is evaluated in a prototype demonstrating an SDN version of BRAS: the floating BRAS. The floating BRAS allows creation of residential Internet access services with dynamically managed BRAS instances. The demo is based on a controller enabling protected MPLS transport connections spanning SDN-controlled aggregation and IP/MPLS-based core domains. The prototype showcases how SplitArchitecture enables virtualization of service nodes in an SDN-controlled network, leading to increased flexibility in configuration and placement of service creation functions. Overall, the results show that it is technically and economically beneficial to apply SDN, and specifically the SplitArchitecture concept, to the carrier domain.

  • 16.
    Katsikas, Georgios P.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Realizing High Performance NFV Service Chains2016Licentiate thesis, monograph (Other academic)
    Abstract [en]

    Network functions (NFs) hold a key role in networks, offering in-network services, such as enhanced performance, policy enforcement, and security. Traditionally, NFs have been implemented in specialized, thus expensive hardware. To lower the costs of deploying NFs, network operators have adopted network functions virtualization (NFV), by migrating NFs from hardware to software running in commodity servers. Several approaches to NFV have shown that commodity network stacks and drivers (e.g., Linux-based) struggle to keep up with increasing hardware speed. Despite this, popular networking services still rely on these commodity components. Moreover, chaining NFs (also known as service chaining) is challenging due to redundancy in the elements of the chain. This licentiate thesis addresses the performance problems of NFV service chains.The first contribution is a framework that (i) profiles NFV service chains to uncover performance degradation reasons and (ii) leverages the profiler’s data to accelerate these chains, by combining multiplexing of system calls with scheduling strategies. These accelerations improve the cache utilization and thereby the end-to-end latency of chained NFs is reduced by a factor of three. Moreover, the same chains experience a multi-fold latency variance reduction; this result improves the quality of highly-interactive services.The second contribution of this thesis substantially revises the way NFV service chains are realized. NFV service chains are synthesized while eliminating redundant input/output and repeated elements, providing consolidated stateful cross layer packet operations across the chain. This software-based synthesis achieves line-rate 40 Gbps throughput for stateful and long service chains. This performance is 8.5x higher than the performance achieved by the software-based state of the art FastClick framework. Experiments with three example Internet Service Provider-level service chains show that this synthesis approach operates at 40 Gbps, when the classification of these chains is offloaded to an OpenFlow switch.

  • 17.
    Katsikas, Georgios P.
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Enguehard, Marcel
    Kuźniar, Maciej
    Maguire Jr, Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    SNF: synthesizing high performance NFV service chains2016In: PeerJ Computer Science, ISSN 2376-5992, p. 1-30Article in journal (Refereed)
    Abstract [en]

    In this paper we introduce SNF, a framework that synthesizes (S) network function (NF) service chains by eliminating redundant I/O and repeated elements, while consolidating stateful cross layer packet operations across the chain. SNF uses graph composition and set theory to determine traffic classes handled by a service chain composed of multiple elements. It then synthesizes each traffic class using a minimal set of new elements that apply single-read-single-write and early-discard operations. Our SNF prototype takes a baseline state of the art network functions virtualization (NFV) framework to the level of performance required for practical NFV service deployments. Software-based SNF realizes long (up to 10 NFs) and stateful service chains that achieve line-rate 40 Gbps throughput (up to 8.5x greater than the baseline NFV framework). Hardware-assisted SNF, using a commodity OpenFlow switch, shows that our approach scales at 40 Gbps for Internet Service Provider-level NFV deployments.

  • 18.
    Katsikas, Georgios P.
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Maguire Jr., Gerald Q.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Profiling and accelerating commodity NFV service chains with SCC2017In: Journal of Systems and Software, ISSN 0164-1212, E-ISSN 1873-1228, Vol. 127, no C, p. 12-27Article in journal (Refereed)
    Abstract [en]

    Recent approaches to network functions virtualization (NFV) have shown that commodity network stacks and drivers struggle to keep up with increasing hardware speed. Despite this, popular cloud networking services still rely on commodity operating systems (OSs) and device drivers.

     

    Taking into account the hardware underlying of commodity servers, we built an NFV profiler that tracks the movement of packets across the system’s memory hierarchy by collecting key hardware and OS-level performance counters.

     

    Leveraging the profiler’s data, our Service Chain Coordinator’s (SCC) runtime accelerates user-space NFV service chains, based on commodity drivers. To do so, SCC combines multiplexing of system calls with scheduling strategies, taking time, priority, and processing load into account.

     

    By granting longer time quanta to chained network functions (NFs), combined with I/O multiplexing, SCC reduces unnecessary scheduling and I/O overheads, resulting in three-fold latency reduction due to cache and main memory utilization improvements. More importantly, SCC reduces the latency variance of NFV service chains by up to 40x compared to standard FastClick chains by making the average case for an NFV chain to perform as well as the best case. These improvements are possible because of our profiler’s accuracy.

  • 19.
    Kothandaraman, Babu
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Du, M.
    Sköldström, P.
    Centrally controlled distributed VNF state management2015In: Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization,, ACM Press, 2015, p. 37-42Conference paper (Refereed)
    Abstract [en]

    The realization of increased service flexibility and scalability through the combination of Virtual Network Functions (VNF) and Software Defined Networks (SDN) requires careful management of both VNF and forwarding state. Without coordination, service scalability comes at a high cost due to unacceptable levels of packet loss, reordering and increased latencies. Previously developed techniques has shown that these issues can be managed, at least in scenarios with low traffic rates and optimistic control plane latencies. In this paper we extend previous work on coordinated state management in order to remove performance bottlenecks, this is done through distributed state management and minimizing control plane interactions. Evaluation of our changes show substantial performance gains using a distributed approach while maintaining centralized control.

  • 20.
    Kounelis, Ioannis
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Baldini, G.
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Loschner, J.
    An architecture for secure m-commerce applications2013In: Proceedings - 19th International Conference on Control Systems and Computer Science, CSCS 2013, 2013, p. 519-525Conference paper (Refereed)
    Abstract [en]

    As mobile communication technology evolves, more and more features are available to users of mobile devices. The adoption of such features is rapid and the demand for more capabilities is growing, especially with the development of the Internet of Things. One of the most challenging and sensitive concepts used in the always connected mobile world is mobile commerce. Security for mobile financial transactions is of extreme high concern. In this paper we describe the architecture of a secure mcommerce system based on the concepts defined in the FP7 iCore project. We propose a framework that structures an m-commerce system in objects with semantic searching capabilities to provide an efficient and secure handling of system resources and transactions.

  • 21.
    Kounelis, Ioannis
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Baldini, Gianmarco
    Neisse, Ricardo
    Steri, Gary
    Tallacchini, Mariachiara
    Pereira, Angela Guimaraes
    Building Trust in the Human-Internet of Things Relationship2014In: IEEE technology & society magazine, ISSN 0278-0097, E-ISSN 1937-416X, Vol. 33, no 4, p. 73-80Article in journal (Refereed)
    Abstract [en]

    The concept of the Internet of Things (IoT) was initially proposed by Kevin Ashton in 1998 [1], where it was linked to RFID technology. More recently, the initial idea has been extended to support pervasive connectivity and the integration of the digital and physical worlds [2], encompassing virtual and physical objects, including peopl and places.

  • 22.
    Kounelis, Ioannis
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Muftic, Sead
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Loeschner, Jan
    Secure and Privacy-enhanced E-Mail System based on the Concept of Proxies2014Conference paper (Refereed)
    Abstract [en]

    Security and privacy on the Internet and especially the e-mail, is becoming more and more important and crucial for the user. The requirements for the protection of e-mail include issues like tracking and privacy intrusions by hackers and commercial advertisers, intrusions by casual observers, and even spying by government agencies. In an expanding e-mail use in the digital world, Internet and mobile, the quantity and sensitivity of personal information has also tremendously expanded. Therefore, protection of data and transactions and privacy of user information is key and of interest for many users. Based on such motives, in this paper we present the design and current implementation of our secure and privacy-enhanced e-mail system. The system provides protection of e-mails, privacy of locations from which the e-mail system is accessed, and authentication of legitimate users. Differently from existing standard approaches, which are based on adding security extensions to e-mail clients, our system is based on the concept of proxy servers that provide security and privacy of users and their e-mails. It uses all required standards: S/ MIME for formatting of secure letters, strong cryptographic algorithms, PKI protocols and certificates. We already have the first implementation and an instance of the system is very easy to install and to use.

  • 23. Kuzniar, Maciej
    et al.
    Peresini, Peter
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Providing Reliable FIB Update Acknowledgments in SDN2014In: The 10th International Conference on emerging Networking Experiments and Technologies (CoNEXT’14), December 2–5, 2014, Sydney, Australia, Association for Computing Machinery (ACM), 2014Conference paper (Refereed)
    Abstract [en]

    In this paper, we rst show that transient, but grave problems such as violations of security policies can occur with real switches even when using consistent updates to Software Dened Networks. Next, we present techniques that are eective in ameliorating this problem. Our key insight is in creating a transparent layer that relies on control and data plane measurements to conrm rule updates only when the rule is visible in the data plane.

  • 24.
    Kuzniar, Maciej
    et al.
    EPFL.
    Peresini, Peter
    EPFL.
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    What You Need to Know About SDN Flow Tables2015In: PASSIVE AND ACTIVE MEASUREMENT (PAM 2015), Springer, 2015, p. 347-359Conference paper (Refereed)
    Abstract [en]

    SDN deployments rely on switches that come from various vendors and differ in terms of performance and available features. Understanding these differences and performance characteristics is essential for ensuring successful deployments. In this paper we measure, report, and explain the performance characteristics of flow table updates in three hardware OpenFlow switches. Our results can help controller developers to make their programs efficient. Further, we also highlight differences between the OpenFlow specification and its implementations, that if ignored, pose a serious threat to network security and correctness.

  • 25. Kuzniar, Maciej
    et al.
    Peresini, Peter
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab). KTH, School of Electrical Engineering and Computer Science (EECS).
    Canini, Marco
    KAUST.
    Methodology, Measurement and Analysis of Flow Table Update Characteristics in Hardware OpenFlow Switches2018In: Computer Networks, ISSN 1389-1286, E-ISSN 1872-7069Article in journal (Refereed)
    Abstract [en]

    Software-Defined Networking (SDN) and OpenFlow are actively being standardized and deployed. These deployments rely on switches that come from various vendors and differ in terms of performance and available features. Understanding these differences and performance characteristics is essential for ensuring successful and safe deployments.

    We propose a systematic methodology for SDN switch performance analysis and devise a series of experiments based on this methodology. The methodology relies on sending a stream of rule updates, while relying on both observing the control plane view as reported by the switch and probing the data plane state to determine switch characteristics by comparing these views. We measure, report and explain the performance characteristics of flow table updates in six hardware OpenFlow switches. Our results describing rule update rates can help SDN designers make their controllers efficient. Further, we also highlight differences between the OpenFlow specification and its implementations, that if ignored, pose a serious threat to network security and correctness.

  • 26. Lee, H.
    et al.
    Jang, H.
    Yi, Y.
    Cho, Jeong-woo
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    On the interaction between content-oriented traffic scheduling and revenue sharing among providers2013In: Proceedings - IEEE INFOCOM, 2013, p. 3201-3206Conference paper (Refereed)
    Abstract [en]

    The Internet consists of economically selfish players in terms of access/transit connection, content distribution, and users. Such selfish behaviors often lead to techno-economic inefficiencies such as unstable peering and revenue imbalance. Recent research results suggest that cooperation in revenue sharing (thus multi-level ISP settlements) can be a candidate solution for the problem of unfair revenue share. However, it is unclear whether providers are willing to behave cooperatively. In this paper, we study the interaction between how content-oriented traffic scheduling at the edge is and how stable the intended cooperation is. We consider three traffic scheduling policies having various degrees of content-value preference, compare them in terms of implementation complexity, network neutrality, and stability of cooperation, and present interesting trade-offs among them.

  • 27. Lee, H.
    et al.
    Jang, H.
    Yi, Y.
    Cho, Jeong-Woo
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    On the interaction between content-oriented traffic scheduling and revenue sharing among providers2013In: 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS 2013), IEEE Communications Society, 2013, p. 333-338Conference paper (Refereed)
    Abstract [en]

    The Internet consists of economically selfish players in terms of access/transit connection, content distribution, and users. Such selfish behaviors often lead to techno-economic inefficiencies such as unstable peering and revenue imbalance. Recent research results suggest that cooperation in revenue sharing (thus multi-level ISP settlements) can be a candidate solution for the problem of unfair revenue share. However, it is unclear whether providers are willing to behave cooperatively. In this paper, we study the interaction between how content-oriented traffic scheduling at the edge is and how stable the intended cooperation is. We consider three traffic scheduling policies having various degrees of content-value preference, compare them in terms of implementation complexity, network neutrality, and stability of cooperation, and present interesting trade-offs among them.

  • 28. Lee, Hyojung
    et al.
    Jang, Hyeryung
    Cho, Jeong-woo
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Yi, Yung
    Traffic Scheduling and Revenue Distribution Among Providers in the Internet: Tradeoffs and Impacts2017In: IEEE Journal on Selected Areas in Communications, ISSN 0733-8716, E-ISSN 1558-0008, Vol. 35, no 2, p. 421-431Article in journal (Refereed)
    Abstract [en]

    The Internet consists of economically selfish players in terms of access/transit connection and content distribution. Such selfish behaviors often lead to techno-economic inefficiencies, such as unstable peering and revenue imbalance. Recent research results suggest that cooperation-based fair revenue sharing, i.e., multi-level Internet service provider (ISP) settlements, can be a candidate solution to avoid unfair revenue share. However, it has been under-explored whether selfish ISPs actually cooperate or not (often referred to as the stability of coalition), because they may partially cooperate or even do not cooperate, depending on how much revenue is distributed to each individual ISP. In this paper, we study this stability of coalition in the Internet, where our aim is to investigate the conditions under which ISPs cooperate under different regimes on the traffic demand and network bandwidth. We first consider the under-demanded regime, i.e., network bandwidth exceeds traffic demand, where revenue sharing based on Shapley value leads ISPs to entirely cooperate, i.e., stability of the grand coalition. Next, we consider the over-demanded regime, i.e., traffic demand exceeds network bandwidth, where there may exist some ISPs who deviate from the grand coalition. In particular, this deviation depends on how users' traffic is handled inside the network, for which we consider three traffic scheduling policies having various degrees of content-value preference. We analytically compare those three scheduling policies in terms of network neutrality, and stability of cooperation that provides useful implications on when and how multi-level ISP settlements help and how the Internet should be operated for stable peering and revenue balance among ISPs.

  • 29.
    Manjate, Juvencio Arnaldo
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Sjödin, Peter
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Performance analysis of topology-oriented solutions on energy efficient networks2017In: 2017 IEEE International Conference on Communications, ICC 2017, Institute of Electrical and Electronics Engineers (IEEE), 2017, article id 7996421Conference paper (Refereed)
    Abstract [en]

    Telecommunication networks have been designed and deployed with over-provisioning and redundancy of resources to cope with traffic load during peak hours and quickly recover from failure. However, most of these resources are underutilized and in most of the time idle but consuming full energy. With the growing concern of energy waste and greenhouse gases (GHG), the network design principles tend to shift to allocate resources on-demand and be energy-efficient. In this paper, we analyze and evaluate the performance of two energy-saving techniques, namely Energy Saving TOPology control (ESTOP) for coordinated sleeping, and Energy Efficient Ethernet (EEE) for uncoordinated sleeping. Furthermore, we evaluate the potential of combining ESTOP and EEE considering that the reduced topologies obtained running ESTOP can substantially increase link utilization and the length of some paths and therefore degrade the performance of EEE. The evaluation was conducted in OMNet++ with realistic and synthetic networks under different traffic conditions. The results show that the energy conservation of the combination is significant when a lower value of the connectivity threshold is used during off-peak hours and a higher value is used during peak hours. ESTOP depends on the density of the topology and can save about 50% of energy.

  • 30.
    Manjate, Juvencio
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Sjödin, Peter
    Energy-Efficient Networks under Coordinated andUncoordinated Sleeping Approaches2015Conference paper (Refereed)
    Abstract [en]

    Wired IP networks handle the bulk of today’scommunication. These networks are built with over-provisioningand redundancy of devices to support critical activities. However,the activities can vary significantly, resulting in unused networkonline waste of power. In this study, we examine two existingpower-saving approaches for wired IP networks: i) uncoordinatedsleeping and (ii) coordinated sleeping. The uncoordinated andcoordinated sleeping algorithms investigated are respectively En-ergy Efficient Ethernet (EEE) and Energy-Aware Routing (EAR)for green OSPF. In addition, we investigate the combination ofcoordinated and uncoordinated sleeping algorithms, EEE andEAR for green OSPF. The energy performance of the twoalgorithms and their combination is evaluated in two networksof different dimensions under varying traffic loads.The investigation shows that EEE, EAR for green OSPF andthe combination significantly reduce the energy consumption ofa network. However, the highest peak of energy conservationis achieved when EAR for green OSPF is activated in an EEEnetwork during lower traffic load periods and deactivated duringhigh traffic load periods.

  • 31. Nilseng, Jessica
    et al.
    Gustafsson, Lars L.
    Nungu, Amos
    KTH, School of Information and Communication Technology (ICT). Dar Es Salaam Institute of Technology, Tanzania .
    Bastholm-Rahmner, Pia
    Mazali, Dennis
    Pehrson, Björn
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Eriksen, Jaran
    KTH, School of Information and Communication Technology (ICT). Karolinska University Hospital, Sweden.
    A cross-sectional pilot study assessing needs and attitudes to implementation of Information and Communication Technology for rational use of medicines among healthcare staff in rural Tanzania2014In: BMC Medical Informatics and Decision Making, ISSN 1472-6947, E-ISSN 1472-6947, Vol. 14, no 1, p. 78-Article in journal (Refereed)
    Abstract [en]

    Background: In resource-poor countries access to essential medicines, suboptimal prescribing and use of medicines are major problems. Health workers lack updated medical information and treatment support. Information and Communication Technology (ICT) could help tackle this. The impact of ICT on health systems in resource-poor countries is likely to be significant and transform the practice of medicine just as in high-income countries. However, research for finding the best way of doing this is needed. We aimed to assess current approaches to and use of ICT among health workers in two rural districts of Tanzania in relation to the current drug distribution practices, drug stock and continuing medical information (CME), as well as assessing the feasibility of using ICT to improve ordering and use of medicines. Methods: This pilot study was conducted in 2010-2011, mapping the drug distribution chain in Tanzania, including problems and barriers. The study was conducted in Bunda and Serengeti districts, both part of the ICT4RD (ICT for rural development) project. Health workers involved in drug procurement and use at 13 health facilities were interviewed on use and knowledge of ICT, and their attitudes to its use in their daily work. They were also shown and interviewed about their thoughts on an android tablet application prototype for drug stock inventory and drug ordering, based on the Tanzanian Medical Stores Department (MSD) current paper forms. Results: The main challenge was a stable supply of essential medicines. Drug supplies were often delayed and incomplete, resulting in stock-outs. All 20 interviewed health workers used mobile phones, 8 of them Smartphones with Internet connection. The Health workers were very positive to the tablet application and saw its potential in reducing drug stock-outs. They also expressed a great need and wish for CME by distance. Conclusion: The tablet application was easily used and appreciated by health workers, and thus has the potential to save time and effort, reduce transportation costs and minimise drug stock-outs. Furthermore, the android tablet could be used to reach out with CME programs to health care workers at remote health facilities, as well as those in towns.

  • 32. Nungu, Amos
    et al.
    Olsson, Robert
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Pehrson, Björn
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Kang, Jiawei
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Kifetew, Daniel
    Rustamov, Alisher
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Inclusive ubiquitous access - A status report2015In: 6th International Conference on e-Infrastructure and e-Services for Developing Countries, AFRICOMM 2014, Springer Publishing Company, 2015, p. 13-22Conference paper (Refereed)
    Abstract [en]

    The development towards ubiquitous network access requires innovative solutions to get remote areas included, especially rural areas of developing regions. We report on recent progress in the Serengeti Broadband Network, one of the first pilots established in the Tanzania ICT for Rural Development programme with the mission to design and validate a method to establish sustainable broadband markets in under-served areas. The challenges include ownership and leadership, sustainable business models, robustness of network components and poor or non-existent supply chains, including power supply.

  • 33.
    Olsson, Robert
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Pehrson, Björn
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
    Powering devices using ultra-capacitor batteries2015In: PROCEEDINGS OF THE 2015 12TH IEEE AFRICON INTERNATIONAL CONFERENCE - GREEN INNOVATION FOR AFRICAN RENAISSANCE (AFRICON), IEEE conference proceedings, 2015Conference paper (Refereed)
    Abstract [en]

    We explore the use of ultra-capacitors as backup storage for solar powered electronic devices. We discuss two use cases: routers in off-grid broadband networks consuming a few Watt and wireless sensor network nodes using a few mW when operating and a few mu W in quiescent mode. We have been testing batteries with ultra-capacitor based cells, both EDLC and LIC, in the range from 40 to 3000F. We found them viable alternatives in some applications and started long term field tests to sort out some unclear aspects regarding maximum discharge levels. Besides the traditional function of a backup battery storage in low-power applications, the very low internal resistance of capacitors make them useful also in hybrid solutions to accommodate transient needs for high currents that traditional batteries cannot deliver. Due to the low resistance, charging/discharging can be very fast. We also show how a very simple design requiring only one LIC capacitor can power a WSN mote sending at 1 packet/minute for 6 weeks on a single charge.

  • 34.
    Peresini, Peter
    et al.
    EPFL.
    Kuzniar, Maciej
    EPFL.
    Canini, Marco
    UCLouvain.
    Venzano, Daniele
    EURECOM.
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Rexford, Jennier
    Princeton University.
    Systematically Testing OpenFlow Controller Applications2015In: Computer Networks, ISSN 1389-1286, E-ISSN 1872-7069, Vol. 92Article in journal (Refereed)
    Abstract [en]

    The emergence of OpenFlow-capable switches enables exciting new network functionality, at the risk of programming errors that make communication less reliable. The centralized programming model, where a single controller program manages the network, seems to reduce the likelihood of bugs. However, the system is inherently distributed and asynchronous, with events happening at different switches and end hosts, and inevitable delays affecting communication with the controller. In this paper, we present efficient, systematic techniques for testing unmodified controller programs. Our NICE tool applies model checking to explore the state space of the entire system—the controller, the switches, and the hosts. Scalability is the main challenge, given the diversity of data packets, the large system state, and the many possible event orderings. To address this, we propose a novel way to augment model checking with symbolic execution of event handlers (to identify representative packets that exercise code paths on the controller). We also present a simplified OpenFlow switch model (to reduce the state space), and effective strategies for generating event interleavings likely to uncover bugs. Our prototype tests Python applications on the popular NOX platform. In testing three real applications—a MAC-learning switch, in-network server load balancing, and energy-efficient traffic engineering—we uncover thirteen bugs

  • 35.
    Peresini, Peter
    et al.
    EPFL.
    Kuzniar, Maciej
    EPFL.
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Monocle: Dynamic, Fine-Grained Data Plane Monitoring2015In: Proceedings of the 11th International Conference on emerging Networking EXperiments and Technologies (ACM CoNEXT), Association for Computing Machinery (ACM), 2015Conference paper (Refereed)
    Abstract [en]

    Ensuring network reliability is important for satisfying service-level objectives. However, diagnosing network anomalies in a timely fashion is difficult due to the complex nature of network configurations. We present Monocle — a system that uncovers forwarding problems due to hardware or software failures in switches, by verifying that the data plane corresponds to the view that an SDN controller installs via the control plane. Monocle works by systematically probing the switch data plane; the probes are constructed by formulating the switch forwarding table logic as a Boolean satisfiability (SAT) problem. Our SAT formulation quickly generates probe packets targeting a particular rule considering both existing and new rules. Monocle can monitor not only static flow tables (as is currently typically the case), but also dynamic networks with frequent flow table changes. Our evaluation shows that Monocle is capable of finegrained monitoring for the majority of rules, and it can identify a rule suddenly missing from the data plane or misbehaving in a matter of seconds. Also, during network updates Monocle helps controllers cope with switches that exhibit transient inconsistencies between their control and data plane states

  • 36. Peresini, Peter
    et al.
    Kuzniar, Maciej
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Rule-Level Data Plane Monitoring With Monocle2015In: Computer communication review, ISSN 0146-4833, E-ISSN 1943-5819, Vol. 45, no 4, p. 595-596Article in journal (Refereed)
    Abstract [en]

    We present Monocle, a system that systematically monitors the network data plane, and verifies that it corresponds to the view that the SDN controller builds and tries to enforce in the switches. Our evaluation shows that Monocle is capable of fine-grained per-rule monitoring for the majority of rules. In addition, it can help controllers to cope with switches that exhibit transient inconsistencies between their control plane and data plane states.

  • 37.
    Rathore, M. Siraj
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Sjödin, Peter
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Towards Performance Guarantees for Virtualized Network Functions2017Article in journal (Refereed)
    Abstract [en]

    The trend of consolidating network functions from specialized hardware to software running on virtualization servers brings significant advantages for reducing costs and simplifying service deployment.  However, virtualization techniques have significant limitations when it comes to networking as there is no support for guaranteeing that network functions meet their service requirements. In this paper, we present a design for providing service guarantees to virtualized network functions based on rate control. The design is a combination of rate regulation through token bucket filters and the regular scheduling mechanisms in operating systems.  It has the attractive property that traffic profiles are maintained throughout a series of network functions, which makes it well suited for service function chaining.

    We discuss implementation alternatives for the design, and demonstrated how it can be implemented on two virtualization platforms: LXC containers and with the KVM hypervisor. To evaluate the design, we conduct experiments where we measure throughput and latency using IP forwarders as virtual network functions. Two significant factors for performance are investigated: the design of token buckets and the packet clustering effect that comes from scheduling. We implement a token bucket filter at the network device level, which is found to give better performance than the regular token bucket in Linux traffic control. The clustering effect adds burstiness, which in turn increases latency and limits the traffic profiles that can be supported. The effect is significant with KVM, but not with LXC. Finally, we demonstrate how performance guarantees are achieved for multiple virtual routers under different scenarios.

  • 38.
    Rathore, Muhammad Siraj
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Performance, Isolation and Service Guarantees in Virtualized Network Functions2017Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    A network is generally a collection of different hardware-based network devices carrying out various network functions, (NF). These NF implementations are special purpose and expensive. Network function virtualization (NFV) is an alternative which uses software-based implementation of NFs in inexpensive commodity servers. However, it is challenging to achieve high networking performance due to bottlenecks in software, particularly in a virtualized environment where NFs are implemented inside the virtual machines (VM). The performance isolation is yet another challenge, which means that the load on one VM should not affect the performance of other VMs. However, it is difficult to provide performance isolation due to resource contention in a commodity server. Furthermore, different NFs may require different service guarantees which are difficult to ensure due to the non-deterministic performance behavior of a commodity server.

    In this thesis we investigate how the challenges of performance, isolation and service guarantees can be addressed for virtual routers (VR), as an example of a virtualized NF. It is argued that the forwarding path of a VR can be modified in an efficient manner in order to improve the forwarding performance. When it comes to performance isolation, poor isolation is observed due to shared network queues and CPU sharing among VRs. We propose a design with SR-IOV, which allows reserving a network queue and CPU core for each VR. As a result, the resource contention is reduced and strong performance isolation is achieved. Finally, it is investigated how average throughput and bounded packet delay can be guaranteed to VRs. We argue that a classic rate-controlled service discipline can be adapted in a virtual environment to achieve service guarantees. We demonstrate that firm service guarantees can be achieved with little overhead of adding token bucket regulator in the forwarding path of a VR.

  • 39.
    Rathore, Muhammad Siraj
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Sjödin, Peter
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers2013In: American Journal of Networks and Communications, ISSN 2326-893X, Vol. 2, no 4, p. 88-96Article in journal (Refereed)
    Abstract [en]

    Concerns have been raised about the performance of PC-based virtual routers as they do packet processing in software. Furthermore, it becomes challenging to maintain isolation among virtual routers due to resource contention in a shared environment. Hardware vendors recognize this issue and PC hardware with virtualization support (SR-IOV and Intel-VTd) has been introduced in recent years. In this paper, we investigate how such hardware features can be integrated with two different virtualization technologies (LXC and KVM) to enhance performance and isolation of virtual routers on shared environments. We compare LXC and KVM and our results indicate that KVM in combination with hardware support can provide better trade-offs between performance and isolation. We notice that KVM has slightly lower throughput, but has superior isolation properties by providing more explicit control of CPU resources. We demonstrate that KVM allows defining a CPU share for a virtual router, something that is difficult to achieve in LXC, where packet forwarding is done in a kernel shared by all virtual routers.

  • 40.
    Reda, Waleed
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Canini, Marco
    KAUST.
    Suresh, Lalith
    VMware Research.
    Kostic, Dejan
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Braithwaite, Sean
    Soundcloud.
    Rein: Taming Tail Latency in Key-ValueStores via Multiget Scheduling2017Conference paper (Refereed)
    Abstract [en]

    We tackle the problem of reducing tail latencies in distributed key-value stores, such as the popular Cassandra database. We focus on workloads of multiget requests, which batch together access to several data elements and parallelize read operations across the data store machines. We first analyze a production trace of a real system and quantify the skew due to multiget sizes, key popularity, and other factors. We then proceed to identify opportunities for reduction of tail latencies by recognizing the composition of aggregate requests and by carefully scheduling bottleneck operations that can otherwise create excessive queues. We design and implement a system called Rein, which reduces latency via inter-multiget scheduling using low overhead techniques. We extensively evaluate Rein via experiments in Amazon Web Services (AWS) and simulations. Our scheduling algorithms reduce the median, 95th, and 99th percentile latencies by factors of 1.5, 1.5, and 1.9, respectively.

  • 41.
    Stirparo, Pasquale
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    A fuzzing framework for the security evaluation of NDEF message format2013In: Proceedings - 5th International Conference on Computational Intelligence, Communication Systems, and Networks, CICSyN 2013, IEEE , 2013, p. 165-170Conference paper (Refereed)
    Abstract [en]

    In the very near future, the vast majority of mobile phones will be NFC-enabled. The NFC technology, other than adding extra features to mobile devices, adds a new way for attackers to break into these. To be sure that attackers will go after this technology, it is enough to think that the killer feature foreseen for this technology it will be the possibility for the user to pay on the fly with his phone, by simply putting the smartphone in close proximity to the payment device. The aim of this paper is to draw the attention to one aspect related to the security of NFC devices, the NFC Data Exchange Format (NDEF). In this paper will be introduced techniques for testing NDEF, as well as to propose a new solution for fuzz testing NDEF on smart phones.

  • 42.
    Stirparo, Pasquale
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Fovino, I. N.
    Taddeo, M.
    Kounelis, Ioannis
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    In-memory credentials robbery on android phones2013In: 2013 World Congress on Internet Security, WorldCIS 2013, IEEE Computer Society, 2013, p. 88-93Conference paper (Refereed)
    Abstract [en]

    Mobile phones have almost replaced the work of traditional computers and people nowadays use them for both business and personal purposes, in a much more complex way than some years ago. However, the notion of 'mobile phone' has not changed accordingly: the majority of the people consider this device as a phone without thinking the implications of their digital life when using it. In this paper we demonstrate how to steal user's credentials and sensitive information in general from the memory of an Android device. We do so by analysing how mobile applications manage users data when these are loaded in the memory of the device. We use this findings to create a malware application able to retrieve login credentials from memory of the target applications, exploiting vulnerabilities due to both the user behavior and the poor practices when developing mobile applications. Finally, and most importantly, we show that this attack is not noticed by the mobile phone user both in terms of visibility and mobile phone performance.

  • 43.
    Stirparo, Pasquale
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Nai Fovino, Igor
    Joint Research Centre of the European Commission.
    Kounelis, Ioannis
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Data-in-use leakages from Android memory - Test and analysis2013In: Wireless and Mobile Computing, Networking and Communications (WiMob), 2013 IEEE 9th International Conference on, IEEE , 2013, p. 701-708Conference paper (Refereed)
    Abstract [en]

    Due to their increasing pervasiveness, smartphones and more in general mobile devices are becoming the citizen’s companions in the daily life activities. Smartphones are today the repositories of our secrets (photos, email), of our money (online e-commerce) and of our identities (social networks accounts). Therefore mobile applications have the responsibility of handling such sensitive and personal information in a proper, secure way. This paper present the second phase of the MobiLeak project, analysing how mobile applications manage users data when these are loaded in the volatile memory of the device. Scope of this work is to raise the awareness of the research and development communities on the poor attention that is generally paid in the secure development of mobile applications.

  • 44.
    Su, Gang
    et al.
    Department of Electronics and Information Engineering, Huazhong University of Science and Technology.
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Abrahamsson, Henrik
    Communication Networks and Systems Laboratory, Swedish Institute of Computer Science.
    Ahlgren, Bengt
    Communication Networks and Systems Laboratory, Swedish Institute of Computer Science.
    Li, Dan
    Department of Computer Science and Technology, Tsinghua University.
    Sjödin, Peter
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Tanyingyong, Voravit
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Xu, Ke
    Department of Computer Science and Technology, Tsinghua University.
    Resource management in radio access and IP-based core networks for IMT Advanced and Beyond2013In: Science China Information Sciences, ISSN 1674-733X, Vol. 56, no 2, p. 169-184Article in journal (Refereed)
    Abstract [en]

    The increased capacity needs, primarily driven by content distribution, and the vision of Internet-of-Things with billions of connected devices pose radically new demands on future wireless and mobile systems. In general the increased diversity and scale result in complex resource management and optimization problems in both radio access networks and the wired core network infrastructure. We summarize results in this area from a collaborative Sino-Swedish project within IMT Advanced and Beyond, covering adaptive radio resource management, energy-aware routing, Open Flow-based network virtualization, data center networking, and access network caching for TV on demand.

  • 45.
    Söderman, Pehr
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Aspects of Quality: Using Quality Measurements to Improve Computer Network Performance2016Doctoral thesis, comprehensive summary (Other academic)
    Abstract [en]

    As computer networks grow in complexity, measuring the performance becomes a challenge. Intrinsic properties of the networks capability to transport data, such as bandwidth, latency, loss, and error rate are not always enough to provide a clear picture of how well the network can satisfy the users' expectations. In these situations, the relationship between the users' expectations and the quality provided by the network is of interest. Today multiple approaches to quantifying quality exists, such as Quality of Service (QoS), Quality of Experience (QoE) and Quality of Information (QoI). In this thesis, we explore how such quality measurements can be used as means to improve network performance. In the first part, we examine the Quality of Service in shared experiment networks, with a focus on the FEDERICA network. We present a method for statistical analysis of metadata, based on clustering. We show that, using this method, it is possible to improve the reliability of experiments in shared experiment networks. In the second part, we take a Quality of Experience viewpoint, while doing experimental development. The goal is to improve the mobility performance of an implementation of the Stream Control Transfer Protocol (SCTP) on mobile devices. We present optimisations of the SCTP implementation along with a mobility framework, which simplifies the introduction of mobility functionality in an existing SCTP application. We show that by using this combination, it is possible to perform seamless vertical handover between WiFi and 3G cellular networks. In the third part, we focus on Quality of Information in Delay Tolerant Wireless Sensor Networks (DT-WSN). We study how it is possible to improve the quality of the measurements obtained under conditions where bandwidth and storage capacity are limited, forcing the network to discard a significant fraction of the data. We introduce the SmartGap algorithm, a buffer management algorithm for DT-WSNs, and demonstrate that this algorithm can provide significantly improved QoI over a wide range of network configurations.

  • 46.
    Söderman, Pehr
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Tools and Strategies for Experimental Development and Evaluation of Protocols2013Licentiate thesis, comprehensive summary (Other academic)
  • 47.
    Söderman, Pehr
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Eklund, Johan
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Grinnemo, Karl-Johan
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Brunström, Anna
    Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
    Handover in the Wild: The feasibility of vertical handover in commodity smartphones2013In: Communications (ICC), 2013 IEEE International Conference on, IEEE conference proceedings, 2013, p. 6401-6406Conference paper (Refereed)
    Abstract [en]

    Today commodity mobile devices are equipped withmultiple wireless access technologies. To enable continuous connectivityit is vital that these terminals provide for vertical handover between different technologies. Particularly, they should provide a vertical handover that complies with the timeliness requirements of soft real-time applications. Considering aspects such as cost- and ease-of-deployment, application neutrality, and, not least, the emergence of transport protocols that support multi-homing such as mobile SCTP and multi-path TCP, we think it would be beneficial to handle vertical handover in thetransport layer of the mobile terminal. This paper demonstrates through several real-world experiments, the feasibility of using a lightweight vertical handover scheme in smart mobile terminals for live video streaming. The vertical handover criteria is basedon the received signal strength. Our experiments suggest that thescheme indeed provides for seamless vertical handover at walking speed – our target scenario. However, the experiments also suggest that the scheme gives significant reductions in handovertime, as compared to mobile SCTP without improvements, at higher speeds.

  • 48.
    Söderman, Pehr
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Grinnemo, Karl-Johan
    Distributed Systems and Communications Research Group (DISCO).
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Sjödin, Peter
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Evaluating Buffer Management Algorithms for Delay Tolerant Wireless Sensor NetworksManuscript (preprint) (Other academic)
    Abstract [en]

    One of the challenges in Delay Tolerant Wireless Sensor Networks (DT-WSN), is to handle situations where the available buffer space is insufficient. This is the buffer management problem. In this work, we the buffer management problem, with focus on algorithms to decide what data to discard when buffers are full. We simulate a wide range of network configurations, using a full factorial experiment design. The simulations let us investigate both the relative performance of four buffer management algorithms and the effect of different factors on buffer management performance. The four algorithms we investigate are the two well-known algorithms FIFO and Random Discard, and two Quality of Information based algorithms: an exponential moving average forecasting-based algorithm and the SmartGap algorithm. Our results indicate that certain factors, including mobility model and routing algorithm, have larger influence on relative performance than factors such as link speed and lifetime of data. We also find that the SmartGap buffer management algorithm provides significantly better QoI compared to the alternative algorithms.

  • 49.
    Söderman, Pehr
    et al.
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Grinnemo, Karl-Johan
    Hidell, Markus
    KTH, School of Information and Communication Technology (ICT), Communication: Services and Infrastucture (Closed 20120101), Telecommunication Systems Laboratory, TSLab (closed 2012-01-01).
    Sjödin, Peter
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Mind the SmartGap: A Buffer Management Algorithm For Delay Tolerant Wireless Sensor Networks2015In: Wireless Sensor Networks: 12th European Conference, EWSN 2015, Porto, Portugal, February 9-11, 2015. Proceedings / [ed] Tarek Abdelzaher, Nuno Pereira, Eduardo Tovar, Springer, 2015, Vol. 8965, p. 104-119Conference paper (Refereed)
    Abstract [en]

    Limited memory capacity is one of the major constraints in Delay Tolerant Wireless Sensor Networks. Efficient management of the memory is critical to the performance of the network. This paper proposes a novel buffer management algorithm, SmartGap, a Quality of Information (QoI) targeted buffer management algorithm. That is, in a wireless sensor network that continuously measures a parameter which changes over time, such as temperature, the value of a single packet is governed by an estimation of its contribution to the recreation of the original signal. Attractive features of SmartGap include a low computational complexity and a simplified reconstruction of the original signal. An analysis and simulations in which the performance of SmartGap is compared with the performance of several commonly used buffer management algorithms in wireless sensor networks are provided in the paper. The simulations suggest that SmartGap indeed provides significantly improved QoI compared the other evaluated algorithms.

  • 50.
    Tanyingyong, Voravit
    KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Network Systems Laboratory (NS Lab).
    Performance and Reliability in Open Router Platforms for Software-Defined Networking2014Licentiate thesis, comprehensive summary (Other academic)
    Abstract [en]

    The unprecedented growth of the Internet has brought about such an enormous impact on our daily life that it is regarded as indispensable in modern era. At the same time, the underlying Internet architecture is still underpinned by principles designed several decades ago. Although IP networking has been proven very successful, it has been considered as the cause to network ossification creating barriers to entry for new network innovations. To support new demands and requirements of the current and the future Internet, solutions for new and improved Internet architectures should be sought.

    Software-defined networking (SDN), a new modularized network architecture that separates the control plane from the data plane, has emerged as a promising candidate for the future Internet. SDN can be described as flow-based networking, which provides finer granularity while maintaining backward compatibility with traditional IP networking.

    In this work, our goal is to investigate how to incorporate flow-based networking into open router platforms in an SDN context. We investigate performance and reliability aspects related to SDN data plane operation in software on open source PC-based routers.

    Our research methodology is based on design, implementation, and experimental evaluation. The experimental platform consists of PC-based routers running open source software in combination with commodity-off-the-shelf (COTS) hardware components. When it comes to performance aspects, we demonstrate that by offloading the lookup from a CPU to a network interface card, the overall performance is improved significantly. For enhanced reliability, we investigate bidirectional forwarding detection (BFD) as a component to realize redundancy with fast failover. We demonstrate that BFD becomes unreliable under high traffic load and propose a solution to this problem by allocating dedicated system resources for BFD control messages. In line with this solution, we extend our architecture for next-generation PC-based routers with OpenFlow support by devising a strategy to efficiently map packet forwarding and application processing tasks onto the multi-core architecture on the PC-based router. This extension would make it possible to integrate BFD effectively into the router platform.

    Our work demonstrates the potentials of open router platforms for SDN. Our prototypes offer not only high performance with good reliability but also flexibility to adopt new software extensions. Such platforms will play a vital role in advancing towards the future Internet.

12 1 - 50 of 65
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf