Baijian Yang

Multicasting in differentiated service domains

Advances in the areas of QoS and IP multicasting have necessitated the need of integration of these two important features of Internet. Differentiated services (DiffServ) has been proposed as a scalable solution for supporting QoS in the Internet. Coexistence of multicasting and DiffServ is promising since the DiffServ model can provide a scalable framework and may reduce the computational complexity to locate a QoS-satisfied multicast tree. We first identify the problems of provisioning multicasting in DiffServ domains. Next, we propose an efficient DiffServ-Aware Multicasting (DAM) scheme which has three novel features: weighted traffic conditioning (WTC), receiver-initiated marking (RIM) scheme, and Heterogeneous DSCP Headers encapsulation (HDE). The proposed technique solves many problems with the integration of DiffServ and multicasting while accommodating heterogeneous QoS requirements. The framework is scalable, flexible, and feasible. Performance evaluation through analyses and simulations demonstrate conformance of the QoS requirements and the potential benefits of DAM.

Edge router multicasting with MPLS traffic engineering

Explicit routing in MPLS is utilized in traffic engineering to maximize the operational network performance and to provide quality of service (QoS). However, difficulties arise while integrating native IP multicasting with MPLS traffic engineering, such as point-to-multipoint or multipoint-to-multipoint LSP layout design and traffic aggregation. In this paper, we have proposed an edge router multicasting (ERM) scheme by limiting the branching point of the multicast delivery tree to only the edges of MPLS domains. As a result, multicast LSP setups, multicast flow assignments, and multicast traffic aggregation are reduced to unicast problems. We have studied two types of ERM routing protocols in the paper. The first approach is based on modifications to the existing multicast protocols, while the second approach applies a Steiner tree-based heuristic routing algorithm in the edge router multicasting environment. The simulation results demonstrate that the ERM scheme based on Steiner tree heuristic can provide near-optimal performance. The results also demonstrate that ERM provides a traffic engineering friendly approach without sacrificing the benefits of native IP multicasting.

Multicasting in MPLS domains

Explicit routing in MPLS is utilized in traffic engineering to maximize the operational network performance and to provide Quality of Service (QoS). However, difficulties arise while integrating native IP multicasting with MPLS traffic engineering, such as point-to-multipoint or multipoint-to-multipoint LSPs layout design and traffic aggregation. In this paper, we have proposed an edge router multicasting (ERM) scheme by limiting branching point of multicast delivery tree to only the edges of MPLS domains. As a result, multicast LSP setups,multicast flow assignments, and multicast traffic aggregation are reduced to unicast problems. We have studied two types of ERM routing protocols in the paper. The first approach is based on modifications to the existing multicast protocols, while the second approach applies Steiner tree-based heuristic routing algorithm in the edge router multicasting environment. The simulation results demonstrate that the ERM scheme based on Steiner tree heuristic can provide near-optimal performance. The results also demonstrate that ERM provides a traffic engineering friendly approach without sacrificing the benefits of native IP multicasting.

Big Data Dimension Reduction Using PCA

Principal component analysis (PCA) is a powerful tool in dimensional reduction for highly correlated data. Classical PCA approaches cannot be applied to big data because ofmemory and storage barriers. To solve the problem, the article proposes a new approach. The basic idea is to derive an array of sufficient statistics by scanning data by rows. It shows that the proposed approach can provide exact solutions if the linear regression approach is used in the follow up analysis.

A D-S evidence theory based fuzzy trust model in file-sharing P2P networks

In this paper we propose an advanced Dempster-Shafer (D-S) Evidence Theory based Fuzzy Trust model (ETFT) for Peer-to-Peer (P2P) networks. The primary goal of ETFT is to be able to address trust information uncertainty and fuzzy trust inference to deal with inconsistent or conflicting recommendation problems in a reputation based P2P environment. The D-S theory is therefore introduced to our trust model. To make the D-S theory fit into P2P systems, we creatively revise the combination rules and achieve greatly improved results. To further improve the accuracy and performance, ETFT filters out noisy referrals before combining the evidences. From the theoretical analyses and experimental results, it is evident that the proposed ETFT has a clear advantage in modeling dynamic trust relationship and aggregating recommendation information. Results also demonstrate that ETFT is more robust and can generate higher successful transaction rate than most existing frameworks.

A Study on Botnets Utilizing DNS

Botnets represent a major and formidable threat in modern computing, and security researchers are engaged in constant and escalating battle with the writers of such malware to detect and mitigate it. Current advanced malware behaviors include encryption of communications between the botmaster and the bot machines as well as various strategies for resilience and obfuscation. These techniques have taken full advantage of the infrastructure in place to support the increased connectivity between computers around the world. This includes updates and upgrades to DNS that have been leveraged to meet its increased utilization. In this paper, we analyze the current uses of DNS by botnet malware writers and operators and examine possible clues that network administrators and savvy computer users can utilize to identify and or mitigate the threat.

On the reliability of large-scale distributed systems - A topological view

In large-scale, self-organized distributed systems, such as peer-to-peer (P2P) overlays and wireless sensor networks (WSN), a small proportion of the nodes are likely to be more critical to the systems reliability than others. This paper focuses on detecting cut vertices so that we can either neutralize or protect these critical nodes. Detection of cut vertices is trivial if the global knowledge of the whole system is known but it is very challenging when the global knowledge is not available. In this paper, we propose a completely distributed scheme where every single node can determine whether it is a cut vertex or not. In addition, our design can also confine the detection overhead to a constant instead of being proportional to the size of a network. The correctness of this algorithm is theoretically proved and the key performance gains are measured and verified through trace-driven simulations.

Internet of things: Survey on security

ABSTRACT The Internet of things (IoT) is intended for ubiquitous connectivity among different entities or “things”. While it provides effective and efficient solutions to many real world challenges, the security aspect of it has always been questioned. The situation is further exacerbated by the number of connected devices growing exponentially. As a result, security and privacy has emerged as a significant challenge for the IoT. In this paper, we aim to provide a thorough survey on IoT security and privacy challenges from the perspective of technologies and architecture used. This work focuses on IoT intrinsic vulnerabilities and their implications to the fundamental information security challenges in confidentiality, integrity, and availability. The approach of this survey is to summarize and synthesize published work in IoT; relate it to the security conjuncture of the field; and project future research directions.

Predicting network attack patterns in SDN using machine learning approach

An experimental setup of 32 honeypots reported 17M login attempts originating from 112 different countries and over 6000 distinct source IP addresses. Due to decoupled control and data plane, Software Defined Networks (SDN) can handle these increasing number of attacks by blocking those network connections at the switch level. However, the challenge lies in defining the set of rules on the SDN controller to block malicious network connections. Historical network attack data can be used to automatically identify and block the malicious connections. There are a few existing open-source software tools to monitor and limit the number of login attempts per source IP address one-by-one. However, these solutions cannot efficiently act against a chain of attacks that comprises multiple IP addresses used by each attacker. In this paper, we propose using machine learning algorithms, trained on historical network attack data, to identify the potential malicious connections and potential attack destinations. We use four widely-known machine learning algorithms: C4.5, Bayesian Network (BayesNet), Decision Table (DT), and Naive-Bayes to predict the host that will be attacked based on the historical data. Experimental results show that average prediction accuracy of 91.68% is attained using Bayesian Networks.

On the Reliability of Large-Scale Distributed Systems A Topological View

In large-scale, self-organized and distributed systems, such as peer-to-peer (P2P) overlays and wireless sensor networks (WSN), a small proportion of nodes are likely to be more critical to the systems reliability than the others. This paper focuses on detecting cut vertices so that we can either neutralize or protect these critical nodes. Detection of cut vertices is trivial if the global knowledge of the whole system is known but it is very challenging when the global knowledge is missing. In this paper, we propose a completely distributed scheme where every single node can determine whether it is a cut vertex or not. In addition, our design can also confine the detection overhead to a constant instead of being proportional to the size of a network. The correctness of this algorithm is theoretically proved and a number of performance measures are verified through trace driven simulations.