Chen-Nee Chuah

Capacity scaling in MIMO wireless systems under correlated fading

Previous studies have shown that single-user systems employing n-element antenna arrays at both the transmitter and the receiver can achieve a capacity proportional to n, assuming independent Rayleigh fading between antenna pairs. We explore the capacity of dual-antenna-array systems under correlated fading via theoretical analysis and ray-tracing simulations. We derive and compare expressions for the asymptotic growth rate of capacity with n antennas for both independent and correlated fading cases; the latter is derived under some assumptions about the scaling of the fading correlation structure. In both cases, the theoretic capacity growth is linear in n but the growth rate is 10-20% smaller in the presence of correlated fading. We analyze our assumption of separable transmit/receive correlations via simulations based on a ray-tracing propagation model. Results show that empirical capacities converge to the limit capacity predicted from our asymptotic theory even at moderate n = 16. We present results for both the cases when the transmitter does and does not know the channel realization.

Characterization of failures in an IP backbone

We analyze IS-IS routing updates from sprints IP network to characterize failures that affect IP connectivity. Failures are first classified based on probable causes such as maintenance activities, router-related and optical layer problems. Key temporal and spatial characteristics of each class are analyzed and, when appropriate, parameterized using well-known distributions. Our results indicate that 20% of all failures is due to planned maintenance activities. Of the unplanned failures, almost 30% are shared by multiple links and can be attributed to router-related and optical equipment-related problems, while 70% affect a single link at a time. Our classification of failures according to different causes reveals the nature and extent of failures in todays IP backbones. Furthermore, our characterization of the different classes can be used to develop a probabilistic failure model, which is important for various traffic engineering problems.

Knowledge-based opportunistic forwarding in vehicular wireless ad hoc networks

When highly mobile nodes are interconnected via wireless links, the resulting network can be used as a transit network to connect other disjoint ad-hoc networks. In this paper, we compare five different opportunistic forwarding schemes, which vary in their overhead, their success rate, and the amount of knowledge about neighboring nodes that they require. In particular, we present the MoVe algorithm, which uses velocity information to make intelligent opportunistic forwarding decisions. Using auxiliary information to make forwarding decisions provides a reasonable trade-off between resource overhead and performance.

FIREMAN: a toolkit for firewall modeling and analysis

Security concerns are becoming increasingly critical in networked systems. Firewalls provide important defense for network security. However, misconfigurations in firewalls are very common and significantly weaken the desired security. This paper introduces FIREMAN, a static analysis toolkit for firewall modeling and analysis. By treating firewall configurations as specialized programs, FIREMAN applies static analysis techniques to check misconfigurations, such as policy violations, inconsistencies, and inefficiencies, in individual firewalls as well as among distributed firewalls. FIREMAN performs symbolic model checking of the firewall configurations for all possible IP packets and along all possible data paths. It is both sound and complete because of the finite state nature of firewall configurations. FIREMAN is implemented by modeling firewall rules using binary decision diagrams (BDDs), which have been used successfully in hardware verification and model checking. We have experimented with FIREMAN and used it to uncover several real misconfigurations in enterprise networks, some of which have been subsequently confirmed and corrected by the administrators of these networks

Characterization of failures in an operational IP backbone network

As the Internet evolves into a ubiquitous communication infrastructure and supports increasingly important services, its dependability in the presence of various failures becomes critical. In this paper, we analyze IS-IS routing updates from the Sprint IP backbone network to characterize failures that affect IP connectivity. Failures are first classified based on patterns observed at the IP-layer; in some cases, it is possible to further infer their probable causes, such as maintenance activities, router-related and optical layer problems. Key temporal and spatial characteristics of each class are analyzed and, when appropriate, parameterized using well-known distributions. Our results indicate that 20% of all failures happen during a period of scheduled maintenance activities. Of the unplanned failures, almost 30% are shared by multiple links and are most likely due to router-related and optical equipment-related problems, respectively, while 70% affect a single link at a time. Our classification of failures reveals the nature and extent of failures in the Sprint IP backbone. Furthermore, our characterization of the different classes provides a probabilistic failure model, which can be used to generate realistic failure scenarios, as input to various network design and traffic engineering problems.

Feasibility of IP restoration in a tier 1 backbone

Large IP networks usually combine protection and restoration mechanisms at various layers of the protocol stack to minimize service disruption in the event of failures. Sprint has chosen an IP-based restoration approach for building a highly available tier 1 IP backbone. This article describes the design principles of Sprints network that makes IP-based restoration an effective and cost-efficient approach. The effectiveness of IP-based restoration is evaluated by analyzing network failure characteristics, and measuring disruptions in service availability during controlled failure experiments in the backbone. Current trends for improving the performance of IP-based restoration are also discussed.

BASS: BitTorrent Assisted Streaming System for Video-on-Demand

This paper introduces a hybrid server/P2P streaming system called bittorrent-assisted streaming system (BASS) for large-scale video-on-demand (VoD) services. By distributing the load among P2P connections as well as maintaining active server connections, BASS can increase the system scalability while decreasing media playout wait times. To analyze the benefits of BASS, we examine torrent trace data collected in the first week of distribution for Fedora Core 3 and develop an empirical model of bittorrent client performance. Based on this, we run trace-based simulations to evaluate BASS and show that it is more scalable than current unicast solutions and can greatly decrease the average waiting time before playback

Is sampled data sufficient for anomaly detection

Sampling techniques are widely used for traffic measurements at high link speed to conserve router resources. Traditionally, sampled traffic data is used for network management tasks such as traffic matrix estimations, but recently it has also been used in numerous anomaly detection algorithms, as security analysis becomes increasingly critical for network providers. While the impact of sampling on traffic engineering metrics such as flow size and mean rate is well studied, its impact on anomaly detection remains an open question.This paper presents a comprehensive study on whether existing sampling techniques distort traffic features critical for effective anomaly detection. We sampled packet traces captured from a Tier-1 IP-backbone using four popular methods: random packet sampling, random flow sampling, smart sampling, and sample-and-hold. The sampled data is then used as input to detect two common classes of anomalies: volume anomalies and port scans. Since it is infeasible to enumerate all existing solutions, we study three representative algorithms: a wavelet-based volume anomaly detection and two portscan detection algorithms based on hypotheses testing. Our results show that all the four sampling methods introduce fundamental bias that degrades the performance of the three detection schemes, however the degradation curves are very different. We also identify the traffic features critical for anomaly detection and analyze how they are affected by sampling. Our work demonstrates the need for better measurement techniques, since anomaly detection operates on a drastically different information region, which is often overlooked by existing traffic accounting methods that target heavy-hitters.

Capacity of multi-antenna array systems in indoor wireless environment

Previous studies have shown that a wireless system using n transmitting and n receiving antennas can achieve a capacity n times higher than a single-antenna system in an independent Rayleigh fading environment. We explore the capacities of multiple-element antenna arrays (MEAs) in a more realistic propagation environment simulated via the WiSE ray-tracing tool. We impose an average power constraint and collect statistics of the capacity with optimal power allocation, C/sub wf/, and the mutual information with an equal power allocation, I/sub eq/. In addition, we present expressions for the asymptotic growth rates C/sub wf//n and I/sub eq//n as n/spl rarr//spl infin/ for two cases: (a) independent fadings and (b) correlated fadings at different antennas. We find that C/sub wf//n and I/sub eq//n converge to constants C/sub wf/* and I/sub eq/*, respectively in case (a), and to C/sub wf//sup 0/and I/sub eq//sup 0/ in case (b). We observe that C/sub wf//sup 0/ and I/sub eq//sup 0/ predict very closely the slopes observed for simulated channels, even for moderate n (i.e., 16).

ICEBERG: an Internet core network architecture for integrated communications

In the ICEBERG project at UC Berkeley, we are developing an Internet-based integration of telephony and data services spanning diverse access networks. Our primary goals are extensibility, scalability, robustness, and personalized communication. We leverage the Internets low cost of entry for service creation, provision, deployment, and integration. We present our solutions to signaling, easy service creation, resource reservation, admission control, billing, and security in the ICEBERG network architecture.