Chin-Laung Lei

Quantifying Skype user satisfaction

The success of Skype has inspired a generation of peer-to-peer-based solutions for satisfactory real-time multimedia services over the Internet. However, fundamental questions, such as whether VoIP services like Skype are good enough in terms of user satisfaction,have not been formally addressed. One of the major challenges lies in the lack of an easily accessible and objective index to quantify the degree of user satisfaction.In this work, we propose a model, geared to Skype, but generalizable to other VoIP services, to quantify VoIP user satisfaction based on a rigorous analysis of the call duration from actual Skype traces. The User Satisfaction Index (USI) derived from the model is unique in that 1) it is composed by objective source-and network-level metrics, such as the bit rate, bit rate jitter, and round-trip time, 2) unlike speech quality measures based on voice signals, such as the PESQ model standardized by ITU-T, the metrics are easily accessible and computable for real-time adaptation, and 3) the model development only requires network measurements, i.e., no user surveys or voice signals are necessary. Our model is validated by an independent set of metrics that quantifies the degree of user interaction from the actual traces.

Game traffic analysis: an MMORPG perspective

Online gaming is one of the most profitable businesses on the Internet. Of all the genres of online games, MMORPGs (Massive Multiplayer Online Role Playing Games) have become the most popular among network gamers, and now attract millions of users who play in an evolving virtual world simultaneously over the Internet. To gain a better understanding of game traffic and contribute to the economic well-being of the Internet, we analyze a 1356-million-packet trace from a sizeable MMORPG called ShenZhou Online. This work is, as far as we know, the first formal analysis of MMORPG server traces.We find that MMORPG and FPS (First-Person Shooting) games are similar in that they both generate small packets and require low bandwidths. In practice, the bandwidth requirement of MMORPGs is the lower of the two due to less real-time game playing. More distinctive features are the strong periodicity, temporal locality, irregularity, and self-similarity observed in MMORPG traffic. The periodicity is due to a common practice in game implementation, where game state updates are accumulated within a fixed time window before transmission. The temporal locality in game traffic is largely due to the games nature, whereby one action leads to another. The irregularity, which is unique to MMORPG traffic, is due to the diversity of the games design so that the behavior of users can vary drastically, depending on the quest at hand. The self-similarity of the aggregate traffic is due to the heavy-tailed active/idle activities of individual players. Moreover, we show that the arrival of game sessions within 1 h can be modelled by a Poisson model, while the duration of game sessions is heavy-tailed.

On the Sensitivity of Online Game Playing Time to Network QoS

Online gaming is one of the most profitable businesses on the Internet. Among various threats to continuous player subscriptions, network lags are particularly notorious. It is widely known that frequent and long lags frustrate game players, but whether the players actually take action and leave a game is unclear. Motivated to answer this question, we apply survival analysis to a 1, 356-million-packet trace from a sizeable MMORPG, called ShenZhou Online. We find that both network delay and network loss significantly affect a player’s willingness to continue a game. For ShenZhou Online, the degrees of player “intolerance” of minimum RTT, RTT jitter, client loss rate, and server loss rate are in the proportion of 1:2:11:6. This indicates that 1) while many network games provide “ping time,” i.e., the RTT, to players to facilitate server selection, it would be more useful to provide information about delay jitters; and 2) players are much less tolerant of network loss than delay. This is due to the game designer’s decision to transfer data in TCP, where packet loss not only results in additional packet delays due to in-order delivery and retransmission, but also a lower sending rate.

An empirical evaluation of TCP performance in online games

A fundamental design question to ask in the development of a network game is---Which transport protocol should be used---TCP, UDP, or some other protocols? Seeking an objective answer to the choice of communication protocol for MMORPGs, we assess whether TCP, a popular choice, is suitable for MMORPGs based on empirical evidence. To the best of our knowledge, this work is the first evaluation of transport protocol performance using real-life game traces.We analyze a 1, 356-million-packet trace from ShenZhou Online, a TCP-based, commercial, mid-sized MMORPG. Our analysis indicates that TCP is unwieldy and inappropriate for MMORPGs. This is due to four distinctive characteristics of MMORPG traffic: 1) tiny packets, 2) low packet rate, 3) application-limited traffic generation, and 4) bidirectional traffic. We show that because TCP was originally designed for unidirectional and network-limited bulk data transfers, it cannot adapt well to MMORPG traffic. In particular, the window-based congestion control and the fast retransmit algorithm for loss recovery are ineffective. Furthermore, TCP is overkill, as not every game packet needs to be transmitted in a reliably and orderly manner. We also show that the degraded network performance did impact users willingness to continue a game. Finally, we discuss guidelines in designing transport protocols for online games.

Secure multicast using proxy encryption

In a secure multicast communication environment, only valid members belong to the multicast group could decrypt the data. In many previous researches, there is one “group key” shared by all group members. However, this incurs the so-called “1 affects n problem,” that is, an action of one member affects the whole group. We believe this is the source of scalability problems. Moreover, from the administrative perspective, it is desired to confine the impacts of changing membership events in a local area. In this paper, we propose a new secure multicast architecture without using a group key. We exploit a cryptographic primitive “proxy encryption.” It allows routers to convert a ciphertext encrypted under a key to a ciphertext encrypted under another key, without revealing the secret key and the plaintext. By giving proper keys to intermediate routers, routers could provide separation between subgroups. Therefore the goals of scalability and containment are achieved.

Secure multicast in dynamic environments

A secure multicast framework should only allow authorized members of a group to decrypt received messages; usually, one group key is shared by all approved members. However, this raises the problem of one affects all, whereby the actions of one member affect the whole group. Many researchers have solved the problem by dividing a group into several subgroups, but most current solutions require key distribution centers to coordinate secure data communications between subgroups. We believe this is a constraint on network scalability. In this paper, we propose a novel framework to solve key management problems in multicast networks. Our contribution is threefold: (1) We exploit the ElGamal cryptosystem and propose a technique of key composition. (2) Using key composition with proxy cryptography, the key distribution centers used in secure multicast frameworks are eliminated. (3) For key composition, the framework is designed to resist node failures and support topology reconstruction, which makes it suitable for dynamic network environments. Without reducing the security or performance of proxy cryptography, we successfully eliminate the need for key distribution centers. Our analysis shows that the proposed framework is secure, and comparison with other similar frameworks demonstrates that it is efficient in terms of time and space complexity. In addition, the costs of most protocol operations are bounded by constants, regardless of a groups size and the number of branches of transit nodes.

An evaluation of the virtual router redundancy protocol extension with load balancing

Virtual router redundancy protocol (VRRP) is designed to eliminate the single point of failure in the static default routing environment in LAN. The original VRRP protocol does not support load balancing for both incoming and outgoing traffic. This paper describes EVRRP, i.e. enhanced VRRP. EVRRP supports an efficient multiple-node cluster and symmetric load balancing among routers. Each router periodically exchanges information to determine the status of the master and backups. The master router distributes and redirects the traffic to one of the backup routers by ICMP redirect message. Backup routers accept the traffic from the master and one of the backup routers takes over the master traffic using a gratuitous ARP message when the master fails. The improved election protocol speeds up the original VRRP election protocol and shortens the failover time by adding a new state in the previous VRRP state diagram and a new protocol type. An extensive evaluation of the EVRRP protocol is described in the paper.

The impact of network variabilities on TCP clocking schemes

TCP employs a self-clocking scheme that times the sending of packets. In that, the data packets are sent in a burst when the returning acknowledgement packets are received. This self-clocking scheme (also known as ack-clocking) is deemed a key factor to the the burstiness of TCP traffic and the source of various performance problems-high packet loss, long delay, and high delay jitter. Previous work has suggested contradictively the effectiveness of TCP pacing as a remedy to alleviate the traffic burstiness. In this paper, we analyze systematically, and in more robust experiments the impact of network variabilities on the behavior of TCP clocking schemes. We find that 1) aggregated pacing traffic could be burstier than aggregated ack-clocking traffic. Physical explanation and experimental simulations are provided to support this argument. 2) The round-trip time heterogeneity and flow multiplexing significantly influence the behaviors of both ack-clocking and pacing schemes. Evaluating the performance of clocking schemes without considering these effects is prone to inconsistent results. 3) Pacing outperforms ack-clocking in more realistic settings from the traffic burstiness point of view.

Design and Implementation of Secure Communication Channels over UPnP Networks

The scale of smart living spaces can be varied from small, e.g. a household, to large, e.g.a building or a campus, scales. As the scale of the space increases, we can expect that the requirements for the two features-zero-configuration and secure data communication channels-are getting more important. The feature of zero-configuration reduces the cost to setup the network and secure data communication channels guarantee both the privacy and confidentiality of possible sensitive data transmitted in the network. In this paper, we integrated two technologies, UPnP and secure group communication techniques, to construct an almost zero-configuration secure environment for smart living spaces. A secure and flexible communication environment is constructed as follows. An UPnP controller is implemented to manage devices in the same administrative domain and hence these devices can be treated as members in the same communication group. Then, by leveraging group key management algorithms, we successfully build both point-to-point and broadcast secure channels over the UPnP network.

Confessible Threshold Ring Signatures

We present two threshold ring signature schemes with different properties. One focuses on the confessibility (or signer verifiability) and the denouncibility properties. The other focuses on the threshold-confessibility. Our schemes are built on generic ring signature schemes and can be easily adapted to most existing ring signature schemes. Based on the former works, we also construct a realization of our schemes as an example. We prove that our schemes are secure in the random oracle model.