Christoph P. Mayer

Spontaneous Virtual Networks: On the road towards the Internet's Next Generation

Abstract Novel Internet applications demand global availability of complex services that can adapt dynamically to application requirements. At the same time, pervasive Internet usage and heterogeneous access technologies impose new challenges for service deployment. We present Spontaneous Virtual Networks (SpoVNet), a methodology that enables easy development of new services with transparent support for mobility, multi-homing, and heterogeneous environments. This article presents the overlay-based architecture of SpoVNet that supports the spontaneous deployment of new services as well as a seamless transition towards future networks. SpoVNet´s architecture offers support for the underlay aware adaptation of overlays by the use of cross-layer information. In the context of two exemplary services like a group communication service and an event service as well as two demanding applications – a realtime online game and a video streaming application – we illustrate how SpoVNet is of value in establishing services and applications for the Next Generation Internet.

Distack -- A Framework for Anomaly-Based Large-Scale Attack Detection

Distributed denial-of-service attacks pose unpredictable threats to the Internet infrastructure and Internet-based business. Thus, many attack detection systems and anomaly detection methods were developed in the past. A realistic evaluation of these mechanisms and comparable results, however, are impossible up to now. Furthermore, an adaptation to new situations or an extension of existing systems in most cases is complex and time-consuming. Therefore, we developed a framework for attack detection which allows for an integration of various detection methods as lightweight modules. These modules can be combined easily and arbitrarily and thus, adapted to varying situations. Additionally, our framework can be applied in different runtime environments transparently. This enables an easy evaluation with meaningful and comparable results based on realistic large-scale scenarios, e.g. by using a network simulator.

Routing in hybrid Delay Tolerant Networks

Abstract Delay Tolerant Networks (DTNs) have emerged as communication paradigm for providing end-to-end communication based on store-carry-forward mechanisms without the need for costly infrastructure. However, empirical studies have shown that integrating opportunistically encountered infrastructure—e.g., Internet access via WiFi—into hybrid DTNs can significantly boost routing performance. Nevertheless, extending sophisticated DTN protocols for decentralized routing towards and across the infrastructure is both complex and insufficiently understood. In this paper, we present the overlay-based Hybrid Routing System (HRS) which is—to the best of our knowledge—the first decentralized and collaborative approach for routing in hybrid DTNs that does not rely on central servers. With HRS, a large class of existing DTN protocols can benefit from opportunistic infrastructure encounters, as we show by integrating three prominent representatives of this class into HRS. In an extensive simulation study we show that (1) hybrid routing in a decentralized setting is indeed possible and can significantly boost the performance of sophisticated DTN routing protocols, (2) routing towards the infrastructure can be implemented independently for the message destination in a scalable way, and (3) communication and storage overhead can be kept low since target-oriented message forwarding across the infrastructure can avoid heavy message replication.

Offloading infrastructure using Delay Tolerant Networks and assurance of delivery

Infrastructure-based mobile networks are becoming increasingly overloaded due to strong growing number of mobile devices like smartphones and their communication needs. Especially in urban cities the cost of maintaining and extending infrastructure is high due to increased geographical density of mobile devices. While this increasing density puts high load on infrastructure-based networks, it is an enabler for infrastructure-less networks like Delay Tolerant Networks that perform end-to-end routing through store-carry-forward. In this work we present a novel routing scheme for offloading traffic from infrastructure-based networks with the help of Delay Tolerant Networks. Messages are initially routed in the infrastructure-less network, and continuously switch over to infrastructure-based routing when the probability of successful delivery in the infrastructure-less network decreases. We analyze the scheme under different types of heterogeneity by varying the fraction of infrastructure-capable devices, fraction of DTN-capable devices, and message size. Our scheme allows to offload larger parts of traffic from infrastructure networks. For example, using a message time-to-live of 5 hour scheme can offload 36% of traffic from infrastructure networks with acceptable ad-hoc forwarding load and storage requirements on mobile devices.

Reconnecting the internet with ariba: self-organizing provisioning of end-to-end connectivity in heterogeneous networks

End-to-End connectivity in todays Internet can no longer be taken for granted. Middleboxes, mobility, and protocol heterogeneity complicate application development and often result in application-specific solutions. In our demo we present ariba: an overlay-based approach to handle such network challenges and to provide consistent homogeneous network primitives in order to ease application and service development.

On the impact of graph structure on mobility in opportunistic mobile networks

Opportunistic mobile networks are a promising way to offload infrastructure networks, or provide communication in case of insufficient or non-existent infrastructure coverage. Understanding of the mobility process that drives such networks is crucial for design, analysis, and configuration. Generally, this mobility process is modeled on a plain playground where devices can move freely; both in case of simulation, and analysis of real-world traces. Graph-based playgrounds provide more realistic models but their impact on mobility is insufficiently understood. We provide a methodology to analyze the impact of the underlying graph on inter-contact time using methods from spectral graph theory. We gather the inter-contact times that both a random and a social mobility model exhibit on synthetic grid-based graphs and real-world city maps through simulations and perform fitting to a model for inter-contact time distribution. We then analyze correlations between parameters of these distributions and the spectral gap of a graph. Our main finding is that the graph structure has strong impact on inter-contact time distribution in both random and social mobility on grid-based graphs. For real-world city graphs a social mobility model determines inter-contact time independently of the graph structure, whereas the graph structure has strong impact on inter-contact times for a random mobility process.

PktAnon - A Generic Framework for Profile-based Traffic Anonymization

ABSTRACT Computer network researchers, system engineers and network operators have an increasing need for network traces. These are necessary to build and evaluate communication systems. This ranges from developing intrusion detection systems over evaluating network protocols or system design decisions, up to education in network security. Unfortunately, availability of real-world traces is very scarce, mainly due to privacy and security concerns. Making recorded data anonymous helps to mitigate this problem. Available anonymization systems, however, do not provide sufficient flexibility, extensibility or ease of use. Therefore, we developed a generic framework for traffic anonymization that can easily be configured by anonymization profiles. Such profiles ensure an easy adaptation of the information actually being made anonymous to different environments or local legislation. Furthermore, our framework supports flexible application of arbitrary anonymization primitives to every protocol field. Due to its extensibility our framework provides an easy incorporation of new anonymity-enhancing techniques, too. Additionally, it prevents accidental disclosure of private data by applying a technique called defensive transformation. Finally, it can be used for online as well as offline anonymization of network traffic.

Bloom filters and overlays for routing in pocket switched networks

Pocket Switched Networks (PSN) [3] have become a promising approach for providing communication between scarcely connected human-carried devices. Such devices, e.g. mobile phones or sensor nodes, are exposed to human mobility and can therewith leverage inter-human contacts for store-and-forward routing. Efficiently routing in such delay tolerant networks is complex due to incomplete knowledge about the network, and high dynamics of the network. In this work we want to develop an extension of Bloom filters for resource-efficient routing in pocket switched networks. Furthermore, we argue that PSNs may become densely populated in special situations. We want to exploit such situations to perform collaborative calculations of forwarding-decisions. In this paper we present a simple scheme for distributed decision calculation using overlays and a DHT-based distributed variant of Bloom filters.

User-Perceived performance of the NICE application layer multicast protocol in large and highly dynamic groups

The presentation of a landmark paper by Chu et al. at SIGMETRICS 2000 introduced application layer multicast (ALM) as completely new area of network research. Many researchers have since proposed ALM protocols, and have shown that these protocols only put a small burden on the network in terms of link-stress and -stretch. However, since the network is typically not a bottleneck, user acceptance remains the limiting factor for the deployment of ALM. In this paper we present an in-depth study of the user-perceived performance of the NICE ALM protocol. We use the OverSim simulation framework to evaluate delay experienced by a user and bandwidth consumption on the user’s access link in large multicast groups and under aggressive churn models. Our major results are (1) latencies grow moderate with increasing number of nodes as clusters get optimized, (2) join delays get optimized over time, and (3) despite being a tree-dissemination protocol NICE handles churn surprisingly well when adjusting heartbeat intervals accordingly. We conclude that NICE comes up to the user’s expectations even for large groups and under high churn.

Simulative evaluation of distributed attack detection in large-scale realistic environments

Large-scale attacks such as distributed denial-of-service (DDoS) attacks present to be an increasing threat to the networks and business of service providers in today’s Internet. In order to defend against such attacks, the development and deployment of effective anomaly and attack detection mechanisms are necessary. Testbeds and real networks do, however, not provide feasible means for the large-scale evaluation of such mechanisms. In order to gain a deeper understanding of the effectiveness of distributed attack detection mechanisms, simulations are essential. Simulative evaluation of such mechanisms, however, is a challenging task that has mostly been ignored until now. In this paper, we therefore present a toolchain for the large-scale evaluation of distributed attack detection based on the network simulator OMNeT++. In particular, we focus on: (1) realistic simulation environments in terms of topology, traffic and attack generation; (2) transparent operation of attack detection mechanisms in real and simulated environments; and (3) performance measurements with respect to execution time and memory usage.