Michael Gellman

An autonomic approach to denial of service defence

Denial of service attacks, viruses and worms are common tools for malicious adversarial behaviour in networks. We propose the use of our autonomic routing protocol, the cognitive packet network (CPN), as a means to defend nodes from distributed denial of service (DDoS) attacks, where one or more attackers generate flooding traffic from multiple sources towards selected nodes or IP addresses. We use both analytical and simulation modelling, and experiments on our CPN testbed, to evaluate the advantages and disadvantages of our approach in the presence of imperfect detection of DDoS attacks, and of false alarms.

Self-awareness and adaptivity for quality of service

Network self-awareness is the ability of a network to observe its own behavior using internal probing and measurement mechanisms, and to make effective autonomous use of these observations for self-management. Experiments are conducted to evaluate the goals impact on observed QoS for the users payload. In addition to packet loss due to congestion, we also introduce an artificial packet loss at certain nodes to represent failures or other undesirable events. We see that just using delay in the QoS goal is a good way to reduce delay and loss if losses are only the result of congestion. However, as one would expect, using loss in the users QoS goal is seen to be useful if the paths, which are selected by SPs, are to avoid nodes where packet losses are occurring for reasons other than congestion. In general we see good correlation between the QoS goal that the SPs use to find paths, and the resulting QoS observed by DPs.

Using adaptive routing to achieve quality of service

Self-monitoring allows a network to observe its own behavior via probing and measurement mechanisms. This can then be exploited by the system to take autonomous decisions for the purpose of system management, performance management and user Quality of Service (QoS). In this paper, we experimentally explore how QoS goals that are externally set by network users, can then be explicitly exploited by a self-aware network to control its own behavior to attain these goals. The experiments we report are conducted in two distinct Cognitive Packet Network (CPN) test-beds which use probing to select the routes which best satisfy the QoS goal. Our experiments validate this concept with QoS goals which include end-to-end delay, packet loss, and a mixture of these two metrics. We observe that using only delay in the QoS goal is a good way to reduce delay and loss if losses result only from congestion. However, using loss in the QoS goal is seen to be useful if the paths that are adaptively selected avoid nodes where packet losses occur for reasons other than congestion. In general we observe that CPN networks effectively adapt routing behavior to the QoS goal that is specified.

Defending networks against denial-of-service attacks

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

FPGA based router for cognitive packet networks

Cognitive packet networks are a neural network based intelligent networking concept. While the current software implementation of CPN has been shown to provide improved quality of service over traditional IP networks, the current algorithms do not lend themselves to hardware. The largest barrier is the decision making random neural network update algorithm. A proposed simplification and speed up of the RNN, and an implementation of a proof-of-concept CPN router on an FPGA are presented. It is shown that the simplified RNN update algorithm is seven times faster than the original algorithm, and provides a moderate increase in data rates for a typical flow

CPN and QoS Driven Smart Routing in Wired and Wireless Networks

There exists an increasing need for dynamic mechanisms that take into account quality of service provisions in the establishment of routes in communication networks. Recently, we introduced a quality of service (QoS) driven routing algorithm called “Cognitive Packet Network” (CPN), which dynamically selects paths through a store-and-forward packet network so as to offer best effort QoS to an end-to-end traffic. This paper discusses a number of extensions to the algorithm: the incorporation of selective broadcasts to support the operation of an ad hoc network, the use of delay, loss, and energy information as metrics for routing, and the use of genetic algorithms to generate and maintain paths from previously discovered information by matching their “fitness” with respect to the desired QoS. We discuss implementation considerations as well as simulation and experimental results on a network testbed.

Oscillations in a Bio-Inspired Routing Algorithm

Adaptive routing is once again becoming of interest because of the possibility to couple on-line probing in networks with real-time dynamic and distributed control of paths and flows using Reinforcement Learning. Wireless networks, with their rapidly changing network conditions also create a need to revisit this issue. This paper uses measurements in a wired bio-inspired adaptive network test-bed, the Cognitive Packet Network (CPN), to investigate the pros and cons of adaptive routing. CPN routes packet flows through a store and forward network according to their Quality of Service (QoS) needs through an on-line, distributed reinforcement learning mechanism that incorporates a biologically-inspired Neural Network model for making routing decisions. This paper investigates routing oscillations which occur due to the interaction of multiple flows and studies their effect on QoS in the context of CPN. Our results indicate that routing oscillations can be easily controlled by randomising the route switching, and that from an overall QoS viewpoint increased switching can also lead to improved performance.

Can Routing Oscillations be Good? The Benefits of Route-switching in Self-aware Networks

Adaptive routing is once again becoming of interest because of the possibility to couple on-line probing in networks with real-time dynamic and distributed control of paths and flows. Wireless networks, with their rapidly changing network conditions also create a need to revisit this issue. This paper uses measurements in a wired adaptive network test-bed, the cognitive packet network (CPN), to investigate the pros and cons of adaptive routing. CPN routes packet flows through a store and forward network according to their quality of service (QoS) needs through an on-line, distributed reinforcement learning mechanism. This paper investigates routing oscillations which occur due to the interaction of multiple flows and studies their effect on QoS in the context of CPN. Our results indicate that routing oscillations can be easily controlled by randomising the route switching, and that from an overall QoS viewpoint increased switching can also lead to improved performance.

Random neural networks for the adaptive control of packet networks

The Random Neural Network (RNN) has been used in a wide variety of applications, including image compression, texture generation, pattern recognition, and so on. Our work focuses on the use of the RNN as a routing decision maker which uses Reinforcement Learning (RL) techniques to explore a search space (i.e. the set of all possible routes) to find the optimal route in terms of the Quality of Service metrics that are most important to the underlying traffic. We have termed this algorithm as the Cognitive Packet Network (CPN), and have shown in previous works its application to a variety of network domains. In this paper, we present a set of experiments which demonstrate how CPN performs in a realistic environment compared to a priori-computed optimal routes. We show that RNN with RL can autonomously learn the best route in the network simply through exploration in a very short time-frame. We also demonstrate the quickness with which our algorithm is able to adapt to a disruption along its current route, switching to the new optimal route in the network. These results serve as strong evidence for the benefits of the RNN Reinforcement Learning algorithm which we employ.

Quality of service routing in peer-to-peer overlays

Peer-to-Peer (P2P) overlays have been used to support a number of different applications: from their origins supporting file-sharing, they have expanded to encompass ever more real-time and interactive applications such as streaming multimedia, Voice-over-IP, and real-time gaming. Each of these applications requires different degrees of Quality of Service (QoS); for instance, a file-transfer application requires a path with the highest available bandwidth, while an interactive, real-time application will have latency and jitter requirements. However, the current approach of many P2P overlays is to establish direct connections between overlay participants using the underlying IP routing mechanisms This disregards the potential for using the overlay to exert control over the path that an applications packets take through the network.