Ravichander Vaidyanathan

Voice performance in WLAN networks - an experimental study

In this work, we measure wireless local area network (WLAN) voice performance and capacity. While most WLAN applications today are data centric, the growing popularity of Voice over IP (VoIP) applications and the escalating trend towards convergence with cellular networks will catalyze an increased mix of voice traffic. Since voice applications must compete with each other and with simultaneous data applications for WLAN bandwidth, quantifying voice performance and capacity in the presence of background data traffic is an important issue. We offer a practical investigation into the ability of 802.11b MAC layer to support simultaneous voice and data. We quantify VoIP capacity for standard WLAN networks, indicative of those already in the field, as well as evaluate the practical benefits of implementing backoff control and priority queuing at the access point. Conclusions are drawn based on an extensive set of real-world measurements conducted using off-the-shelf equipment in a commercial testbed.

Network QoS assurance in a multi-layer adaptive resource management scheme for mission-critical applications using the CORBA middleware framework

We present adaptive network QoS (quality of service) technology that provides ongoing, end-to-end assurance that critical traffic belonging to admitted flows has bounded queuing loss, delay, and jitter. Our technology uses a bandwidth broker to provide admission control, and leverages differentiated services and class of service functionality of high-end routers and switches for enforcement. The technology employs an integrated QoS treatment across a hybrid layer-2/layer-3 network and adapts to changes in mission requirements, work load and configurations; it uses discovery algorithms in these layers to maintain a current view of resource availability. Under the DARPA ARMS (adaptive and reflective middleware systems) program, our technology is being developed, integrated and validated in a CORBA-based multilayer resource management framework.

Adaptive network QoS in layer-3/layer-2 networks as a middleware service for mission-critical applications

We present adaptive network Quality of Service (QoS) technology that provides delay bounds and capacity guarantees for traffic belonging to mission-critical tasks. Our technology uses a Bandwidth Broker to provide admission control and leverages the differentiated aggregated traffic treatment provided by todays high-end COTS layer-3/2 switches. The technology adapts to changes in network resources, work load and mission requirements, using two components that are a particular focus of this paper: Fault Monitor and Performance Monitor. Our technology is being developed and applied in a CORBA-based multi-layer resource management framework.

On the use of Enhanced Bogon Lists (EBLs) to detect malicious traffic

Spoofed IP traffic (traffic containing packets with incorrect source IP addresses) is often used by Internet-based attackers for anonymity. This method reduces the risk of trace-back and avoids attack detection by traffic-based sensors. In general, attackers may use randomly or selectively chosen IP address space to serve as source IP addresses on attack packets. The IP address allocation process creates room for bogons as well as other prefix space that is either unallocated or semi-dark, i.e. allocated but not in operational use. In this paper, we detail novel techniques to construct filters that cover unallocated and semi-dark space. We then evaluate the use of such IP source prefix filters using efficient filtering techniques on an enterprise network and the correlations of such source IP addresses with malicious traffic or bad actors. Our initial results indicate that there is a high degree of correlation between dark or semi-dark source IP prefix space and malicious traffic. As such, it may be feasible for network operators to deploy effective filters based on dark or semi-dark source IP prefix space that block malicious traffic with a low degree of false positives. Further, the presence of such traffic can serve as an early warning of DoS or other attacks.

Fast Recovery and QoS Assurance in the Presence of Network Faults for Mission-Critical Applications in Hostile Environments

In a hostile military environment, systems must be able to detect and react to catastrophes in a timely manner in order to provide assurance that critical tasks will continue to meet their timeliness requirements. Our research focuses on achieving network quality of service (QoS) assurance using a Bandwidth Broker in the presence of network faults in layer-3 networks. Passive discovery techniques using the link-state information from routers provide for rapid path discovery which, in turn, leads to fast failure impact analysis and QoS restoration. In addition to network fault tolerance, the Bandwidth Broker must be fault tolerant and must be able to recover quickly. This is accomplished using a modified commercially available and open-source in- memory database cluster technology.