Ricardo de Oliveira Schmidt

QoE-driven in-network optimization for Adaptive Video Streaming based on packet sampling measurements

HTTP Adaptive Streaming (HAS) is becoming the de-facto standard for adaptive streaming solutions. In HAS, a video is temporally split into segments which are encoded at different quality rates. The client can then autonomously decide, based on the current buffer filling and network conditions, which quality representation it will download. Each of these players strives to optimize their individual quality, which leads to bandwidth competition, causing quality oscillations and buffer starvations. This article proposes a solution to alleviate these problems by deploying in-network quality optimization agents, which monitor the available throughput using sampling-based measurement techniques and optimize the quality of each client, based on a HAS Quality of Experience (QoE) metric. This in-network optimization is achieved by solving a linear optimization problem both using centralized as well as distributed algorithms. The proposed hybrid QoE-driven approach allows the client to take into account the in-network decisions during the rate adaptation process, while still keeping the ability to react to sudden bandwidth fluctuations in the local network. The proposed approach allows improving existing autonomous quality selection heuristics by at least 30%, while outperforming an in-network approach using purely bitrate-driven optimization by up to 19%.

Leveraging MPLS Backup Paths for Distributed Energy-Aware Traffic Engineering

Backup paths are usually pre-installed by network operators to protect against single link failures in backbone networks that use multi-protocol label switching. This paper introduces a new scheme called Green Backup Paths (GBP) that intelligently exploits these existing backup paths to perform energy-aware traffic engineering without adversely impacting the primary role of these backup paths of preventing traffic loss upon single link failures. This is in sharp contrast to most existing schemes that tackle energy efficiency and link failure protection separately, resulting in substantially high operational costs. GBP works in an online and distributed fashion, where each router periodically monitors its local traffic conditions and cooperatively determines how to reroute traffic so that the highest number of physical links can go to sleep for energy saving. Furthermore, our approach maintains quality-of-service by restricting the use of long backup paths for failure protection only, and therefore, GBP avoids substantially increased packet delays. GBP was evaluated on the point-of-presence representation of two publicly available network topologies, namely, GÉANT and Abilene, and their real traffic matrices. GBP was able to achieve significant energy saving gains, which are always within 15% of the theoretical upper bound.

Exploring security vulnerabilities of unmanned aerial vehicles

We are currently observing a significant increase in the popularity of Unmanned Aerial Vehicles (UAVs), popularly also known by their generic term drones. This is not only the case for recreational UAVs, that one can acquire for a few hundred dollars, but also for more sophisticated ones, namely professional UAVs, whereby the cost can reach several thousands of dollars. These professional UAVs are known to be largely employed in sensitive missions such as monitoring of critical infrastructures and operations by the police force. Given these applications, and in contrast to what we have been seeing for the case of recreational UAVs, one might assume that professional UAVs are strongly resilient to security threats. In this demo we prove such an assumption wrong by presenting the security gaps of a professional UAV, which is used for critical operations by police forces around the world. We demonstrate how one can exploit the identified security vulnerabilities, perform a Man-in-the-Middle attack, and inject control commands to interact with the compromised UAV. In addition, we discuss appropriate countermeasures to help improving the security and resilience of professional UAVs.

Towards bandwidth estimation using flow-level measurements

Bandwidth estimation is one of the prerequisite for efficient link dimensioning. In the past, several approaches to bandwidth estimation have been proposed, ranging from rules-of-thumb providing over-provisioning guidelines to mathematically backed-up provisioning formulas. The limitation of such approaches, in our eyes, is that they largely rely on packet-based measurements, which are almost unfeasible considering nowadays load and speed (1---10 Gbps). In this context, flow-based measurements seems to be a suitable alternative, addressing both data aggregation as well as scalability issues. However, flows pose a challenge for bandwidth estimation, namely the coarser data granularity compared to packet-based approaches, which can lead to a lower precision in the estimation of the needed bandwidth. In this paper, we investigate what is the impact of flow-based measurements on bandwidth estimation. In particular, we are interested in quantifying the impact of flows on main statistical traffic characteristics, in particular the traffic rate variance. Our approach is validated on real traffic traces captured from 2002 to 2011 at the University of Twente.

Mobility and bandwidth prediction as a service in virtualized LTE systems

Recently telecommunication industry benefits from infrastructure sharing, one of the most fundamental enablers of cloud computing, leading to emergence of the Mobile Virtual Network Operator (MVNO) concept. The most momentous intents by this approach are the support of on-demand provisioning and elasticity of virtualized mobile network components, based on data traffic load. To realize it, during operation and management procedures, the virtualized services need be triggered in order to scale-up/down or scale-out/in an service instance. In this paper we propose an architecture called MOBaaS (Mobility and Bandwidth Availability Prediction as a Service), comprising two algorithms in order to predict user(s) mobility and network link bandwidth availability, that can be implemented in cloud based mobile network structure and can be used as a support service by any other virtualized mobile network service. MOBaaS can provide prediction information in order to generate required triggers for on-demand deploying, provisioning, disposing of virtualized network components. This information can be used for self-adaptation procedures and optimal network function configuration during run-time operation, as well. Through the preliminary experiments with the prototype implementation on the OpenStack platform, we evaluated and confirmed the feasibility and the effectiveness of the prediction algorithms and the proposed architecture.

Anycast Latency: How Many Sites Are Enough?

Anycast is widely used today to provide important services including naming and content, with DNS and Content De- livery Networks (CDNs). An anycast service uses multiple sites to provide high availability, capacity and redundancy, with BGP routing associating users to nearby anycast sites. Routing defines the catchment of the users that each site serves. Although prior work has studied how users associate with anycast services informally, in this paper we examine the key question how many anycast sites are needed to provide good latency, and the worst case latencies that spe- cific deployments see. To answer this question, we must first define the optimal performance that is possible, then explore how routing, specific anycast policies, and site loca- tion affect performance. We develop a new method capable of determining optimal performance and use it to study four real-world anycast services operated by different organiza- tions: C-, F-, K-, and L-Root, each part of the Root DNS ser- vice. We measure their performance from more than 7,900 worldwide vantage points (VPs) in RIPE Atlas. (Given the VPs uneven geographic distribution, we evaluate and control for potential bias.) Key results of our study are to show that a few sites can provide performance nearly as good as many, and that geographic location and good connectivity have a far stronger effect on latency than having many nodes. We show how often users see the closest anycast site, and how strongly routing policy affects site selection.

Linking network usage patterns to traffic Gaussianity fit

Gaussian traffic models are widely used in the domain of network traffic modeling. The central assumption is that traffic aggregates are Gaussian distributed. Due to its importance, the Gaussian character of network traffic has been extensively assessed by researchers in the past years. In 2001, researchers showed that the property of Gaussianity can be disturbed by traffic bursts. However, assumptions on network infrastructure and traffic composition made by the authors back in 2001 are not consistent with those of todays networks. The goal of this paper is to study the impact of traffic bursts on the degree of Gaussianity of network traffic. We identify traffic bursts, uncover applications and hosts that generate them and, ultimately, relate these findings to the Gaussianity degree of the traffic expressed by a goodness-of-fit factor. In our analysis we use recent traffic captures from 2011 and 2012. Our results show that Gaussianity can be directly linked to the presence or absence of extreme traffic bursts. In addition, we also show that even in a more homogeneous network, where hosts have similar access speeds to the Internet, we can identify extreme traffic bursts that might compromise Gaussianity fit.

Increasing DNS Security and Stability through a Control Plane for Top-Level Domain Operators

We present a control plane for operators of top-level domains (TLDs) in the DNS, such as “.org” and “.nl,” that enables them to increase the security and stability of their TLD by taking on the role of a threat intelligence provider. Our control plane is a novel system that extends a TLD operator’s traditional services and detects potential threats in the TLD by continuously analyzing the TLD operator’s two key datasets: the typically large amounts of DNS traffic that it handles and its database of registered domain names. The control plane shares information on discovered threats with other players in the TLD’s ecosystem and can also use it to dynamically scale the TLD operator’s DNS infrastructure. The control plane builds on a set of open source modules that we have developed on top of a Hadoop-based data storage cluster. These enable, for example, TLD operators to run and develop threat detectors and to easily import their DNS traffic into the control plane. Our control plane uses policies to protect the privacy of TLD users and is based on our operational experience of running .nl TLD (Netherlands), which we are also using as the use case for our implementation.

Observation of transverse polarization in LEP

Experimental results on the observation of transverse polarization in LEP at 46.5 GeV/beam are presented and discussed. The level of transverse polarization was determined by monitoring the mean shift of the vertical distributions of the backscattered photons under helicity reversal of the circularly polarized laser light. Plans for polarization studies and absolute LEP energy calibration are also presented.<<ETX>>

The commissioning of the LEP polarimeter

A laser polarimeter has been installed in LEP to measure the transverse beam polarization. The authors describe the layout, the production and the control of the polarization of the laser light, the photon detector, and the data acquisition philosophy. The commissioning experience in the first year of operation of the device is discussed together with recent results on the detection of transverse polarization. The behavior of the instrument was found to be in agreement with the predicted performance. The control and the optimization of the polarization states of the laser light were performed from the optical laboratory, and the quality of the circular light was adequate to produce observable effects on the mean-shift of the vertical distributions.<<ETX>>