Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Stephen Chou is active.

Publication


Featured researches published by Stephen Chou.


IEEE Journal on Selected Areas in Communications | 2001

The Genesis Kernel: a programming system for spawning network architectures

Michael E. Kounavis; Andrew T. Campbell; Stephen Chou; Fabien Modoux; John B. Vicente; Hao Zhuang

Currently, the design, deployment, and refinement of new network architectures is a manual, ad hoc, and time-consuming process. We present the design, implementation, and evaluation of the Genesis Kernel, a programming system that automates the life cycle process for the creation, deployment, management, and architecting of network architectures. We discuss our experiences in building a spawning network that is capable of creating distinct virtual network architectures on-demand. The Genesis Kernel is based on a methodology that allows a child virtual network to operate on top of a subset of its parents network resources and in isolation from other spawned virtual networks. We show through experimentation how a number of diverse network architectures can be spawned and architecturally refined. These spawned network architectures include a parent network that supports IP forwarding, and interior and exterior routing. We discuss how two child networks based on Cellular IP and Mobiware architectures can be spawned on the parent network to support wireless access to data and continuous media services, respectively.


2002 IEEE Open Architectures and Network Programming Proceedings. OPENARCH 2002 (Cat. No.02EX571) | 2002

NetBind: a binding tool for constructing data paths in network processor-based routers

Andrew T. Campbell; Stephen Chou; Michael E. Kounavis; Vassilis D. Stachtos; John B. Vicente

There is growing interest in network processor technologies capable of processing packets at line rates. In this paper, we present the design, implementation and evaluation of NetBind, a high performance, flexible and scalable binding tool for dynamically constructing data paths in network processor-based routers. The methodology that underpins NetBind balances the flexibility of network programmability against the need to process and forward packets at line speeds. Data paths constructed using NetBind seamlessly share the resources of the same network processor. We compare the performance of NetBind to the MicroACE system developed by Intel to support binding between software components running on Intel IXP1200 network processors. We evaluate these alternative approaches in terms of their binding overhead, and discuss how this can affect the forwarding performance of IPv4 data paths running on IXP1200 network processor-based routers. We show that NetBind provides better performance in comparison to MicroACE with smaller binding overhead. The NetBind source code described and evaluated in this paper is freely available on the Web (comet.columbia.edu/genesis/netbind) for experimentation.


Software - Practice and Experience | 2005

Programming the data path in network processor-based routers

Michael E. Kounavis; Andrew T. Campbell; Stephen Chou; John B. Vicente

There is growing interest in network processor technologies capable of processing packets at line rates. Network processors are likely to be an integral part of next generation high‐speed router and switch architectures, replacing the application‐specific integrated circuits (ASICs) that are used in routers today. In this paper, we present the design, implementation and evaluation of NetBind, a high‐performance, flexible and scalable binding tool for dynamically constructing data paths in network processor‐based routers. The methodology that underpins NetBind balances the flexibility of network programmability against the need to process and forward packets at line speeds. To support the dynamic binding of components with the minimum addition of instructions in the critical path, NetBind modifies the machine language code of components at run time. To support fast data path composition, NetBind reduces the number of binding operations required for constructing data paths to a minimum set so that binding latencies are comparable with packet forwarding times. Data paths constructed using NetBind seamlessly share the resources of the same network processor. Resources are assigned during the binding process. We compare the performance of NetBind to the MicroACE system developed by Intel and show that NetBind provides better performance in comparison to MicroACE with smaller binding overhead. The NetBind source code described and evaluated in this paper is freely available on the Web (http://www.comet.columbia.edu/genesis/netbind) for experimentation. Copyright


international conference on information security | 2005

gore : routing-assisted defense against DDoS attacks

Stephen Chou; Angelos Stavrou; John Ioannidis; Angelos D. Keromytis

We present gore, a routing-assisted defense architecture against distributed denial of service (DDoS) attacks that provides guaranteed levels of access to a network under attack. Our approach uses routing to redirect all traffic destined to a customer under attack to strategically-located gore proxies, where servers filter out attack traffic and forward authorized traffic toward its intended destination. Our architecture can be deployed incrementally by individual ISPs, does not require any collaboration between ISPs, and requires no modifications to either server- or client- software. Clients can be authorized through a web interface that screens legitimate users from outsiders or automated zombies. Authenticated clients are granted limited-time access to the network under attack. The gore architecture allows ISPs to offer DDoS defenses as a value-added service, providing necessary incentives for the deployment of such defenses. We constructed a PC-based testbed to evaluate the performance and scalability of gore. Our preliminary results show that gore is a viable approach, as its impact on the filtered traffic is minimal, in terms of both end-to-end latency and effective throughput. Furthermore, gore can easily be scaled up as needed to support larger numbers of clients and customers using inexpensive commodity PCs.


Archive | 2000

Virtual translation lookaside buffer

Gilbert Neiger; Stephen Chou; Erik Cota-Robles; Stalinselvaraj Jeyasingh; Alain Kagi; Michael Kozuch; Richard Uhlig; Sebastian Schoenberg


Archive | 2001

Method and apparatus for constructing host processor soft devices independent of the host processor operating system

Erik Cota-Robles; Stephen Chou; Stalinselvaraj Jeyasingh; Alain Kagi; Michael Kozuch; Gilbert Neiger; Richard Uhlig


Archive | 2003

Method for resolving address space conflicts between a virtual machine monitor and a guest operating system

Gilbert Neiger; Stephen Chou; Erik Cota-Robles; Stalinselvaraj Jevasingh; Alain Kagi; Michael Kozuch; Richard Uhlig; Sebastian Schoenberg


Archive | 2000

Mechanism for providing power management through virtualization

Michael Kozuch; Stephen Chou; Erik Cota-Robles; Stalinselvaraj Jeyasingh; Alain Kagi; Gilbert Neiger; Sebastian Schoenberg; Richard Uhlig


Archive | 1997

Method and apparatus for task scheduling across multiple execution sessions

Stephen Chou; Russell J. Fenger; Mohan J. Kumar; Victor B. Lortz; Mil Travnicek; Chih-Kan Wang


Archive | 1997

Method and apparatus for providing unattended on-demand availability of a computer system

Stephen Chou; Russell J. Fenger; Mohan J. Kumar; Victor B. Lortz; Benjamin L. Manny; Mil Travnicek; Chih-Kan Wang

Researchain Logo
Decentralizing Knowledge