ConferenceSIGCOMM 2023 - Proceedings of the ACM SIGCOMM 2023 Conference · September 10, 2023
Recent studies show that an end system's traffic may reach a distant anycast site within a global IP anycast system, resulting in high latency. To address this issue, some private and public CDNs have implemented regional IP anycast, a technique that invol ...
Full textCite
ConferenceLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) · January 1, 2023
Web services commonly employ Content Distribution Networks (CDNs) for performance and security. As web traffic is becoming 100% HTTPS, more and more websites allow CDNs to terminate their HTTPS connections. This practice may expose a website’s user sensiti ...
Full textCite
ConferenceProceedings of the 20th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2023 · January 1, 2023
Remote Procedure Call (RPC) is a widely used abstraction for cloud computing. The programmer specifies type information for each remote procedure, and a compiler generates stub code linked into each application to marshal and unmarshal arguments into messa ...
Cite
ConferenceProceedings of the ACM Conference on Computer and Communications Security · November 7, 2022
In today's web ecosystem, a website that uses a Content Delivery Network (CDN) shares its Transport Layer Security (TLS) private key or session key with the CDN. In this paper, we present the design and implementation of InviCloak, a system that protects t ...
Full textCite
ConferenceProceedings of the 19th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2022 · January 1, 2022
Packet loss rate in a broadband network is an important quality of service metric. Previous work that characterizes broadband performance does not separate packet loss caused by physical layer transmission errors from that caused by congestion. In this wor ...
Cite
ConferenceSIGCOMM 2021 - Proceedings of the ACM SIGCOMM 2021 Conference · August 9, 2021
The key to optimizing the performance of an anycast-based system (e.g., the root DNS or a CDN) is choosing the right set of sites to announce the anycast prefix. One challenge here is predicting catchments. A naïve approach is to advertise the prefix from ...
Full textCite
ConferenceProceedings - International Conference on Network Protocols, ICNP · January 1, 2021
Low latency is an important design goal for reliable data transmission protocols such as TCP and QUIC. However, timeout-based loss recovery can unnecessarily increase end-to-end latency. Previous work in reducing timeout-based loss recovery latency either ...
Full textCite
ConferenceProceedings of the 17th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2020 · January 1, 2020
Cable broadband networks are one of the few “last-mile” broadband technologies widely available in the U.S. Unfortunately, they have poor reliability after decades of deployment. Cable industry proposed a framework called Proactive Network Maintenance (PNM ...
Cite
ConferenceProceedings of the International Symposium on Quality of Service, IWQoS 2019 · June 24, 2019
Network traffic classification is important to network operators to ensure visibility of traffic. Network management, monitoring, and other services are built upon such classification results for improving quality of service. Compared with traffic classifi ...
Full textCite
ConferenceProceedings - 2019 IEEE Symposium on Security and Privacy Workshops, SPW 2019 · May 1, 2019
Modern operating systems for personal computers (including Linux, MAC, and Windows) provide user-level APIs for an application to access the I/O paths of another application. This design facilitates information sharing between applications, enabling applic ...
Full textCite
Conference11th USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2019, co-located with USENIX ATC 2019 · January 1, 2019
Fueled by IoT botnets and DDoS-as-a-Service tools, distributed denial of service (DDoS) attacks have reached record high volumes. Although there exist DDoS protection services, they can be costly for small organizations as well as individual users. In this ...
Cite
Journal ArticleDianli Zidonghua Shebei/Electric Power Automation Equipment · December 10, 2018
With the deepening reform of electric power system in China, the commonly used security constrained economic dispatching model cannot meet the calculation period requirement of open and impartial dispatching, and in order to overcome the influence of elect ...
Full textCite
Journal ArticleDianli Xitong Baohu yu Kongzhi/Power System Protection and Control · October 16, 2017
Open and impartial dispatching is widely used in China at present. Load forecast and hydropower schedule are the foundation of thermal power generation scheduling, and are generally more precise when the forecast time is more recent. To improve the availab ...
Full textCite
Conference2016 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2016 · May 4, 2017
Software Defined Networking (SDN) uses a logically centralized controller to replace the distributed control plane in a traditional network. One of the central challenges faced by the SDN paradigm is the scalability of the logical controller. As a network ...
Full textCite
Journal ArticleIEEE Transactions on Parallel and Distributed Systems · April 1, 2016
The Internet was designed with the end-to-end principle where the network layer provided merely the best-effort forwarding service. This design makes it challenging to add new services into the Internet infrastructure. However, as the Internet connectivity ...
Full textCite
ConferenceProceedings - International Conference on Distributed Computing Systems · July 22, 2015
Unwanted friend requests in online social networks (OSNs), also known as friend spam, are among the most evasive malicious activities. Friend spam can result in OSN links that do not correspond to social relationship among users, thus pollute the underlyin ...
Full textCite
ConferenceProceedings - International Conference on Network Protocols, ICNP · December 9, 2014
Traffic from mobile wireless networks has been growing at a fast pace in recent years and is expected to surpass wired traffic very soon. Service providers face significant challenges at such scales including providing seamless mobility, efficient data del ...
Full textCite
ConferenceProceedings of the ACM Conference on Computer and Communications Security · November 3, 2014
The success of online social networks has attracted a constant interest in attacking and exploiting them. Attackers usually control malicious accounts, including both fake and compromised real user accounts, to launch attack campaigns such as social spam, ...
Full textCite
Journal ArticleACM Transactions on the Web · January 1, 2014
Anonymity is one of the main virtues of the Internet, as it protects privacy and enables users to express opinions more freely. However, anonymity hinders the assessment of the veracity of assertions that online users make about their identity attributes, ...
Full textCite
Journal ArticleProceedings of the Annual International Conference on Mobile Computing and Networking, MOBICOM · November 13, 2013
The Internet was designed with the end-to-end principle where the network layer provided merely the best-effort forwarding service. This design makes it challenging to add new services to the network layer. However, as the Internet connectivity becomes a c ...
Full textCite
Journal ArticleComputer Communication Review · December 1, 2012
The soaring demands for always-on and fast-response online services have driven modern datacenter networks to undergo tremendous growth. These networks often rely on scale-out designs with large numbers of commodity switches to reach immense capacity while ...
Full textCite
Journal ArticleComputer Communication Review · December 1, 2012
IP spooling weakens network security and accountability. Although a lot of techniques have been proposed to prevent IP spoofing, most of them are not implemented by device vendors, and the only available anti-spoofing tool in practice is ingress filtering ...
Full textCite
Journal ArticleProceedings - International Conference on Distributed Computing Systems · October 5, 2012
Datacenter networks typically have many paths connecting each host pair to achieve high bisection bandwidth for arbitrary communication patterns. Fully utilizing the bisection bandwidth may require flows between the same source and destination pair to take ...
Full textCite
Journal ArticleSIGCOMM'12 - Proceedings of the ACM SIGCOMM 2012 Conference Applications, Technologies, Architectures, and Protocols for Computer Communication · September 26, 2012Full textCite
Journal ArticleSIGCOMM'12 - Proceedings of the ACM SIGCOMM 2012 Conference Applications, Technologies, Architectures, and Protocols for Computer Communication · September 26, 2012
Driven by the soaring demands for always-on and fast-response online services, modern datacenter networks have recently undergone tremendous growth. These networks often rely on commodity hardware to reach immense scale while keeping capital expenses under ...
Full textCite
Journal Article2012 4th International Conference on Communication Systems and Networks, COMSNETS 2012 · March 15, 2012
Anonymity is one of the main virtues of the Internet, as it protects privacy and enables users to express opinions more freely. However, anonymity hinders the assessment of the veracity of assertions that online users make about their identity attributes, ...
Full textCite
ConferenceProceedings of NSDI 2012: 9th USENIX Symposium on Networked Systems Design and Implementation · January 1, 2012
Users increasingly rely on the trustworthiness of the information exposed on Online Social Networks (OSNs). In addition, OSN providers base their businessmodels on the marketability of this information. However, OSNs suffer from abuse in the form of the cr ...
Cite
Journal ArticleProceedings of the ACM SIGCOMM 2011 Conference, SIGCOMM'11 · September 29, 2011
Choosing the best-performing cloud for one's application is a critical problem for potential cloud customers. We propose Cloud- Prophet, a trace-and-replay tool to predict a legacy application's performance if migrated to a cloud infrastructure. CloudProph ...
Full textCite
Journal ArticleComputer Communication Review · August 15, 2011
Choosing the best-performing cloud for one's application is a critical problem for potential cloud customers. We propose CloudProphet, a trace-and-replay tool to predict a legacy application's performance if migrated to a cloud infrastructure. CloudProphet ...
Full textCite
Journal ArticleProceedings - IEEE INFOCOM · August 2, 2011
We propose SocialFilter, a trust-aware collaborative spam mitigation system. Our proposal enables nodes with no email classification functionality to query the network on whether a host is a spammer. It employs Sybil-resilient trust inference to weigh the ...
Full textCite
Journal ArticleIEEE Internet Computing · March 1, 2011
As cloud computing becomes increasingly popular among enterprises, developers, and organizations, it's time to consider the practical problem: how do you choose from the growing number of providers? To help users make this decision, researchers first deter ...
Full textCite
ConferenceProceedings of NSDI 2011: 8th USENIX Symposium on Networked Systems Design and Implementation · January 1, 2011
Lack of accountability makes the Internet vulnerable to numerous attacks, including prefix hijacking, route forgery, source address spoofing, and DoS flooding attacks. This paper aims to bring accountability to the Internet with lowcost and deployable enha ...
Cite
Journal ArticleComputer Communication Review · December 1, 2010
Denial of Service (DoS) attacks frequently happen on the Internet, paralyzing Internet services and causing millions of dollars of financial loss. This work presents NetFence, a scalable DoS-resistant network architecture. NetFence uses a novel mechanism, ...
Full textCite
Journal ArticleSIGCOMM'10 - Proceedings of the SIGCOMM 2010 Conference · November 15, 2010
Denial of Service (DoS) attacks frequently happen on the Internet, paralyzing Internet services and causing millions of dollars of financial loss. This work presents NetFence, a scalable DoS-resistant network architecture. NetFence uses a novel mechanism, ...
Full textCite
Journal ArticleACM Transactions on the Web · April 1, 2010
An ads-portal domain refers to a Web domain that shows only advertisements, served by a third-party advertisement syndication service, in the form of ads listing. We develop a machine-learning-based classifier to identify ads-portal domains, which has 96% ...
Full textCite
Journal ArticleComputer Networks · February 26, 2010
TCP is prone to be inefficient and unstable in high-speed and long-latency networks [1]. The eXplicit Control Protocol (XCP) is a new and promising protocol that outperforms TCP in terms of efficiency, stability, queue size, and convergence speed. However, ...
Full textCite
Conference2nd USENIX Workshop on Hot Topics in Cloud Computing, HotCloud 2010 · January 1, 2010
Cloud computing has gained much popularity recently, and many companies now offer a variety of public cloud computing services, such as Google AppEngine, Amazon AWS, and Microsoft Azure. These services differ in service models and pricing schemes, making i ...
Cite
Journal ArticleProceedings of the ACM SIGCOMM Internet Measurement Conference, IMC · January 1, 2010
While many public cloud providers offer pay-as-you-go computing, their varying approaches to infrastructure, virtualization, and software services lead to a problem of plenty. To help customers pick a cloud that fits their needs, we develop CloudCmp, a sys ...
Full textCite
Journal ArticleIEEE/ACM Transactions on Networking · December 1, 2009
Content distribution via the Internet is becoming increasingly popular. To be cost-effective, commercial content providers are now using peer-to-peer (P2P) protocols such as BitTorrent to save bandwidth costs and to handle peak demands. When an online cont ...
Full textCite
Journal ArticleCoNEXT'09 - Proceedings of the 2009 ACM Conference on Emerging Networking Experiments and Technologies · December 1, 2009
This paper presents the design and evaluation of SafeGuard, an intra-domain routing system that can safely forward packets to their destinations even when routes are changing. SafeGuard is based on the simple idea that packets carry a destination address p ...
Full textCite
Journal ArticleProceedings of the ACM SIGCOMM 2008 Conference on Computer Communications -1st Workshop on Online Social Networks, WOSP'08 · December 1, 2008
Facebook is one of the most popular Internet sites today. A key feature that arguably contributed to Facebook's unprecedented success is its application platform, which enables the development of third-party social-networking applications. Understanding ho ...
Full textCite
Journal ArticleSIGCOMM 2008 Conference and the Co-located Workshops - Proceedings of the 3rd International Workshop on Economics of Networked Systems, NetEcon'08 · December 1, 2008
This paper argues that ISP's recent actions to block certain applications (e.g. BitTorrent) and attempts to differentiate traffic could be a signal of bandwidth scarcity. Bandwidth-intensive applications such as VoD could have driven the traffic demand to ...
Full textCite
Journal ArticleComputer Communication Review · December 1, 2008
This paper presents the design and implementation of a filter-based DoS defense system (StopIt) and a comparison study on the effectiveness of filters and capabilities. Central to the StopIt design is a novel closed-control, open-service architecture: any ...
Full textCite
Journal ArticleIEEE/ACM Transactions on Networking · August 12, 2008
We motivate the capability approach to network denial-of-service (DoS) attacks, and evaluate the Traffic Validation Architecture (TVA) architecture which builds on capabilities. With our approach, rather than send packets to any destination at any time, se ...
Full textCite
Conference5th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2008 · January 1, 2008
We present the design and evaluation of Passport, a system that allows source addresses to be validated within the network. Passport uses efficient, symmetric-key cryptography to place tokens on packets that allow each autonomous system (AS) along the netw ...
Cite
Journal ArticleLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) · December 24, 2007
TCP is shown to be inefficient and instable in high speed and long latency networks. The eXplicit Control Protocol (XCP) is a new and promising protocol that outperforms TCP in terms of efficiency, stability, queue size, and convergence speed. However, Low ...
Cite
Journal ArticleIEEE/ACM Transactions on Networking · December 1, 2007
In today's Internet, users can choose their local Internet service providers (ISPs), but once their packets have entered the network, they have little control over the overall routes their packets take. Giving a user the ability to choose between provider- ...
Full textCite
Journal ArticleProceedings of 2007 ACM CoNEXT Conference - 3rd International Conference on Emerging Networking EXperiments and Technologies, CoNEXT · December 1, 2007
This paper presents techniques that improve the efficiency and manageability of an IP Fast Reroute (IPFRR) technology: NotVia. NotVia provides the IPFRR service for all destinations in an ISP's network upon any single link or node failure, while previous p ...
Full textCite
Journal ArticleProceedings of the 2007 2nd International Conference on Communication System Software and Middleware and Workshops, COMSWARE 2007 · October 1, 2007
With the increasing demand for low-latency applications in the Internet, the slow convergence of the existing routing protocols is a growing concern. A number of IP fast reroute mechanisms have been developed by the IETF to address the issue. The goal of t ...
Full textCite
Journal ArticleIEEJ Transactions on Fundamentals and Materials · September 25, 2007
The purpose of this paper was to investigate the preventive effects and long term effects of extremely low frequency pulsed electromagnetic fields (PEMFs), generated by circular coils and pulsed electromagnetic fields stimulators, on osteoporosis in bilate ...
Full textCite
Journal ArticleGaodianya Jishu/High Voltage Engineering · February 1, 2007
This paper reviewed the research progress in the effects of pulsed electromagnetic fields on osteoporosis by our team since 1997. To establish the interaction between osteoporosis and pulsed electromagnetic fields, precise cellular response to the electrom ...
Cite
Journal ArticleGaodianya Jishu/High Voltage Engineering · February 1, 2007
To investigate the preventive effects of pulsed electromagnetic fields (PEMFs) with specific parameters on osteoporosis, thirty 3-month old female Sprague-Dawley rats were randomly divided into three different groups: normal control group (SHAM group), ova ...
Cite
ConferenceUSENIX 2007 - 2007 USENIX Annual Technical Conference · January 1, 2007
Content distribution via the Internet is becoming increasingly popular. To be cost-effective, commercial content providers are considering the use of peer-to-peer (P2P) protocols such as BitTorrent to save on bandwidth costs and to handle peak demands. How ...
Cite
Journal ArticleComputer Communication Review · October 1, 2006
We present the design of a routing system in which end-systems set tags to select non-shortest path routes as an alternative to explicit source routes. Routers collectively generate these routes by using tags as hints to independently deflect packets to ne ...
Full textCite
Conference2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet, SRUTI 2006 · January 1, 2006
A key challenge in combating Denial of Service (DoS) attacks is to reliably identify attack sources from packet contents. If a source can be reliably identified, routers can stop an attack by filtering packets from the attack sources without causing collat ...
Cite
Conference5th ACM Workshop on Hot Topics in Networks, HotNets 2006 · January 1, 2006
A recent statement by AT&T CEO Ed Whitacre sparked considerable fear in the public that the Internet may not be open any more: the ISPs dictate which sites/applications flourish and which flounder. The statement triggered the heated debate on net neutralit ...
Cite
Journal ArticleComputer Communication Review · October 1, 2005
We present the design and evaluation of TVA, a network architecture that limits the impact of Denial of Service (DoS) floods from the outset. Our work builds on earlier work on capabilities in which senders obtain short-term authorizations from receivers t ...
Full textCite
Journal ArticleProceedings - IEEE INFOCOM · November 22, 2004
The Thorup-Zwick (TZ) compact routing scheme is the first generic stretch-3 routing scheme delivering a nearly optimal per-node memory upper bound. Using both direct analysis and simulation, we derive the stretch distribution of this routing scheme on Inte ...
Cite
Journal ArticleProceedings of the ACM SIGCOMM Workshop on Future Directions in Network Architecture, FDNA '03 · December 1, 2003
This paper presents the design of a new Internet routing architecture (NIRA). In today's Internet, users can pick their own ISPs, but once the packets have entered the network, the users have no control over the overall routes their packets take. NIRA aims ...
Full textCite
Journal ArticleProceedings of the ACM SIGCOMM Workshops · 2003
This paper presents the design of a new Internet routing architecture (NIRA). In today's Internet, users can pick their own ISPs, but once the packets have entered the network, the users have no control over the overall routes their packets take. NIRA aims ...
Cite
Journal ArticleConference Record / IEEE Global Telecommunications Conference · December 1, 2002
This paper proposes a new class of traffic profiles that is better suited for metering bursty Internet traffic streams than the traditional token bucket profile. A good traffic profile should satisfy two criteria: first, it should consider packets from a c ...
Cite
ConferenceProceedings - International Conference on Computer Communications and Networks, ICCCN · January 1, 2001
There is a growing interest in discovering Internet path characteristics using end-to-end measurements. However, the current mechanisms for performing this task either send probe traffic, or require the sender to cooperate by time stamping the packets or s ...
Full textCite
Journal ArticleProceedings - IEEE INFOCOM · December 1, 1999
Recently, networks have increased rapidly both in scale and speed. Problems related to the control and management are of increasing interest. The average throughput and end-to-end delay of a network Row are important design factors. However, there is nosat ...
Full textCite
