Results 1 - 10
of
37
Tapestry: A Resilient Global-scale Overlay for Service Deployment
- IEEE Journal on Selected Areas in Communications
, 2004
"... We present Tapestry, a peer-to-peer overlay routing infrastructure offering efficient, scalable, locationindependent routing of messages directly to nearby copies of an object or service using only localized resources. Tapestry supports a generic Decentralized Object Location and Routing (DOLR) API ..."
Abstract
-
Cited by 598 (14 self)
- Add to MetaCart
(Show Context)
We present Tapestry, a peer-to-peer overlay routing infrastructure offering efficient, scalable, locationindependent routing of messages directly to nearby copies of an object or service using only localized resources. Tapestry supports a generic Decentralized Object Location and Routing (DOLR) API using a self-repairing, softstate based routing layer. This paper presents the Tapestry architecture, algorithms, and implementation. It explores the behavior of a Tapestry deployment on PlanetLab, a global testbed of approximately 100 machines. Experimental results show that Tapestry exhibits stable behavior and performance as an overlay, despite the instability of the underlying network layers. Several widely-distributed applications have been implemented on Tapestry, illustrating its utility as a deployment infrastructure.
Communication-efficient online detection of network-wide anomalies
- In IEEE Conference on Computer Communications (INFOCOM
, 2007
"... Abstract—There has been growing interest in building largescale distributed monitoring systems for sensor, enterprise, and ISP networks. Recent work has proposed using Principal Component Analysis (PCA) over global traffic matrix statistics to effectively isolate network-wide anomalies. To allow suc ..."
Abstract
-
Cited by 50 (10 self)
- Add to MetaCart
(Show Context)
Abstract—There has been growing interest in building largescale distributed monitoring systems for sensor, enterprise, and ISP networks. Recent work has proposed using Principal Component Analysis (PCA) over global traffic matrix statistics to effectively isolate network-wide anomalies. To allow such a PCAbased anomaly detection scheme to scale, we propose a novel approximation scheme that dramatically reduces the burden on the production network. Our scheme avoids the expensive step of centralizing all the data by performing intelligent filtering at the distributed monitors. This filtering reduces monitoring bandwidth overheads, but can result in the anomaly detector making incorrect decisions based on a perturbed view of the global data set. We employ stochastic matrix perturbation theory to bound such errors. Our algorithm selects the filtering parameters at local monitors such that the errors made by the detector are guaranteed to lie below a user-specified upper bound. Our algorithm thus allows network operators to explicitly balance the tradeoff between detection accuracy and the amount of data communicated over the network. In addition, our approach enables real-time detection because we exploit continuous monitoring at the distributed monitors. Experiments with traffic data from Abilene backbone network demonstrate that our methods yield significant communication benefits while simultaneously achieving high detection accuracy. I.
Can ISPs take the heat from Overlay Networks
- In HotNets
, 2004
"... ISPs manage performance of their networks in the presence of failures or congestion by employing common traffic engineering techniques such as link weight settings, load balancing and routing policies. Overlay networks attempt to take control over routing in the hope that they might achieve better p ..."
Abstract
-
Cited by 42 (2 self)
- Add to MetaCart
(Show Context)
ISPs manage performance of their networks in the presence of failures or congestion by employing common traffic engineering techniques such as link weight settings, load balancing and routing policies. Overlay networks attempt to take control over routing in the hope that they might achieve better performance for such failures or high load episodes. In this paper, we examine some of the interaction dynamics between the two layers of control from an ISP’s view. With the help of simple examples, we illustrate how an uncoordinated effort of the two layers to recover from failures may cause performance degradation for both overlay and non-overlay traffic. We also show how current traffic engineering techniques are inadequate to deal with emerging overlay network services. 1.
How to select a good alternate path in large peer-to-peer systems
- in Proc. of IEEE INFOCOM
, 2006
"... endorsement of any of the University of Pennsylvania's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution m ..."
Abstract
-
Cited by 30 (2 self)
- Add to MetaCart
(Show Context)
endorsement of any of the University of Pennsylvania's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it. This paper is posted at ScholarlyCommons.
Communication-efficient tracking of distributed triggers
, 2006
"... There has been growing interest in large-scale distributed monitoring systems, such as Dynamic Denial of Service attack detectors and sensornet-based environmental monitors. Recent work has posited that these infrastructures lack a critical component, namely a distributed-triggering mechanism that f ..."
Abstract
-
Cited by 22 (7 self)
- Add to MetaCart
(Show Context)
There has been growing interest in large-scale distributed monitoring systems, such as Dynamic Denial of Service attack detectors and sensornet-based environmental monitors. Recent work has posited that these infrastructures lack a critical component, namely a distributed-triggering mechanism that fires when an aggregate of remote-site behavior exceeds some threshold. For several scenarios, the trigger conditions of interest are naturally cumulative, they continuously monitor the accumulation of threshold infractions (e.g., resource overuse) over time. In this paper, we develop a novel framework and communicationefficient protocols to support distributed cumulative triggers. In sharp contrast to earlier work focusing on instantaneous violations, we introduce a general model of threshold conditions that enables us to track distributed cumulative violations over time windows of any size. In our system, a central coordinator efficiently tracks aggregate time-series data at remote sites by adaptively informing the sites how to locally filter their data and when to ship new information. Our proposed algorithmic framework allows us to: (1) provide guarantees on the coordinator’s triggering accuracy; (2) flexibly tradeoff communication overhead versus accuracy; and, (3) develop an analytic solution for computing local filtering parameters. Our work is the first to solve the problem of communication-efficient monitoring for distributed cumulative trigger conditions using principled solutions with accuracy guarantees. We evaluate our system using time-series data generated from SNORT logs on PlanetLab nodes and demonstrate that our methods yield significant communication overhead reductions while simultaneously achieving high detection accuracy, even for highly variable data streams. 1
A survey on the design, applications, and enhancements of application-layer overlay networks
- ACM Computing Surveys
"... This article presents a survey of recent advancements in application-layer overlay networks. Some of the most important applications that have been proposed for overlays include multicast, QoS support, denialof-service (DoS) defense, and resilient routing. We look at some of the important approaches ..."
Abstract
-
Cited by 8 (0 self)
- Add to MetaCart
This article presents a survey of recent advancements in application-layer overlay networks. Some of the most important applications that have been proposed for overlays include multicast, QoS support, denialof-service (DoS) defense, and resilient routing. We look at some of the important approaches proposed for these applications and compare the advantages and disadvantages of these approaches. We also examine some of the enhancements that have been proposed in overlay topology design, enhanced routing performance, failure resistance, and the issues related to coexistence of overlay and native layers in the Internet. We conclude the article with a comment on the purist vs pluralist argument of overlay networks that has received much debate recently. Finally, we propose a new deployment model for service overlays that seeks to interpose between these two approaches.
On Investigating Overlay Service Topologies
"... Recently, a moderate amount of work has been reported on the use of overlay networks to support value-added network services, such as multicasting, Quality of Service (QoS), security, etc. To design an overlay network, the first step is to choose an overlay topology connecting all the overlay servic ..."
Abstract
-
Cited by 7 (0 self)
- Add to MetaCart
(Show Context)
Recently, a moderate amount of work has been reported on the use of overlay networks to support value-added network services, such as multicasting, Quality of Service (QoS), security, etc. To design an overlay network, the first step is to choose an overlay topology connecting all the overlay service nodes. When considering overlay topologies, several questions need to be answered first: How overlay topologies affect overlay routing performance? Which topologies can provide satisfactory performance? How can we construct efficient overlay topologies connecting all the overlay nodes? In this paper, we focus on the overlay network topology construction issue. First, we evaluate and compare the performance and overhead of the existing overlay topologies. Second, we formalize the overlay topology construction problem and propose two new heuristic methods to construct efficient overlay topologies. Simulation results have demonstrated the efficiency of the two proposed approaches. It is shown that overlay service performance varies significantly with respect to different overlay topologies. Thus, it is important to choose an appropriate overlay network topology. The knowledge of IP-layer topology information also benefits significantly in constructing efficient overlay topologies as inferred from the results.
DoS Defense in Structured Peer-to-Peer Networks
, 2004
"... Denial of service (DoS) attacks are a large and increasing threat to the Internet community. In this paper, we propose using a distributed approach to DoS defense. Our architecture leverages the properties of a wide-area overlay network to isolate clusters of attackers while denying access to a mini ..."
Abstract
-
Cited by 6 (0 self)
- Add to MetaCart
(Show Context)
Denial of service (DoS) attacks are a large and increasing threat to the Internet community. In this paper, we propose using a distributed approach to DoS defense. Our architecture leverages the properties of a wide-area overlay network to isolate clusters of attackers while denying access to a minimal amount of legitimate users. This is done by collaborating with other members of a structured peer to peer network, which is inherently collaborative. Our results show that such our approach is effective at both detection and suppression of a DoS attack.
Route Maintenance Overheads in DHT Overlays
- In 6th Workshop on Distributed Data and Structures (WDAS
, 2003
"... Efficient route maintenance in DHTs is still an area of very active research due to its complexity and multitude of aspects to be considered. In this paper we propose novel correctionon-failure (CoF) and correction-on-use (CoU) approaches that support route maintenance more efficiently than existing ..."
Abstract
-
Cited by 5 (3 self)
- Add to MetaCart
(Show Context)
Efficient route maintenance in DHTs is still an area of very active research due to its complexity and multitude of aspects to be considered. In this paper we propose novel correctionon-failure (CoF) and correction-on-use (CoU) approaches that support route maintenance more efficiently than existing methods even under highly dynamical network conditions. In contrast to previous work which addresses static resilience, we apply the more realistic model of viewing changes in the network as a continuous Markovian process and demonstrate that the system can reach a dynamic equilibrium in the presence of continuous changes while remaining operational, efficient, and scalable. We devise a generally applicable method for analyzing the dynamic behavior of route maintenance and use it to proof the efficiency of our approach. The equilibrium equations derived from the analytical model allow us to predict a system’s behavior over a wide range of parameters and demonstrate its scalability. Simulation results additionally verify our analytical results. Our approach also introduces the principle of data independence into route maintenance which we demonstrate to be achievable at low cost. This separation of concern disentangles the overlay from the underlying network dynamics and is an important step towards semantic overlay networks as a basic constituent in distributed information management. It specifically facilitates the application of the P2P paradigm in mobile ad-hoc networks, identity management, tracking of past interactions (e.g., for reputation management), etc. which are of basic importance for overlay supported P2P commerce. Moreover, other domains, for example P2P based publish/subscribe systems, will also benefit from this property of our approach.
