QOS multimedia multicast routing a component based primal dual approach /

Hussain, Faheem A.

January 2006

Thesis (M.S.)--Georgia State University, 2006. / Title from title screen. Alexander Zelikovsky, committee chair; Anu Bourgeois, Saeid Belkasim, committee members. Electronic text (59 p. : ill. (some col.)) : digital, PDF file. Description based on contents viewed June 28, 2007. Includes bibliographical references (p. 58-59).

Asymptotic optimality of shortest path routing

January 1983

Eli M. Gafni, Dimitri P. Bertsekas. / "July 1983" / Bibliography: p. 29-30. / "DARPA ... contract ONR/N00014-75-C-1183"

TK7855.M41 E3845 no.1307

Computer networks

Threats to information systems and effective countermeasures

Jones, Andrew

January 2004

This thesis supports the hypothesis that the measurement of the potency of threat agents to information systems is a crucial element in the accurate calculation of the risks to which systems are subject and the subsequent management of those risks. It describes a series of papers that were published as the result of research that has been carried out into a range of information security issues. The research evolved over the period from 1995 from the underlying drive to identify means of proving improved protection for government and military information systems. Once the initial research was completed, further work was undertaken to resolve issues identified in completed research and also to address newly identified security issues. This document describes the relationship between the papers that were produced from the individual areas of research and address a range of related topics. This document examines the sources of threats to information systems and methods that can be employed to improve the process of managing and treating the risk that they create. It also addresses issues relating to areas of information security that have not been clearly understood and a provides a number of countermeasures that can be implemented to protect information systems in government, the commercial sector and in private use and a framework for the forensic investigation of incidents. As a result of this research, a clearer understanding has been gained of methods that can be implemented to improve the security of information systems at all levels and a threat methodology has been developed that is now taught in a number of countries and which has now been adopted by the UK Government for further development to meet their specific needs. The contribution to knowledge has been the development of advice on the security of information systems, a taxonomy for the investigation of incidents and a method for the measurement of threat.

005.8

Towards large scale software based network routing simulation

Herbert, Alan

January 2015

Software based routing simulators suffer from large simulation host requirements and are prone to slow downs because of resource limitations, as well as context switching due to user space to kernel space requests. Furthermore, hardware based simulations do not scale with the passing of time as their available resources are set at the time of manufacture. This research aims to provide a software based, scalable solution to network simulation. It aims to achieve this by a Linux kernel-based solution, through insertion of a custom kernel module. This will reduce the number of context switches by eliminating the user space context requirement, and serve to be highly compatible with any host that can run the Linux kernel. Through careful consideration in data structure choice and software component design, this routing simulator achieved results of over 7 Gbps of throughput over multiple simulated node hops on consumer hardware. Alongside this throughput, this routing simulator also brings to light scalability and the ability to instantiate and simulate networks in excess of 1 million routing nodes within 1 GB of system memory

Routers (Computer networks)

Computer software

Linux

Traffic identification in IP networks

de Castro Callado, Arthur

31 January 2009

Made available in DSpace on 2014-06-12T15:49:18Z (GMT). No. of bitstreams: 1 license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2009 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / A análise e identificação de tráfego em redes IP ainda é algo muito dependente da interação e expertise humana. A compreensão da composição e dinâmica do tráfego Internet são essenciais para o gerenciamento de redes IP, especialmente para planejamento de capacidade, engenharia de tráfego, diagnóstico de falhas, detecção de anomalias e caracterização do desempenho de serviços. A grande mudança nas aplicações predominantes nos últimos anos, de Web para compartilhamento de arquivos Peer-to-Peer e atualmente de Peer-to-Peer para streaming de vídeo requer uma atenção especial dos administradores de redes, mas não foi completamente prevista por ferramentas de gerência. Ainda hoje, na prática, operadores de rede somente detectam streaming de vídeo baseado no endereço IP de servidores de streaming de vídeo conhecidos. Mas novas aplicações, como Joost, Babelgum and TVU, estão oferecendo um tipo de serviço de streaming de vídeo peer-to-peer em que não é factível fazer a identificação por endereço IP. Algumas redes bloqueiam o acesso a aplicações baseado no endereço IP ou no número de portas bem conhecidas, dois métodos já considerados inviáveis para a identificação de aplicação. Isto é um incentivo a uma briga de gato e rato entre os desenvolvedores de tais aplicações tentando criar aplicações que trocam tráfego mesmo em redes hostis utilizando-se de técnicas de evasão e redes que consideram as algumas aplicações prejudiciais ao negócio ou objetivos e tentam bloqueá-las. Dessa forma, a identificação das aplicações que compõem o tráfego independentemente de configuração de rede é valiosa para operadores de rede. Ela permite uma predição mais efetiva das demandas de tráfego de usuário; a oferta de serviços de valor agregado baseada na demanda dos clientes por outros serviços; a cobrança baseada em aplicação; e no caso de identificação online, também permite Qualidade de Serviço (QoS) baseada na aplicação, formatação de tráfego (shaping) e filtragem de tráfego (firewall). Nos últimos anos, algumas técnicas baseadas em inferência foram propostas como alternativas de identificação de tráfego não-baseadas em portas conhecidas. Entretanto, nenhuma se mostrou adequada a alcançar alta eficiência na identificação de vários tipos de aplicação ao mesmo tempo, usando tráfego real. Portanto, a combinação de técnicas parece ser uma abordagem razoável para lidar com as deficiências de cada técnica e a periódica reconfiguração dos parâmetros de combinação pode mostrar-se uma idéia interessante paralidar com a evolução natural das aplicações e as técnicas de evasão usadas pelas aplicações que geram grande volume de tráfego indesejado. Este trabalho provê um entendimento profundo das deficiências comuns em identificação de tráfego e traz algumas contribuições práticas à área. Após um cuidadoso estudo de desempenho dos principais algoritmos de identificação de tráfego em quatro redes diferentes, esta tese lista várias recomendações para a utilização de algoritmos de identificação de tráfego. Para atingir este objetivo, alguns pré-requisitos para a criação de um ambiente adequado de identificação de tráfego são detalhados. Além disso, são propostos métodos originais para melhorar o desempenho dos algoritmos de identificação de tráfego através da combinação de resultados, sem restrições sobre o tipo de algoritmos de identificação que podem ser usados. Tais métodos são avaliados em um estudo de caso realizado com a utilização dos mesmos cenários de rede

Computer networks

traffic identification

machine learning

Modelagem e computação de banda passante equivalente de fluxos multifractais / Modeling and computing of equivalent bandwidth of multifractal flows

Melo, Cesar Augusto Viana

11 August 2004

Orientador: Nelson Luis Saldanha da Fonseca / Tese (doutorado) - Universidade Estadual de Campinas. Instituto de Matematica, Estatistica e Ciencia da Computação / Made available in DSpace on 2018-08-04T04:14:55Z (GMT). No. of bitstreams: 1 Melo_CesarAugustoViana_D.pdf: 4147740 bytes, checksum: 2f363a957b0445b560aae59a1f2c3a7e (MD5) Previous issue date: 2004 / Resumo: O fenômeno do cascateamento caracteriza-se pela ausência de uma escala de tempo específica, na qual a explosividade do tráfego possa ser caracterizada. Faz-se necessário, portanto, que esse tráfego seja descrito em diferentes escalas de tempo. Esse fenômeno foi identificado pela primeira vez em traços de tráfego de redes locais. Verificou-se em traços de tráfego do protocolo Internet Protocol (IP), composto majoritariamente por tráfego gerado por conexões TCP, o fenômeno do cascateamento em pequenas escalas de tempo, bem como a existência de dependências de longa duração. Além disso, nesses traços o tráfego apresenta alta variabilidade, cascateamento não-uniforme e a distribuição marginal das suas medições (bytes e/ou pacotes) é não-gaussiana. Estas características são típicas de processos multifractais. A banda passante equivalente de um fluxo é a quantidade mínima de banda passante requerida para que os requisitos de Qualidade de Serviço (QoS) desse fluxo possam ser atendidos. Dispor de métodos eficientes para computar a banda passante equivalente de um fluxo permite realizar alocação eficiente de banda passante, o que é essencial em redes de alta velocidade. A computação da banda passante equivalente de um fluxo requer a solução de um sistema de filas alimentado por esse fluxo, que, por sua vez, requer a computação do instante de tempo em que esse sistema alcança o seu máximo em termo de trabalho não-realizado. Uma representação minimalista do fluxo que alimenta um sistema de filas, obtida com o uso de processos envelope, permite a derivação de soluções, que apresentam boa precisão, para esse sistema. Nesta tese, introduz-se um processo envelope, chamado de processo envelope do movimento Browniano multifractal (mBm), que é um limitante superior para o volume de trabalho gerado por um processo mBm. A derivação do processo envelope do mEm baseia-se na propriedade de auto-similaridade local de um processo mBm. Esta propriedade estabelece que os incrementos de um processo mBm, em escalas de tempo pequenas, são realizações de processos movimento Browniano fractal (fEm). O processo envelope do mEm foi extensivamente validado para se verificar a sua capacidade de representar o tráfego de um fluxo. Usou-se tanto fluxos de tráfego real quanto fluxos de tráfego sintético na validação desse processo envelope. Expressões para o cálculo da escala de tempo de interesse de um sistema de filas alimento por fluxos multifractais são derivadas. Estas expressões são utilizadas pelo algoritmo que implementa a heurística, proposta nesta tese, para computação da banda passante equivalente de um fluxo multifractal. Demonstra-se a efetividade destas expressões ao se avaliar o ganho obtido com a multiplexação estatística de fluxos multifractais. Introduz-se, também, um mecanismo baseado em janelas para o policiamento de tráfego multifractaL / Abstract: Scaling in network traffic can be identified as the absence of a typical time scale at which traffic burstiness can be characterized. Internet Protocol (IP) traffic presents both scaling and long-range dependence. Moreover, at small time scales, IP traffic shows non-uniform scaling and high variability. Moreover, the marginal distribution of counting process is non-gaussian, which dearly differentiates IP traffic from L_ cal Area Network traffic, which is accurately modelled by monofractal (self-similar) processes. Such patterns can be precisely modelled by multifractal processes. The equivalent bandwidth of a traffic flow is the minimum amount of bandwidth which should be given to that flow in order to support its Quality of Service (QoS) requirements. Efficient algorithms for estimating the equivalent bandwidth of a flow is of paramount importance for network dimensioning and provisioning of QoS in high speed networks. The computation of the equivalent bandwidth requires solving a queueing system fed by this flow, and specially the identification of the time scale at which the queue length reaches its maximum value. A minimalist representation of the traffic flow such as those obtained by the use of envelope process is needed for the derivation of the solution of the queueing system. In this thesis, an envelope process, called mBm envelope process, is introduced. This process is an upper bound to the amount of work arrived in a multifractal Brownian motion (mBm). The definition of the mBm envelope process is based on the local self-similarity property of the mBm processo the mBm envelope process was extensively validated using both real network traffic and synthetic generated traffic. An expression for the time scale at which a queueing system fed by a multifractal flow is derived. This expression is used in a proposed algorithm for the computation of the equivalent bandwidth of a multifractal flow. The effectiveness of such algorithm is assessed by the evaluation of the multiplexing gain of several multifractal flows. A policing mechanism appropriate for multifractal flows is also introduced in this thesis / Doutorado / Ciência da Computação / Mestre em Ciência da Computação

Redes de computadores

Fractais

Computer networks

Fractals

Peer-to-peer file-sharing as part of an information infrastructure

Niemand, Cornelius Johannes Petrus

12 January 2009

M.A. / A second technological revolution is imminent. As with the first major technological revolution, which was driven by the decentralisation of computing power from that of mainframe networks to that of the “smart” personal-workstation computer, this second revolution is also characterised and driven by decentralised online-communication technology. In terms of this second revolution, however, modern computer users are poised to free themselves of centralised Internet servers for communication and/or file-sharing by connecting to other users directly. This second revolution has even been given a name, that is, “People-to-People” or “Peer-to-Peer computing”, called “P2P computing” for short. Although the basic concept of P2P computing cannot lay claim to being entirely new, it is associated by many a user with file-sharing, particularly with MP3 music files, whilst P2P computing, in fact, constitutes much more, such as instant messaging, group collaboration and distributed computing. Closer to the Information Studies and library environments would be the P2P data replication of a digital-library collection. The extensive use of P2P computing will have a significant impact on the bandwidths available within organisations, to the extent that an unprepared network may very well be overwhelmed by the increased traffic generated by the use of P2P file-sharing. A well-founded understanding of the usage patterns of the individuals using P2P applications will ensure better management and control by the system administrators of and over the expensive information technology (IT) infrastructure. This will also ensure better response to and usage of other systems and applications, such as e-mail and the general World Wide Web utilising the same infrastructure. The principal aim of this study, which was undertaken at the Rand Afrikaans University, is to identify such user behaviour and utilisation patterns in students interacting with P2P systems available on the Internet. The selected respondents, in their capacity of Information Science students, all completed a questionnaire aimed at examining, among other things, aspects such as • information technology (IT) utilisation • the frequency and duration of user sessions • the type of content downloaded and shared • the social aspects associated with P2P file-sharing. P2P computing can be seen as a radically new mindset, setting the stage for a decentralised Internet future. Although distributed computing is dogged by various inherent problems, for example copyright and privacy issues, the most troublesome problem still is that of bandwidth usage. It is to be hoped, therefore, that the application of the research results of this study will ensure the better management of existing infrastructure and resources, as well as the development and rendering of new value-added services within organisations.

Internet

Using formal languages in data communications protocols

Mulder, Petrus Gerhardus

19 May 2014

D.Phil. (Computer Science) / Please refer to full text to view abstract

Formal languages

Computer network protocols

Computer networks

Guidelines for cybersecurity education campaigns

Reid, Rayne

January 2017

In our technology- and information-infused world, cyberspace is an integral part of modern-day society. As the number of active cyberspace users increases, so too does the chances of a cyber threat finding a vulnerable target increase. All cyber users who are exposed to cyber risks need to be educated about cyber security. Human beings play a key role in the implementation and governing of an entire cybersecurity and cybersafety solution. The effectiveness of any cybersecurity and cybersafety solutions in a societal or individual context is dependent on the human beings involved in the process. If these human beings are either unaware or not knowledgeable about their roles in the security solution they become the weak link in these cybersecurity solutions. It is essential that all users be educated to combat any threats. Children are a particularly vulnerable subgroup within society. They are digital natives and make use of ICT, and online services with increasing frequency, but this does not mean they are knowledgeable about or behaving securely in their cyber activities. Children will be exposed to cyberspace throughout their lifetimes. Therefore, cybersecurity and cybersafety should be taught to children as a life-skill. There is a lack of well-known, comprehensive cybersecurity and cybersafety educational campaigns which target school children. Most existing information security and cybersecurity education campaigns limit their scope. Literature reports mainly on education campaigns focused on primary businesses, government agencies and tertiary education institutions. Additionally, most guidance for the design and implementation of security and safety campaigns: are for an organisational context, only target organisational users, and mostly provide high-level design recommendations. This thesis addressed the lack of guidance for designing and implementing cybersecurity and cybersafety educational campaigns suited to school learners as a target audience. The thesis aimed to offer guidance for designing and implementing education campaigns that educate school learners about cybersecurity and cybersafety. This was done through the implementation of an action research process over a five-year period. The action research process involved cybersecurity and cybersafety educational interventions at multiple schools. A total of 18 actionable guidelines were derived from this research to guide the design and implementation of cybersecurity and cybersafety education campaigns which aim to educate school children.

Computer security

Computer networks -- Security measures

On performance improvement of restricted bandwidth multimedia conferencing over packet switched networks

ElGebaly, Hani H.

08 September 2017

Advances in computer technology such as faster processors, better data compression schemes, and cheaper audio and video devices have made it possible to integrate multimedia into the computing environment. Desktop conferencing evolved as a plausible result of this multimedia revolution. The bandwidth granted for these conferencing applications is restricted in most cases by the speed of the modem device connected to the network. Poor performance of multimedia conferencing over the Internet can be attributed to two main factors: local and remote induced effects. Local effects are induced by bandwidth sharing between different media components, operating system limitations, or poor design. Remote effects include all Internet related problems such as unfairness, nonguaranteed quality of service, congestion, etc. Both effects are addressed in this study and some solutions are proposed. The primary goal is to maintain audio quality and prevent video from degrading audio performance. We study characteristics of video and audio traffic sources of conferencing applications following the H.323 set of standards defined by the International Telecommunication Union (ITU). The media traffic uses the Real-time Transport Protocol (RTP) and User Datagram Protocol (UDP) as their transport vehicle over IP network protocol. Tradeoffs involved in the choice of multimedia traffic parameters are presented. Our measurements were carried out on audio and video codecs defined in G.723.1 and H.263 specifications respectively, both drafted by the ITU. This dissertation investigates traffic multiplexing issues at the host, and the interaction of conferencing media components as they are multiplexed locally in a shared bandwidth transport medium. Lack of appropriate multiplexing algorithms can lead to one or more media components oversubscribing to the shared bandwidth and penalizing other participants. These local effects can contribute significantly to traffic delay or abuse of the network bandwidth. We propose the “bit rate adjuster” (BRA) algorithm and use it the network bandwidth. We propose the “bit rate adjuster” (BRA) algorithm and use it for regulating media flow. The algorithm compensates for video local effects induced by packet preparation or processing to allow for better audio performance. A new performance qualifier is introduced and used in the evaluation process. Further on the remote side, we investigate reactive mechanisms used to recover media flow performance degradation caused by shared bandwidth traffic effects. We overview feedback mechanisms based on the Real-time Control Protocol (RTCP). We uncover its limitation on applications connected to the Internet through narrow bandwidth pipes. We propose an alternative approach that predicts and prevents the loss of audio packets before it occurs based on local computation of audio jitter. We also propose a mechanism that recovers audio traffic from jitter and latency effects introduced by the Internet shared medium. These approaches improve the audio performance significantly in multimedia conferencing sessions. / Graduate

Computer networks

Multimedia systems

High performance computing