Three essays on corporate pension underfunding , securities valuation and market efficiency /

Zhang, Ting,

January 2009

Thesis (Ph.D.) -- University of Rhode Island, 2009. / Typescript. Includes bibliographical references (leaves 157-168).

User-centric traffic engineering in software defined networks

Bakhshi, Taimur

January 2017

Software defined networking (SDN) is a relatively new paradigm that decouples individual network elements from the control logic, offering real-time network programmability, translating high level policy abstractions into low level device configurations. The framework comprises of the data (forwarding) plane incorporating network devices, while the control logic and network services reside in the control and application planes respectively. Operators can optimize the network fabric to yield performance gains for individual applications and services utilizing flow metering and application-awareness, the default traffic management method in SDN. Existing approaches to traffic optimization, however, do not explicitly consider user application trends. Recent SDN traffic engineering designs either offer improvements for typical time-critical applications or focus on devising monitoring solutions aimed at measuring performance metrics of the respective services. The performance caveats of isolated service differentiation on the end users may be substantial considering the growth in Internet and network applications on offer and the resulting diversity in user activities. Application-level flow metering schemes therefore, fall short of fully exploiting the real-time network provisioning capability offered by SDN instead relying on rather static traffic control primitives frequent in legacy networking. For individual users, SDN may lead to substantial improvements if the framework allows operators to allocate resources while accounting for a user-centric mix of applications. This thesis explores the user traffic application trends in different network environments and proposes a novel user traffic profiling framework to aid the SDN control plane (controller) in accurately configuring network elements for a broad spectrum of users without impeding specific application requirements. This thesis starts with a critical review of existing traffic engineering solutions in SDN and highlights recent and ongoing work in network optimization studies. Predominant existing segregated application policy based controls in SDN do not consider the cost of isolated application gains on parallel SDN services and resulting consequence for users having varying application usage. Therefore, attention is given to investigating techniques which may capture the user behaviour for possible integration in SDN traffic controls. To this end, profiling of user application traffic trends is identified as a technique which may offer insight into the inherent diversity in user activities and offer possible incorporation in SDN based traffic engineering. A series of subsequent user traffic profiling studies are carried out in this regard employing network flow statistics collected from residential and enterprise network environments. Utilizing machine learning techniques including the prominent unsupervised k-means cluster analysis, user generated traffic flows are cluster analysed and the derived profiles in each networking environment are benchmarked for stability before integration in SDN control solutions. In parallel, a novel flow-based traffic classifier is designed to yield high accuracy in identifying user application flows and the traffic profiling mechanism is automated. The core functions of the novel user-centric traffic engineering solution are validated by the implementation of traffic profiling based SDN network control applications in residential, data center and campus based SDN environments. A series of simulations highlighting varying traffic conditions and profile based policy controls are designed and evaluated in each network setting using the traffic profiles derived from realistic environments to demonstrate the effectiveness of the traffic management solution. The overall network performance metrics per profile show substantive gains, proportional to operator defined user profile prioritization policies despite high traffic load conditions. The proposed user-centric SDN traffic engineering framework therefore, dynamically provisions data plane resources among different user traffic classes (profiles), capturing user behaviour to define and implement network policy controls, going beyond isolated application management.

004.6

Nationwide pediatric mortality: drug toxicology, unknown causes of death, and autopsy rates

Reilly, Michael P.

12 March 2016

Deaths among the pediatric population encompass a small percentage of the total number of fatalities across the United States. Since the deaths of infants, children, and adolescents are rare, there is little forensic literature concerning this age group. Autopsies, if performed completely, can reveal additional information surrounding circumstances of a case and leads to a determination of a cause of death or a diagnosis of exclusion. Yet studies report that nationwide autopsy rates are low, despite an increase of drugs in the environment and the prevalence of ill-defined causes of death. With the use of the Centers of Disease Control and Prevention (CDC) internet database Wide-ranging Online Data for Epidemiologic Research (WONDER), all deaths of individuals 19 years old and under were analyzed for years 2000, 2005, and 2010. The three main areas that were examined through the WONDER database were poisoning deaths for all ages, ill-defined causes of death for the infant age group, and overall autopsy rates for the three age groups with the highest crude rate of death. The crude death rate for all pediatric age groups have decreased within the examined decade. The infant age group comprised the majority of all pediatric fatalities and had the highest crude death rate. Individuals in the 15 to 19 year age group had the second highest crude death rate of the pediatric population. With a low number of total pediatric poisoning deaths, there has been a steady increase in crude death rate over the decade. The 15-19 age group encompassed the majority of these types of fatalities, with a total of 942 in 2010. It was also discovered that not every pediatric victim was autopsied when a death was diagnosed as a poisoning death when examined by a forensic pathologist. Infant ill-defined causes of death consisted of just over 12% nationwide for all years studied. However approximately 70% of all infant ill-defined causes of death were diagnosed as Sudden Infant Death Syndrome (SIDS) in 2000 and 2010. When examining autopsy rates for the year 2010, autopsies were performed for 32.9% of infant deaths, 55.1% of child deaths between 1-4 years of age, and 59.8% of teenage deaths between 15-19 years of age. In 2010, implementation of autopsies is uncertain for 2,454 deaths under 1 year, 255 deaths between 1 and 4 years, and 666 between 15 and 19 years. Measures need to be put in place nationwide to increase the rate of autopsies for the pediatric population and there needs to be strict accountability when it is not reported on a death certificate whether or not an autopsy was performed. Standard operating procedures should be applied for all autopsies of pediatric victims, with a toxicology examination always being included in an investigation.

Pathology

CDC

SIDS

Autopsy

Fatalities

Ill-defined

Pediatric

Wideband and Narrowband Spectrum Sensing Methods Using Software Defined Radios

Stegman, Jason Karl

01 August 2014

The ability to accurately sense the surrounding wireless spectrum, without having any prior information about the type of signals present, is an important aspect for dynamic spectrum access and cognitive radio. Energy detection is one viable method, however its performance is limited at low SNR and must adhere to Nyquist sampling theorem. Compressive sensing has emerged as a potential method to recover wideband signals using sub-Nyquist sampling rates, under the presumption that the signals are sparse in a certain domain. In this study, the performance and some of the practical limitations of energy detection and compressive sensing are compared via simulation, and also implementation using the Universal Software Radio Peripheral (USRP) software defined radio (SDR) platform. The usefulness and simplicity of the USRP and GNU Radio software toolkit for simulation and experimentation, as well as some other application areas of compressive sensing and SDR, is also discussed.

Cognitive Radio

GNU Radio

Software Defined Radio

USRP

Enhancing network robustness using software-defined networking

Li, Xin

January 1900

Doctor of Philosophy / Department of Electrical and Computer Engineering / Don M. Gruenbacher / Caterina M. Scoglio / As today's networks are no longer individual networks, networks are less robust towards failures and attacks. For example, computer networks and power networks are interdependent. Computer networks provide smart control for power networks, while power networks provide power supply. Localized network failures and attacks are amplified and exacerbated back and forth between two networks due to their interdependencies. This dissertation focuses on finding solutions to enhance network robustness. Software-defined networking provides a programmable architecture, which can dynamically adapt to any changes and can reduce the complexities of network traffic management. This architecture brings opportunities to enhance network robustness, for example, adapting to network changes, routing traffic bypassing malfunction devices, dropping malicious flows, etc. However, as SDN is rapidly proceeding from vision to reality, the SDN architecture itself might be exposed to some robustness threats. Especially, the SDN control plane is tremendously attractive to attackers, since it is the "brain" of entire networks. Thus, researching on network robustness helps protect network from a destructive disaster. In this dissertation, we first build a novel, realistic interdependent network framework to model cyber-physical networks. We allocate dependency links under a limited budget and evaluate network robustness. We further revise a network flow algorithm and find solutions to obtain a basic robust network structure. Extensive simulations on random networks and real networks show that our deployment method produces topologies that are more robust than the ones obtained by other deployment techniques. Second, we tackle middlebox chain problems using SDN. In computer networks, applications require traffic to sequence through multiple types of middleboxes to accomplish network functionality. Middlebox policies, numerous applications' requirements, and resource allocations complicate network management. Furthermore, middlebox failures can affect network robustness. We formulate a mixed-integer linear programming problem to achieve a network load-balancing objective in the context of middlebox policy chain routing. Our global routing approach manages network resources efficiently by simplifying candidate-path selections, balancing the entire network and using the simulated annealing algorithm. Moreover, in case of middlebox failures, we design a fast rerouting mechanism by exploiting the remaining link and middlebox resources locally. We implement proposed routing approaches on a Mininet testbed and evaluate experiments' scalability, assessing the effectiveness of the approaches. Third, we build an adversary model to describe in detail how to launch distributed denial of service (DDoS) attacks to overwhelm the SDN controller. Then we discuss possible defense mechanisms to protect the controller from DDoS attacks. We implement a successful DDoS attack and our defense mechanism on the Mininet testbed to demonstrate its feasibility in the real world. In summary, we vertically dive into enhancing network robustness by constructing a topological framework, making routing decisions, and protecting the SDN controller.

Software-defined networking

Network robustness

Middlebox policy

Interdependent network

Security

Policy-driven Network Defense for Software Defined Networks

January 2016

abstract: Software-Defined Networking (SDN) is an emerging network paradigm that decouples the control plane from the data plane, which allows network administrators to consolidate common network services into a centralized module named SDN controller. Applications’ policies are transformed into standardized network rules in the data plane via SDN controller. Even though this centralization brings a great flexibility and programmability to the network, network rules generated by SDN applications cannot be trusted because there may exist malicious SDN applications, and insecure network flows can be made due to complex relations across network rules. In this dissertation, I investigate how to identify and resolve these security violations in SDN caused by the combination of network rules and applications’ policies. To this end, I propose a systematic policy management framework that better protects SDN itself and hardens existing network defense mechanisms using SDN. More specifically, I discuss the following four security challenges in this dissertation: (1) In SDN, generating reliable network rules is challenging because SDN applications cannot be trusted and have complicated dependencies each other. To address this problem, I analyze applications’ policies and remove those dependencies by applying grid-based policy decomposition mechanism; (2) One network rule could accidentally affect others (or by malicious users), which lead to creating of indirect security violations. I build systematic and automated tools that analyze network rules in the data plane to detect a wide range of security violations and resolve them in an automated fashion; (3) A fundamental limitation of current SDN protocol (OpenFlow) is a lack of statefulness, which is extremely important to several security applications such as stateful firewall. To bring statelessness to SDN-based environment, I come up with an innovative stateful monitoring scheme by extending existing OpenFlow specifications; (4) Existing honeynet architecture is suffering from its limited functionalities of ’data control’ and ’data capture’. To address this challenge, I design and implement an innovative next generation SDN-based honeynet architecture. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2016

Computer science

Honeynet

Network Security

Policy Management

Software-defined Networking

Software Defined Applications in Cellular and Optical Networks

January 2017

abstract: Small wireless cells have the potential to overcome bottlenecks in wireless access through the sharing of spectrum resources. A novel access backhaul network architecture based on a Smart Gateway (Sm-GW) between the small cell base stations, e.g., LTE eNBs, and the conventional backhaul gateways, e.g., LTE Servicing/Packet Gateways (S/P-GWs) has been introduced to address the bottleneck. The Sm-GW flexibly schedules uplink transmissions for the eNBs. Based on software defined networking (SDN) a management mechanism that allows multiple operator to flexibly inter-operate via multiple Sm-GWs with a multitude of small cells has been proposed. This dissertation also comprehensively survey the studies that examine the SDN paradigm in optical networks. Along with the PHY functional split improvements, the performance of Distributed Converged Cable Access Platform (DCCAP) in the cable architectures especially for the Remote-PHY and Remote-MACPHY nodes has been evaluated. In the PHY functional split, in addition to the re-use of infrastructure with a common FFT module for multiple technologies, a novel cross functional split interaction to cache the repetitive QAM symbols across time at the remote node to reduce the transmission rate requirement of the fronthaul link has been proposed. / Dissertation/Thesis / Doctoral Dissertation Electrical Engineering 2017

Electrical engineering

Backhaul

Cellular

LTE

Optical

Software Defined Networking

Wireless

Threats and Defenses in SDN Control Plane

January 2018

abstract: Network Management is a critical process for an enterprise to configure and monitor the network devices using cost effective methods. It is imperative for it to be robust and free from adversarial or accidental security flaws. With the advent of cloud computing and increasing demands for centralized network control, conventional management protocols like Simple Network Management Protocol (SNMP) appear inadequate and newer techniques like Network Management Datastore Architecture (NMDA) design and Network Configuration (NETCONF) have been invented. However, unlike SNMP which underwent improvements concentrating on security, the new data management and storage techniques have not been scrutinized for the inherent security flaws. In this thesis, I identify several vulnerabilities in the widely used critical infrastructures which leverage the NMDA design. Software Defined Networking (SDN), a proponent of NMDA, heavily relies on its datastores to program and manage the network. I base my research on the security challenges put forth by the existing datastore’s design as implemented by the SDN controllers. The vulnerabilities identified in this work have a direct impact on the controllers like OpenDayLight, Open Network Operating System and their proprietary implementations (by CISCO, Ericsson, RedHat, Brocade, Juniper, etc). Using the threat detection methodology, I demonstrate how the NMDA-based implementations are vulnerable to attacks which compromise availability, integrity, and confidentiality of the network. I finally propose defense measures to address the security threats in the existing design and discuss the challenges faced while employing these countermeasures. / Dissertation/Thesis / Masters Thesis Computer Science 2018

Computer science

Attacks

Network Management

NMDA

Security

Software Defined Network

Software-Defined Computational Offloading for Mobile Edge Computing

Krishna, Nitesh

03 May 2018

Computational offloading advances the deployment of Mobile Edge Computing (MEC) in the next generation communication networks. However, the distributed nature of the mobile users and the complex applications make it challenging to schedule the tasks reasonably among multiple devices. Therefore, by leveraging the idea of Software-Defined Networking (SDN) and Service Composition (SC), we propose a Software-Defined Service Composition model (SDSC). In this model, the SDSC controller is deployed at the edge of the network and composes service in a centralized manner to reduce the latency of the task execution and the traffic on the access links by satisfying the user-specific requirement. We formulate the low latency service composition as a Constraint Satisfaction Problem (CSP) to make it a user-centric approach. With the advent of the SDN, the global view and the control of the entire network are made available to the network controller which is further leveraged by our SDSC approach. Furthermore, the service discovery and the offloading of tasks are designed for MEC environment so that the users can have a complex and robust system. Moreover, this approach performs the task execution in a distributed manner. We also define the QoS model which provides the composition rule that forms the best possible service composition at the time of need. Moreover, we have extended our SDSC model to involve the constant mobility of the mobile devices. To solve the mobility issue, we propose a mobility model and a mobility-aware QoS approach enabled in the SDSC model. The experimental simulation results demonstrate that our approach can obtain better performance than the energy saving greedy algorithm and the random offloading approach in a mobile environment.

Software-Defined Networking

Computational Offloading

Mobile Edge Computing

Service Composition

Integrating IP Protocol Into Optical Networks by Using Software-defined Network (SDN)

Al-Ani, Layth

January 2015

The Internet, with cloud computing, offers amazing services that require a fast, intelligent, reliable network connection. Current networks, electrical or optical, need to work together to provide the user with a high-quality connection. The IP protocol as Layer 3 and an optical network as Layer 2 need to talk to each other and help each other instead of working separately. Therefore, this thesis proposes using software-defined network (SDN) technology for integrating the IP protocol into an optical network to fill the gap between the two layers and to give the network more intelligence and flexibility for new connection requests, choosing the best route, and monitoring the network. A two-layer SDN centralized controller design has been used. The Layer 1 SDN controller is the centralized controller that connects and updates all Layer 2 SDN controllers which control traffic in each domain. New connection requests are processed in the SDN controller and the traffic is forwarded by the optical network. SDN technology and the integration of IP into the optical network promise to enhance network connectivity.

Software-Defined Network

Optical Communication

IP Protocol

SDN