By Topic

Network Computing and Applications, 2008. NCA '08. Seventh IEEE International Symposium on

Date 10-12 July 2008

Filter Results

Displaying Results 1 - 25 of 62
  • [Front cover]

    Publication Year: 2008 , Page(s): C1
    Save to Project icon | Request Permissions | PDF file iconPDF (29 KB)  
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2008 , Page(s): i
    Save to Project icon | Request Permissions | PDF file iconPDF (13 KB)  
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2008 , Page(s): iii
    Save to Project icon | Request Permissions | PDF file iconPDF (49 KB)  
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2008 , Page(s): iv
    Save to Project icon | Request Permissions | PDF file iconPDF (49 KB)  
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2008 , Page(s): v - ix
    Save to Project icon | Request Permissions | PDF file iconPDF (181 KB)  
    Freely Available from IEEE
  • Message from the Program Committee

    Publication Year: 2008 , Page(s): x
    Save to Project icon | Request Permissions | PDF file iconPDF (25 KB)  
    Freely Available from IEEE
  • Conference organizers

    Publication Year: 2008 , Page(s): xi
    Save to Project icon | Request Permissions | PDF file iconPDF (31 KB)  
    Freely Available from IEEE
  • Program Committee

    Publication Year: 2008 , Page(s): xii - xiv
    Save to Project icon | Request Permissions | PDF file iconPDF (36 KB)  
    Freely Available from IEEE
  • External reviewers

    Publication Year: 2008 , Page(s): xv
    Save to Project icon | Request Permissions | PDF file iconPDF (20 KB)  
    Freely Available from IEEE
  • Sponsors

    Publication Year: 2008 , Page(s): xvi
    Save to Project icon | Request Permissions | PDF file iconPDF (58 KB)  
    Freely Available from IEEE
  • Invited Keynotes

    Publication Year: 2008 , Page(s): xvii - xviii
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (28 KB) |  | HTML iconHTML  

    Provides an abstract for each of the keynote presentations and a brief professional biography of each presenter. The complete presentations were not made available for publication as part of the conference proceedings. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • APART: Low Cost Active Replication for Multi-tier Data Acquisition Systems

    Publication Year: 2008 , Page(s): 1 - 8
    Cited by:  Papers (5)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (209 KB) |  | HTML iconHTML  

    This paper proposes APART (a posteriori active replication), a novel active replication protocol specifically tailored for multi-tier data acquisition systems. Unlike existing active replication solutions, APART does not rely on a-priori coordination schemes determining a same schedule of events across all the replicas, but it ensures replicas consistency by means of an a-posteriori reconciliation phase. The latter is triggered only in case the replicated servers externalize their state by producing an output event towards a different tier. On one hand, this allows coping with non-deterministic replicas, unlike existing active replication approaches. On the other hand, it allows attaining striking performance gains in the case of silent replicated servers, which only sporadically, yet unpredictably, produce output events in response to the receipt of a (possibly large) volume of input messages. This is a common scenario in data acquisition systems, where sink processes, which filter and/or correlate incoming sensor data, produce output messages only if some application relevant event is detected. Further, the APART replica reconciliation scheme is extremely lightweight as it exploits the cross-tier communication pattern spontaneously induced by the application logic to avoid explicit replicas coordination messages. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Quicksilver Scalable Multicast (QSM)

    Publication Year: 2008 , Page(s): 9 - 18
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1154 KB) |  | HTML iconHTML  

    QSM is a multicast engine designed to support a style of distributed programming in which application objects are replicated among clients and updated via multicast. The model requires platforms that scale in dimensions previously unexplored; in particular, to large numbers of multicast groups. Prior systems werenpsilat optimized for such scenarios and canpsilat take advantage of regular group overlap patterns, a key feature of our application domain. Furthermore, little is known about performance and scalability of such systems in modern managed environments. We shed light on these issues and offer architectural insights based on our experience building QSM. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • FOSeL: Filtering by Helping an Overlay Security Layer to Mitigate DoS Attacks

    Publication Year: 2008 , Page(s): 19 - 28
    Cited by:  Papers (6)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (325 KB) |  | HTML iconHTML  

    Denial of service (DoS) attacks are major threat against availability in the Internet. A large number of countermeasure techniques try to detect attack and then filter out DoS attack packets. Unfortunately these techniques that filter DoS traffic by looking at known attack patterns or statistical anomalies in the traffic patterns can be defeated by changing the attack patterns and masking the anomalies that are sought by the filter. Hence, detecting DoS traffic is one of the main challenges for filtering techniques. Furthermore techniques that drop any malicious packet need to process the packet and processing is time-consuming. This paper addresses how an efficient and good filter can be designed by helping an overlay network layer to mitigate DoS attacks. Fosel (filtering by helping an overlay security layer) filter is independent from DoS attack types, so we do not worry about the changing attack patterns. Furthermore it reduces processing time noticeably. Through simulation this paper shows by employing Fosel filter, DoS attacks have a negligible chance to saturate the target by malicious packets. Our simulation demonstrates that Fosel architecture reduces the probability of successful attack to minuscule levels. Furthermore Fosel is between 10% and 50% faster than SOS (secure overlay services) (Keromytis et al., 2002) architecture to drop malicious packets based on attack rate. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Execution Patterns in Automatic Malware and Human-Centric Attacks

    Publication Year: 2008 , Page(s): 29 - 36
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (401 KB) |  | HTML iconHTML  

    With the massive surges of new malware, the intuitive detection techniques currently used in most security tools deem ineffective. Consequently, we urgently need better solutions that are established on solid theoretical basis. It becomes, thus, necessary to search for more efficient techniques and algorithms as well as taxonomies and models for attacks and malware. We present, in this paper, the analysis we made on both automatic malware and human-centric attacks, which allowed us to construct a model for attack process. The main objective of this work is to construct a model that can aide in the generation of real attack scenarios and use it in the evaluation of Intrusion Detection Systems. However, the model described here could have many other potential uses. For example, it can be used for writing "execution- based" signatures, event correlation, penetration testing, security simulations as well as security educations. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Finite Memory: A Vulnerability of Intrusion-Tolerant Systems

    Publication Year: 2008 , Page(s): 37 - 44
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (235 KB) |  | HTML iconHTML  

    In environments like the Internet, faults follow unusual patterns, dictated by the combination of malicious attacks with accidental faults such as long communication delays caused by temporary network partitions. In this scenario, attackers can force buffer overflows in order to leave the system in an inconsistent state or to prevent it from doing progress, causing a denial of service. This paper is about the effects that finite memory has on intrusion-tolerant protocols and systems. We present the problem and propose a generic mitigation technique based on repair nodes that reduces the buffer space requirements. An experimental evaluation of the buffer usage with and without this technique is presented, allowing to assess in practice the effects of finite memory in a real, albeit simple, intrusion-tolerant system. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • FaSReD: Fast and Scalable Resource Discovery in Support of Multiple Resource Range Requirements for Computational Grids

    Publication Year: 2008 , Page(s): 45 - 51
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (379 KB) |  | HTML iconHTML  

    Distributed grid resource discovery (ReD) systems lack the ability to adapt efficiently to an increase in the number of attributes. The main contribution of this paper is a fast and scalable ReD mechanism, dubbed FaSReD, which composes a resource key via bit string encoding. We establish close-to-optimal FaSReD and a lower bound on the mean number of search hops under FaSReD. Through extensive simulation, our ReD is demonstrated to accommodate effectively an increase in the number of attributes with respect to such performance metrics as overlay hops, total messages, mean query response time, and throughput. FaSReD is further shown to outperform the leading prior distributed ReD range query schemes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Fast and Robust Content-based Publish/Subscribe Architecture

    Publication Year: 2008 , Page(s): 52 - 59
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (363 KB) |  | HTML iconHTML  

    We present cluster-based publish/subscribe, a novel architecture that is not only resilient to event broker failures but also provides load balancing and fast event dissemination service. Our proposed approach achieves fault tolerance by organizing event brokers in clusters. Multiple inter-cluster links provide continuous availability of dissemination service in presence of broker failure without requiring subscription retransmission or reconstruction of broker overlay. Furthermore, the proposed architecture provides a fast event dissemination infrastructure that significantly reduces subscription and publication dissemination traffic and load on event brokers. Our experimental results show that even in the presence of failures in broker network, event dissemination is not interrupted and dissemination speed and load are significantly improved compared to the existing approached. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Network Planning Optimization for Multimedia Networks

    Publication Year: 2008 , Page(s): 60 - 67
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (329 KB) |  | HTML iconHTML  

    This work presents a planning methodology for multimedia networks based on a hybrid traffic model and an evolutionary optimization procedure. The methodology intends to optimize the sizing of network elements to comply with two QoS simultaneous network parameters as well as to promote network stability and cost efficiency. The hybrid traffic model deals with the multimedia network traffic as a combination of fBm (fractional Brownian motion) and Markovian process. Also, the model considers the links loads and variance coefficients to produce more accurate Qos metrics values for network delay and packet loss probability. The traffic model characterization accuracy was evaluated with an optimization procedure that sizes network elements to fulfill performance and cost requirements. The simulation's results show that the methodology may have a practical use for sizing network elements and promoting stability. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • User Profile-Based Authorization Policies for Network QoS Services

    Publication Year: 2008 , Page(s): 68 - 75
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (254 KB) |  | HTML iconHTML  

    Recent papers propose QoS solutions allowing the users to explicitly specify the quality level they request during a so-called explicit QoS service invocation that includes dynamic QoS offering and new mechanisms for authentication, authorization and accounting. In particular, organizations should be able to control their network services and authorize QoS services based on service parameters, as destination addresses, applications and employeespsila roles. Therefore, user profile-based authorization policies for explicit QoS service invocations should be adopted. Each user profile indicates the services that the user is authorized to request, their consumption limits and scope. This paper deals with the authorization of explicit QoS services invocations and proposes a user profile model for profile-based authorization of QoS services. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Multicoordinated Agreement Protocols for Higher Availabilty

    Publication Year: 2008 , Page(s): 76 - 84
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (316 KB) |  | HTML iconHTML  

    Adaptability and graceful degradation are important features in distributed systems. Yet, consensus and other agreement protocols, basic building blocks of reliable distributed systems, lack these features and must perform expensive reconfiguration even in face of single failures. In this paper we describe multicoordinated mode of execution for agreement protocols that has improved availability and tolerates failures in a graceful manner. We exemplify our approach by presenting a generic broadcast algorithm. Our protocol can adapt to environment changes by switching to different execution modes. Finally, we show how our algorithm can solve the generalized consensus and its many instances (e.g., consensus and atomic broadcast). View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A New Minimum Density RAID-6 Code with a Word Size of Eight

    Publication Year: 2008 , Page(s): 85 - 92
    Cited by:  Papers (9)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (295 KB) |  | HTML iconHTML  

    RAID-6 storage systems protect k disks of data with twoparity disks so that the system of k+2 disks may toleratethe failure of any two disks. Coding techniques for RAID-6 systems are varied, but an important class of techniquesare those with minimum density, featuring an optimalcombination of encoding, decoding and modificationcomplexity. The word size of a code impacts both how thecode is laid out on each disk's sectors and how large k canbe. Word sizes which are powers of two are especiallyimportant, since they fit precisely into file systemblocks. Minimum density codes exist for many word sizeswith the notable exception of eight. This paper fills thatgap by describing new codes for this important word size.The description includes performancencoding,e properties as well asdetails of the discovery process. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Generalizing RDP Codes Using the Combinatorial Method

    Publication Year: 2008 , Page(s): 93 - 100
    Cited by:  Papers (8)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (464 KB) |  | HTML iconHTML  

    In this paper, we present PDH Latin - a new class of 2-erasure horizontal codes with dependent parity symbols based on column-Hamiltonian Latin squares (CHLS). We prove that PDH Latin codes are MDS codes. We also present a new class of 2-erasure parity independent mixed codes based on CHLS - PIMLatin. We show that the performance of the new codes is comparable to or better than other codes of this kind. They have perfect parameter flexibility and structure variety that benefit performance. We also discuss code shortening technologies that can improve parameter flexibility, structure variety and reliability. Borrowing ideas from vertical shortening, we develop a 2-erasure array code construction method using non-Hamiltonian Latin squares. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Flexible Parameterization of XOR based Codes for Distributed Storage

    Publication Year: 2008 , Page(s): 101 - 110
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (245 KB) |  | HTML iconHTML  

    Distributed storage systems apply erasure-tolerant codes to guarantee reliable access to data despite failures of storage resources. While many codes can be mapped to XOR operations and efficiently implemented on common microprocessors, only a certain number of codes are usually implemented in a certain system (out of a wide variety of different codes). The ability to include new codes easily, to exchange codes and finally to select codes for several types of data is desirable. To provide this flexibility, a parameterization is used which allows the definition of different XOR based codes, and beyond different styles of en- and decoding. The parameters include (i) the assignment of data and redundancy elements to the storage resources and (ii) a description of en- and decoding algorithms with XOR based equations. The parameters of a certain code can be changed and in addition a wide variety of codes can be described and included in a storage system implementation. The proposed parameterization adopts the ability of codes like EVEN- ODD, Cauchy-R/S and Hover codes to map to distributed resources. Furthermore, en- and decoding algorithms can be described differently, either for minimal coding cost or for minimal coding time on parallel systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Supporting Concurrent Task Deployment Wireless Sensor Networks

    Publication Year: 2008 , Page(s): 111 - 118
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (503 KB) |  | HTML iconHTML  

    Deploying large-scale sensor networks involves the programming of many devices based on a desired mission. Techniques for reprogramming devices in situ have been investigated to mitigate the effort required when program updates are required or when the mission of the system changes. We consider a technique that is intended to support multiple concurrent missions by the system by exploiting available resources of the sensor network. In essence, our model is based on a tasking scheme, a common framework for the interchange and instantiation of tasks on multiple devices, and the use of attributes defining the resources in the system. A prototype system has been implemented to demonstrate and validate the concepts using the Imote2, a 32-bit mote architecture that has been configured with embedded Linux enabled with Java. Several applications have been rendered as tasks that are injected into a multi-node sensor network. Results demonstrate the support of concurrent overlaid applications in the system permitting task injection, maintenance, and termination. Performance evaluation of the scheme indicates benefits over an epidemic model of code dissemination. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.