By Topic

DARPA Active NEtworks Conference and Exposition, 2002. Proceedings

Date 30-30 May 2002

Filter Results

Displaying Results 1 - 25 of 39
  • Proceedings DARPA Active Networks Conference and Exposition

    Publication Year: 2002
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (356 KB)  

    The following topics were dealt with: active network programming; active node architectures; active network architecture; active network security; execution environments; active services; and active network testbed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2002 , Page(s): 555 - 556
    Save to Project icon | Request Permissions | PDF file iconPDF (187 KB)  
    Freely Available from IEEE
  • Experience with active congestion control

    Publication Year: 2002 , Page(s): 132 - 142
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (293 KB) |  | HTML iconHTML  

    Active congestion control (ACC) applies active networking to feedback congestion control in a high bandwidth-delay product network, shortening the feedback loop by filtering traffic in the network near congestion. This paper describes recent simulation results showing the function of the system in TCP networks across a range of bandwidth-delay products. It also discusses the implementation of another version of the system in the ASP EE, an active networking execution environment implemented at USC/ISI. An assessment of ACC overhead in that implementation is made. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Scalable fair multicast using active services

    Publication Year: 2002 , Page(s): 333 - 343
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (549 KB) |  | HTML iconHTML  

    Scalability is of paramount importance in the design of reliable multicast transport protocols, and requires a careful consideration of a number of problems such as feedback implosion, retransmission scoping, distributed loss recovery, and congestion control. We present a reliable multicast architecture that invokes active services at strategic locations inside the network to comprehensively address these challenges. Active services provide the ability to quickly and efficiently recover from loss at the point of loss. They also exploit the physical hierarchy for feedback aggregation and effective retransmission scoping with minimal router support. We present two protocols, one for packet loss recovery and another for congestion control, and describe an experimental testbed where these have been implemented. Analytical and experimental results are used to demonstrate that the active services architecture improves resource usage, reduces latency for loss recovery and provides "TCP-friendly" congestion control View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Experiences with capsule-based active networking

    Publication Year: 2002 , Page(s): 16 - 24
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (245 KB) |  | HTML iconHTML  

    Active networking adds programmability to the elements of the network, most aggressively by using programmable packets, or capsules. ANTS [22, 21] and PLANet [10, 8] are the most mature examples of capsule-based systems, both having been publicly available for several years. This paper presents our experience with these systems and the lessons they hold for the future of capsule-based active networking. The paper focuses on four key issues: flexibility, performance, security, and usability. We consider how ANTS and PLANet address these issues, noting that despite substantial surface differences, both systems identify similar key problems and use closely related solutions. Based on our experience with these systems we conclude that capsule-based systems can achieve useful levels of flexibility, performance, and usability. Many aspects of security can also be adequately addressed, but some important problems related to denial of service remain as open problems View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SANDS: Specialized Active Networking for Distributed Simulation

    Publication Year: 2002 , Page(s): 356 - 365
    Cited by:  Papers (6)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (286 KB) |  | HTML iconHTML  

    We provide an overview of SANDS (Specialized Active Networking for Distributed Simulation), a DARPA-ITO sponsored research project that is using active networking to develop a new approach to real-time, content-based information dissemination. Our approach is based on the use of active interest filtering, a publish/subscribe mechanism that uses active networks technology to install and control dynamically-established content-based filters in intermediate active routers in an IP multicast distribution tree. Active filters prune unneeded information as early as possible in the distribution tree, ensuring that only data desired (i.e., subscribed to) by a receiver actually reaches that receiver. We describe active interest filtering, the per-node algorithms that implement active filtering, and the signaling protocol that installs interest filter state in the active routers. We describe our prototype implementation effort and present measurements from a working prototype that demonstrate the advantages of active interest filtering in a large-scale ModSAF distributed simulation scenario View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Developing dynamic security policies

    Publication Year: 2002 , Page(s): 204 - 215
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (344 KB) |  | HTML iconHTML  

    In this paper we define and provide a general construction for a class of policies we call dynamic policies. In most existing systems, policies are implemented and enforced by changing the operational parameters of shared system objects. These policies do not account for the behavior of the entire system, and enforcing these policies can have unexpected interactive or concurrent behavior. We present a policy specification, implementation, and enforcement methodology based on formal models of interactive behavior and satisfiability of system properties. We show that changing the operational parameters of our policy implementation entities does not affect the behavioral guarantees specified by the properties. We demonstrate the construction of dynamic access control policies based on safety property specifications and describe an implementation of these policies in the Seraphim active network architecture. We present examples of reactive security systems that demonstrate the power and dynamism of our policy implementations. We also describe other types of dynamic policies for information flow and availability based on safety, liveness, fairness, and other properties. We believe that dynamic policies are important building blocks of reactive security solutions for active networks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A framework for building complex netcentric systems on Active Network

    Publication Year: 2002 , Page(s): 409 - 426
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (841 KB) |  | HTML iconHTML  

    Active applications can add value to communication. Yet it involves sophisticated domain knowledge and complex development process. In this paper we discuss a framework for the construction of complex active network applications. Its design motivation is to enable an expert to develop complex active applications as a value added communication service and make it available for repeated use by the end-applications. As a test case we select a self-organizing adaptive video transcoding channel. This multi-component multi-tier novel active application enables video to propagate over extreme network with highly asymmetric link and node capacity. At the same time it offers a unified channel abstraction to its service subscriber. In this paper we focus how this channel abstraction can be composed within the proposed active service composition framework. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • ActiveCast: toward application-friendly active network services

    Publication Year: 2002 , Page(s): 274 - 290
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (386 KB) |  | HTML iconHTML  

    The next step in the evolution of active networks - one that will support radical new uses of the network and increased scalability - is to package the power of a programmable network platform into customizable active services that are easy for applications to use. The Activecast project has developed and is evaluating a set of active services that will not only enhance the "application-friendliness" of active networks, but will also improve the scalability and usability of networks in general. This paper discusses the challenges of programming active networks and then presents four new active network services, PAM-cast, Concast, ESP, and LWP, that simplify the task of programming active networks. PAMcast services allow messages to be sent to any node(s) satisfying a set of user-supplied selection criteria. The Concast service provides the logical inverse of multicast, gathering and merging data from a set of senders. Finally, the ESP and LWP services provide extremely lightweight building-blocks on which additional higher-level semantic services can be constructed. For each service, we describe the service abstraction, the ways in which users can customize the service, and its ease of use (i.e., how the customized service is automatically distributed across and "programmed" into the network on the user's behalf). We also present results from simulation models and actual implementations of the new services that demonstrate the scalability and performance of the services View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Resource adaptive netcentric systems on active network: a self-organizing video stream that auto morphs itself while in transit via a quasi-active network

    Publication Year: 2002 , Page(s): 427 - 443
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (752 KB) |  | HTML iconHTML  

    We discuss the issues that a network adaptive application faces on current network infrastructure and the role a programmable network such as the active network can play in facilitating them. We present a novel cognizant video transcoding system, which is capable of negotiating local network state based rate and let the video propagate over an extreme network with highly asymmetric link and node capacities. For core operation of rate transformation it utilizes knowledge at three levels - about the network, about the content protocol and about the content itself. As a platform the stream uses the computing power of a quasi-active network. As a result the passing video stream appears as a self-organizing stream, which automatically senses the network asymmetry and adapts itself as the packets diffuse via the active subnet. We discuss the issues of network adaptation with the exposition of this novel diffusion computing over a quasi-active network. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Scalable time management algorithms using active networks for distributed simulation

    Publication Year: 2002 , Page(s): 366 - 378
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (844 KB) |  | HTML iconHTML  

    This paper investigates time management for distributed simulations in active networks. Time management is essentially the computation of the Lower Bound Time Stamp (LBTS) across federates in a distributed simulation, including in-transit (in-flight) messages. We show that the LBTS computation is an instance of the Distributed Termination Detection (DTD) problem and how DTD algorithms can be applied to LBTS in an active network. These algorithms are potentially much more efficient than traditional LBTS algorithms that rely on point-to-point communication. We introduce the Distinguished Root Node algorithm that can compute LBTS in O(log n) time in general network topologies using a prototype implemented in Java. Experimental results are reported for the Active Time Management Daemon prototype implementation in (1) a simple testbed configuration, (2) a larger cluster environment, (3) an ns-2 simulation of very large configurations, and (4) integrated into an actual HLA-compliant run-time and simulation. While active network algorithms have the potential for improved functionality and superior performance, this potential will only be fully realized when "native" implementations are possible. For wide-scale deployment, real-world issues such as reliable delivery dynamic routing topologies, security and fault tolerance will have to be systematically addressed Also, in the area of distributed computing known as grid computing, the management of distributed resources is a key issue. Hence, we plan to use the grid computing infrastructure to manage overlays and facilitate the use of active networks by large-scale, distributed grid applications. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Practical active network services within content-aware gateways

    Publication Year: 2002 , Page(s): 344 - 354
    Cited by:  Papers (2)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (476 KB) |  | HTML iconHTML  

    The Internet has seen an increase in complexity due to the introduction of new types of networking devices and services, particularly at points of discontinuity known as network edges. As the networking industry continues to add revenue generating services at network edges, there is an increasing need to provide a systematic method for dynamically introducing and providing these new services in lieu of the ad-hoc approach that is in use today. To this end we support a phased approach to "activating" the Internet and suggest that there exists an immediate need for realizing active networks concepts at the network edges. In this context, we present our efforts towards the development of a content-aware active gateway (CAG) architecture. With the help of two practical services running on our initial prototype, built from commercial networking devices, we give a qualitative and quantitative view of the CAG potential View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A prototype framework for providing hop-by-hop security in an experimentally deployed active network

    Publication Year: 2002 , Page(s): 216 - 222
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (248 KB) |  | HTML iconHTML  

    Realizing large-scale active networks is heavily contingent upon addressing security concerns at the outset. Various approaches have been taken toward integrating security within an active node, each defining the mechanisms required to be in place within the node OS or the execution environment in order to provide security guarantees within the system. An acceptable short-term solution to security while deploying an active network in practical testbeds such as the Abone is to divide security concerns into two classes: hop-by-hop and end-to-end. This paper describes an architecture for setting up hop-by-hop packet authentication and integrity using non-active, "off-the-shelf" security components. The intent is for the framework to be generic enough to serve as an aid in securely deploying any new technology requiring mediated node-node security associations including, but not limited to active networks View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Application deployment in virtual networks using the X-Bone

    Publication Year: 2002 , Page(s): 484 - 491
    Cited by:  Papers (4)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (399 KB) |  | HTML iconHTML  

    This paper describes a framework for application deployment within virtual networks using X-Bone. The framework supports deployment of arbitrary applications and allows users to configure the runtime environment by executing user-provided scripts instead of hard-coding application commands into the system. It also automates the process of constructing virtual networks and deploying applications by using X-Bone. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evolution of an active networks testbed

    Publication Year: 2002 , Page(s): 446 - 465
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (319 KB) |  | HTML iconHTML  

    This paper explores the requirements for a network testbed designed specifically to support research in active networking. It also describes the design of the wide-area active networks testbed named the ABone. The ABone provides a virtual and real network infrastructure for active network experiments, using a diverse set of OS platforms. Its design embodies a tradeoff among the testbed goals of scalability, availability, security, heterogeneity, and modularity. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An active networking approach to service customization

    Publication Year: 2002 , Page(s): 305 - 318
    Cited by:  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (309 KB) |  | HTML iconHTML  

    Active networking is a powerful technology to insert new functionality into networking. We look at how active networking technology can be used to customize network services. We observe that users often want slightly different versions of network services such as multicast and network quality of service. We propose to implement these services as a base service that provides the basic service functionality and a customization code module that allows users to customize the service. The customization module uses a service-specific API to modify service behavior. We compare this architecture with the traditional active networking architecture based on execution environments and active applications. We also present several examples of customizable network services View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An adaptable network control and reporting system (ANCORS)

    Publication Year: 2002 , Page(s): 466 - 483
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (544 KB) |  | HTML iconHTML  

    We present ANCORS, an adaptable network control and reporting system that merges technology from network management and distributed simulation to provide a unified paradigm for assessing, controlling, and designing active networks. ANCORS introduces a framework to assist in managing the substantial complexities of software reuse and scalability in active network environments. Specifically, ANCORS provides an extensible approach to the dynamic integration, management, and runtime assessment of various network protocols in live network operations. We present some of the advantages that can be obtained by merging technology from network management, distributed simulation, and active networking, and describe how ANCORS leverages complementary elements of each. We describe ANCORS's network engineering support to enable efficient, high-fidelity distributed simulation of networking software. We then use ANCORS to perform a quantitative study of the Random Drop SYN attack defense mechanism. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • AMP: experiences with building an exokernel-based platform for active networking

    Publication Year: 2002 , Page(s): 77 - 91
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (293 KB) |  | HTML iconHTML  

    This paper summarizes and discusses the AMP project. The goal was to develop the OS infrastructure upon which an active network could be built. The AMP platform provides active code with efficient and controlled access to physical resources and provides separation between concurrent active flows. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • CANEs: an execution environment for composable services

    Publication Year: 2002 , Page(s): 255 - 272
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (317 KB) |  | HTML iconHTML  

    Active networks represent a change in network paradigm from a static, one-size-fits-all packet-transport service to a flexible platform capable of being programmed to provide new services. Active networks will allow rapid deployment of new and complex network services. An important property of an active network API is the support it provides for composing complex services out of components. An efficient and robust composition mechanism is essential for incremental development of useful services. We describe the CANEs Active Networking Environment. CANEs is an EE (Execution Environment) specifically built for composing services within the network. We discuss the design philosophy behind CANEs, describe the formal model which the composition mechanism is based upon, and detail the current CANEs implementation View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards self-configuring networks

    Publication Year: 2002 , Page(s): 143 - 156
    Cited by:  Papers (8)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (532 KB) |  | HTML iconHTML  

    Current networks require ad-hoc operating procedures by expert administrators to handle changes. These configuration management operations are costly and error prone. Active networks involve particularly fast dynamics of change that cannot depend on operators and must be automated. This paper describes an architecture called NESTOR that seeks to replace labor-intensive configuration management with one that is automated and software-intensive. Network element configuration state is represented in a unified object-relationship model. Management is automated via policy rules that control change propagation across model objects. Configuration constraints assure the consistency of model transactions. Model objects are stored in a distributed repository supporting atomicity and recovery of configuration change transactions. Element adapters are responsible for populating the repository with configuration objects, and for pushing committed changes to the underlying network elements. NESTOR has been implemented in two complementary versions and is now being applied to automate several configuration management scenarios of increasing complexity, with encouraging results View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Active network monitoring and control: the SENCOMM architecture and implementation

    Publication Year: 2002 , Page(s): 379 - 393
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (287 KB) |  | HTML iconHTML  

    We present the architecture, design, and implementation of SENCOMM (smart environment for network control, monitoring and management). SENCOMM uses active network technology to comprise a management execution environment (SMEE), which coexists with other execution environments (EEs). Management applications, called smart probes, run in the SMEE. A probe and its data are mobile executable code that are delivered to the active node within an active network encapsulation protocol (ANEP) datagram. Our architecture is designed to actively control, monitor, and manage both conventional and active networks, and be incrementally deployed in existing networks. We present a set of goals, a design philosophy, and a set of basic requirements for controlling, monitoring, and managing networks using the active network technology. We discuss the operation and components of SENCOMM:. the management EE, a protocol, smart probes, and loadable libraries. We discuss the implementation issues uncovered in integrating SENCOMM into a selected EE and the decisions made to resolve them View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Active network vision and reality: lessons from a capsule-based system

    Publication Year: 2002 , Page(s): 25 - 40
    Cited by:  Papers (22)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (321 KB) |  | HTML iconHTML  

    Although active networks have generated much debate in the research community on the whole there has been little hard evidence to inform this debate. This paper aims to redress the situation by reporting what we have learned by designing, implementing and using the ANTS active network toolkit over the past two years. At this early stage, active networks remain an open research area. However, we believe that we have made substantial progress towards providing a more flexible network layer while at the same time addressing the performance and security concerns raised by the presence of mobile code in the network. In this paper, we argue our progress towards the original vision and the difficulties that we have not yet resolved in three areas that characterize a "pure" active network: the capsule model of programmability; the accessibility of that model to all users; and the applications that can be constructed in practice View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Maude as a wide-spectrum framework for formal modeling and analysis of active networks

    Publication Year: 2002 , Page(s): 494 - 510
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (324 KB) |  | HTML iconHTML  

    Modeling and formally analyzing active network systems and protocols is quite challenging, due to their highly dynamic nature and the need for new network models. We propose a wide-spectrum methodology using executable rewriting logic specifications to address this challenge. We also show how, using the Maude rewriting logic language and tools, active network systems, languages, and protocols can be formally specified and analyzed using a wide range of formal methods. Benefits include precise documentation of designs, early discovery of many bugs and omissions, and higher assurance of correct behavior. In this paper we illustrate these methods and their practical usefulness through two case studies: the AER/NCA protocol suite and the PLAN active networks language View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards an active network architecture

    Publication Year: 2002 , Page(s): 2 - 15
    Cited by:  Papers (9)  |  Patents (6)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (302 KB) |  | HTML iconHTML  

    Active networks allow their users to inject customized programs into the nodes of the network. An extreme case, in which we are most interested, replaces packets with "capsules" - program fragments that are executed at each network router/switch they traverse. Active architectures permit a massive increase in the sophistication of the computation that is performed within the network. They enable new applications, especially those based on application-specific multicast, information fusion, and other services that leverage network-based computation and storage. Furthermore, they will accelerate the pace of innovation by decoupling network services from the underlying hardware and allowing new services to be loaded into the infrastructure on demand. In this paper, we describe our vision of an active network architecture, outline our approach to its design, and survey the technologies that can be brought to bear on its implementation. We propose that the research community mount a joint effort to develop and deploy a wide area ActiveNet View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modeling CPU demand in heterogeneous active networks

    Publication Year: 2002 , Page(s): 511 - 533
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (661 KB) |  | HTML iconHTML  

    Active-network technology envisions deploying execution environments in network elements so that application-specific processing can be applied to network traffic. To provide safety and efficiency, individual nodes must include mechanisms to manage resource use. This implies that nodes must understand resource demands associated with specific traffic. Well-accepted metrics exist for expressing bandwidth (bits per second) and memory (bytes) in units independent of particular nodes. Unfortunately, no well-accepted, platform-independent metric exists to express processing demands. This paper describes and evaluates an approach to model processing demand for active packets in a form interpretable among heterogeneous nodes in an active network. The paper applies the model in two applications: controlling the use of CPU and predicting CPU demand. The model yields improved performance when compared against the approach currently used in many execution environments. The paper also discusses the limits of the proposed model, and outlines future research that might lead to improved outcomes View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.