By Topic

Parallel and Distributed Systems, IEEE Transactions on

Issue 12 • Date Dec. 2007

Filter Results

Displaying Results 1 - 16 of 16
  • [Front cover]

    Page(s): c1
    Save to Project icon | Request Permissions | PDF file iconPDF (97 KB)  
    Freely Available from IEEE
  • [Inside front cover]

    Page(s): c2
    Save to Project icon | Request Permissions | PDF file iconPDF (81 KB)  
    Freely Available from IEEE
  • Collaborative Detection of DDoS Attacks over Multiple Network Domains

    Page(s): 1649 - 1662
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2745 KB) |  | HTML iconHTML  

    This paper presents a new distributed approach to detecting DDoS (distributed denial of services) flooding attacks at the traffic-flow level The new defense system is suitable for efficient implementation over the core networks operated by Internet service providers (ISPs). At the early stage of a DDoS attack, some traffic fluctuations are detectable at Internet routers or at the gateways of edge networks. We develop a distributed change-point detection (DCD) architecture using change aggregation trees (CAT). The idea is to detect abrupt traffic changes across multiple network domains at the earliest time. Early detection of DDoS attacks minimizes the floe cling damages to the victim systems serviced by the provider. The system is built over attack-transit routers, which work together cooperatively. Each ISP domain has a CAT server to aggregate the flooding alerts reported by the routers. CAT domain servers collaborate among themselves to make the final decision. To resolve policy conflicts at different ISP domains, a new secure infrastructure protocol (SIP) is developed to establish mutual trust or consensus. We simulated the DCD system up to 16 network domains on the Cyber Defense Technology Experimental Research (DETER) testbed, a 220-node PC cluster for Internet emulation experiments at the University of Southern California (USC) Information Science Institute. Experimental results show that four network domains are sufficient to yield a 98 percent detection accuracy with only 1 percent false-positive alarms. Based on a 2006 Internet report on autonomous system (AS) domain distribution, we prove that this DDoS defense system can scale well to cover 84 AS domains. This security coverage is wide enough to safeguard most ISP core networks from real-life DDoS flooding attacks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Scalable Live Streaming Service Based on Interoverlay Optimization

    Page(s): 1663 - 1674
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2918 KB) |  | HTML iconHTML  

    In order to provide scalable live-streaming services, we propose an Inter-Overlay Optimization scheme, IOO. Instead of selecting better paths in the same overlay, IOO constructs efficient paths using peers in different overlays, so as to (i) improve global resource utilization of P2P streaming networks; (ii) assign resources based on their locality and delay; (iii) guarantee streaming service quality by using the nearest peers, even when such peers might belong to different overlays; and (iv) balance the load among the group (streaming overlay) members. We compare the performance of IOO with existing approaches through trace driven simulations. Results show that IOO outperforms previous schemes in terms of resource utilization and the QoS of streaming services. IOO scheme has been implemented in an Internet based live streaming system, called AnySee. AnySee was successfully released in the summer of 2004 in CERNET of China. Over 60,000 users enjoy massive entertainment programs, including TV programs, movies, and academic conferences videos. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Design of Adaptive and Decentralized Load Balancing Algorithms with Load Estimation for Computational Grid Environments

    Page(s): 1675 - 1686
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2759 KB) |  | HTML iconHTML  

    In this paper, we address several issues that are imperative to grid environments such as handling resource heterogeneity and sharing, communication latency, job migration from one site to other, and load balancing. We address these issues by proposing two job migration algorithms, which are MELISA (modified ELISA) and LBA (load balancing on arrival). The algorithms differ in the way load balancing is carried out and is shown to be efficient in minimizing the response time on large and small-scale heterogeneous grid environments, respectively. MELISA, which is applicable to large-scale systems (that is, interGrid), is a modified version of ELISA in which we consider the job migration cost, resource heterogeneity, and network heterogeneity when load balancing is considered. The LBA algorithm, which is applicable to small-scale systems (that is, intraGrid), performs load balancing by estimating the expected finish time of a job on buddy processors on each job arrival. Both algorithms estimate system parameters such as the job arrival rate, CPU processing rate, and load on the processor and balance the load by migrating jobs to buddy processors by taking into account the job transfer cost, resource heterogeneity, and network heterogeneity. We quantify the performance of our algorithms using several influencing parameters such as the job size, data transfer rate, status exchange period, and migration limit, and we discuss the implications of the performance and choice of our approaches. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Utilizing Binary Rewriting for Improving End-Host Security

    Page(s): 1687 - 1699
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (5290 KB) |  | HTML iconHTML  

    Conventional methods supporting Java binary security mainly rely on the security of the host Java Virtual Machine (JVM). However, malicious Java binaries keep exploiting the vulnerabilities of JVMs, escaping their sandbox restrictions and allowing attacks on end-user systems. Administrators must confront the difficulties and dilemmas brought on by security upgrades. On the other hand, binary rewriting techniques have been advanced to allow users to enforce security policies directly on the mobile code. They have the advantages of supporting a richer set of security policies and a self-constrained written code. However, the high administrative and performance overhead caused by security configuration and code rewriting have prevented rewriters from becoming a practical security tool. In this paper, we address these problems by integrating binary code rewriters with Web caching proxies and build the security system called PB-JARS, a Proxy-based JAva Rewriting System. PB-JARS works as a complimentary system to existing JVM security mechanisms by placing another line of defense between users and their end-user systems. It gives system administrators centralized security control and management for the mobile code and security policies. We evaluated PB-JARS using a real Java binary traffic model derived from analyzing real Web trace records. Our results show that adding binary rewriting to a Web caching system can be very efficient in improving end-host security at a low cost. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Solving Computation Slicing Using Predicate Detection

    Page(s): 1700 - 1713
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1946 KB) |  | HTML iconHTML  

    Given a distributed computation and a global predicate, predicate detection involves determining whether there exists at least one consistent cut (or global state) of the computation that satisfies the predicate. On the other hand, computation slicing is concerned with computing the smallest subcomputation (with the least number of consistent cuts) that contains all consistent cuts of the computation satisfying the predicate. In this paper, we investigate the relationship between predicate detection and computation slicing and show that the two problems are actually equivalent. Specifically, given an algorithm to detect a predicate b in a computation C, we derive an algorithm to compute the slice of C with respect to b. The time complexity of the (derived) slicing algorithm is O(n|E|T), where n is the number of processes, E is the set of events, and O(T) is the time complexity of the detection algorithm. We discuss how the "equivalence" result of this paper can be utilized to derive a faster algorithm for solving the general predicate detection problem in many cases. Slicing algorithms described in our earlier papers are all offline in nature. In this paper, we also present two online algorithms for computing the slice. The first algorithm can be used to compute the slice for a general predicate. Its amortized time complexity is O(n(c + n)T) per event, where c is the average concurrency in the computation and O(T) is the time complexity of the detection algorithm. The second algorithm can be used to compute the slice for a regular predicate. Its amortized time complexity is only O(n2) per event. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A New Cost-Effective Technique for QoS Support in Clusters

    Page(s): 1714 - 1726
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2663 KB) |  | HTML iconHTML  

    Virtual channels (VCs) are a popular solution for the provision of quality of service (QoS). Current interconnect standards propose 16 or even more VCs for this purpose. However, most implementations do not offer so many VCs because it is too expensive in terms of silicon area. Therefore, a reduction of the number of VCs necessary to support QoS can be very helpful in the switch design and implementation. In this paper, we show that this number of VCs can be reduced if the system is considered as a whole rather than each element being taken separately. The scheduling decisions made at network interfaces can be easily reused at switches without significantly altering the global behavior. In this way, we obtain a noticeable reduction of silicon area, component count and, thus, power consumption, and we can provide similar performance to a more complex architecture. We also show that this is a scalable technique, suitable for the foreseen demands of traffic. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fault Tolerant Interleaved Switching Fabrics For Scalable High-Performance Routers

    Page(s): 1727 - 1739
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2786 KB)  

    Scalable high-performance routers and switches are required to provide a larger number of ports, higher throughput, and good reliability. Most of today's routers and switches are implemented using single crossbar as the switched fabric. The single crossbar complexity increases at O(N2) in terms of crosspoint number, which might become unacceptable for scalability as the port number (N) increases. A delta class self-routing multistage interconnection network (MIN) with the complexity of O(N times log2N) has been widely used in the asynchronous transfer mode switches. However, the reduction of the crosspoint number results in considerable internal blocking. A number of scalable methods have been proposed to solve this problem. One of them uses more stages with recirculation architecture to reroute the deflected packets, which greatly increase the latency. In this paper, we propose an interleaved multistage switching fabrics architecture and assess its throughput with an analytical model and simulations. We compare this novel scheme with some previous parallel architectures and show its benefits. From extensive simulations under different traffic patterns and fault models, our interleaved architecture achieves better performance than its counterpart of single panel fabric. Our interleaved scheme achieves speedups (over the single panel fabric) of 3.4 and 2.25 under uniform and hot-spot traffic patterns, respectively, at maximum load (p = 1). Moreover, the interleaved fabrics show great tolerance against internal hardware failures. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A New Task Graph Model for Mapping Message Passing Applications

    Page(s): 1740 - 1753
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (3627 KB) |  | HTML iconHTML  

    The exploitation of parallelism in a message passing platform implies a previous modeling phase of the parallel application as a task graph, which properly reflects its temporal behavior. In this paper, we analyze the classical task graph models of the literature and their drawbacks when modeling message passing programs with an arbitrary task structure. We define a new task graph model called temporal task interaction graph (TTIG) that integrates the classical models used in the literature. The TTIG allows us to explicitly capture the ability of concurrency of adjacent tasks for applications where adjacent tasks can communicate at any point inside them. A mapping strategy is developed from this model, which minimizes the expected execution time by properly exploiting task parallelism. The effectiveness of this approach has been proved in different experimentation scopes for a wide range of message passing applications. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Routing Queries through a Peer-to-Peer InfoBeacons Network Using Information Retrieval Techniques

    Page(s): 1754 - 1765
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1311 KB) |  | HTML iconHTML  

    In the InfoBeacons system, a peer-to-peer network of beacons cooperates to route queries to the best information sources. Many internet sources are unwilling to provide more cooperation than simple searching to aid in the query routing.We adapt techniques from information retrieval to deal with this lack of cooperation. In particular, beacons determine how to route queries based on information cached from sources’ responses to queries. In this paper, we examine alternative architectures for routing queries between beacons and to data sources. We also examine how to improve the routing by probing sources in an informed way to learn about their content. Results of experiments using a beacon network to search 2,500 information sources demonstrates the effectiveness of our system; for example, our techniques require contacting up to 71 percent fewer sources than existing peer-to-peer random walk techniques. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • ASAP: An Adaptive Sampling Approach to Data Collection in Sensor Networks

    Page(s): 1766 - 1783
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2824 KB) |  | HTML iconHTML  

    One of the most prominent and comprehensive ways of data collection in sensor networks is to periodically extract raw sensor readings. This way of data collection enables complex analysis of data, which may not be possible with in-network aggregation or query processing. However, this flexibility in data analysis comes at the cost of power consumption. In this paper, we develop ASAP, which is an adaptive sampling approach to energy-efficient periodic data collection in sensor networks. The main idea behind ASAP is to use a dynamically changing subset of the nodes as samplers such that the sensor readings of the sampler nodes are directly collected, whereas the values of the nonsampler nodes are predicted through the use of probabilistic models that are locally and periodically constructed. ASAP can be effectively used to increase the network lifetime while keeping the quality of the collected data high in scenarios where either the spatial density of the network deployment is superfluous, which is relative to the required spatial resolution for data analysis, or certain amount of data quality can be traded off in order to decrease the power consumption of the network. The ASAP approach consists of three main mechanisms: First, sensing-driven cluster construction is used to create clusters within the network such that nodes with close sensor readings are assigned to the same clusters. Second, correlation-based sampler selection and model derivation are used to determine the sampler nodes and to calculate the parameters of the probabilistic models that capture the spatial and temporal correlations among the sensor readings. Last, adaptive data collection and model-based prediction are used to minimize the number of messages used to extract data from the network. A unique feature of ASAP is the use of in-network schemes, as opposed to the protocols requiring centralized control, to select and dynamically refine the subset of the sensor nodes serving as samplers and to - - adjust the value prediction models used for nonsampler nodes. Such runtime adaptations create a data collection schedule, which is self-optimizing in response to the changes in the energy levels of the nodes and environmental dynamics. We present simulation-based experimental results and study the effectiveness of ASAP under different system settings. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Accurate and Scalable Clock Synchronization Protocol for IEEE 802.11-Based Multihop Ad Hoc Networks

    Page(s): 1797 - 1808
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (2633 KB) |  | HTML iconHTML  

    This paper studies the fundamental problem of clock synchronization in IEEE 802.11-based multihop ad hoc networks. Clock synchronization is important for power saving, network throughput, and efficiency of many protocols in an IEEE 802.11-based mobile ad hoc network. The scalability problem of 802.11 timing synchronization has been studied extensively in single hop ad hoc networks, and good solutions are available. These solutions, however, do not perform well in a multihop environment. A few multihop solutions for clock synchronization have been proposed recently, but the performances are still not very good. The maximum clock offset is still more than 200 mus for these protocols. This paper proposes an adaptive protocol through beacon transmission prioritization, frequency adjustment, and construction of dominating set. The frequency adjustment is proved to be bounded. Simulation studies show that the proposed protocol is able to limit the maximum clock offset to under 50 mus after protocol stabilization. The improvement is more than 400 percent over the current solutions. The proposed protocol also shows great long-term stability, and it handles mobility very well. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • TPDS Information for authors

    Page(s): c3
    Save to Project icon | Request Permissions | PDF file iconPDF (81 KB)  
    Freely Available from IEEE
  • [Back cover]

    Page(s): c4
    Save to Project icon | Request Permissions | PDF file iconPDF (97 KB)  
    Freely Available from IEEE

Aims & Scope

IEEE Transactions on Parallel and Distributed Systems (TPDS) is published monthly. It publishes a range of papers, comments on previously published papers, and survey articles that deal with the parallel and distributed systems research areas of current importance to our readers.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
David Bader
College of Computing
Georgia Institute of Technology