Showing papers by "Djamel Sadok published in 2013"

Comparative study of a Hybrid Model for network traffic identification and its optimization using Firefly Algorithm

Abstract: Considerable effort has been made by researchers in the area of network traffic classification, since the Internet grows exponentially in both traffic volume and number of protocols and applications. The task of traffic identification is a complex task due to the constantly changing Internet and an increase in encrypted data. There are several methods for classifying network traffic such as port-based and Deep Packet Inspection (DPI), but they are not effective since many applications use random ports and the payload could be encrypted. This paper proposes an Optimized Hybrid Model (OHM) that makes use of a rule-based model (Apriori) along with a self-organizing map (SOM) model to tackle the problem of traffic classification without making use of the payload or ports. The proposed method also allows the generation of association rules for new unknown applications and further labeling by experts. Besides that, a optimizer called Firefly Algorithm was also used to enhance the results by optimizing both Apriori and SOM parameters and a comparative study was performed on both optimized and non-optimized models. The OHM showed to be superior to a non-optimized model for both eMule and Skype applications, reaching levels superior to 94% for correctness rate. The OHM was also validated against another model based on computational intelligence, named Realtime, and the OHM proposed in this work presented better results when tested in real time.

Self-organizing strategies for resource management in Cloud Computing: State-of-the-art and challenges

Abstract: Due to the growth of Cloud Computing, the supporting infrastructure has become more complex, and the centralized solutions suffer resource management difficulties due to the large scale and the dynamicity of the scenario. Consequently, distributed solutions have been proposed in the literature and the self-organizing ones have attracted particular interest due to their robustness and adaptability characteristics. Techniques, such as bio-inspired computing, multi-agent systems, and evolutionary techniques are used to manage resources. The main goal of this paper is to present a start study about how self-organizing solutions are applied in resource management of Cloud providers, as well as to highlight the main research challenges in this area.

Multi-gigabit traffic identification on GPU

Abstract: Traffic Identification is a crucial task performed by ISP administrators to evaluate and improve network service quality. Deep Packet Inspection (DPI) is a well-known technique used to identify networked traffic. DPI relies mostly on Regular Expressions (REs) evaluated by Finite Automata. Many previous studies have investigated the impacts on the classification accuracy of such systems when inspecting only a portion of the traffic. However, none have discussed the real impacts on the overall system throughput. This work presents a novel technique to perform DPI on Graphics Processing Units (GPU) called Flow-Based Traffic Identification (FBTI) and a proof-of-concept prototype analysis. Basically we want to increase DPI systems? performance on commodity platforms as well as their capacity to identify networked traffic on high speed links. By combining Deterministic Finite Automaton (DFA) for evaluating REs and flow-level packet sampling we achieve a raw performance of over 60 Gbps on GPUs. Our prototype solution could reach a real throughput of over 12 Gbps, measured as the identified volume of flows.

Optimizing cross traffic with an adaptive CDN replica placement strategy

Abstract: Content Distribution Networks (CDN) are a popular technology used to deliver content and have attracted great interest in recent years. CDNs place content replicas closer to end users by geographically distributing replica servers. One important research point concerning the CDN universe concerns decisions about where replica servers should be placed. Algorithms that try to tackle this problem are Replica Placement Algorithms (RPA). In this paper we propose a new dynamic RPA strategy, very similar to the Greedy strategy, based on the count of data flows through network nodes. Our experiments show better results using the proposed Flow Count Strategy than using Greedy or Hotspot algorithms when considering cross traffic with a similar quality of experience. Also, the obtained results show that Flow Count seems to place replica servers more efficiently during local flash crowd events.

Selecting the most suited cache strategy for specific streaming media workloads

Abstract: Streaming media usage on the Web has recently increased by over 100% a year, and Video-on-Demand applications represent 40% of the Internet traffic. To improve the quality of streaming media delivery, a proxy server using cache strategies placed closer to end users is one of the main solutions used by service providers. The problem faced by cache managers is the difficulty decide, given workload characteristics such as number of objects, popularity distribution, object size etc, which strategy should be used to achieve the best performance. This work presents a deep evaluation of how traditional approaches behave over a wide range of scenarios and suggests which cache strategy should be used, given a specific workload; furthermore, it also introduces two new strategies that perform better than the others in the majority of evaluated scenarios.

On learning how to plan content delivery networks

Abstract: There is a significant lack of integrated Content Delivery Network (CDN) planning tools. P2PCDNSim, a comprehensive CDN simulator, is presented in this work. The result of a three-year project, it allows performance analysis of a wide range of CDN scenarios. The simulator performs similarly to the ns-3 and CDNsim public simulators at the packet and CDN domains respectively. Using CDNP2Psim, highly detailed CDN scenarios can be built and analyzed by an ISP, including customer access such as ADSL link asymmetry and broadband technologies. Overall and cross ISP traffic metrics are captured and shown to the planner in real-time. CDN known metrics, such as the cache hit ratio and startup delay, are also portrayed in real-time. All these metrics are captured during simulation and shown in a multi-layer simulator that can be easily extended and its parts reused. With this simulator, we learned that dynamic selection of a good location for the caches has a great deal of influence on the total network traffic and that traffic asymmetry has a great effect on cross traffic, especially on P2P-based or hybrid CDN-P2P networks. We also learned that a proper evaluation of cache algorithms according to traffic profile can also improve Quality of Experience metrics through selecting the most appropriate algorithm.

A Hybrid Model for Network Traffic Identification Based on Association Rules and Self-Organizing Maps (SOM)

Abstract: Considerable effort has been made by researchers in the area of network traffic classification, since the Internet grows exponentially in both traffic volume and number of protocols and applications. The task of traffic identification is a complex task due to the constantly changing Internet and an increase in encrypted data. There are several methods for classifying network traffic such as known ports and Deep Packet Inspection (DPI), but they are not effective since many applications constantly randomize their ports and the payload could be encrypted. This paper proposes a hybrid model that makes use of a rule-based model along with a self-organizing map (SOM) model to tackle the problem of traffic classification without making use of the payload or ports. The proposed method also allows the generation of association rules for new unknown applications and further labeling by experts. The proposed hybrid model was superior to a rule-based model only and presented a precision of over 94% except for eMule application. The model was validated against a Measurement and Analysis on the WIDE Internet (MAWI) trace and presented true positive results above 99% and 0% false positives. It was also validated against another model based on computational intelligence, named Realtime, and the hybrid model proposed in this work presented better results when tested in real time network traffic.

On the load balancing of virtual networks in distributed clouds

Abstract: The distribution of computing resources in different geographical regions and the promotion of full integration with network resources are important issues of new architectures for Cloud computing. Such scattered Cloud deployments, called Distributed Clouds (D-Clouds), can directly reach users due to their inherently distributed infrastructure and the ownership of the network. Thus, D-Clouds can comply with geographically-based requirements and network-based quality of service. One of the challenges in this area is the resource management. In this way, a clever resource allocation algorithm is needed to satisfy service requirements and an owner's management objectives. This paper proposes algorithms for allocation of computing and network resources in a D-Cloud with the objectives of balancing the load in the virtualized infrastructure and of considering constraints, such as processing power, memory, storage, and network delay. The evaluation of the algorithm shows that it is indeed adequate for link allocation across different physical networks.

A look under the hood: Revealing performance issues in the DPI engine

Abstract: Compressed Deterministic Finite Automata (DFA) promises same representation power as traditional DFAs while using less memory for representing Regular Expressions (RE). Experimental evaluations of DFA-based Deep Packet Inspection (DPI) systems focus mainly on memory consumption without observing other important related aspects, such as the matching speed. Proper design of DPI systems requires the assessment of several performance metrics at hardware level, in order to make sure that its implementation will not compromise the overall performance. This paper proposes a novel and systematic evaluation of DPIs and reveals the impact of DFA's data-structures and the correspondent memory layout implementation to hardware-level metrics. Experimental results show that some DFA model and memory layout combinations are almost 100 times faster than others. Results also show that choosing the incorrect model-layout pair can lead to significant performance issues. Our methodology and results will certainly help researchers and developers to design efficient DPI engines, through the selection of the best DFA model and memory layout combination to achieve the targeted overall performance.

ProNet Framework: Network Management Using Semantics and Collaboration

Abstract: The evolution of computer networks presents new mechanisms that increase the flexibility and intelligence of network devices. The consequence is an increased automation of activities required to manage and delay human interventions. In this article, we present mechanisms relating to policies, programmable networks and semantics as well as integrate them collaboratively into a single framework, we call ProNet. Furthermore, the benefits will be demonstrated and its limitations will be quantitatively described.

Flow count: A CDN dynamic Replica Placement Algorithm for cross traffic optimization

Abstract: Content Distribution Networks (CDN) are a popular technology to deliver content and have attracted great interest in recent years. Replica Placement Algorithms (RPA) are one of the main widely studied CDN strategies. In this paper we propose a new dynamic RPA strategy, very similar to the Greedy strategy, based on the count of data flows through network nodes. Our experiments show better results using the proposed Flow Count Strategy than using Greedy or Hotspot algorithms when considering cross traffic. Also, the obtained results show that Flow Count seems to place replica servers more efficiently during local flash crowd events.

Balancing the load across virtual links from virtual machine requests in Distributed Clouds

Abstract: Cloud providers should be able to attend to different types of requests from their users. Generally, requests are composed of virtual machine and virtual link restrictions. When users request only virtual machines, the Cloud provider should interconnect them - by creating a virtual network - in order to allow the communication. In this paper, we propose a strategy to create virtual links between virtual machines, aiming for load balancing, and at same time, link consolidation in order to optimize resource utilization in Distributed Clouds. The results show that our algorithm usually hits the optimum solution for small requests for virtual machines.