Showing papers by "AT&T Labs published in 2016"
03 Oct 2016
TL;DR: This paper proposes a cellular-friendly streaming scheme that delivers only 360 videos' visible portion based on head movement prediction, which can reduce bandwidth consumption by up to 80% based on a trace-driven simulation.
Abstract: As an important component of the virtual reality (VR) technology, 360-degree videos provide users with panoramic view and allow them to freely control their viewing direction during video playback. Usually, a player displays only the visible portion of a 360 video. Thus, fetching the entire raw video frame wastes bandwidth. In this paper, we consider the problem of optimizing 360 video delivery over cellular networks. We first conduct a measurement study on commercial 360 video platforms. We then propose a cellular-friendly streaming scheme that delivers only 360 videos' visible portion based on head movement prediction. Using viewing data collected from real users, we demonstrate the feasibility of our approach, which can reduce bandwidth consumption by up to 80% based on a trace-driven simulation.
391 citations
22 Aug 2016
TL;DR: Owan is presented, a novel traffic management system that optimizes wide-area bulk transfers with centralized joint control of the optical and network layers with efficient algorithms to jointly optimize optical circuit setup, routing and rate allocation, and dynamically adapt them to traffic demand changes.
Abstract: Bulk transfer on the wide-area network (WAN) is a fundamental service to many globally-distributed applications. It is challenging to efficiently utilize expensive WAN bandwidth to achieve short transfer completion time and meet mission-critical deadlines. Advancements in software-defined networking (SDN) and optical hardware make it feasible and beneficial to quickly reconfigure optical devices in the optical layer, which brings a new opportunity for traffic management on the WAN. We present Owan, a novel traffic management system that optimizes wide-area bulk transfers with centralized joint control of the optical and network layers. \sysname can dynamically change the network-layer topology by reconfiguring the optical devices. We develop efficient algorithms to jointly optimize optical circuit setup, routing and rate allocation, and dynamically adapt them to traffic demand changes. We have built a prototype of Owan with commodity optical and electrical hardware. Testbed experiments and large-scale simulations on two ISP topologies and one inter-DC topology show that \sysname completes transfers up to 4.45x faster on average, and up to 1.36x more transfers meet their deadlines, as compared to prior methods that only control the network layer.
128 citations
03 Oct 2016
TL;DR: An in-depth study of multipath for mobile settings, focusing on MPTCP, and design and implement a flexible software architecture for mobile multipath called MPFlex, which strategically employs multiplexing to improve multipath performance (by up to 63% for short-lived flows).
Abstract: Today's mobile devices are usually equipped with multiple wireless network interfaces that provide new opportunities for improving application performance. In this paper, we conduct an in-depth study of multipath for mobile settings, focusing on MPTCP, with the goal of developing key insights for evolving the mobile multipath design. First, we conduct to our knowledge the most in-depth and the longest user trial of mobile multipath that focuses not only on MPTCP performance, but also on cross-layer interactions. Second, we identify a new research problem of multipath-aware CDN server selection. We demonstrate its real-world importance and provide recommendations. Third, our measurement findings lead us to design and implement a flexible software architecture for mobile multipath called MPFlex, which strategically employs multiplexing to improve multipath performance (by up to 63% for short-lived flows). MPFlex decouples the high-level scheduling algorithm and the low-level OS protocol implementation, and enables developers to flexibly plug-in new multipath features. MPFlex also provides an ideal vantage point for flexibly realizing user-specified multipath policies and is friendly to middleboxes.
120 citations
06 Dec 2016
TL;DR: The basic idea behind MP-DASH is to strategically schedule video chunks' delivery and thus satisfy user preferences and can work with a wide range of off-the-shelf video rate adaptation algorithms with very small changes.
Abstract: Compared with using only a single wireless path such as WiFi, leveraging multipath (e.g., WiFi and cellular) can dramatically improve users' quality of experience (QoE) for mobile video streaming. However, Multipath TCP (MPTCP), the de-facto multipath solution, lacks the support to prioritize one path over another. When applied to video streaming, it may cause undesired network usage such as substantial over-utilization of the metered cellular link. In this paper, we propose MP-DASH, a multipath framework for video streaming with the awareness of network interface preferences from users. The basic idea behind MP-DASH is to strategically schedule video chunks' delivery and thus satisfy user preferences. MP-DASH can work with a wide range of off-the-shelf video rate adaptation algorithms with very small changes. Our extensive field studies at 33 locations in three U.S. states suggest that MP-DASH is very effective: it can reduce cellular usage by up to 99% and radio energy consumption by up to 85% with negligible degradation of QoE, compared with off-the-shelf MPTCP.
114 citations
18 Apr 2016
TL;DR: This paper proposes a novel distributed reconstruction technique, called Partial Parallel Repair (PPR), which divides the reconstruction operation to small partial operations and schedules them on multiple nodes already involved in the data reconstruction, and reduces repair time and degraded read time significantly.
Abstract: With the explosion of data in applications all around us, erasure coded storage has emerged as an attractive alternative to replication because even with significantly lower storage overhead, they provide better reliability against data loss. Reed-Solomon code is the most widely used erasure code because it provides maximum reliability for a given storage overhead and is flexible in the choice of coding parameters that determine the achievable reliability. However, reconstruction time for unavailable data becomes prohibitively long mainly because of network bottlenecks. Some proposed solutions either use additional storage or limit the coding parameters that can be used. In this paper, we propose a novel distributed reconstruction technique, called Partial Parallel Repair (PPR), which divides the reconstruction operation to small partial operations and schedules them on multiple nodes already involved in the data reconstruction. Then a distributed protocol progressively combines these partial results to reconstruct the unavailable data blocks and this technique reduces the network pressure. Theoretically, our technique can complete the network transfer in ⌈(log2(k + 1))⌉ time, compared to k time needed for a (k, m) Reed-Solomon code. Our experiments show that PPR reduces repair time and degraded read time significantly. Moreover, our technique is compatible with existing erasure codes and does not require any additional storage overhead. We demonstrate this by overlaying PPR on top of two prior schemes, Local Reconstruction Code and Rotated Reed-Solomon code, to gain additional savings in reconstruction time.
112 citations
01 Jan 2016
TL;DR: This work formalizes an online version of the entity resolution task, and uses an oracle which correctly labels matching and non-matching pairs through queries, and develops a novel analysis framework for prior proposals on entity resolution with an oracles, beyond their worst case guarantees.
Abstract: Entity resolution (ER) is the task of identifying all records in a database that refer to the same underlying entity. This is an expensive task, and can take a significant amount of money and time; the end-user may want to take decisions during the process, rather than waiting for the task to be completed. We formalize an online version of the entity resolution task, and use an oracle which correctly labels matching and non-matching pairs through queries. In this setting, we design algorithms that seek to maximize progressive recall, and develop a novel analysis framework for prior proposals on entity resolution with an oracle, beyond their worst case guarantees. Finally, we provide both theoretical and experimental analysis of the proposed algorithms.
108 citations
TL;DR: An approach for intelligent content placement that scales to large library sizes e.g., 100 Ks of videos by employing a Lagrangian relaxation-based decomposition technique combined with integer rounding and investigating the tradeoff between disk space and network bandwidth.
Abstract: IPTV service providers offering Video-on-Demand currently use servers at each metropolitan office to store all the videos in their library. With the rapid increase in library sizes, it will soon become infeasible to replicate the entire library at each office. We present an approach for intelligent content placement that scales to large library sizes (e.g., 100 Ks of videos). We formulate the problem as a mixed integer program (MIP) that takes into account constraints such as disk space, link bandwidth, and content popularity. To overcome the challenges of scale, we employ a Lagrangian relaxation-based decomposition technique combined with integer rounding. Our technique finds a near-optimal solution (e.g., within 1%–2%) with orders of magnitude speedup relative to solving even the linear programming (LP) relaxation via standard software. We also present simple strategies to address practical issues such as popularity estimation, content updates, short-term popularity fluctuation, and frequency of placement updates. Using traces from an operational system, we show that our approach significantly outperforms simpler placement strategies. For instance, our MIP-based solution can serve all requests using only half the link bandwidth used by least recently used (LRU) or least frequently used (LFU) cache replacement policies. We also investigate the tradeoff between disk space and network bandwidth.
106 citations
TL;DR: The Predictive Finite-horizon PF Scheduling ((PF)2S) Framework is developed and it is indicated that the framework can increase the throughput by 15%-55% compared to traditional PF schedulers, while improving fairness.
Abstract: Proportional Fair (PF) scheduling algorithms are the de facto standard in cellular networks. They exploit the users' channel state diversity (induced by fast-fading) and are optimal for stationary channel state distributions and an infinite time-horizon. However, mobile users experience a nonstationary channel, due to slow-fading (on the order of seconds), and are associated with base stations for short periods. Hence, we develop the Predictive Finite-horizon PF Scheduling ((PF)2S) Framework that exploits mobility. We present extensive channel measurement results from a 3G network and characterize mobility-induced channel state trends. We show that a user's channel state is highly reproducible and leverage that to develop a data rate prediction mechanism. We then present a few channel allocation estimation algorithms that exploit the prediction mechanism. Our trace-based simulations consider instances of the ((PF)2S) Framework composed of combinations of prediction and channel allocation estimation algorithms. They indicate that the framework can increase the throughput by 15%-55% compared to traditional PF schedulers, while improving fairness.
104 citations
TL;DR: In this paper, an upper bound on the average service delay of such erasure-coded storage with arbitrary service time distribution and consisting of multiple heterogeneous files is provided, which enables a novel problem of joint latency and storage cost minimization over three dimensions: selecting the erasure code, placing encoded chunks, and optimizing scheduling policy.
Abstract: Modern distributed storage systems offer large capacity to satisfy the exponentially increasing need of storage space. They often use erasure codes to protect against disk and node failures to increase reliability, while trying to meet the latency requirements of the applications and clients. This paper provides an insightful upper bound on the average service delay of such erasure-coded storage with arbitrary service time distribution and consisting of multiple heterogeneous files. Not only does the result supersede known delay bounds that only work for a single file or homogeneous files, it also enables a novel problem of joint latency and storage cost minimization over three dimensions: selecting the erasure code, placement of encoded chunks, and optimizing scheduling policy. The problem is efficiently solved via the computation of a sequence of convex approximations with provable convergence. We further prototype our solution in an open-source cloud storage deployment over three geographically distributed data centers. Experimental results validate our theoretical delay analysis and show significant latency reduction, providing valuable insights into the proposed latency-cost tradeoff in erasure-coded storage.
90 citations
TL;DR: This special issue of IEEE Internet Computing highlights some of the opportunities, challenges, and solutions that will shape this transformational field in the years to come.
Abstract: Network function virtualization (NFV) is a series of upcoming technologies that allow the high-volume packet-processing functions forming the modern Internet's core to be virtualized, so that they can run on commodity cloud computing platforms. This special issue of IEEE Internet Computing highlights some of the opportunities, challenges, and solutions that will shape this transformational field in the years to come.
69 citations
14 Mar 2016
TL;DR: KLEIN is proposed, a design that stays within the confines of current cellular standards and addresses the above limitations by combining network functions virtualization with smart resource management and is close to optimal for wide variety of traffic and deployment parameters.
Abstract: Today's cellular core, which connects the radio access network to the Internet, relies on fixed hardware appliances placed at a few dedicated locations and uses relatively static routing policies. As such, today's core design has key limitations---it induces inefficient provisioning tradeoffs and is poorly equipped to handle overload, failure scenarios, and diverse application requirements. To address these limitations, ongoing efforts envision "clean slate" solutions that depart from cellular standards and routing protocols; e.g., via programmable switches at base stations and per-flow SDN-like orchestration. The driving question of this work is to ask if a clean-slate redesign is necessary and if not, how can we design a flexible cellular core that is minimally disruptive. We propose KLEIN, a design that stays within the confines of current cellular standards and addresses the above limitations by combining network functions virtualization with smart resource management. We address key challenges w.r.t. scalability and responsiveness in realizing KLEIN via backwards-compatible orchestration mechanisms. Our evaluations through data-driven simulations and real prototype experiments using OpenAirInterface show that KLEIN can scale to billions of devices and is close to optimal for wide variety of traffic and deployment parameters.
30 May 2016
TL;DR: A tool, Newton, is developed to help a web application programmer to identify authentication cookies for specific parts of the website and to verify that they are securely implemented according to the checklist, which found that 113 of them---including high-profile sites such as Yahoo, Amazon, and Fidelity---were vulnerable to hijacking attacks.
Abstract: Modern websites use multiple authentication cookies to allow visitors to the site different levels of access. The complexity of modern web applications can make it difficult for a web application programmer to ensure that the use of authentication cookies does not introduce vulnerabilities. Even when a programmer has access to all of the source code, this analysis can be challenging; the problem becomes even more vexing when web programmers cobble together off-the-shelf libraries to implement authentication. We have assembled a checklist for modern web programmers to verify that the cookie based authentication mechanism is securely implemented. Then, we developed a tool, Newton, to help a web application programmer to identify authentication cookies for specific parts of the website and to verify that they are securely implemented according to the checklist. We used Newton to analyze 149 sites, including the Alexa top-200 and many other popular sites across a range of categories including search, shopping, and finance. We found that 113 of them---including high-profile sites such as Yahoo, Amazon, and Fidelity---were vulnerable to hijacking attacks. Many websites have already acknowledged and fixed the vulnerabilities that we found using Newton and reported to them.
10 Apr 2016
TL;DR: This work design and implement novel machine learning based algorithms to infer whether a mobile was outdoor and if so, it infers the latitude-longitude associated with the measurement record.
Abstract: As cellular networks like 4G LTE networks get more and more sophisticated, mobiles also measure and send enormous amount of mobile measurement data (in TBs/week/metropolitan) during every call and session. The mobile measurement records are saved in data center for further analysis and mining, however, these measurement records are not geo-tagged because the measurement procedures are implemented in mobile LTE stack. Geo-tagging (or localizing) the stored measurement record is a fundamental building block towards network analytics and troubleshooting since the measurement records contain rich information on call quality, latency, throughput, signal quality, error codes etc. In this work, our goal is to localize these mobile measurement records. Precisely, we answer the following question: what was the location of the mobile when it sent a given measurement record? We design and implement novel machine learning based algorithms to infer whether a mobile was outdoor and if so, it infers the latitude-longitude associated with the measurement record. The key technical challenge comes from the fact that measurement records do not contain sufficient information required for triangulation or RF fingerprinting based techniques to work by themselves. Experiments performed with real data sets from an operational 4G network in a major metropolitan show that, the median accuracy of our proposed solution is around 20 m for outdoor mobiles and outdoor classification accuracy is more than 98%.
01 Oct 2016
TL;DR: This paper investigates whether clouds of edge devices can be managed as Infrastructure-as-a-Service clouds and describes the approach, FocusStack, that uses location based situational awareness, implemented over a multi-tier geographic addressing network to solve the problems of inefficient awareness messaging and mixed initiative control.
Abstract: Allocating and managing resources in the Internet ofThings (IoT) presents many new challenges, including massivescale, new security issues, and new resource types that becomecritical in making orchestration decisions. In this paper, weinvestigate whether clouds of edge devices can be managed asInfrastructure-as-a-Service clouds. We describe our approach, FocusStack, that uses location based situational awareness, implemented over a multi-tier geographic addressing network, to solve the problems of inefficient awareness messaging andmixed initiative control that IoT device clouds raise for traditionalcloud management tools. We provide an extended casestudy of a shared video application as initial demonstrationand evaluation of the work and show that we effectively solvethe two key problems above.
14 Nov 2016
TL;DR: This work conducts to its knowledge the first comprehensive characterization of cellular upload traffic and investigates its interaction with other concurrent traffic, revealing rather poor performance associated with applications running concurrently with cellular Upload traffic, due to excessive on-device buffering.
Abstract: Despite the extensive characterization of the growth of cellular network traffic, we observe two important trends not yet thoroughly investigated. First, fueled by the LTE technology and applications involving wearable devices and device-to-device (D2D) communication, device upload traffic is increasingly popular. Second, the multi-tasking and multi-window features of modern mobile devices allow many concurrent TCP connections, resulting in potentially complex interactions. Motivated by these new observations, we conduct to our knowledge the first comprehensive characterization of cellular upload traffic and investigate its interaction with other concurrent traffic. In particular, we reveal rather poor performance associated with applications running concurrently with cellular upload traffic, due to excessive on-device buffering (i.e., on-device bufferbloat). This leads to significant performance degradation on real mobile applications, eg.,66% of download throughput degradation and more than doubling of page load times. We further systematically study a wide range of solutions for mitigating on-device bufferbloat, and provide concrete recommendations by proposing a system called QCUT to control the firmware buffer occupancy from the OS kernel.
Posted Content•
TL;DR: This work addresses the limitations of prior work on OD discovery, and develops an efficient set-containment, lattice-driven OD discovery algorithm that uses the inference rules to prune the search space.
Abstract: Integrity constraints (ICs) provide a valuable tool for expressing and enforcing application semantics. However, formulating constraints manually requires domain expertise, is prone to human errors, and may be excessively time consuming, especially on large datasets. Hence, proposals for automatic discovery have been made for some classes of ICs, such as functional dependencies (FDs), and recently, order dependencies (ODs). ODs properly subsume FDs, as they can additionally express business rules involving order; e.g., an employee never has a higher salary while paying lower taxes compared with another employee.
We address the limitations of prior work on OD discovery which has factorial complexity in the number of attributes, is incomplete (i.e., it does not discover valid ODs that cannot be inferred from the ones found) and is not concise (i.e., it can result in "redundant" discovery and overly large discovery sets). We improve significantly on complexity, offer completeness, and define a compact canonical form. This is based on a novel polynomial mapping to a canonical form for ODs, and a sound and complete set of axioms (inference rules) for canonical ODs. This allows us to develop an efficient set-containment, lattice-driven OD discovery algorithm that uses the inference rules to prune the search space. Our algorithm has exponential worst-case time complexity in the number of attributes and linear complexity in the number of tuples. We prove that it produces a complete, minimal set of ODs (i.e., minimal with regards to the canonical representation). Finally, using real and synthetic datasets, we experimentally show orders-of-magnitude performance improvements over the current state-of-the-art algorithm and demonstrate effectiveness of our techniques.
TL;DR: The proposed approach combines a biased random-key genetic algorithm (BRKGA) and a local search procedure for generating the sequence of cutting patterns for the minimization of the open stacks problem.
Proceedings Article•
01 Jan 2016
TL;DR: This work proposes a conceptual framework that models human interactions with ML components in the VA process, and makes the crucial interplay between automated algorithms and interactive visualizations more concrete.
Abstract: The goal of visual analytics (VA) systems is to solve complex problems by integrating automated data analysis methods, such as machine learning (ML) algorithms, with interactive visualizations. We propose a conceptual framework that models human interactions with ML components in the VA process, and makes the crucial interplay between automated algorithms and interactive visualizations more concrete. The framework is illustrated through several examples. We derive three open research challenges at the intersection of ML and visualization research that will lead to more effective data analysis.
Proceedings Article•
18 Aug 2016
TL;DR: This work proposes a conceptual framework that models human interactions with ML components in the VA process, and makes the crucial interplay between automated algorithms and interactive visualizations more concrete.
Abstract: The goal of visual analytics (VA) systems is to solve complex problems by integrating automated data analysis methods, such as machine learning (ML) algorithms, with interactive visualizations. We propose a conceptual framework that models human interactions with ML components in the VA process, and makes the crucial interplay between automated algorithms and interactive visualizations more concrete. The framework is illustrated through several examples. We derive three open research challenges at the intersection of ML and visualization research that will lead to more effective data analysis.
TL;DR: This work discusses strategies and approaches to integrate SDN capabilities with traditional technologies to achieve the high-performance traffic engineering, fast service provisioning, and rapid failure restoration required for existing network operations.
Abstract: Software-defined networking provides a promising approach to build and operate high-performance networks with high efficiency and affordable cost. While SDN is of great importance to ISPs, it is infeasible to replace the entire existing infrastructure with a clean slate of SDN design. Most early SDN practices concentrate on small-scale greenfield designs. Here, we focus on mission-critical large-scale backbone networks, and discuss the key technologies and applications for ISPs' SDN adoption. Taking an evolutionary viewpoint, we discuss strategies and approaches to integrate SDN capabilities with traditional technologies to achieve the high-performance traffic engineering, fast service provisioning, and rapid failure restoration required for existing network operations.
01 Sep 2016
TL;DR: It is found that when additional bandwidth on the secondary path is not sufficient to sustain an upgrade in video quality, it is generally better not to use MPTCP.
Abstract: HTTP-based adaptive protocols dominate today's video streaming over the Internet, and operate using multiple quality levels that video players request one segment at a time. Despite their popularity, studies have shown that performance of video streams still suffers from stalls, quality switches and startup delay. In wireless networks, it is well-known that high variability in network bandwidth affects video streaming. MultiPath TCP (MPTCP) is an emerging paradigm that could offer significant benefits to video streaming by combining bandwidth on multiple network interfaces, in particular for mobile devices that typically support both WiFi and cellular networks. In this paper, we explore whether MPTCP always benefits mobile video streaming. Our experimental study on video streaming using two wireless interfaces yields mixed results. While beneficial to user experience under ample and stable bandwidth, MPTCP may not offer any advantage under some network conditions. We find that when additional bandwidth on the secondary path is not sufficient to sustain an upgrade in video quality, it is generally better not to use MPTCP. We also identify that MPTCP can harm user experience when an unstable secondary path is added to the stable primary path.
16 May 2016
TL;DR: This work captures the dynamics of events using four event operations (create, absorb, split, and merge), which can be effectively used to monitor evolving events, and proposes a novel event indexing structure, called Multi-layer Inverted List (MIL), to manage dynamic event databases for the acceleration of large-scale event search and update.
Abstract: Tweet streams provide a variety of real-time information on dynamic social events. Although event detection has been actively studied, most of the existing approaches do not address the issue of efficient event monitoring in the presence of a large number of events detected from continuous tweet streams. In this paper, we capture the dynamics of events using four event operations: creation, absorption, split and merge.We also propose a novel event indexing structure, named Multi-layer Inverted List (MIL), for the acceleration of large-scale event search and update. We thoroughly study the problem of nearest neighbour search using MIL based on upper bound pruning. Extensive experiments have been conducted on a large-scale tweet dataset. The results demonstrate the promising performance of our method in terms of both efficiency and effectiveness.
TL;DR: This paper characterizes the operational performance of a tier-1 cellular network in the U.S. during two high-profile crowded events in 2012 and suggests two mechanisms that can improve performance without resorting to costly infrastructure changes: radio resource allocation tuning and opportunistic connection sharing.
Abstract: During crowded events, cellular networks face voice and data traffic volumes that are often orders of magnitude higher than what they face during routine days. Despite the use of portable base stations for temporarily increasing communication capacity and free Wi-Fi access points for offloading Internet traffic from cellular base stations, crowded events still present significant challenges for cellular network operators looking to reduce dropped call events and improve Internet speeds. For an effective cellular network design, management, and optimization, it is crucial to understand how cellular network performance degrades during crowded events, what causes this degradation, and how practical mitigation schemes would perform in real-life crowded events. This paper makes a first step toward this end by characterizing the operational performance of a tier-1 cellular network in the U.S. during two high-profile crowded events in 2012. We illustrate how the changes in population distribution, user behavior, and application workload during crowded events result in significant voice and data performance degradation, including more than two orders of magnitude increase in connection failures. Our findings suggest two mechanisms that can improve performance without resorting to costly infrastructure changes: radio resource allocation tuning and opportunistic connection sharing. Using trace-driven simulations, we show that more aggressive release of radio resources via 1-2 s shorter radio resource control timeouts as compared with routine days helps to achieve better tradeoff between wasted radio resources, energy consumption, and delay during crowded events, and opportunistic connection sharing can reduce connection failures by 95% when employed by a small number of devices in each cell sector.
30 May 2016
TL;DR: This paper proposes a new system, called SOS, which is scalable, scalable, incurs negligible overheads and offers strong protection on compute nodes of OpenStack, and applies mandatory access control and capabilities to con- fine interactions among different components.
Abstract: Infrastructure-as-a-Service (IaaS) clouds such as OpenStack consist of two kinds of nodes in their infrastructure: control nodes and compute nodes. While control nodes run all critical services, compute nodes host virtual machines of customers. Given the large number of compute nodes, and the fact that they are hosting VMs of (possibly malicious) customers, it is possible that some of the compute nodes may be compromised. This paper examines the impact of such a compromise. We focus on OpenStack, a popular open-source cloud plat- form that is widely adopted. We show that attackers com- promising a single compute node can extend their controls over the entire cloud infrastructure. They can then gain free access to resources that they have not paid for, or even bring down the whole cloud to affect all customers. This startling result stems from the cloud platform's misplaced trust, which does not match today's threats. To overcome the weakness, we propose a new system, called SOS , for hardening OpenStack. SOS limits trust on compute nodes. SOS consists of a framework that can enforce a wide range of security policies. Specifically, we applied mandatory access control and capabilities to con- fine interactions among different components. Effective confinement policies are generated automatically. Furthermore, SOS requires no modifications to the OpenStack. This has allowed us to deploy SOS on multiple versions of OpenStack. Our experimental results demonstrate that SOS is scalable, incurs negligible overheads and offers strong protection.
03 Oct 2016
TL;DR: This paper proposes to use server push, a standard feature in HTTP/2, to provide an ideal framework for the cost-benefit analysis and designs a practical system that reduces resource footprint for mobile web over multipath by providing adaptive multipath support.
Abstract: In this paper, we investigate when to browse the web using WiFi and cellular simultaneously on mobile devices. Our observation, based on empirical measurements, is that mobile web may not always benefit from multipath, which motivates a cost-benefit analysis. However, it is challenging to analyze the benefits (i.e., improved user experience) and costs (e.g., energy consumption) of web browsing, due to HTTP's resource fetching model. We propose to use server push, a standard feature in HTTP/2, to provide an ideal framework for the cost-benefit analysis. We then design a practical system that reduces resource footprint for mobile web over multipath by providing adaptive multipath support.
10 Apr 2016
TL;DR: This paper uses training data to build models that can capture the normal performance of every E2E-instance, which means flows corresponding to a specific location, content provider, device type, and application types, and they are used to detect performance degradation at cellular service providers.
Abstract: Providing high end-to-end (E2E) performance is critical for cellular service providers to best serve their customers. Detecting and localizing E2E performance degradation is crucial for cellular service providers, content providers, device manufactures, and application developers to jointly troubleshoot root causes. To the best of our knowledge, detection and localization of E2E performance degradation at cellular service providers has not been previously studied. In this paper, we propose a holistic approach to detecting and localizing E2E performance degradation at cellular service providers across the four dimensions of user locations, content providers, device types, and application types. First, we use training data to build models that can capture the normal performance of every E2E-instance, which means flows corresponding to a specific location, content provider, device type, and application type. Second, we use our models to detect performance degradation for each E2E-instance on an hourly basis. Third, after each E2E-instance has been labeled as non-degrading or degrading, we use association rule mining techniques to localize the source of performance degradation. Our system detected performance degradation instances over a period of one week. In 80% of the detected degraded instances, content providers, device types, and application types were the only factors of performance degradation.
27 Jun 2016
TL;DR: This work presents a scheduling problem that jointly accounts for: (i) job utilities specified as functions of their completion-time, and (ii) uncertainty in the jobs' runtime, and implements this as a robust scheduler, named RUSH, for YARN in Hadoop.
Abstract: We address the problem of scheduling jobs with utilities that depend solely upon their completion-times in a shared cloud that imposes considerable uncertainty on the jobs' runtime. However, it is very hard to estimate the jobs' runtime in a shared cloud where jobs are often delayed due to reasons such as slow I/O performance and variations in memory availability. Unlike prior works, we acknowledge that runtime estimates are often erroneous and instead shift the burden of robustness to the job scheduler. Specifically, we present a scheduling problem that jointly accounts for: (i) job utilities specified as functions of their completion-time, and (ii) uncertainty in the jobs' runtime. Our proposed solution to this problem achieves lexicographic max-min fairness among the job utilities. We implement this as a robust scheduler, named RUSH, for YARN in Hadoop. Our experiments, using real-world data sets, illustrate RUSH's efficacy when compared with other commonly used schedulers.
10 May 2016
TL;DR: OSCAR is designed, a novel adaptive streaming algorithm whose adaptation decisions are optimized to avoid stalls while maintaining high video quality, which shows that OSCAR achieves the highest percentage of stall-free sessions while maintaining a high quality video in comparison to the state-of-the-art algorithms.
Abstract: The design of an adaptive video client for mobile users is challenged by the frequent changes in operating conditions. Such conditions present a seemingly insurmountable challenge to adaptation algorithms, which may fail to find a balance between video rate, stalls, and rate-switching. In an effort to achieve the ideal balance, we design OSCAR, a novel adaptive streaming algorithm whose adaptation decisions are optimized to avoid stalls while maintaining high video quality. Our performance evaluation, using real video and channel traces from both 3G and 4G networks, shows that OSCAR achieves the highest percentage of stall-free sessions while maintaining a high quality video in comparison to the state-of-the-art algorithms.
01 Dec 2016
TL;DR: A dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations is proposed, and a robust plagiarism detection tool using API birthmarks is developed.
Abstract: This paper addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps. Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this paper we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We propose API birthmarks to characterize unique app behaviors, and develop a robust plagiarism detection tool using API birthmarks.
01 Jul 2016
TL;DR: This white paper presents an overview on the main techno-economic drivers steering the "Softwarization" of telecommunications, an introduction to the Open Mobile Edge Cloud vision, an analysis of the potential role of open source software, and some use case proposals for proof-of-concepts.
Abstract: Techno-economic drivers are creating the conditions for a radical change of paradigm in the design and operation of future telecommunications infrastructures. In fact, SDN, NFV, Cloud and Edge-Fog Computing are converging together into a single systemic transformation termed "Softwarization" that will find concrete exploitations in 5G systems. The IEEE SDN Initiative has elaborated a vision, an evolutionary path and some techno-economic scenarios of this transformation: specifically, the major technical challenges, business sustainability and policy issues have been investigated. This white paper presents: 1) an overview on the main techno-economic drivers steering the "Softwarization" of telecommunications; 2) an introduction to the Open Mobile Edge Cloud vision (covered in a companion white paper); 3) the main technical challenges in terms of operations, security and policy; 4) an analysis of the potential role of open source software; 5) some use case proposals for proof-of-concepts; and 6) a short description of the main socio-economic impacts being produced by "Softwarization". Along these directions, IEEE SDN is also developing of an open catalogue of software platforms, toolkits, and functionalities aiming at a step-by-step development and aggregation of test-beds/field-trials on SDN-NFV-5G. This will prepare the ground for developing new ICT ecosystems, thereby improving the quality of life and facilitating the development of the new digital economy