Journal of High Speed Networks - Volume 13, issue 4

Authors: Pal, Sudebkumar Prasant | Suman, Rajiv Ranjan | Anil Kumar, G. Sudha | Malhotra, Ruchi

Article Type: Research Article

Abstract: In this paper we propose a new scheme for scalable video services across the Internet. We envisage the future Internet to be very video intensive where large video and multimedia files (or portions of files) would be accessed over the entire network by a large number of users very frequently. Such large sets of data would contribute to a significant fraction of the entire traffic. Quality of service guarantees would therefore have to be provided for such services. We consider video traffic and show how good service can be provided using our new, scalable and generic notions of video caching …and virtual video caching. In order to measure the success of such caching schemes, we introduce the notion of blackouts. A blackout is the break in viewing a video movie between two consecutive clips due to download delay. We define blackout length as the sum of the durations of all blackouts occuring during the service of the video request. We use our generic caching techniques to provide video viewing with low values for average blackout frequencies and blackout lengths; when we use virtual video caching, we get much better performance than what ordinary video caching offers. Our performance studies are based on extensive simulations done by varying parameters such as request rates, cache sizes, queue sizes and packet sizes. Our techniques apply also to large non‐video files that need to be downloaded as streams of smaller chunks in a sequence. Show more

Keywords: Virtual caching, video caching, blackouts, multimedia, quality of service

Citation: Journal of High Speed Networks, vol. 13, no. 4, pp. 249-263, 2004

Authors: Sreenath, N. | Siva Ram Murthy, C.

Article Type: Research Article

Abstract: Wavelength‐division multiplexed (WDM) networks using wavelength‐routing are considered to be potential candidates for the next generation wide‐area backbone networks. At present, Internet Protocol (IP) is considered as de facto standard for transferring data in a wide‐area network. As WDM technology matures, there is a growing interest in integrated IP‐over‐WDM networks. Supporting multicasting in these networks poses a challenging topic. In IP multicast routing, only a subset of nodes may have multicast capability. The nodes that are not supporting multicast routing are by‐passed using IP tunneling concept. Because of IP tunneling, a node with optical splitting capability may not be considered …while constructing a multicast tree. This results in poor bandwidth utilization. Some times, non‐delivery of data to some destinations may also happen. Hence, the IP multicast routing protocol need to consider the capabilities of the nodes. But, it may require some modifications to the existing IP multicast routing algorithms. We propose an approach, where nodes with splitting capability and wavelength conversion capability are connected and form a backbone. Hence, IP multicast routing algorithms need not consider the special capabilities of the nodes and these algorithms do not require any modifications. In multicast routing establishing a protection path is a difficult task, since the capabilities of nodes differ from each other. Using our approach it is possible to recover from a link or node failure. Also in a wide area network, delay involved in generating and establishing connections for multicast traffic is very high. In our approach, this delay is low, since it makes use of pre‐established connections (i.e., pre‐established backbone). The effectiveness of our proposed approach is demonstrated using extensive simulation experiments. The blocking performance of the proposed approach is also studied for dynamically arriving multicast sessions. Show more

Keywords: IP‐over‐WDM, wavelength routing, sparse splitting, virtual source, failure recovery, optical multicast routing

Citation: Journal of High Speed Networks, vol. 13, no. 4, pp. 265-281, 2004

Authors: Seba, H. | Bouabdallah, A. | Badache, N.

Article Type: Research Article

Abstract: Secure group communication is an increasingly popular research area having received much attention in recent years. However, most existing approaches construct the group key without caring about the type of the group itself and the environment in which it evolves. This leads to inefficient solutions for real multicast groups. In this paper, we propose a new approach to enhance key management performance. In our solution, we take into consideration group characteristics. We first classify the various group characteristics and point out their influence on the efficiency of key management protocols. We, then, propose two key management protocols, which maintain good …performance by adapting the key management process to the type of the group. A comparative study and simulation results evaluate the efficiency of our approach. Show more

Keywords: Group key management, group characteristics, 1‐affects‐n scalability, logical binary trees, fault‐tolerance, multiple cores

Citation: Journal of High Speed Networks, vol. 13, no. 4, pp. 283-296, 2004

Authors: Madan, B.B. | Trivedi, K.S.

Article Type: Research Article

Abstract: Increasing deployment of computer systems in critical applications has made study and quantifiable analysis of the security aspects of these systems an important issue. Security quantification analysis can either be done by logging large amounts of operational data and analyzing this data or by developing analytic models. First approach, though straight forward, is less desirable, since such an analysis is typically done in a post‐facto manner, after the damage caused by a security breach has already occurred. The modeling approach, on the other hand, can be done in an a‐priori manner and is also much less costly. Another aspect of …designing secure systems that is gaining acceptance is that while preventing security attacks is an important goal, it is not always possible to be able to prevent all types of attacks, particularly since attackers are always creating newer attacks. Recent approaches to designing dependable systems suggest treating intrusion prevention as a first line of defense to be followed by building intrusion tolerance measures that do not entirely preclude the possibility of security intrusion from succeeding. Such systems take appropriate responsive measures to mitigate the adverse effects of security intrusions. In this paper, we utilize the attack or privilege graph models that have been successfully used to model the attack progression to incorporate the system's response to an attack and for verifying if the system is secure or not. The proposed model is referred to as the attack response graph. Security quantification uses a Markov chain model to compute mean time taken to reach security failed states. However, getting to the Markov chain directly is rather difficult. Instead, we first obtain the SPN from the ARG description. The reachability graph of this SPN gives the absorbing state Markov chain which in turn is used to quantify the security in terms of the mean‐time‐to‐security‐failure measure for an intrusion tolerant system. Finally, we utilize sensitivity analysis to evaluate the effects of inaccuracies in estimating the model parameters. Show more

Citation: Journal of High Speed Networks, vol. 13, no. 4, pp. 297-308, 2004

Authors: Abdulla, M.F. | Ravikumar, C.P.

Article Type: Research Article

Abstract: It is very common for people across the globe to collaborate on the Internet and intellectual property amongst each other. A serious threat to this form of collaboration can come from “backdoor” attacks from hackers, who can distort the information content. For example, a backdoor attack may replace common operating system functions with malicious ones. A possible precaution against such an attack is to generate a signature database and compare the signature of a system functionality with its golden signature before using the functionality. We present an alternate and novel method to detect Trojan activity. Called time fingerprinting, the method …relies on observing a finite number of fingerprints during signature generation and tracing the Trojan fingerprints in system files. We have verified the desired properties using common semi trusted operating system files. Show more

Keywords: Internet security, signature, fingerprint, Trojan, testing

Citation: Journal of High Speed Networks, vol. 13, no. 4, pp. 309-317, 2004

Article Type: Other

Citation: Journal of High Speed Networks, vol. 13, no. 4, pp. 319-320, 2004