Seminars
2007
January
February
March
April
May
June
July
August
September
October
November
December
Archive
2003
2004
2005
2006
|
|
Seminars
The Networks Group meets regularly throughout the year for informal discussions, presentations, and a reading group.
Unless otherwise indicated, the informal meetings will be held every Wednesday at 4pm until 5pm in room 6.12, and usually last about an hour. We have moved building located here. (check the deptartmental room bookings page or the central college room bookings page if in doubt). Please contact Felipe Huici (f.huici@cs.ucl.ac.uk) if you have any questions or if you would like to book a seminar slot for a speaker.
-
January 23rd
Speaker: Nina Taft
Biography: Nina Taft is currently a senior researcher at Intel Research Berkeley.
Her main research interests at Intel focus on traffic monitoring for
network security, end-host profiling, anomaly detection as well as
traffic modeling and network-wide traffic generation tools. Prior to
joining Intel, Nina worked at Sprint for 5 years in the IP Group
working on backbone Internet measurement. She conducted research in
various areas such as traffic matrix estimation, traffic
characterization, routing protocols and IP-over-WDM network design
problems. Prior to Sprint, Nina worked at SRI International for four
years. There her work focused on congestion control and QoS routing in
ATM networks. She received her PhD degree from the University of
Berkeley in 1994 on traffic characterization. Nina is currently
serving as an associate editor for the IEEE Transactions on Networking
(ToN) journal and is a member of the ACM Internet Measurement
Conference (IMC) steering committee.
Title: The evolution of traffic matrix techniques and applications: past, present and future.
Abstract:In this overivew talk, we summarize how inference techniques to
estimate traffic matrices have evolved, what we have learned along the
way in terms of modeling of origin-destination (OD) flows, some emerging
applications of traffic matrices, and lastly, where research in this
area might lead to next. We can taxonomize this history into
generations and categorize solutions as either first, second or third
generation techniques. Each generational step has been motivated by
trying to obtain additional data to incorporate in an inherently
ill-posed problem. Incorporating additional sources of data requires a
model to capture the information in a way that is useful to traffic
matrix estimation. This body of research has thus resulted in the
development of a number of interesting traffic models for
origin-destination flows. Modeling such flows presents additional
challenges beyond the traditional flow modeling, as it now becomes
important to incorporate both spatial and temporal correlations.
In addition to producing interesting OD flow models, traffic
matrix reseach has also lead to an increase of applications using
traffic matrices. These application areas, that include
routing analysis and network security, illustrate how new research
problems can be enabled by having a traffic matrix available. In order
to further enhance the use of traffic matrices for other research
activities, we show there is a need to be able to generate traffic
matrices synthetically. Having such traffic descriptions would enable
a much richer ability to do benchmarking and performance evaluation
of any traffic engineering solution. We summarize the problems of
synthetic traffic matrix generation that turns out to be quite
challenging.
-
February 22 (Canceled due to sickness, will be rescheduled)
Speaker: Steve Marsh
Title:
Abstract:
-
March 22nd
Speaker: Michael Dales (Intel Research, Cambridge)
Title: SWIFT: A High-Capacity Wavelength-Striped Optically-Switched Interconnect
Abstract: High capacity optical networks are well established in the long-haul networks arena, with new developments, such as all optical switching, being pursued to further benefit these networks. Research at Intel has show that high capacity optical links can offer advantages for short range networks, such as device interconnects and computer clusters. However, there are many challenges in taking the technologies used in the long-haul and applying them to short range networks.
Here we present a high-capacity, wavelength-striped, optically-switched interconnect architecture, SWIFT, suitable for short range networks, which we hope will scale from chip-to-chip interconnects up to computer-to-computer. This talk will present an outline of some of the challenges, discuss our proposed network architecture, and describe some of the experimental work we are doing, including the building of a full testbed. We will also outline some of the challenges that remain, both in making such a network a reality, and in how one can actually evaluate such a network.
-
April 5th
Speaker: Daniele Quercia
Title: Supporting Trust in the Dynamic Establishment of peering coaLitions
Abstract:The Coalition Peering Domain (CPD) is a recent innovation within the
field of mesh networking.
It facilitates the management of community-area networks in a
distributed and scalable form, allowing devices to pool their network
resources (particularly egress links) to the common good.
However, as in P2P systems, this form of cooperative sharing
architecture raises significant concerns about the effect of
free-riders: nodes that utilise the bandwidth of others without
providing an adequate return to the community.
To address this problem, we propose STRUDEL, a distributed framework
that tackles the problem
of free-riders and consists of:
(i) a mechanism for the detection of malicious peers;
(ii) a formal Bayesian trust model, to assess peers' trustworthiness;
(iii) a forwarding mechanism based on the maximisation of trust-informed
utility.
- April 12th No seminar, Easter
- April 19th No seminar, Easter
-
April 27th (THURSDAY)
Room: 1.03
Speaker: Colin Perkins
Title: Scaling Multimedia Conferencing
Abstract:A key problem in the deployment of high quality multimedia conferencing
over IP networks is congestion control: how to adjust the transmission
of a real-time media flow to match changes in network capacity, while
maintaining media quality and being fair to other traffic on the
network.
This talk will describe a new high definition multimedia conferencing
system which attempts to provide congestion control for interactive
video.
I shall describe this system, outline its performance in wide-area
tests,
and describe our initial attempts to make the system congestion
controlled.
Following on from this, I shall outline current research directions and
challenges for congestion control for interactive multimedia
conferencing.
-
May 3rd
Room: 1.02
Speaker: Dhiraj Bhuyan, Senior Security Researcher, BT
Title: Discovering and Disrupting IRC-Based Botnets
Abstract: A botnet is a network of compromised computers that can be remotely controlled by an attacker through a predefined communication channel. A computer becomes part of a botnet when it gets infected by a software agent commonly known as a bot. Studies carried out by various research groups show the presence of hundreds and thousands of such compromised computers across the Internet. The sheer presence of such a large number of bots poses a serious threat to the Internet community. There have already been a number of well-documented incidents where such an army of bots has been used to launch Distributed Denial of Service (DDoS) attacks against corporate networks. Research carried out by various bot activity-monitoring groups also indicates that in recent months there has been a shift towards using these bots and botnets for monetary gains and espionage activities.
The threat posed by bots and botnets is real and serious. As such, telecom operators and Internet Service Providers (ISP) across the globe are looking at ways and means to clean up their network and place detective and preventive mechanisms to counter the threat.
In this presentation, I will talk about how honeynets can be used for discovering and then disrupting IRC-based botnet command and control infrastructures. I will also talk about a new behavioural approach towards identifying all or most of the botnet servers or proxies on any given network.
-
May 9th
Room: 6.02
Speaker: Andrea Bittau
Title: The Final Nail in WEP's Coffin
Abstract: The 802.11 encryption standard Wired Equivalent Privacy (WEP) is still widely
used today despite the numerous discussions on its insecurity. In this paper,
we present a novel vulnerability which allows an attacker to send arbitrary data
on a WEP network after having eavesdropped a single data packet. Furthermore,
we present techniques for real-time decryption of data packets, which may be
used under common circumstances. Vendor produced mitigation techniques which
cause frequent WEP re-keying prevent traditional attacks, whereas our attack
remains effective even in such scenarios.
We implemented a fully automatic version of this attack which demonstrates its
practicality and feasibility in real networks. As even rapidly re-keyed
networks can be quickly compromised, we believe WEP must now be abandoned rather
than patched yet again.
-
May 17th
Speaker: Dr. Thomas Fuhrmann
Biography: Thomas Fuhrmann is with the faculty of informatics at the University of
Karlsruhe. He heads a small group of currently four PhD students,
established in 2003 by the Deutsche Forschungsgemeinschaft (DFG) as part
of the Emmy-Noether excellence programme. Thomas pursued post-doctoral
studies with Prof. Zitterbart in Karlsruhe (2001-03) and with Prof.
Effelsberg in Mannheim (1998-2000). In the years 2000/01 he was with the
Boston Consulting Group top management consultancy, mainly working in
strategy projects in the Internet and new media industry. Thomas studied
mathematical physics in Heidelberg and Cambridge (UK) and holds a PhD of
the University of Heidelberg. His thesis was on computer simulations in
physics.
Title: Peer-to-Peer Self-Organization and Embedded Systems
Abstract:Peer-to-peer computing (P2P) has become popular recently, but the
concept itself has been successfully employed for decades in computer
networks and distributed systems. In a pure P2P system all instances
start out as equal. Self-organization then structures the specialization
process according to the capabilities of the individual instances and
the needs of the entire system. As a result, self-organizing systems are
often very robust (no single point of failure) and highly scalable
(instances both supply and demand resources).
In this talk, Thomas Fuhrmann illustrates the workings of
self-organization by describing a new routing algorithm, scalable source
routing (SSR). SSR transfers a well-known P2P algorithm, Chord, into an
entirely different application area:
SSR provides network layer routing, especially in large unstructured
networks of resource-limited embedded devices. Here, it outperforms
mobile ad hoc routing protocols such as the ad hoc on demand distance
vector (AODV) routing protocol. At the same time, SSR directly provides
the semantics of a structured routing overlay. Thus SSR can serve as
efficient basis for the development of distributed applications and
services, for example, in the field of "ambient intelligence".
-
September 6th
Speaker: Yang Cheng Huang
Title: Tuning OLSR
Abstract: Optimised Link State Routing (OLSR) is a popular protocol for use in
MANET networks. In this paper, we investigate the different impacts of
tuning refresh interval timers on OLSR performance under various
scenarios (varying node density and node speed). Based on the simulation
results with NS2, we find that although reducing refresh intervals could
improve s performance, the intervals for some message types (HELLO
messages) have a bigger impact on OLSR performance than for other
message types. We find that the impact of the interval timer grows with
increased network mobility and node density.
-
September 7th
Speaker: Costin Raiciu
Title: Exploit Hijacking: Side Effects of Smart Defenses
Abstract: Recent advances in the defense of networked computers use instrumented
binaries to track tainted data and can detect attempted break-ins
automatically. These techniques identify how the transfer of execution to the
attacker takes place,allowing the automatic generation of defenses. However,
as with many technologies, these same techniques can also be used by the
attackers: the information provided by detectors is accurate enough to allow
an attacker to create a new worm using the same vulnerability, hijacking the
exploit. Hijacking changes the threat landscape by pushing attacks to
extremes (targeting selectively or creating a rapidly spreading worm), and
increasing the requirements for automatic worm containment mechanisms. In
this paper, we show that hijacking is feasible for two categories of
attackers: those running detectors and those using Self-Certifying Alerts, a
novel mechanism proposed by Costa et al. for end-to-end worm containment. We
provide a discussion of the effects of hijacking on the threat landscape and
list a series of possible countermeasures.
-
September 19th
Speaker: Joe Touch (USC/ISI)
Bio: Joe is Director of the Postel Center at USC/ISI and a Research Associate
Professor in the CS and EE/Systems Depts. of USC, where he has been
since receiving his Ph.D. from the Univ. of Pennsylvania in 1992. His
research focuses on network architecture, protocols, configuration, and
performance in the areas of Internet, optical nets, overlays, and security.
Title: One Protocol / Many Layers: A Recursive Network Architecture
Abstract: The Recursive Network Architecture (RNA) explores layering in protocol
stacks. The conventional OSI 7-layer stack and its derivatives
differentiate layers by protocol capability and service. The emergence
of additional overlay layers, as well as the diffusion of services
(e.g., retransmission) into multiple layers calls these traditional
architectures into question. RNA examines the implications of using a
single, tunable protocol for different layers of the protocol stack. RNA
reuses basic protocol operations across different protocol layers,
avoiding recapitulation of implementation as well as encouraging cleaner
cross-layer interaction. It allows protocols and protocol stacks to
adjust at runtime, which allows more dynamic composition of services,
both within stacks and in the way networking combines the stacks of
individual hops into an overall network architecture. The RNA project,
which is just commencing, uses this approach to explore the relationship
of layering to protocol and network architecture.
Joe will also present an overview of the Global Information Grid (GIG),
by which the US is overhauling its defense network. Joe will be starting
in October as a program manager on the GIG, overseeing the development
of a high-performance satellite router.
-
October 12th
Speaker: Tara Small (University of Toronto)
Title: Efficiently Delivering Packets in Intermittently-Connected Networks
Abstract:Wireless and mobile network technologies often impose severe resource
limitations, resulting in poor and often unsatisfactory performance of
the commonly used wireless networking protocols. For instance, power
and memory/storage constraints of miniaturized network nodes reduce
the throughput and increase the network latency. Through various
approaches and technological advances, researchers attempt to
compensate somehow for such hardware limitations. However, this is not
always necessary. Sometimes, the required performance of such networks
does not need to adhere to the level of services that would be
required for performance-critical applications. For example, for some
applications of sensor networks, minimal latency is not a critical
factor and it could be traded off for a more limited resource, such as
energy or throughput. Thus, to reduce the energy expenditure, the
transmission range of such sensor nodes would be quite short, leading
to network topologies in which the average number of neighbors of the
network nodes is very small. If the sensor nodes are mobile, then most
of the time a node has no neighbors; only infrequently another node
migrates into its neighborhood. This means that the classical
networking approach of immediate packet forwarding would not work
well, as there is nearly never an intact path between a source and a
destination.
In this talk, I will use the Shared Wireless Infostation Model (SWIM)
as a mathematical model to analytically represent the the propagation
of packets in networks with frequent partitions. I will discuss the
ways that the analytical Markov chains of SWIM can help a network
designer to achieve tradeoffs between the network resources and
non-critical performance such as the tradeoffs between energy, delay,
storage, capacity, and processing complexity.
-
October 18th
Speaker: Mirco Musolesi
Title: Context-aware Routing for Delay Tolerant Mobile Ad Networking
Abstract: Delay tolerant networking has received considerable
attention from the research community in the recent years. Advances
in wireless and mobile technologies have enabled new application
scenarios where intermittent disconnections are common and not
exceptional. Examples include communication in sparse mobile ad hoc
networks and infostation-based systems and data collection in sensor
networks. At the same time, most of the existing research work in
mobile networking is based on the assumption that a path exists
between the sender and the receiver(s). Therefore, new communication
paradigms and techniques have to be designed to make communication
possible also in case of temporarily partitioned networks, due, for
example, to host mobility.
In this talk, I will discuss the design and evaluation of the Context-
aware Adaptive Routing (CAR) protocol. The protocol is based on the
idea of exploiting nodes as carriers of messages among network
partitions to achieve their delivery. The choice of the best carrier
is made using Kalman filter based predictions over movement and
connectivity. I will also discuss a technique to evaluate the
predictability of the available information on which the prediction
is made.
-
December 13th, 4 pm
Room: 212, Roberts Building
Speaker: Mohamed Ahmed (UCL)
Title: A game theoretic analysis of the utility of reputation management in
wireless sensor networks
Abstract:Reputation-management is gaining credibility as a technique that
augments conventional
cryptographic approaches to securing wireless sensor networks, since
these tend
to be heavyweight and rely on central control, both of which do not
necessarily fit well
with such an application domain. The proposed role of reputation
management is to
provide analysis of the behaviour of nodes/agents and to distribute this
information
so that nodes/agents judged to be acting against the interests of a
community can be
caught in time and their effects limited.
This questions some of the assumptions made about the suitability of
reputation-management as a decision making tool and highlight its
limitations with
regard to the incentives required to realise the benefits that are
claimed for it. Moreover,
we show that these benefits may not be realisable in reality without
enforcing
tight constraints on the behaviour of agents and on environmental
features of systems.
-
December 15th, 4 pm
Room: 309, Roberts Building
Speaker: Andrea Bittau (UCL)
Title: Involving Programmers in Security
Abstract: Although it is difficult to write secure code, it is simple to identify
sensitive information within a program (e.g. passwords) or sections of code that
are likely to be exploited (e.g. parsing user-input). We allow the programmer
to attach different security policies (enforced by the operating system) to
different pieces of a program. By doing so, the programmer no longer needs to
write secure code but merely needs to apply the right policy before invoking
``dangerous'' portions of code.
We will discuss our preliminary implementation of three new OS abstractions:
1) Memory tags: a mechanism for labeling memory.
2) Security threads: threads restricted by a policy (e.g. can only access memory
with specific labels).
3) Callgates: small portions of trusted code that run with a predefined policy.
These abstractions seem to secure a wide range of applications. We also wrote a
proof-of-concept static analysis tool that enables programmers to sanity check
whether their code meets the desired security requirements.
|
|
|
Overview
