Multimedia streaming served through peer-to-peer (P2P) networks is booming nowadays. However, the end-to-end streaming quality is generally unstable due to the variability of the state of serve-peers. On the other han...Multimedia streaming served through peer-to-peer (P2P) networks is booming nowadays. However, the end-to-end streaming quality is generally unstable due to the variability of the state of serve-peers. On the other hand, proxy caching is a bandwidth-efficient scheme for streaming over the Internet, whereas it is a substantially expensive method needing dedicated powerful proxy servers. In this paper, we present a P2P cooperative streaming architecture combined with the advantages of both P2P networks and multimedia proxy caching techniques to improve the streaming quality of participating clients. In this frame- work, a client will simultaneously retrieve contents from the server and other peers that have viewed and cached the same title before. In the meantime, the client will also selectively cache the aggregated video content so as to serve still future clients. The associate protocol to facilitate the multi-path streaming and a distributed utility-based partial caching scheme are detailedly dis- cussed. We demonstrate the effectiveness of this proposed architecture through extensive simulation experiments on large, Inter- net-like topologies.展开更多
The filter-based reactive packet filtering is a key technology in attack traffic filtering for defending against the Denial-of- Service (DOS) attacks. Two kinds of relevant schemes have been proposed as victim- end ...The filter-based reactive packet filtering is a key technology in attack traffic filtering for defending against the Denial-of- Service (DOS) attacks. Two kinds of relevant schemes have been proposed as victim- end filtering and source-end filtering. The first scheme prevents attack traffic from reaching the victim, but causes the huge loss of legitimate flows due to the scarce filters (termed as collateral damages); the other extreme scheme can obtain the sufficient filters, but severely degrades the network transmission performance due to the abused filtering routers. In this paper, we propose a router based packet filtering scheme, which provides relatively more filters while reducing the quantity of filtering touters. We implement this scheme on the emulated DoS scenarios based on the synthetic and real-world Internet topologies. Our evaluation results show that compared to the previous work, our scheme just uses 20% of its filtering routers, but only increasing less than 15 percent of its collateral damage.展开更多
In Internet of Things(IoT), the devices or terminals are connected with each other, which can be very diverse over the wireless networks. Unfortunately, the current devices are not designed to communicate with the col...In Internet of Things(IoT), the devices or terminals are connected with each other, which can be very diverse over the wireless networks. Unfortunately, the current devices are not designed to communicate with the collocated devices which employ different communication technologies. Consequently, the communication between these devices will be realized only by using the gateway nodes. This will cause the inefficient use of wireless resources. Therefore, in this paper, a smart service system(SSS) architecture is proposed, which consists of smart service terminal(SST), and smart service network(SSN), to realize the Io T in a general environment with diverse communication networks, devices, and services. The proposed architecture has the following advantages: i) the devices in this architecture cover multiple types of terminals and sensor-actuator devices; ii) the communications network therein is a converged network, and will coordinate multiple kinds of existing and emerging networks. This converged network offers ubiquitous access for various sensors and terminals; iii) the architecture has services and applications covering all smart service areas. It also provides theadaptability to new services and applications. A SSS architecture-based smart campus system was developed and deployed. Evaluation experiments of the proposed smart campus system demonstrate the SSS's advantages over the existing counterparts, and verify the effectiveness of the proposed architecture.展开更多
The traffic explosion and the rising of diverse requirements lead to many challenges for traditional mobile network architecture on flexibility, scalability, and deployability. To meet new requirements in the 5 G era,...The traffic explosion and the rising of diverse requirements lead to many challenges for traditional mobile network architecture on flexibility, scalability, and deployability. To meet new requirements in the 5 G era, service based architecture is introduced into mobile networks. The monolithic network elements(e.g., MME, PGW, etc.) are split into smaller network functions to provide customized services. However, the management and deployment of network functions in service based 5 G core network are still big challenges. In this paper, we propose a novel management architecture for 5 G service based core network based on NFV and SDN. Combined with SDN, NFV and edge computing, the proposed framework can provide distributed and on-demand deployment of network functions, service guaranteed network slicing, flexible orchestration of network functions and optimal workload allocation. Simulations are conducted to show that the proposed framework and algorithm are effective in terms of reducing network operating cost.展开更多
Network security policy and the automated refinement of its hierarchies aims to simplify the administration of security services in complex network environments. The semantic gap between the policy hierarchies reflect...Network security policy and the automated refinement of its hierarchies aims to simplify the administration of security services in complex network environments. The semantic gap between the policy hierarchies reflects the validity of the policy hierarchies yielded by the automated policy refinement process. However, little attention has been paid to the evaluation of the compliance between the derived lower level policy and the higher level policy. We present an ontology based on Ontology Web Language (OWL) to describe the semantics of security policy and their implementation. We also propose a method of estimating the semantic similarity between a given展开更多
Web service is a grid computing technology that promises greater ease-of-use and interoperability than previous distributed computing technologies. This paper proposed Group Service Framework, a grid computing platfor...Web service is a grid computing technology that promises greater ease-of-use and interoperability than previous distributed computing technologies. This paper proposed Group Service Framework, a grid computing platform based on Microsoft. NET that use web service to: (1) locate and harness volunteer computing resources for different applications, and (2) support multi-models such as Master/Slave, Divide and Conquer, Phase Parallel and so forth parallel programming paradigms in Grid environment, (3) allocate data and balance load dynamically and transparently for grid computing application. The Grid Service Framework based on Microsoft. NET was used to implement several simple parallel computing applications. The results show that the proposed Group Service Framework is suitable for generic parallel numerical computing.展开更多
Recently, attacks have become Denial-of-Service (DOS) the mainstream threat to the internet service availability. The filter-based packet filtering is a key technology to defend against such attacks. Relying on the ...Recently, attacks have become Denial-of-Service (DOS) the mainstream threat to the internet service availability. The filter-based packet filtering is a key technology to defend against such attacks. Relying on the filtering location, the proposed schemes can be grouped into Victim-end Filtering and Source-end Filtering. The first scheme uses a single filtering router to block the attack flows near the victim, but does not take the factor that the filters are scarce resource into account, which causes the huge loss of legitimate flows; considering each router could contribute a few filters, the other extreme scheme pushes the filtering location back into each attack source so as to obtain ample filters, but this may incur the severe network transmission delay due to the abused filtering routers. Therefore, in this paper, we propose a scalable filter-based packet filtering scheme to balance the number of filtering routers and the available filters. Through emulating DoS scenarios based on the synthetic and real-world Intemet topologies and further implementing the various filter-based packet filtering schemes on them, the results show that our scheme just uses fewer filtering routers to cut off all attack flows while minimizing the loss of legitimate flows.展开更多
The next-generation optical network is a service oriented network,which could be delivered by utilizing the generalized multiprotocol label switching(GMPLS) based control plane to realize lots of intelligent features ...The next-generation optical network is a service oriented network,which could be delivered by utilizing the generalized multiprotocol label switching(GMPLS) based control plane to realize lots of intelligent features such as rapid provisioning,automated protection and restoration(P&R),efficient resource allocation,and support for different quality of service(QoS) requirements.In this paper,we propose a novel stateful PCE-cloud(SPC)based architecture of GMPLS optical networks for cloud services.The cloud computing technologies(e.g.virtualization and parallel computing) are applied to the construction of SPC for improving the reliability and maximizing resource utilization.The functions of SPC and GMPLS based control plane are expanded according to the features of cloud services for different QoS requirements.The architecture and detailed description of the components of SPC are provided.Different potential cooperation relationships between public stateful PCE cloud(PSPC) and region stateful PCE cloud(RSPC) are investigated.Moreover,we present the policy-enabled and constraint-based routing scheme base on the cooperation of PSPC and RSPC.Simulation results for verifying the performance of routing and control plane reliability are analyzed.展开更多
Introduced a Web-based real-time network monitoring and control system design methods, the 3-D VR was applied in a remote monitor system based on browser/server structure, and a VRML and Java based 3-D remote monitor ...Introduced a Web-based real-time network monitoring and control system design methods, the 3-D VR was applied in a remote monitor system based on browser/server structure, and a VRML and Java based 3-D remote monitor system was realized. Meanwhile, give possible solutions of the real-time data transmission and the stability of the system.展开更多
基金Project (Nos. 90412012 and 60673160) supported by the NationalNatural Science Foundation of China
文摘Multimedia streaming served through peer-to-peer (P2P) networks is booming nowadays. However, the end-to-end streaming quality is generally unstable due to the variability of the state of serve-peers. On the other hand, proxy caching is a bandwidth-efficient scheme for streaming over the Internet, whereas it is a substantially expensive method needing dedicated powerful proxy servers. In this paper, we present a P2P cooperative streaming architecture combined with the advantages of both P2P networks and multimedia proxy caching techniques to improve the streaming quality of participating clients. In this frame- work, a client will simultaneously retrieve contents from the server and other peers that have viewed and cached the same title before. In the meantime, the client will also selectively cache the aggregated video content so as to serve still future clients. The associate protocol to facilitate the multi-path streaming and a distributed utility-based partial caching scheme are detailedly dis- cussed. We demonstrate the effectiveness of this proposed architecture through extensive simulation experiments on large, Inter- net-like topologies.
基金supported in part by the funding agencies of china:the Doctoral Fund of Northeastern University of Qinhuangdao(Grant No.XNB201410)the Fundamental Research Funds for the Central Universities(Grant No.N130323005)
文摘The filter-based reactive packet filtering is a key technology in attack traffic filtering for defending against the Denial-of- Service (DOS) attacks. Two kinds of relevant schemes have been proposed as victim- end filtering and source-end filtering. The first scheme prevents attack traffic from reaching the victim, but causes the huge loss of legitimate flows due to the scarce filters (termed as collateral damages); the other extreme scheme can obtain the sufficient filters, but severely degrades the network transmission performance due to the abused filtering routers. In this paper, we propose a router based packet filtering scheme, which provides relatively more filters while reducing the quantity of filtering touters. We implement this scheme on the emulated DoS scenarios based on the synthetic and real-world Internet topologies. Our evaluation results show that compared to the previous work, our scheme just uses 20% of its filtering routers, but only increasing less than 15 percent of its collateral damage.
基金supported by the national 973 project of China under Grants 2013CB329104the Natural Science Foundation of China under Grants 61372124, 61427801+1 种基金the Natural Science Foundation of the Jiangsu Higher Education Institutions (Grant No.13KJB520029)the Jiangsu Province colleges and universities graduate students scientific research and innovation program CXZZ13_0477,NUPTSF(Grant No.NY214033)
文摘In Internet of Things(IoT), the devices or terminals are connected with each other, which can be very diverse over the wireless networks. Unfortunately, the current devices are not designed to communicate with the collocated devices which employ different communication technologies. Consequently, the communication between these devices will be realized only by using the gateway nodes. This will cause the inefficient use of wireless resources. Therefore, in this paper, a smart service system(SSS) architecture is proposed, which consists of smart service terminal(SST), and smart service network(SSN), to realize the Io T in a general environment with diverse communication networks, devices, and services. The proposed architecture has the following advantages: i) the devices in this architecture cover multiple types of terminals and sensor-actuator devices; ii) the communications network therein is a converged network, and will coordinate multiple kinds of existing and emerging networks. This converged network offers ubiquitous access for various sensors and terminals; iii) the architecture has services and applications covering all smart service areas. It also provides theadaptability to new services and applications. A SSS architecture-based smart campus system was developed and deployed. Evaluation experiments of the proposed smart campus system demonstrate the SSS's advantages over the existing counterparts, and verify the effectiveness of the proposed architecture.
基金supported by China Ministry of Education-CMCC Research Fund Project No.MCM20160104National Science and Technology Major Project No.No.2018ZX03001016+1 种基金Beijing Municipal Science and technology Commission Research Fund Project No.Z171100005217001Fundamental Research Funds for Central Universities NO.2018RC06
文摘The traffic explosion and the rising of diverse requirements lead to many challenges for traditional mobile network architecture on flexibility, scalability, and deployability. To meet new requirements in the 5 G era, service based architecture is introduced into mobile networks. The monolithic network elements(e.g., MME, PGW, etc.) are split into smaller network functions to provide customized services. However, the management and deployment of network functions in service based 5 G core network are still big challenges. In this paper, we propose a novel management architecture for 5 G service based core network based on NFV and SDN. Combined with SDN, NFV and edge computing, the proposed framework can provide distributed and on-demand deployment of network functions, service guaranteed network slicing, flexible orchestration of network functions and optimal workload allocation. Simulations are conducted to show that the proposed framework and algorithm are effective in terms of reducing network operating cost.
基金the National Natural Science Foundation of China
文摘Network security policy and the automated refinement of its hierarchies aims to simplify the administration of security services in complex network environments. The semantic gap between the policy hierarchies reflects the validity of the policy hierarchies yielded by the automated policy refinement process. However, little attention has been paid to the evaluation of the compliance between the derived lower level policy and the higher level policy. We present an ontology based on Ontology Web Language (OWL) to describe the semantics of security policy and their implementation. We also propose a method of estimating the semantic similarity between a given
基金National Natural F oundation of China(No.60 173 0 13 )
文摘Web service is a grid computing technology that promises greater ease-of-use and interoperability than previous distributed computing technologies. This paper proposed Group Service Framework, a grid computing platform based on Microsoft. NET that use web service to: (1) locate and harness volunteer computing resources for different applications, and (2) support multi-models such as Master/Slave, Divide and Conquer, Phase Parallel and so forth parallel programming paradigms in Grid environment, (3) allocate data and balance load dynamically and transparently for grid computing application. The Grid Service Framework based on Microsoft. NET was used to implement several simple parallel computing applications. The results show that the proposed Group Service Framework is suitable for generic parallel numerical computing.
基金supported by the Doctoral Fund of Northeastern University of Qinhuangdao(No.XNB201410)the Fundamental Research Funds for the Central Universities(No.N130323005)+1 种基金the Natural Science Foundation of Hebei Province of China(No.F2015501122)the Doctoral Scientific Research Foundation of Liaoning Province(No.201501143)
文摘Recently, attacks have become Denial-of-Service (DOS) the mainstream threat to the internet service availability. The filter-based packet filtering is a key technology to defend against such attacks. Relying on the filtering location, the proposed schemes can be grouped into Victim-end Filtering and Source-end Filtering. The first scheme uses a single filtering router to block the attack flows near the victim, but does not take the factor that the filters are scarce resource into account, which causes the huge loss of legitimate flows; considering each router could contribute a few filters, the other extreme scheme pushes the filtering location back into each attack source so as to obtain ample filters, but this may incur the severe network transmission delay due to the abused filtering routers. Therefore, in this paper, we propose a scalable filter-based packet filtering scheme to balance the number of filtering routers and the available filters. Through emulating DoS scenarios based on the synthetic and real-world Intemet topologies and further implementing the various filter-based packet filtering schemes on them, the results show that our scheme just uses fewer filtering routers to cut off all attack flows while minimizing the loss of legitimate flows.
基金supported by National Natural Science Foundation of China(No.61571061)Innovative Research Fund of Beijing University of Posts and Telecommunications (2015RC16)
文摘The next-generation optical network is a service oriented network,which could be delivered by utilizing the generalized multiprotocol label switching(GMPLS) based control plane to realize lots of intelligent features such as rapid provisioning,automated protection and restoration(P&R),efficient resource allocation,and support for different quality of service(QoS) requirements.In this paper,we propose a novel stateful PCE-cloud(SPC)based architecture of GMPLS optical networks for cloud services.The cloud computing technologies(e.g.virtualization and parallel computing) are applied to the construction of SPC for improving the reliability and maximizing resource utilization.The functions of SPC and GMPLS based control plane are expanded according to the features of cloud services for different QoS requirements.The architecture and detailed description of the components of SPC are provided.Different potential cooperation relationships between public stateful PCE cloud(PSPC) and region stateful PCE cloud(RSPC) are investigated.Moreover,we present the policy-enabled and constraint-based routing scheme base on the cooperation of PSPC and RSPC.Simulation results for verifying the performance of routing and control plane reliability are analyzed.
文摘Introduced a Web-based real-time network monitoring and control system design methods, the 3-D VR was applied in a remote monitor system based on browser/server structure, and a VRML and Java based 3-D remote monitor system was realized. Meanwhile, give possible solutions of the real-time data transmission and the stability of the system.
