Laboratory for Advanced Network Systems

Department of Computer SciencePurdue University

Organization

Personnel– Faculty: David K. Y. Yau– Ph.D. student: Jerry Dong– Post-doctoral researcher: Feng Liang– Alumni: S. Chakraborty, X. Chen, P.

Gopalan, S. Han, S. Sinha, P. Zaroo, … Sponsors

– NSF, Oak Ridge National Lab, IBM, CERIAS, Indiana 21st Century Fund, Purdue Asian Initiative, PRF

Collaborations

Purdue– CERIAS, CWSA, ACSL, RAID Lab, …

External– Chinese Univ of Hong Kong, Univ of

Illinois Urbana-Champaign, Oak Ridge National Lab, IBM, Boston Univ, Tsinghua Univ, Yale Univ, Simon Fraser Univ, North Carolina State Univ, …

Research Agenda

How can we architect and engineer a large-scale heterogeneous network with predictable, robust and secure performance, and able to meet the needs of user applications?

Goals: in research, understand fundamental protocol and system design; in practice, make an impact on how people compute

Approaches: span basic design, analytical studies, simulations, system building

Current and Recent Projects

End system QoS provisioning– Adaptive rate-controlled (ARC) scheduling

[ToN 97, ToN 96, Multimedia 96, SIGCOMM 94]

– Migrating sockets QoS aware protocol processing [ToN 98, ICNP 97]

– Complete thread scheduling environment (decoupled delay/rate allocation, dynamic priority inheritance, cross-domain scheduling, interrupt issues) [MMCN 01]

Interactions between components are hard!

Current and Recent Projects (2)

CROSS software router and applications– Multi-resource scheduling and QoS

composition [JSAC 01]– QoS-aware service configuration and on-the-

fly extensibility [JCN 06]– Configurable software IC router components

[Network 04]– Router throttling as DDoS defense [IWQoS

02, ToN 05]

Conventional Networks

client

router: simpleforwarding

ISP server

CROSS Network Architecture

client

router: processing +forwarding

Web code server

Denial-of-service defense

Intelligentcongestion control

ISP

CROSS Forwarding Paths

Resourceallocationmanager

Functiondispatcher

Cut-through

subscribe

dispatch

Active packet

send

Per-flowprocessing

Outputnetworkqueues

Inputqueues

Packet classifier

Flooding Denial-of-service Attacks

Take out server resources by brute force: flooding attacks– cripples victim; precludes any

sophisticated defense at point under attack

– viewed as resource management problem• Proactive (control before congestion, feedback

control to adapt rate allocations)

Flooding Attack

Server

Server-centric Router Throttle Installed by server when under stress,

at a set deployment routers– can be sent by multicast

Specifies leaky bucket rate at which router can forward traffic to the server– aggressive traffic for server dropped

before reaching server– rate determined by a control algorithm

To S

Router Throttle

Aggressive flow

Throttlefor S’

To S’

Throttlefor S

Securely installed by S

Deployment router

Example Max-min Rates (L=18, H=22)

Server

18.236.65

14.1

0.01

1.40

0.22

17.73

0.610.95

6.25

6.25

6.2520.53

24.88

15.51

17.73

0.22

0.61

0.95

59.9

Current and Recent Projects (3) Protocol design and analysis

– Game theoretical p2p incentive protocols [ToN 06, SIGMETRICS 04, ICDCS 04, Perf Review 03]

– Small world p2p resource discovery [JCN 06, IWQoS 04]

– Resource amplification in p2p networks [JCN 04]– Proportional-delay DiffServ and adaptation [ToN

01, ICNP 00]– Detection of and defense against low rate TCP

attacks [JCN 06, ICNP 04]– Etc, etc

New Project Opportunities

Newly funded cyber-sensor project in national defense– $2M ORNL funding for two years

• Sensor testbed• ORNL / university research

– Purdue, UIUC, LSU, U of Florida, Syracuse

• Additional NSF funding being requested

Attack Detection and Tracking Plume (e.g., chemical and radiation)

detection by capable sensor Continuous plume tracking by lightweight

sensor network in physical space Plume analysis and prediction (inverse-

forward algorithms) in high-performance cyber space

Interactions (data and control) between cyber network and tiered sensor network

Cyber-sensor Network Architecture

Physical Network Design

Sensor network design in physical space– Sensor placement and density of

required QoM– Dynamic tracking support for inverse

and forward algorithms• Location report, in-network digest

computation, cluster formation

Cyber-sensor Network Coordination

Energy conservation in dynamic tracking Uncertainty management

– Temporal and spatial Temporal QoS in 802.11e networks

– DCF, PCF, and HCF media access– Contention resolution and service

differentiation Data QoS from lower to higher tier sensor

network– Tree based communication and timing analysis

Research Opportunities

LANS is looking for students! Real-world project in critical domain

– Address of critical security issues– Research results will be implemented,

deployed, and evaluated– Close collaboration with ORNL (including

summer internships)– Experience has broader applications beyond

national defense• Wireless protocols, TinyOS, motes, sensor-cyber

network interactions

Prospective Candidates

Ph.D. students in CS or ECE– Existing M.S. students interested in Ph.D.?

Interested in– Understanding large scale distributed systems– Algorithm / protocol design and analysis– System building: e.g., sensor, wireless,

embedded systems– Research and extending state of the art

Next steps: email me (yau@cs), visit my office (CS 132)