The design of the IP protocol makes it difficult to reliably identify originator an packet. Even in absence any deliberate attempt disguise a packet's origin, wide-spread packet forwarding techniques such as NAT and encapsulation may obscure true source. Techniques have been developed determine source large flows, but, date, no system has presented track individual packets efficient, scalable fashion.We present hash-based technique for traceback that generates audit trails traffic within...

Large cloud service providers have invested in increasingly larger datacenters to house the computing infrastructure required support their services. Accordingly, researchers and industry practitioners alike focused a great deal of effort designing network fabrics efficiently interconnect manage traffic within these performant yet efficient fashions. Unfortunately, datacenter operators are generally reticent share actual requirements applications, making it challenging evaluate practicality...

We present the design and implementation of an end-to-end architecture for Internet host mobility using dynamic updates to Domain Name System (DNS) track location. Existing TCP connections are retained secure efficient connection migration, enabling established seamlessly negotiate a change in endpoint IP addresses without need third party. Our is secure—name effected via DNS update protocol, while migration uses novel set Migrate options—and provides pure end-system alternative...

The design of the IP protocol makes it difficult to reliably identify originator an packet. Even in absence any deliberate attempt disguise a packet's origin, widespread packet forwarding techniques such as NAT and encapsulation may obscure true source. Techniques have been developed determine source large flows, but, date, no system has presented track individual packets efficient, scalable fashion. We present hash-based technique for traceback that generates audit trails traffic within...

Large cloud service providers have invested in increasingly larger datacenters to house the computing infrastructure required support their services. Accordingly, researchers and industry practitioners alike focused a great deal of effort designing network fabrics efficiently interconnect manage traffic within these performant yet efficient fashions. Unfortunately, datacenter operators are generally reticent share actual requirements applications, making it challenging evaluate practicality...

The ever-increasing bandwidth requirements of modern datacenters have led researchers to propose networks based upon optical circuit switches, but these proposals face significant deployment challenges. In particular, previous dynamically configure switches in response changes workload, requiring network-wide demand estimation, centralized assignment, and tight time synchronization between various network elements--- resulting a complex unwieldy control plane. Moreover, limitations the...

Ransomware is a type of malware that encrypts the files infected hosts and demands payment, often in crypto-currency like Bitcoin. In this paper, we create measurement framework use to perform large-scale, two-year, end-to-end ransomware payments, victims, operators. By combining an array data sources, including binaries, seed ransom victim telemetry from infections, large database bitcoin addresses annotated with their owners, sketch outlines burgeoning ecosystem associated third-party...

The combination of unlicensed spectrum, cheap wireless interfaces and the inherent convenience untethered computing have made 802.11 based networks ubiquitous in enterprise. Modern universities, corporate campuses government offices routinely de-ploy scores access points to blanket their sites with Internet access. However, while fine-grained behavior protocol itself has been well studied, our understanding how large behave full empirical complex-ity is surprisingly limited. In this paper,...

The rapid evolution of large-scale worms, viruses and bot-nets have made Internet malware a pressing concern. Such infections are at the root modern scourges including DDoS extortion, on-line identity theft, SPAM, phishing, piracy. However, most widely used tools for gathering intelligence on new -- network honeypots forced investigators to choose between monitoring activity large scale or capturing behavior with high fidelity. In this paper, we describe an approach minimize tension improve...

Virtual machine monitors (VMMs) are a popular platform for Internet hosting centers and cloud-based compute services. By multiplexing hardware resources among virtual machines (VMs) running commodity operating systems, VMMs decrease both the capital outlay management overhead of centers. Appropriate placement migration policies can take advantage statistical to effectively utilize available processors. However, main memory is not amenable such often primary bottleneck in achieving higher...

The design of the IP protocol makes it difficult to reliably identify originator an packet. Even in absence any deliberate attempt disguise a packet's origin, wide-spread packet forwarding techniques such as NAT and encapsulation may obscure true source. Techniques have been developed determine source large flows, but, date, no system has presented track individual packets efficient, scalable fashion.We present hash-based technique for traceback that generates audit trails traffic within...

Today's cloud-based services integrate globally distributed resources into seamless computing platforms. Provisioning and accounting for the resource usage of these Internet-scale applications presents a challenging technical problem. This paper design implementation rate limiters, which work together to enforce global limit across traffic aggregates at multiple sites, enabling coordinated policing service's network traffic. Our abstraction not only enforces limit, but also ensures that...

We have developed a new approach for reliably multicasting time-critical data to heterogeneous clients over mesh-based overlay networks. To facilitate intelligent content pruning, streams are comprised of sequence XML packets and forwarded by application-level routers. routers perform content-based routing individual other or based upon queries that describe the information needs downstream nodes. Our PC-based router prototype can route an 18 Mbit per second stream.Our use novel Diversity...

Virtual machine monitors (VMMs) are a popular platform for Internet hosting centers and cloud-based compute services. By multiplexing hardware resources among virtual machines (VMs) running commodity operating systems, VMMs decrease both the capital outlay management overhead of centers. Appropriate placement migration policies can take advantage statistical to effectively utilize available processors. However, main memory is not amenable such often primary bottleneck in achieving higher...

Automated, rapid, and effective fault management is a central goal of large operational IP networks. Today's networks suffer from wide volatile set failure modes, where the underlying proves difficult to detect localize, thereby delaying repair. One main challenges stems reality: routing optical fiber plant are typically described by disparate data models housed in distinct network systems. We introduce fault-localization methodology based on use risk an associated troubleshooting system,...

In this paper, we argue that a microeconomic resource allocation scheme, specifically the combinatorial auction, is well suited to testbed management. To demonstrate this, present Mirage system. Mirage, resources are allocated using repeated auction within closed virtual currency environment. Users compete for by submitting bids which specify combinations of interest in space/time (e.g., "any 32 MICA2 motes 8 hours anytime next three days") along with maximum value amount user willing pay. A...

Internet backbone networks are under constant flux, struggling to keep up with increasing demand. The pace of technology change often outstrips the deployment associated fault monitoring capabilities that built into today's IP protocols and routers. Moreover, some these new technologies cross networking layers, raising potential for unanticipated interactions service disruptions built-in systems cannot detect. In such instances, failures may cause data packets be silently dropped inside...

Of the major factors affecting end-to-end service availability, network component failure is perhaps least well understood. How often do failures occur, how long they last, what are their causes, and impact customers? Traditionally, answering questions such as these has required dedicated (and expensive) instrumentation broadly deployed across a network.

Software defined networks (SDNs) depart from traditional network architectures by explicitly allowing third-party software access to the network's control plane. Thus, SDN protocols such as OpenFlow give operators ability innovate authoring or buying controller independent of hardware. However, this split design can make planning and designing large SDNs even more challenging than networks. While existing emulators allow ascertain behavior when subjected a given workload, we find that...

The potential advantages of optics at high link speeds have led to significant interest in deploying optical switching technology data-center networks. Initial efforts focused on hybrid approaches that rely millisecond-scale circuit the core network, while maintaining flexibility electrical packet edge. Recent demonstrations microsecond-scale switches motivate considering for more dynamic traffic such as generated from a top-of-rack (ToR) switch. Based these trends, we propose prototype ToR,...

A range of new datacenter switch designs combine wireless or optical circuit technologies with electrical packet switching to deliver higher performance at lower cost than traditional packet-switched networks. These "hybrid" networks schedule large traffic demands via a high-rate circuits and remaining lower-rate, packet-switches. Achieving high utilization requires an efficient scheduling algorithm that can compute proper configurations balance across the switches. Recent proposals,...

There is significant interest in the technical and policy communities regarding extent, scope, consumer harm of persistent interdomain congestion. We provide empirical grounding for discussions congestion by developing a system method to measure on thousands links without direct access them. implement based Time Series Latency Probes (TSLP) technique that identifies with evidence recurring suggestive an under-provisioned link. deploy our at 86 vantage points worldwide show inferred using...

Corundum is an open-source, FPGA-based prototyping platform for network interface development at up to 100 Gbps and beyond. The includes several core features enable real-time, high-line-rate operations including: a high-performance datapath, 10G/25G/100G Ethernet MACs, PCI Express gen 3, custom PCIe DMA engine, native high-precision IEEE 1588 PTP timestamping. A key feature extensible queue management that can support over 10,000 queues coupled with transmit schedulers, enabling...