Partitioned encoding schemes for algorithm-based fault tolerance inmassively parallel systems

Considers the applicability of algorithm based fault tolerance (ABET) to massively parallel scientific computation. Existing ABET schemes can provide effective fault tolerance at a low cost For computation on matrices of moderate size; however, the methods do not scale well to floating-point operations on large systems. This short note proposes the use of a partitioned linear encoding scheme to provide scalability. Matrix algorithms employing this scheme are presented and compared to current ABET schemes. It is shown that the partitioned scheme provides scalable linear codes with improved numerical properties with only a small increase in hardware and time overhead     

基于形式化方法的区块链系统漏洞检测模型

随着区块链技术在各行各业的广泛应用,区块链系统的架构变得越来越复杂,这也增加了安全问题的数量.目前,在区块链系统中采用了模糊测试、符号执行等传统的漏洞检测方法,但这些技术无法有效检测出未知的漏洞.为了提高区块链系统的安全性,本文提出了基于形式化理论的区块链系统漏洞检测模型VDMBS (Vulnerability Detection Model for Blockchain Systems),该模型综合了系统迁移状态、安全规约和节点间信任关系等多种安全因素,同时提供了基于业务流程执行语言BPEL (Business Process Execution Language)流程的漏洞模型构建方法.最后,本文用NuSMV在基于区块链的电子投票选举系统上验证了所提出的漏洞检测模型的有效性,实验结果表明,与现有的五种形式化测试工具相比,所提出的VDMBS模型能够检测出更多的区块链系统业务逻辑漏洞和智能合约漏洞.     

Structure preserving anonymization of router configuration data

A repository of router configuration files from production networks would provide the research community with a treasure trove of data about network topologies, routing designs, and security policies. However, configuration files have been largely unobtainable precisely because they provide detailed information that could be exploited by competitors and attackers. This paper describes a method for anonymizing router configuration files by removing all information that connects the data to the identity of the underlying network, while still preserving the structure of information that makes the data valuable to networking researchers. Anonymizing configuration files has unusual requirements, including preserving relationships between elements of data, anonymizing regular expressions, and robustly coping with more than 200 versions of the configuration language. Conventional tools and techniques are poorly suited to the problem. Our anonymization method has been validated with a major carrier, earning unprivileged researchers access to the configuration files of thousands of routers in hundreds of networks. Through example analysis, we demonstrate that the anonymized data retains the key properties of the network design. The paper sets out techniques that could be used in an attempt to break the anonymization, and it concludes our anonymization techniques are most applicable to enterprise networks, because the large number of enterprises and the difficulty of probing them from the outside make it hard to recognize an anonymized network based solely on publicly-available information about its topology or configuration. When applied to backbone networks, which are few in number and many of whose properties can be publicly measured, the anonymization might be broken by fingerprinting techniques described in this paper.     

Deriving traffic demands for operational IP networks: methodologyand experience

Engineering a large IP backbone network without an accurate network-wide view of the traffic demands is challenging. Shifts in user behavior, changes in routing policies, and failures of network elements can result in significant (and sudden) fluctuations in load. We present a model of traffic demands to support traffic engineering and performance debugging of large Internet service provider networks. By defining a traffic demand as a volume of load originating from an ingress link and destined to a set of egress links, we can capture and predict how routing affects the traffic traveling between domains. To infer the traffic demands, we propose a measurement methodology that combines flow-level measurements collected at all ingress links with reachability information about all egress links. We discuss how to cope with situations where practical considerations limit the amount and quality of the necessary data. Specifically, we show how to infer interdomain traffic demands using measurements collected at a smaller number of edge links-the peering links connecting to neighboring providers. We report on our experiences in deriving the traffic demands in the AT&T IP Backbone, by collecting, validating, and joining very large and diverse sets of usage, configuration, and routing data over extended periods of time. The paper concludes with a preliminary analysis of the observed dynamics of the traffic demands and a discussion of the practical implications for traffic engineering     

NetScope: traffic engineering for IP networks

Managing large IP networks requires an understanding of the current traffic flows, routing policies, and network configuration. However, the state of the art for managing IP networks involves manual configuration of each IP router, and traffic engineering based on limited measurements. The networking industry is sorely lacking in software systems that a large Internet service provider can use to support traffic measurement and network modeling, the underpinnings of effective traffic engineering. This article describes the AT&T Labs NetScope, a unified set of software tools for managing the performance of IP backbone networks. The key idea behind NetScope is to generate global views of the network on the basis of configuration and usage data associated with the individual network elements. Having created an appropriate global view, we are able to infer and visualize the networkwide implications of local changes in traffic, configuration, and control. Using NetScope, a network provider can experiment with changes in network configuration in a simulated environment rather than the operational network. In addition, the tool provides a sound framework for additional modules for network optimization and performance debugging. We demonstrate the capabilities of the tool through an example traffic engineering exercise of locating a heavily loaded link, identifying which traffic demands flow on the link, and changing the configuration of intradomain routing to reduce the congestion     

Protocol considerations for a prefix-caching proxy for multimedia streams

The increasing popularity of multimedia streaming applications introduces new challenges in content distribution. Web-initiated multimedia streams typically experience high start-up delay, due to large protocol overheads and the poor delay, throughput, and loss properties of the Internet. Internet service providers can improve performance by caching the initial segment (the prefix) of popular streams at proxies near the requesting clients. The proxy can initiate transmission to the client while simultaneously requesting the remainder of the stream from the server. This paper analyzes the challenges of realizing a prefix-caching service in the context of the IETF's Real-Time Streaming Protocol (RTSP), a multimedia streaming protocol that derives from HTTP. We describe how to exploit existing RTSP features, such as the Range header, and how to avoid several round-trip delays by caching protocol information at the proxy. Based on our experiences, we propose extensions to RTSP that would ease the development of new multimedia proxy services. In addition, we discuss how caching the partial contents of multimedia streams introduces new challenges in cache coherency and feedback control. Then, we briefly present our preliminary implementation of prefix caching on a Linux-based PC, and describe how the proxy interoperates with the RealNetworks server and client.     

TIE Breaking: Tunable Interdomain Egress Selection

In a large backbone network, the routers often have multiple egress points they could use to direct traffic toward an external destination. Today's routers select the ldquoclosestrdquo egress point, based on the intradomain routing configuration, in a practice known as early-exit or hot-potato routing. In this paper, we argue that hot-potato routing is restrictive, disruptive, and convoluted and propose an alternative called TIE (Tunable Interdomain Egress selection). TIE is a flexible mechanism that allows routers to select the egress point for each destination prefix based on both the intradomain topology and the goals of the network administrators. In fact, TIE is designed from the start with optimization in mind, to satisfy diverse requirements for traffic engineering and network robustness. We present two example optimization problems that use integer-programming and multicommodity-flow techniques, respectively, to tune the TIE mechanism to satisfy networkwide objectives. Experiments with traffic, topology, and routing data from two backbone networks demonstrate that our solution is both simple (for the routers) and expressive (for the network administrators).