-
Protection Over Asymmetric Channels, S-MATE: Secure Multipath Adaptive Traffic Engineering
Authors:
Salah A. Aly,
Nirwan Ansari,
H. Vincent Poor,
Anwar I. Walid
Abstract:
Several approaches have been proposed to the problem of provisioning traffic engineering between core network nodes in Internet Service Provider (ISP) networks. Such approaches aim to minimize network delay, increase capacity, and enhance security services between two core (relay) network nodes, an ingress node and an egress node. MATE (Multipath Adaptive Traffic Engineering) has been proposed for…
▽ More
Several approaches have been proposed to the problem of provisioning traffic engineering between core network nodes in Internet Service Provider (ISP) networks. Such approaches aim to minimize network delay, increase capacity, and enhance security services between two core (relay) network nodes, an ingress node and an egress node. MATE (Multipath Adaptive Traffic Engineering) has been proposed for multipath adaptive traffic engineering between an ingress node (source) and an egress node (destination) to distribute the network flow among multiple disjoint paths. Its novel idea is to avoid network congestion and attacks that might exist in edge and node disjoint paths between two core network nodes.
This paper proposes protection schemes over asymmetric channels. Precisely, the paper aims to develop an adaptive, robust, and reliable traffic engineering scheme to improve performance and reliability of communication networks. This scheme will also provision Quality of Server (QoS) and protection of traffic engineering to maximize network efficiency. Specifically, S-MATE (secure MATE) is proposed to protect the network traffic between two core nodes (routers, switches, etc.) in a cloud network. S-MATE secures against a single link attack/failure by adding redundancy in one of the operational redundant paths between the sender and receiver nodes. It is also extended to secure against multiple attacked links. The proposed scheme can be applied to secure core networks such as optical and IP networks.
△ Less
Submitted 29 December, 2010;
originally announced December 2010.
-
S-MATE: Secure Coding-based Multipath Adaptive Traffic Engineering
Authors:
Salah A. Aly,
Nirwan Ansari,
Anwar I. Walid,
H. Vincent Poor
Abstract:
There have been several approaches to provisioning traffic between core network nodes in Internet Service Provider (ISP) networks. Such approaches aim to minimize network delay, increase network capacity, and enhance network security services. MATE (Multipath Adaptive Traffic Engineering) protocol has been proposed for multipath adaptive traffic engineering between an ingress node (source) and an…
▽ More
There have been several approaches to provisioning traffic between core network nodes in Internet Service Provider (ISP) networks. Such approaches aim to minimize network delay, increase network capacity, and enhance network security services. MATE (Multipath Adaptive Traffic Engineering) protocol has been proposed for multipath adaptive traffic engineering between an ingress node (source) and an egress node (destination). Its novel idea is to avoid network congestion and attacks that might exist in edge and node disjoint paths between two core network nodes.
This paper builds an adaptive, robust, and reliable traffic engineering scheme for better performance of communication network operations. This will also provision quality of service (QoS) and protection of traffic engineering to maximize network efficiency. Specifically, we present a new approach, S-MATE (secure MATE) is developed to protect the network traffic between two core nodes (routers or switches) in a cloud network. S-MATE secures against a single link attack/failure by adding redundancy in one of the operational paths between the sender and receiver. The proposed scheme can be built to secure core networks such as optical and IP networks.
△ Less
Submitted 23 October, 2010;
originally announced October 2010.
-
Network Protection Design Using Network Coding
Authors:
Salah A. Aly,
Ahmed E. Kamal,
Anwar I. Walid
Abstract:
Link and node failures are two common fundamental problems that affect operational networks. Protection of communication networks against such failures is essential for maintaining network reliability and performance. Network protection codes (NPC) are proposed to protect operational networks against link and node failures. Furthermore, encoding and decoding operations of such codes are well devel…
▽ More
Link and node failures are two common fundamental problems that affect operational networks. Protection of communication networks against such failures is essential for maintaining network reliability and performance. Network protection codes (NPC) are proposed to protect operational networks against link and node failures. Furthermore, encoding and decoding operations of such codes are well developed over binary and finite fields. Finding network topologies, practical scenarios, and limits on graphs applicable for NPC are of interest. In this paper, we establish limits on network protection design. We investigate several network graphs where NPC can be deployed using network coding. Furthermore, we construct graphs with minimum number of edges suitable for network protection codes deployment.
△ Less
Submitted 25 August, 2010;
originally announced August 2010.