Rate-based congestion/flow control is a promising way to achieve high throughput in high speed packet-switching networks. We consider a rate-based congestion control to aim at obtaining high throughput and fair sharing of the communication resources. In the scheme, each intermediate node informs its congestion status to the source node. Two kinds of control packets are used for this mechanism. One (a choke packet) is to throttle the rate and another (a loosen packet) is to allow increase of the rate. The source node initiates transmission with a low rate and increases the rate slowly to avoid a rapid increase of the packet queueing at an intermediate node. When the source node receives a choke packet, it decreases the rate rapidly to relieve congestion as soon as possible. The source node upon receipt a loosen packet increases the rate slowly again. We develop a queueing model to investigate the parameter settings to provide a good performance via simulation. The increasing and decreasing parameters of the rate control function are first investigated in various load conditions. We next examine the effect of the queue-length threshold value for the indication of congestion at the intermediate node. The numerical results indicate that the threshold value should be small to obtain a good performance. We finally introduce a technique which accurately recognizes congestion and inhibits an acceptable queueing of the packets at intermediate nodes.

Content caching networks like Information-Centric Networking (ICN) are beneficial to reduce the network traffic by storing content data on routers near to users. In ICN, it becomes an important issue to manage system resources, such as storage and network bandwidth, which are influenced by cache characteristics of each cache node. Meanwhile, cache aging techniques based on Time-To-Live (TTL) of content facilitate analyzing cache characteristics and can realize appropriate resource management by setting efficient TTLs. However, it is difficult to search for the efficient TTLs in a distributed cache system connected by multiple cache nodes. Therefore, we propose an adaptive control mechanism of the TTL value of content in distributed cache systems by using predictive models which can estimate the impact of the TTL values on network resources and cache performance. Furthermore, we show the effectiveness of the proposed mechanism.

In this paper, we study a dynamic bandwidth control which is expected an effective use of network resources in transmitting highly bursty traffic generated by, e.g., interconnected LAN systems. First, a new LAN traffic model is proposed in which correlation of not only packet interarrival times but also packet lengths are considered. An analytic model for a LAN-ATM gateway is next introduced. It employs the dynamic bandwidth control using the proposed LAN traffic model and some performance measures are derived by it. The analytic model takes into account the probability that a bandwidth increase request may be rejected. Finally, some numerical examples are provided using the analysis method and performance comparisons between the dynamic and fixed bandwidth controls are made. As a result, it is quantitatively indicated that () if the equivalent bandwidth is used in average, the dynamic bandwidth control keeps packet and cell loss rates one to two orders lower than the fixed bandwidth control, () when the more strict QOS in terms of loss rate is requested, the dynamic bandwidth control can become more effective.

Available bandwidth, along with latency and packet loss rate, is an essential metric for the efficient operation of overlay network applications. However, the measurement of available bandwidth creates a larger traffic overhead than other metrics. Measurement conflicts on route-overlapping paths can also seriously degrade measurement accuracy and cause a non-negligible increase in the network load. In this paper, we propose a distributed method for measuring the available bandwidth in overlay networks that can reduce measurement conflicts while maintaining high measurement accuracy at low cost. Our main idea is that neighboring overlay nodes exchange route information to detect overlapping paths and share the measurement results of overlapping paths to configure parameter settings for available bandwidth measurements. Our simulation results show that the relative errors in the measurement results of our method are approximately only 65% of those of the existing method. The measurement accuracy of our method remains better than that of the existing method when the total measurement traffic loads of both methods are equal.

In this paper, we propose a new design method to construct the highly reliable ATM network based on the virtual path (VP) concept. Through our method, we can guarantee a network survivability, by which we mean that connectivity between every pair of two end nodes is assured even after the failure, and that quality of service (QoS) requirements of each VC connection are still satisfied. For achieving a reliable network, every VP connection between two end nodes is equipped with a secondary VP connection such that routes of primary and secondary VPs are established on completely disjoint physical paths. Our primary objective of the current paper is that the construction cost of the VP-based network with such a survivability is minimized while the QoS requirement of traffic sources in fulfilled. For this purpose, after all the routes of VPs are temporarily established by means of the shortest paths, we try to minimize the network cost through (1) the alternation of VP route and (2) the separation of a single VP into several VPs, and optionally through (3) the introduction of VCX nodes. Through numerical examples, we show how the increased cost for the reliable network can be sustained by using our design method.

Many users are exposed to threats of drive-by download attacks through the Web. Attackers compromise vulnerable websites discovered by search engines and redirect clients to malicious websites created with exploit kits. Security researchers and vendors have tried to prevent the attacks by detecting malicious data, i.e., malicious URLs, web content, and redirections. However, attackers conceal parts of malicious data with evasion techniques to circumvent detection systems. In this paper, we propose a system for detecting malicious websites without collecting all malicious data. Even if we cannot observe parts of malicious data, we can always observe compromised websites. Since vulnerable websites are discovered by search engines, compromised websites have similar traits. Therefore, we built a classifier by leveraging not only malicious but also compromised websites. More precisely, we convert all websites observed at the time of access into a redirection graph and classify it by integrating similarities between its subgraphs and redirection subgraphs shared across malicious, benign, and compromised websites. As a result of evaluating our system with crawling data of 455,860 websites, we found that the system achieved a 91.7% true positive rate for malicious websites containing exploit URLs at a low false positive rate of 0.1%. Moreover, it detected 143 more evasive malicious websites than the conventional content-based system.

Several gateway-based congestion control mechanisms have been proposed to support an end-to-end congestion control mechanism of TCP (Transmission Control Protocol). One of promising gateway-based congestion control mechanisms is a RED (Random Early Detection) gateway. Although effectiveness of the RED gateway is fully dependent on a choice of control parameters, it has not been fully investigated how to configure its control parameters. In this paper, we analyze the steady state behavior of the RED gateway by explicitly modeling the congestion control mechanism of TCP. We first derive the equilibrium values of the TCP window size and the buffer occupancy of the RED gateway. Also derived are the stability condition and the transient performance index of the network using a control theoretic approach. Numerical examples as well as simulation results are presented to clearly show relations between control parameters and the steady state behavior.

Recently, real-time media delivery services such as video streaming and VoIP have rapidly become popular. For these applications requiring high-level QoS guarantee, our research group has proposed a transport-layer approach to provide predictable throughput for upper-layer applications. In the present paper, we propose a congestion control mechanism of TCP for achieving predictable throughput. It does not mean we can guarantee the throughput, while we can provide the throughput required by an upper-layer application at high probability when network congestion level is not so high by using the inline network measurement technique for available bandwidth of the network path. We present the evaluation results for the proposed mechanism obtained in simulation and implementation experiments, and confirm that the proposed mechanism can assure a TCP throughput if the required bandwidth is not so high compared to the physical bandwidth, even when other ordinary TCP (e.g., TCP Reno) connections occupy the link.

While active researches have been continuously made on the ATM switch architectures and the QoS service guarantees, most of them have been treated independently in the past. In this paper, we first explain the architectural requirement on the ATM switches to implement the mechanism of QoS guarantees in the context of ATM congestion control. Then we discuss how a vital link between two should be built, and remaining problems are pointed out.

In this paper, we propose path accommodation methods for unidirectional rings based on an optical compression time-division multiplexing (OCTDM) technology. We first derive a theoretical lower bound on the numbers of slots and frames, in order to allocate all paths among nodes. Three path accommodation algorithms for the all-optical access are next proposed to achieve the lower bound as closely as possible. Path splitting is next considered to improve the traffic accommodation. Finally, we analyze the packet delay time for given numbers of slots/frames, which are decided by our proposed algorithms. Numerical examples are also shown to examine the effectiveness of our proposed algorithms including path accommodation and path splitting methods.

Several task forces have been working on how to design the future Internet in a clean slate manner and mobility management is one of the key issues to be considered. However, mobility management in the future Internet is still being designed in an “all-in-one” way where all management functions are tightly kept at a single location and this results in cost inefficiency that can be an obstruction to constructing flexible systems. In this paper, we propose a new function-distributed mobility management architecture that can enable more flexible future Internet construction. Furthermore, we show the effectiveness of our proposed system via a cost analysis and computer simulation with a random walk mobility model.

Traffic engineering refers to techniques to accommodate traffic efficiently by dynamically configuring traffic routes so as to adjust to changes in traffic. If traffic changes frequently and drastically, the interval of route reconfiguration should be short. However, with shorter intervals, obtaining traffic information is problematic. To calculate a suitable route, accurate traffic information of the whole network must be gathered. This is difficult in short intervals, owing to the overhead incurred to monitor and collect traffic information. In this paper, we propose a framework for traffic engineering in cases where only partial traffic information can be obtained in each time slot. The proposed framework is inspired by the human brain, and uses conditional probability to make decisions. In this framework, a controller is deployed to (1) obtain a limited amount of traffic information, (2) estimate and predict the probability distribution of the traffic, (3) configure routes considering the probability distribution of future predicted traffic, and (4) select traffic that should be monitored during the next period considering the system performance yielded by route reconfiguration. We evaluate our framework with a simulation. The results demonstrate that our framework improves the efficiency of traffic accommodation even when only partial traffic information is monitored during each time slot.

Since a radio channel is shared among terminals in an ad hoc network, packet collisions are frequent. In case of transmitting packets especially using TCP, data and ACK packets are transmitted in opposite directions on the same radio channel. Therefore, frequent collisions are unavoidable, and this seriously degrades TCP throughput. It is possible to transmit to two or more nodes which adjoin from a certain node simultaneously on the radio channel. To reduce the likelihood of packet collisions when an intermediate node transmits both data and ACK packets, these two types of packet can be combined and transmitted at the same time to increase the efficiency of radio channel utilization. In this paper, we propose a new technique to improve TCP performance by combining data and ACK packets. Our proposed technique is applicable to generic ad hoc networks easily. By means of a simulation using networks with various topologies, we have found that throughput can be improved by up to 60% by applying our proposed technique.