Research
High-Speed Network Intrusion Prevention
Intrusion Prevention System (IPS) is a device that performs access control to protect the network from different kind of attacks. IPS will examine all network traffic going through the device to detect any suspicious patterns. The important performance bottlenecks of IPS are the system bus and pattern database lookup. We propose to modify the architecture of the IPS system and its data structure to remove such bottlenecks. In this project, we will develop an access library that will sit in the kernel space to reduce the interaction between the user space and the kernel space and hence reduce the number of bus accesses. We will also develop an algorithm to dynamically choose a data structure for pattern database depending on the amount of storage space available, and optimize rules periodically to minimize memory consumption. With these approaches, we expect to build efficient architecture for IPS in high-speed network environment.
Student
- Shariful Hasan Shaikot <sshaikot@eecs.wsu.edu>
Predictive Overlay Routing for Multimedia Delivery
Multimedia applications have complicated requirements for its delivery; network paths must maintain certain properties such as large bandwidth and low delay jitter to provide an acceptable quality to users. Recently, overlay networks have received considerable attention as a way to add QoS (Quality of Service) routing functionalities to the Internet. In overlay routing, nodes perform measurement on path characteristics and update routing tables accordingly. Although this significantly improves network path quality for multimedia applications in a static environment, it still experiences disruptions from traffic changes due to its reactive nature. Thus, it is crucial to predict network traffic in future and change paths before any congestion happens. In this project, we plan to develop a predictive routing protocol for overlay networks. We will estimate future network traffic dynamically using the Kalman filter, and the estimation will be used to find the path with best quality for a given source and destination pair.
Student
- Vijayachandran Raja <vraja@eecs.wsu.edu>
Adaptive Clustering for Mobile Ad Hoc Networks
In this project, we develop a new clustering approach, bandwidth-adaptive clustering (BAC), for MANETs. BAC forms and maintains clusters using only local topology information. To adapt to network conditions and reduce the message overhead, BAC makes members forward the maintenance messages probabilistically based on available bandwidth. The multi-hop nature and Merge operation of BAC reduce the changes in case of mobility and achieve fewer consistent clusters. By bounding cluster size and the number of hops between members and clusterheads, BAC achieves more control on the number of formed clusters and the compactness of clusters. Simulation results demonstrate BAC's better performance on construction and maintenance of clusters in case of mobility, adaptiveness to network conditions, and effectiveness in reducing message overhead with nearly no performance degradation.
Student
Optimal Probe Placement for Network Monitoring
The monitoring of network infrastructure has been a problem for some time now. ISPs and other parties with large networks would like a way to monitor throughput, RTT, and other network performance metrics for as much of their network as feasible. Unfortunately, many of these topologies are too complex to determine how to optimally monitor them.
Network performance can be inferred by deploying "probes"—network measurement systems that measure metrics between themselves and another probe. One pair of probes can measure the end-to-end performance of the links between them (although not necessarily individually; they can report that there is a problem on the path between them, but cannot tell you where that problem is).
Of course, placing a node at every POP would be the easy way to ensure all links are covered while offering high resolution. Unfortunately, this can be quite prohibitive, given the size and complexity of many networks. Therefore, we must find the optimal few locations to place probes. If one could analyze a topology, one could find the minimum set of probes that could cover a large portion of the network.
Student
- Pooja Chandrashekar