### Filter by type:

Sort by year:

#### The Attack of the Clones Against Proof-of-Authority

Conference
Parinya Ekparinya, Vincent Gramoli, and Guillaume Jourjon
Proc. of Network and Distributed Systems Security (NDSS) Symposium 2020
Publication year: 2020.02

Abstract—The vulnerability of traditional blockchains have been demonstrated at multiple occasions. Various companies are now moving towards Proof-of-Authority (PoA) blockchains with more conventional Byzantine fault tolerance, where a known set of n permissioned sealers, among which no more than t are Byzantine, seal blocks that include user transactions. Despite their wide adoption, these protocols were not proved correct.

In this paper, we present the Cloning Attack against the two mostly deployed PoA implementations of Ethereum, namely Aura and Clique. The Cloning Attack consists in one sealer cloning its pair of public-private keys into two distinct Ethereum instances that communicate with distinct groups of sealers. To identify their vulnerabilities, we first specified the corresponding algorithms. We then deploy one testnet for each protocol and demonstrate the success of the attack with only one Byzantine sealer. Finally, we propose counter-measures that prevent an adversary from double spending and introduce the necessary number of sealers needed to decide a block depending on n and t for both Aura and Clique to be safe.

#### An SDN Perspective on Multi-connectivity and Seamless Flow Migration

Journal
S. Hatonen, T. I. ul Huque, A. Rao, G. Jourjon, V. Gramoli, S. Tarkoma
IEEE Networking Letters
Publication year: 2019.12
Abstract: Devices capable of multi-connectivity currently use static rules for selecting the set of interfaces to use. Such rules are limited in scope and can be counter-productive. We posit that SDN techniques can address this inefficiency. We present an approach that enables an SDN controller to manage the flows traversing the Ethernet, Wi-Fi, and LTE links in our laptop and also migrate the flows from one link to another. Our solution opens avenues that enable end-user device to negotiate with the network controllers when taking its control plane decisions.

#### Software defined Network’s Garbage Collection with Clean-Up Packets

Journal
MTI ul Huque, G. Jourjon, C. Russell, and V. Gramoli
IEEE Transactions on Network and Service Management
Publication year: 2019.11
Abstract—Rule updates, such as policy or routing changes, occur frequently and instantly in software-defined networks managed by the controller. In particular, the controller software can modify the network routes by introducing new forwarding rules and deleting old ones in a distributed set of switches, a challenge that has received lots of attention in the last few years. In this paper, we present a problem that consists of determining the appropriate point in the rule update where it is safe to garbage collect old rules. To illustrate the difficulty
of the problem, we list the previously proposed assumptions, like the upper-bound on the transmission delay of every packet through the network, and we offer a solution that alleviates these assumptions and significantly reduces the rule update time with a guarantee that no data packet is lost due to the rule alteration through the use of dedicated clean-up packets that detect the absence of in-flight packets. We then prove that the proposed technique guarantees per-packet consistency, blackhole-freedom, and loop-freedom. Our evaluations, via network emulations and real deployment in an SDN testbed, demonstrate that by using the proposed garbage collection solution the rule update times
of the two phase rule update can be reduced by up to 99%.

#### Fast Privacy-Preserving Network Function Outsourcing

Journal
Hassan Jameel Asghar, Emiliano De Cristofaro, Guillaume Jourjon, Dali Kaafar, Laurent Mathy, Luca Melis, Craig Russell, Mang Yu
Computer Networks
Publication year: 2019.09

Abstract: In this paper, we present the design and implementation of SplitBox, a system for privacy-preserving processing of network functions outsourced to cloud middleboxes—i.e., without revealing the policies governing these functions. SplitBox is built to provide privacy for a generic network function that abstracts the functionality of a variety of network functions and associated policies, including firewalls, virtual LANs, network address translators (NATs), deep packet inspection, and load balancers. We present a scalable design aiming to provide high throughput and low latency, by distributing functionalities to a few virtual machines (VMs), while providing provably secure guarantees. We implement SplitBox inside FastClick, an extension of the Click modular router, using Intel’s DPDK to handle packet I/O. We evaluate our prototype experimentally to find its bottlenecks and stress-test its different components, vis-\`a-vis two widely used network functions, i.e., firewall and VLAN tagging. Our evaluation shows that, on commodity hardware, SplitBox can process packets close to line rate (i.e., 8.9Gbps) with up to 50 traversed policies.

#### A Linked Data Quality Assessment Framework for Network Data

Conference
Alex To, Rouzbeh Meymandpour, Joseph Davis, Guillaume Jourjon and Jonathan Chan
in Proc. of GRADES-NDA workshop at SIGMOD 2019
Publication year: 2019.07

Abstract: For network analysts, understanding how traffic flows through a network is crucial to network management and forensics such as network monitoring, vulnerability assessment and defence.
In order to understand how traffic flows through a network, network analysts typically access multiple, disparate data sources and mentally fuse this information.
Providing some sort of automated support is crucial for network management. However, information about the quality of the network data sources is essential in order to build analyst’s trust in automated tools.
This paper presents SydNet, a novel Linked Data quality assessment framework which allows analysts to define quality dimensions and metrics which provide an accurate reflection of the quality of the data sources.
The SydNet architecture also provides a number of novel fusion heuristics which can be used to fuse data from various network data sources.
We demonstrate the utility of the SydNet architecture using CAIDA longitudinal topological data from the last 24 months and we demonstrate that our approach was able to detect dataset quality anomalies that would require further investigation.

#### A Multi-modal Neural Embeddings Approach for Detecting Mobile Counterfeit Apps

Conference
Jathushan Rajasegaran, Naveen Karunanayake, Ashanie Gunathillake, Suranga Seneviratne, and Guillaume Jourjon.
Pro- ceedings of the 2019 World Wide Web Conference (WWW ’19), May 13– 17, 2019, San Francisco, CA, USA. ACM, New York, NY, USA, 7 pages
Publication year: 2019.05

Counterfeit apps impersonate existing popular apps in attempts to misguide users. Many counterfeits can be identified once installed, however even a tech-savvy user may struggle to detect them before installation. In this paper, we propose a novel approach of combining content embeddings and style embeddings generated from pre-trained convolutional neural networks to detect counterfeit apps. We present an analysis of approximately 1.2 million apps from Google Play Store and identify a set of potential counterfeits for top-10,000 apps. Under conservative assumptions, we were able to find 2,040 potential counterfeits that contain malware in a set of 49,608 apps that showed high similarity to one of the top-10,000 popular apps in Google Play Store. We also find 1,565 potential counterfeits asking for at least five additional dangerous permissions than the original app and 1,407 potential counterfeits having at least five extra third party advertisement libraries.

#### Impact of network delays on Hyperledger Fabric

Conference
Thanh Son Lam Nguyen, Guillaume Jourjon, Maria Potop-Butucaru, and Kim Loan Thai
Proceedings of CryBlock 2019, 2nd Workshop on Cryptocurrencies and Blockchains for Distributed Systems, co-located with INFOCOM 2019
Publication year: 2019.04

Blockchain has become one of the most attractive technologies for applications, with a large range of deployments such as production, economy, or banking. Under the hood, Blockchain technology is a type of distributed database that supports untrusted parties. In this paper we focus Hyperledger Fabric, the first blockchain in the market tailored for a private environment, allowing businesses to create a permissioned network. Hyperledger Fabric implements a PBFT consensus in order to maintain a non forking blockchain at the application level.
We deployed this framework over an area network between France and Germany in order to evaluate its performance when potentially large network delays are observed. Overall we found that when network delay increases significantly (i.e. up to 3.5 seconds at network layer between two clouds), we observed that the blocks added to our blockchain had up to 134 seconds offset after 100\textsuperscript{th} block from one cloud to another.
Thus by delaying block propagation, we demonstrated that Hyperledger Fabric does not provide sufficient consistency guaranties to be deployed in critical environments. Our work, is the fist to evidence the negative impact of network delays on a PBFT-based blockchain.

#### A Delay-Tolerant Payment Scheme Based on the Ethereum Blockchain

Journal
Yining Hu, Ahsan Manzoor, Parinya Ekparinya, Madhusanak Liyanage, Kanchana Thilakarathna, Guillaume Jourjon, and Aruna Seneviratne
IEEE Access, 2019
Publication year: 2019.04

Digital banking as an essential service can be hard to access in remote, rural regions where the network connectivity is unavailable or intermittent. Payment operators like Visa and Mastercard often face difficulties reaching these remote, rural areas. Although micro-banking has been made possible by Short Message Service (SMS) or Unstructured Supplementary Service Data (USSD) messages in some places, their security flaws and session-based nature prevent them from a wider adoption. Global-level cryptocurrencies enable low-cost, secure and pervasive money transferring among distributed peers, but are still limited in their ability to reach people in remote communities.

We propose a blockchain-based digital payment scheme that can deliver reliable services on top of unreliable networks in remote regions. We focus on a scenario where a community-run base station provides reliable local network connectivity while intermittently connects to the broader Internet. We take advantage of the distributed verification guarantees of Blockchain technology for financial transaction verification and leverage smart contracts for secure service management. In the proposed system, payment operators deploy multiple proxy nodes that are intermittently connected to remote communities where the local Ethereum blockchain networks are composed of miners, vendors and regular users. Through probabilistic modelling, we devise design parameters for the blockchain network to realise robust operation over the top of unreliable network. Furthermore, we show that transaction processing time will not be significantly impacted due to network unreliability through extensive emulations on a private Ethereum network. Finally, we demonstrate the practical feasibility of the proposed system by developing NFC (Near Field Communication) enabled payment gateways on Raspberry-Pis, a mobile wallet application and mining nodes on off-the-shelf computers.

#### DeepContent: Unveiling Video Streaming Content from Encrypted WiFi Traffic

Conference
Li Ying, Yi Huang, Suranga Seneviratne, Kanchana Thilakarathna, Adriel Cheng, Guillaume Jourjon, Darren Webb and Richard Xu
Proceedings of IEEE NCA 2018
Publication year: 2018.11

Abstract: The proliferation of smart devices has led to an exponential growth in digital media consumption, especially mobile video for content marketing. The vast majority of the associated Internet traffic is now end-to-end encrypted, and while encryption provides better user privacy and security, it has made network surveillance an impossible task. The result is an unchecked environment for exploiters and attackers to distribute content such as fake, radical and propaganda videos.

Recent advances in machine learning techniques have shown great promise in characterising encrypted traffic captured at the end points. However, video fingerprinting from passively listening to encrypted traffic, especially wireless traffic, has been reported as a challenging task due to the difficulty in distinguishing retransmissions and multiple flows on the same link. We show the potential of fingerprinting videos by passively sniffing WiFi frames in air, even without connecting to the WiFi network. We have developed Multi-Layer Perceptron (MLP) and Recurrent Neural Networks (RNNs) that are able to identify streamed YouTube videos from a closed set, by sniffing WiFi traffic encrypted at both Media Access Control (MAC) and Network layers. We compare these models to the state-of-the-art wired traffic classifier based on Convolutional Neural Networks (CNNs), and show that our models obtain similar results while requiring significantly less computational power and time (approximately a threefold reduction).

#### Impact of Man-In-The-Middle Attacks on Ethereum

Conference
Parinya Ekparinya, Vincent Gramoli, Guillaume Jourjon
Proceedings of IEEE SRDS 2018
Publication year: 2018.10

Abstract: Recently, several works conjectured the vulnerabilities of mainstream blockchains under several network attacks. All these attacks translate into showing that the assumptions of these blockchains can be violated in theory or under simulation at best. Unfortunately, previous results typically omit both the nature of the network under which the blockchain code runs and whether blockchains are private, consortium or public.

In this paper, we study the public Ethereum blockchain as well as a consortium and private blockchains and quantify the feasibility of man-in-the-middle and double spending attacks against them. To this end, we list important properties of the Ethereum public blockchain topology, we deploy VMs with constrained CPU quantum to mimic the top-10 mining pools of Ethereum and we develop full-fledged attacks, that first partition the network through BGP hijacking or ARP spoofing before issuing a Balance Attack to steal coins. Our results demonstrate that attacking Ethereum is remarkably devastating in a consortium or private context as the adversary can multiply her digital assets by 200, 000× in 10 hours through BGP hijacking whereas it would be almost impossible in a public context.

#### A Delay-Tolerant Payment Scheme on the Ethereum Blockchain

Poster/Demonstration
Ahsan Manzoor, Yining Hu, Madhusanka Liyanage, Parinya Ekparinya, Kanchana Thilakarathna, Guillaume Jourjon, Aruna Seneviratne, Salil Kanhere and Mika E Ylianttila,
Proc. of WoWMoM 2018, demo session
Publication year: 2018.06

Abstract: Cash-less payment via a variety of credit, debit or prepaid cards is pervasive in our inter-connected society, but not so ubiquitous in remote rural regions where network connectivity is intermittent. We proposed a cash-less payment scheme for remote villages based on blockchains that allows to maintain a record of verifiable transactions in a distributed manner. We overcome the limitations of intermittent network connectivity by solely relying on blockchain mining nodes in the village for transaction processing and verification. The bank joins as a peer and monitors node behaviors, rewards miners and processes currency exchanges whenever the connectivity is available. We take advantage of the Ethereum network to develop our solution and demonstrate the feasibility of the proposed system on off-the-self computing devices. We emulate a remote village scenario with intermittent network connectivity and show the robustness and reliability of the proposed system.

#### MultiPath TCP Storage Covert Channels

Conference
Mohammad Shamani, Guillaume Jourjon, and Aruna Seneviratne
In Proceedings of IFIP Networking 2018
Publication year: 2018.05

Abstract: Covert channel communication allows two entities (usually referred as Alice and Bob) to communicate secretly, whether a third party (aka Warden) is able to monitor the traffic or not. Recently, MPTCP has been introduced to augment the endpoint communication while leveraging multi-homing capabilities of end-devices. This multi-network capability would logically augment TCP/IP features for covert channelling. In this paper, we introduce and discuss different possible storage covert channels in MPTCP and how TCP/IP techniques could be extended for MPTCP. Through the introduction of a new method for the estimation of covert channel capacity in MPTCP, we show that storage covert channel with MPTCP increases the capacity of TCP, but it fails to significantly enhance the undetectability of it. As a result, we expect MPTCP covert channels will attract hackers and researchers’ community very soon.

#### DLibOS: Performance and Protection with a Network-on-Chip

Conference
Stephen Mallon, Vincent Gramoli, and Guillaume Jourjon
in Proceedings of the 23rd ACM International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2018.
Publication year: 2018.03

A long body of research work has led to the conjecture that highly efficient I/O processing at user-level would necessarily violate protection. In this paper, we debunk this myth by introducing DLibOS , a new paradigm that consists of distributing a library OS on specialized cores to achieve performance and protection at the user-level. Its main novelty consists of leveraging network-on-chip to allow hardware message passing, rather than context switches, for communication between different address spaces.

To demonstrate the feasibility of our approach, we implement a driver and a network stack at user-level on a Tilera many-core machine. We define a novel asynchronous socket interface and partition the memory such that the reception, the transmission and the application update isolated partitions. The main drawback is perhaps the incompatibility with the BSD interface, however, our high performance results of 4.2 and 3.1 million requests per second obtained on a webserver and the Memcached applications, respectively, confirms the relevance of our design decisions. Finally, we compare DLibOS against a non-protected user-level network stack and show that protection comes at a negligible cost.

#### Stratosphere: Dynamic IP Overlay Above the Clouds

Conference
Parinya Ekparinya, Vincent Gramoli, Guillaume Jourjon, and Liming Zhu
IEEE Local Computer Networks (LCN), Singapore, November 2017
Publication year: 2017.11

Abstract: Multi-cloud promises to substantially improve fault- tolerance, by tolerating disasters affecting one provider. Un- fortunately, multi-cloud solutions are premature and none of them are fully fledged. Their main impediment is the lack of network services: to date, it remains impossible for a customer to setup and control a multi-cloud network limiting drastically its possibilities. Moreover, manually inter-connecting multiple clouds from various providers is challenging: each cloud provider may offer dissimilar services and incompatible APIs.

In this paper, we present the first reconfigurable inter- cloud network, called Stratosphere. Stratosphere combines recent achievements in the context of container deployment and software defined networking (SDN) to build an SDN-based IP overlay of software containers across providers. Stratosphere aims at dynamically re-routing traffic based on service guarantees, congestion, or failures. We evaluate Stratosphere by reconfiguring the network between the major cloud providers, namely Amazon EC2, Microsoft Azure, and Google Cloud. The comparison against the Docker Swarm baseline indicates that this unique reconfiguration feature presents an overhead of only 1% when not used but can improve bandwidth significantly when used.

#### MPTCP Energy Enhancement Paradox: A Q-Learning Approach

Conference
Proceedings of the International Telecommunication Networks and Applications Conference (ITNAC 2017)
Publication year: 2017.11

Abstract: Leveraging multi-path transmission in an energy efficient manner is of great importance for mobile devices in heterogeneous wireless networks. Recently, Multi-path TCP (MPTCP) has been introduced as a potential solution that could leverage this path diversity, but making it energy efficient not only depends on the end-user’s observed interface capacity but also on the other competitors’ decision. We discuss about the paradox of energy saving in MPTCP for mobile devices. Then we propose, hereafter, a new algorithm to enhance the MPTCP energy efficiency in a resource-shared wireless network context by exploiting a newly introduced Q-learning framework. Based on large scale simulation, we demonstrate that our proposed algorithm could save up to 36%, energy compared to vanilla MPTCP.

#### Measuring, Characterizing, and Detecting Facebook Like Farms

Journal
Muhammad Ikram, Lucky Onwuzurike, Shehroze Farooqi, Emiliano De Cristofaro, Arik Friedman, Guillaume Jourjon, Mohammed Ali Kaafar, and M. Zubair Shafiq
ACM Transactions on Privacy and Security, Volume 20, Issue 4, September 2017, pp. 13:1--13:28
Publication year: 2017.09

#### Garbage Collection of Forwarding Rules in Software Defined Networks

Journal
MTI ul Huque, G. Jourjon, V. Gramoli
IEEE Communications Magazine, June 2017
Publication year: 2017.06

Abstract: Software defined networking (SDN) brought new interesting challenges by externalizing the task of controlling the network to some generic computer software. In particular, the controller software can modify the network routes by introducing new forwarding rules and deleting old ones at a distributed set of switches, a challenge that has received lots of attention in the last six years.

In this paper, we survey the different techniques to update rules, sometimes relying on redundant paths to reroute the traffic during the update, sometimes activating rules at distinct switches in a specific order, to avoid looping packets. This state-of-theart helps understanding another, often overlooked, problem that consists of determining the appropriate point in the update where it is safe to garbage collect old rules.

To illustrate the difficulty of the problem we list the previously proposed assumptions, like the upper-bound on the transmission delay of every packet through the network. Finally, we propose a solution that alleviates these assumptions and speeds up the original two-phase rule update by about 80% through the use of dedicated clean-up packets that detect the absence of in-flight packets.

#### e-DASH: Modelling An Energy-Aware DASH Player

Conference
Benoy Varghese, Guillaume Jourjon, Kanchana Thilakarathne, and Aruna Seneviratne
in Proceedings of IEEE WoWMoM 2017
Publication year: 2017.06

Dynamic Adaptive Streaming over HTTP (DASH) is one of the most popular ways to stream videos at present. In this work, we propose a DASH player energy-aware plugin (eDASH) for mobile devices which help reduce the battery consumption of the device. The eDASH player utilises a novel bitrate and video brightness adaptation algorithm to determine the next chunk to download. This algorithm utilises an energy-aware QoE model which factors in power consumption of the device in conjunction with existing bitrate adaptation logic to determine the next chunk. We also propose a new DASH architecture which could be easily integrated with the existing one. Macro-benchmarking of energy consumption of a mobile device while streaming and playing back video is conducted to obtain energy profiles of various video qualities. This energy data is then used along with real world network traces to drive simulations to evaluate energy savings that could be achieved using eDASH. We observe that up to 45% energy savings could be achieved with minimal reduction in QoE. We also find that up to 80% data transfer savings could also be achieved with an eDASH client.

#### FORGE: An eLearning Framework for Remote Laboratory Experimentation on FIRE Testbed Infrastructure

Book Chapter
Alexander Mikroyannidis, Diarmuid Collins, Christos Tranoris, Spyros Denazis, DaanPareit, JonoVanhie-Van Gerwen, Ingrid Moerman, Guillaume Jourjon, Olivier Fourmaux, John Domingue and Johann M. Marquez-Barja
in Building the Future Internet through FIRE, River Publisher, eds. Martin Serrano, Nikolaos Isaris, Hans Schaffers, John Domingue, Michael Boniface, and Thanasis Korakis
Publication year: 2017.04

The Forging Online Education through FIRE (FORGE) initiative provides educators and learners in higher education with access to world-class FIRE testbed infrastructure. FORGE supports experimentally driven research in an eLearning environment by complementing traditional classroom and online courses with interactive remote laboratory experiments. The project has achieved its objectives by defining and implementing a framework called FORGEBox. This framework offers the methodology, environment, tools and resources to support the creation of HTML-based online educational material capable accessing virtualized and physical FIRE testbed infrastructure easily. FORGEBox also captures valuable quantitative and qualitative learning analytic information using questionnaires and Learning Analytics that can help optimise and support student learning. To date, FORGE has produced courses covering a wide range of networking and communication domains. These are freely available from FORGEBox.eu and have resulted in over 24,000 experiments undertaken by more than 1,800 students across 10 countries worldwide. This work has shown that the use of remote high performance testbed facilities for hands-on remote experimentation can have a valuable impact on the learning experience for both educators and learners. Additionally, certain challenges in developing FIRE-based courseware have been identified, which has led to a set of recommendations in order to support the use of FIRE facilities for teaching and learning purposes.

#### Characterizing Key Stakeholders in an Online Black-Hat Marketplace

Conference
S. Farooqi, M. Ikram, E. De Cristofaro, A. Friedman, G. Jourjon, M. A. Kaafar, Z. Shafiq, F. Zaffar
eCrime 2017
Publication year: 2017.04

Abstract: Over the past few years, a number of black-hat marketplaces have emerged that facilitate access to reputation manipulation services, including the sale of fake Facebook likes, fraudulent search engine optimization (SEO), and bogus Amazon reviews. In order to deploy effective technical and legal countermeasures, it is important to understand how these blackhat marketplaces operate: what kind of services are offered? who is selling? who is buying? what are they buying? who is more successful? why are they successful? To this end, this paper presents a detailed micro-economic analysis of a popular online black-hat marketplace, namely, SEOClerks.com. As the website provides non-anonymized transaction information, we set to analyze selling and buying behavior of individual users, propose a strategy to identify key users, and study their tactics as compared to other (non-key) users. We find that key users: (1) are mostly located in Asian countries, (2) are focused more on selling black-hat SEO services, (3) tend to list more lower priced services, and (4) sometimes buy services from other sellers and then sell at higher prices. Finally, we discuss the implications of our findings with respect to designing robust countermeasures as well as devising effective economic and legal intervention strategies against marketplace operators and key users.

#### Large-Scale Dynamic Controller Placement.

Journal
MTI ul Huque, W. Si, G. Jourjon, V. Gramoli.
IEEE Transactions on Network and Service Management, Volume 14, Issue 1, March 2017
Publication year: 2017.03

Abstract: The controller placement problem (CPP) is one of the key challenges of software defined networks (SDN) to increase performance. Given the locations of n switches, CPP consists of choosing the controller locations that minimize the latency between switches and SDN controllers. In its current form, however, CPP assumes a fixed traffic and no existing solutions adapt the placement to the load. In this paper, we have addressed the dynamic controller placement problem that consists of (i) determining the locations of controller modules to bound communication latencies, and of (ii) determining the number of controllers per module to support the dynamic load. We propose an algorithm named LiDy+ that runs in O(n2) and combines a controller module placement algorithm with a dynamic flow management algorithm.

We evaluate the number of controllers, the controller utilization, the power consumption and the maintenance cost of LiDy+ on both sparse and dense networks. Our comparison against a previous solution shows that LiDy+ does not only achieve a smaller number of controllers and a higher controller utilization, but also incurs less energy and maintenance costs than the previous solution. Finally, we run LiDy+ in a large-scale environment where the previous solution of time complexity (n2 log n) is impractical.

#### FORGE Toolkit: Leveraging Distributed Systems in eLearning Platforms

Journal
Guillaume Jourjon, Johann M Marquez-Barja, Thierry Rakotoarivelo, Alexander Mikroyannidis, Kostas Lampropoulos, Spyros Denazis, Christos Tranoris, Daan Pareit, John Domingue, Luiz A DaSilva, Max Ott
IEEE Transactions on Emerging Topics in Computing, Vol. 5 (1), pp: 7 - 19
Publication year: 2017.01

Abstract: While more and more services become virtualized and always accessible in our society, laboratories supporting computer science (CS) lectures have mainly remained offline and class-based. This apparent abnormality is due to several limiting factors, discussed in the literature, such as the high cost of deploying and maintaining computer network testbeds and the lack of standardization for the presentation of eLearning platforms. In this paper, we present the FORGE toolkit, which leverages experimentation facilities currently deployed in international initiatives for the development of e-learning materials. Thus, we solve the institutional challenge mentioned in the ACM/IEEE 2013 CS curricula concerning the access and maintenance of specialized and heterogeneous hardware thanks to a seamless integration with the networking test-bed community. Moreover, this project builds an ecosystem, where teaching and educational materials, tools, and experiments are available under open scheme and policies. We demonstrate how it already meets most of the requirements from the network and communication component of CS 2013 and some of the labs of the Cisco academy. Finally, we present experience reports illustrating the potential benefits of this framework based on the first deployments in four post-graduate courses in prestigious institutions around the world.

#### Endpoint-transparent Multipath Transport with Software-defined Networks

Poster/Demonstration
D. Banfi, O. Mehani, G. Jourjon, L. Schwaighofer, and R. Holz
IEEE Local Computer Networks (LCN)
Publication year: 2016.11

Abstract: Multipath forwarding consists in using multiple paths simultaneously to transport data. While most techniques in this area require endpoint modifications, this article proposes to do it inside the network, transparently to the hosts. This approach, however, is known to introduce packet reordering at the receiving end, which may cause critical performance degradation. We present a Software Defined Network architecture which automatically sets up multipath forwarding including solutions to those issues, both at the sending side, through multipath scheduling algorithms, and the receiver side, by resequencing out-of-order packets in a dedicated in-network buffer. A prototype of the model is implemented with wide-spread technologies and evaluated in both emulated and real networks. In this demo, we will show how our solution improves Quality of Experience for high quality video streaming while remaining reactive to network congestion.

#### Endpoint-transparent Multipath Transport with Software-defined Networks

Conference
Dario Banfi, Olivier Mehani, Guillaume Jourjon, Lukas Schwaighofer, and Ralph Holz
IEEE Local Computer Networks (LCN), Dubai, November 2016
Publication year: 2016.11

Abstract: Multipath forwarding consists of using multiple paths simultaneously to transport data over the network. While most such techniques require endpoint modifications, we investigate how multipath forwarding can be done inside the network, transparently to endpoint hosts. With such a network-centric approach, packet reordering becomes a critical issue as it may cause critical performance degradation. We present a Software Defined Network architecture which automatically sets up multipath forwarding, including solutions for reordering and performance improvement, both at the sending side through multipath scheduling algorithms, and the receiver side, by re-sequencing out-of-order packets in a dedicated in-network buffer. We implemented a prototype with commonly available technology and evaluated it in both emulated and real networks. Our results show consistent throughput improvements, thanks to the use of aggregated path capacity. We give comparisons to Multipath TCP, where we show our approach can achieve a similar performance while offering the advantage of endpoint transparency.

#### Are Today’s SDN Controller Ready for Primetime

Conference
Stephen Mallon, Vincent Gramoli, and Guillaume Jourjon
IEEE Local Computer Networks (LCN), Dubai, November 2017
Publication year: 2016.11

Abstract: SDN efficiency is driven by the ability of controllers to process small packets based on a global view of the network. The goal of such controllers is thus to treat new flows coming from hundreds of switches in a timely fashion. In this paper, we show this ideal remains impossible through the most extensive evaluation of SDN controllers. We evaluated five state-of-the-art SDN controllers and discovered that the most efficient one spends a fifth of his time in packet serialization. More dramatically, we show that this limitation is inherent to the object oriented design principle of these controllers. They all treat each single packet as an individual object, a limitation that induces an unaffordable per-packet overhead. To eliminate the responsibility of the hardware from our results, we ported these controllers on a network-efficient architecture, Tilera, and showed even worse performance. We thus argue for an in-depth rethinking of the design of the SDN controller into a lower level software that leverages both operating system optimizations and modern hardware features.

#### A Walk Through the GENI Experiment Cycle

Book Chapter
Thierry Rakotoarivelo, Guillaume Jourjon, Olivier Mehani, Max Ott, Michael Zink
The GENI Book, Springer, Eds. McGeer, R., Berman, M., Elliott, C., Ricci, R.
Publication year: 2016.10

Abstract: The ability to repeat experiments from a research study and obtain similar results is a corner stone in experiment-based scientific discovery. This essential feature has often been overlooked by the distributed computing and networking community. There are many reasons for that, such as the complexity of provisioning, configuring, and orchestrating the resources used by experiments, their multiple external dependencies, or the difficulty to seamlessly record these dependencies. This chapter describes a methodology based on well-established principles to plan, prepare and execute reproducible experiments. We propose and describe a family of tools, the LabWiki workspace, to support an experimenter’s workflow based on that methodology. This proposed workspace provides services and mechanisms for each step of an experiment-based study, while automatically capturing the necessary information to allow others to repeat, inspect, validate and modify prior experiments. Our LabWiki workspace builds on existing contributions, de-facto protocols, and model standards, which emerged from recent experimental facility initiatives. We use a real experiment as a thread to guide and illustrate the discussion throughout this chapter.

#### FORGE Enabling FIRE Facilities for the e-Learning Community

Conference
Olivier Fourmaux, Mohammed Yasin Rahman, Christos Tranoris, Daan Pareit, Jono Vanhie-Van Gerwen, Guillaume Jourjon, Diarmuid Collins, Johann Marquez Barja
19th Internation Conference on Interactive Collabortive Learning
Publication year: 2016.09

Abstract: Many engineering students at third-level institutions across the world will not have the advantage of using real-world experimentation equipment, as the infrastructure and resources required for this activity are too expensive. This paper explains how the FORGE (Forging Online Education through FIRE) FP7 project transforms Future Internet Research and Experimentation (FIRE) testbed facilities into educational resources for the eLearning community. This is achieved by providing a framework for remote experimentation that supports easy access and control to testbed infrastructure for students and educators. Moreover, we identify a list of recommendations to support development of eLearning courses that access these facilities and highlight some of the challenges encountered by FORGE.

#### Applying a methodology for the design, delivery and evaluation of learning resources for remote experimentation

Conference
Alexander Mikroyannidis, John Domingue, Daan Pareit, Jono Vanhie-Van Gerwen, Christos Tranoris, Guillaume Jourjon, Johann M Marquez-Barja
2016 IEEE Global Engineering Education Conference (EDUCON)
Publication year: 2016.04

Abstract:Remote labs and online experimentation offer a rich opportunity to learners by allowing them to control real equipment at distance in order to conduct scientific investigations. Remote labs and online experimentation build on top of numerous emerging technologies for supporting remote experiments and promoting the immersion of the learner in online environments recreating the real experience. This paper presents a methodology for the design, delivery and evaluation of learning resources for remote experimentation. This methodology has been developed in the context of the European project FORGE, which promotes online learning using Future Internet Research and Experimentation (FIRE) facilities. FORGE is a step towards turning FIRE into a pan-European educational platform for Future Internet. This will benefit learners and educators by giving them both access to world-class facilities in order to carry out experiments on e.g. new internet protocols. In turn, this supports constructivist and self-regulated learning approaches, through the use of interactive learning resources, such as eBooks.

#### Revisiting the controller placement problem

Conference
MTI ul Huque, Guillaume Jourjon, Vincent Gramoli
Local Computer Networks (LCN), 2015 IEEE 40th Conference on, pp. 450-453
Publication year: 2015.10

Abstract: The controller placement problem (CPP) is one of the key challenges of software defined networks to increase performance. Given the locations of switches, CPP consists of choosing the controller locations that minimize the latency between switches and controllers. In its current form, however, CPP assumes a fixed traffic and no existing solutions adapt the placement to the load. In this paper, we introduce the dynamic controller placement problem that consists of (i) determining the locations of controller modules to bound communication latencies, and of (ii) determining the number of controllers per module to support the load. We propose, LiDy, a solution that combines a controller placement algorithm with a dynamic flow management algorithm. We evaluate the latency and the controller utilization of LiDy on sparse and dense regions. Our results show that, in all settings, LiDy achieves a higher utilization than the most recent controller placement solution.

#### Disaster-Tolerant Storage with SDN

Conference
Vincent Gramoli, Guillaume Jourjon, Olivier Mehani
International Conference on NETworked sYStem, NETYS 2015, Agadir, Morocco, May 13-15,
Publication year: 2015.05

Abstract: Cloud services are becoming centralized at several geo-replicated datacentres. These services replicate data within a single datacentre to tolerate isolated failures. Unfortunately, the effects of a disaster cannot be avoided, as existing approaches migrate a copy of data to backup datacentres only after data have been stored at a primary datacentre. Upon disaster, all data not yet migrated can be lost.

In this paper, we propose and implement SDN-KVS, a disaster-tolerant key-value store, which provides strong disaster resilience by replicating data before storing. To this end, SDN-KVS features a novel communication primitive, SDN-cast, that leverages Software Defined Network (SDN) in two ways: it offers an SDN-multicast primitive to replicate critical update request flows and an SDN-anycast primitive to redirect request flows to the closest available datacentre. Our performance evaluation indicates that SDN-KVS ensures no data loss and that traffic gets redirected across long distance key-value store replicas within 30 s after a datacentre outage.

#### Paying for Likes? Understanding Facebook Like Fraud Using Honeypots

Conference
Emiliano De Cristofaro, Arik Friedman, Guillaume Jourjon, Dali Kaafar, Zubair M. Shafiq
ACM SIGCOMM Internet Measurement Conference (ACM IMC)
Publication year: 2014.11

Abstract: Facebook pages offer an easy way to reach out to a very large audience as they can easily be promoted using Facebook’s advertising platform. Recently, the number of likes of a Facebook page has become a measure of its popularity and profitability, and an underground market of services boosting page likes, aka like farms, has emerged. Some reports have suggested that like farms use a network of profiles that also like other pages to elude fraud protection algorithms, however, to the best of our knowledge, there has been no systematic analysis of Facebook pages’ promotion methods.

This paper presents a comparative measurement study of page likes garnered via Facebook ads and by a few like farms. We deploy a set of honeypot pages, promote them using both methods, and analyze garnered likes based on likers’ demographic, temporal, and social characteristics. We highlight a few interesting findings, including that some farms seem to be operated by bots and do not really try to hide the nature of their operations, while others follow a stealthier approach, mimicking regular users’ behavior.

#### Greening Web Servers: A Case for Ultra Low-power Web Servers

Conference
Benoy Varghese, Niklas Carlsson, Guillaume Jourjon, Anirban Mahanti, Prashant Shenoy
International Green Computing Conference, IGCC
Publication year: 2014.11

Abstract: This paper studies the feasibility and benefits of greening Web servers by using ultra-low-power micro-computing boards to serve Web content. Our study focuses on the tradeoff between power and performance in such systems. Our premise is that low-power computing platforms can provide adequate performance for low-volume Websites run by small businesses or groups, while delivering a significantly higher request per Watt. We use the popular Raspberry Pi platform as an example low-power computing platform and experimentally evaluate our hypothesis for static and dynamic Web content served using this platform. Our result show that this platform can provide comparable response times to more capable server-class machines for rates up to 200 requests per second (rps); however, the scalability of the system is reduced to 20 rps for serving more compute-intensive dynamic content. Next, we study the feasibility of using clusters of low-power systems to serve requests for larger Websites. We find that, by utilising low-power multi-server clusters, we can achieve 17x to 23x more requests per Watt than typical tower server systems. Using simulations driven by parameters obtained from our real-world experiments, we also study dynamic multi-server policies that consider the tradeoff between power savings and overhead cost of turning servers on and off.

#### FORGE: Enhancing elearning and research in ICT through remote experimentation

Conference
Johann M. Marquez-Barja, Guillaume Jourjon, Alexander Mikroyannidis, Christos Tranoris, John Domingue, Luiz DaSilva
IEEE Global Engineering Education Conference, EDUCON
Publication year: 2014.04

Abstract: This paper presents the Forging Online Education through FIRE (FORGE) initiative, which aims to transform the Future Internet Research and Experimentation (FIRE) testbed facilities, already vital for European research, into a learning resource for higher education. From an educational perspective this project aims at promoting the notion of Self-Regulated Learning (SRL) through the use of a federation of highperformance testbeds and at building unique learning paths based on the integration of a rich linked-data ontology. Through FORGE, traditional online courses will be complemented with interactive laboratory courses. It will also allow educators to efficiently create, use and re-use FIRE-based learning experiences through our tools and techniques. And, most importantly, FORGE will enable equity of access to the latest ICT systems and tools independent of location and at low cost, strengthening the culture of online experimentation tools and remote facilities.

#### Designing and Orchestrating Reproducible Experiments on Federated Networking Testbeds

Journal
Thierry Rakotoarivelo, Guillaume Jourjon and Max Ott
Elsevier Computer Networks, Special issue on Future Internet Testbeds, pp. 173-187
Publication year: 2014.04

Abstract: In addition to theoretical analysis and simulations, the evaluation of new networking technologies in a real-life context and scale is critical to their global adoption and deployment. Federations of experimental platforms (aka testbeds) offer a controlled and cost-effective solution to perform such an evaluation. Most recent efforts in that area focused on building those facilities and providing experimenters with tools to allow the discovery and provisioning of their shared resources. Many challenges remain in order to support the complete experiment life cycle in a federated environment.

We propose OMF-F, a framework which allows the definition of networking experiments and their execution over shared resources provided by different federated administrative domains. OMF-F provides a domain-specific language enabling rich event-based experiment descriptions. It defines a specific resource model and protocol, which together with its publish-subscribe messaging system allows automatic experiment orchestrations at a large scale. OMF-F further provides interfaces to operate with existing resource discovery and provisioning tools for federated testbeds.

Our contributions in this paper are threefold. First we provide detailed descriptions of OMF-F’s design, its architecture, and its involved entities. Then, we present a quantitative evaluation of its underlying messaging and event-handling systems. Finally, we discuss two real examples of OMF-F deployed and used on federated domains to define and execute experiments.

#### An Instrumentation Framework for the Critical Task of Measurement Collection in the Future Internet

Journal
Olivier Mehani, Guillaume Jourjon, Thierry Rakotoarivelo and Max Ott
Elsevier Computer Networks, Special issue on Future Internet Testbeds, pp. 68-83
Publication year: 2014.04

Abstract: Experimental research on future Internet technologies involves observing multiple metrics at various distributed points of the networks under study. Collecting these measurements is often a tedious, repetitive and error prone task, be it in a testbed or in an uncontrolled field experiment. The relevant experimental data is usually scattered across multiple hosts in potentially different formats, and sometimes buried amongst a trove of other measurements, irrelevant to the current study. Collecting, selecting and formatting the useful measurements is a time-consuming and error-prone manual operation.

In this paper, we present a conceptual Software-Defined Measurement (SDM) framework to facilitate this task. It includes a common representation for any type of experimental data, as well as the elements to process and collect the measurement samples and their associated metadata. We then present an implementation of this concept, which we built as a major extension and refactoring of the existing Orbit Measurement Library (OML). We outline its API, and how it can be used to instrument an experiment in only a few lines of code. We also evaluate the current implementation, and demonstrate that it efficiently allows measurement collection without interfering with the systems under observation.

#### HPC Applications Deployment on Distributed Heterogeneous Computing Platforms via OMF, OML and P2PDC

Conference
Didier El Baz, The Tung Nguyen, Guillaume Jourjon, Thierry Rakotoarivelo
PDP 2014, the 22nd Euromicro International Conference on Parallel, distributed and network-based Computing
Publication year: 2014.02

Abstract: A new tool and web portal are presented for deployment of High Performance Computing applications on distributed heterogeneous computing platforms. This tool relies on the decentralized environment P2PDC and the OMF and OML multithreaded control, instrumentation and measurement libraries. Deployment on PlanetLab of a numerical simulation application is studied. A first series of computational results is displayed and analyzed.

#### Insights of File-Sharing System Forums

Conference
Guillaume Jourjon, Olivier Mehani, Thierry Rakotoarivelo
WNM 2013, 7th IEEE Workshop on Network Measurements
Publication year: 2013.10

Abstract: One-click file hosting systems (1-CFHS) have become a prominent means to exchange files across the Internet. Studies have previously identified that a lot of the hosted content is infringing on its owner’s copyright, and some of the most well know 1-CFHSs have been taken offline as a result of this. In this paper, we present a pilot study of how links to, and copies of, such content are exchanged via online forums. We have crawled and parsed pages from four of the most prominent sites over a period of a few months in order to extract URLs to these items. These URLs have then been periodically tested until they became unavailable in order to derive the lifespan of these copies on various 1-CFHS. We find that URLs are mostly posted once, presumably by their creators, and that unauthorised content on 1-CFHSs has an availability expectancy of about 40 days before being taken down.We propose an initial simple life-and-death model for such content in the form of a Markov chain. We also show that the 1-CFHS market is still unstable, with most of the past leader services having disappeared from the current charts.

#### “Into the Moana” Hypergraph-based Network Layer Indirection

Conference
Yan Shvartzshnaider, Maximilian Ott, Olivier Mehani, Guillaume Jourjon, Thierry Rakotoarivelo and David Levy
16th IEEE International Global Internet Symposium (GI 2013)
Publication year: 2013.04

Abstract: In this paper, we introduce the Moana network infrastructure. It draws on well-adopted practices from the database and software engineering communities to provide a robust and expressive information-sharing service using hypergraph-based network indirection. Our proposal is twofold. First, we argue for the need for additional layers of indirection used in modern information systems to bring the network layer abstraction closer to the developer’s world, allowing for expressiveness and flexibility in the creation of future services. Second, we present a modular and extensible design of the network fabric to support incremental architectural evolution and innovation, as well as its initial evaluation.

#### Why Simulate When You Can Experience?

Conference
Guillaume Jourjon, Thierry Rakotoarivelo and Max Ott
ACM SIGCOMM Education Workshop 2011
Publication year: 2011.08

Abstract: This paper discusses the advantages of using real experiments in networking lectures as opposed to simulation and tcpdump labs. Indeed, we claim that with the inclusion of networking to numerous curriculums the way to illustrate and assess in these courses need to evolve to better take advantage of the on-going research without limiting the top of the class students. In particular we identified five key challenges that needed to be addressed to improve networking education and bring it closer to reality. For that we present the Internet Remote Emulation Experiment Laboratory (IREEL) an e-learning platform designed and developed for the last 4 years. This platform allows the student to configure real network and application characteristics in order to illustrate key concepts of the lecture. In this context, we allow many improvements for labs or assignment in networking courses. IREEL has been previously used in introductory courses to networking and received very good rating by the student for the understanding of general and specific concept of the lecture.

#### LabWiki: An Executable Paper Platform for Experiment-based Research

Conference
Guillaume Jourjon, Thierry Rakotoarivelo, Christoph Dwertmann and Max Ott
The Executable Paper Grand Challenge, ICCCS meeting 2011
Publication year: 2011.06

Abstract: We present the Lab Wiki, an executable paper platform primarily designed but not limited to networking experiment-based research. The LabWiki leverages the current state of the art tools for the orchestration of experiments in the networking community and propose a new approach to execute and reproduce experiments. We demonstrate the usability of the LabWiki through an example at the boundary between network and high performance computing researches.

#### Impact of an e-learning Platform on CSE Lectures

Conference
Guillaume Jourjon, Salil Kanhere and Jun Yao
ACM ITiCSE 2011, the 16th Annual Conference on Innovation and Technology in Computer Science Education
Publication year: 2011.06

Abstract: This article presents a comprehensive summary and recommendations towards the use of IREEL, an e-learning platform designed for network studies in CSE courses, based on our hands-on experience in a large hybrid undergraduate/postgraduate course at the UNSW. We found that the tool was well received by the students for understanding key concepts, especially when compared to legacy tools used in labs. Furthermore we show that our tool was able to handle a very large number of experiments in a relatively short amount of time.

#### A Portal to Support Rigorous Experimental Methodology in Networking Research

Best Paper AwardsConference
Guillaume Jourjon, Thierry Rakotoarivelo and Max Ott
TridentCom 2011
Publication year: 2011.05

Abstract: Whilst dealing with topics that are more and more influenced by physical properties of the underlying media, the networking community still lacks a culture of rigorous result verification. Indeed, as opposed to most of the science and engineering fields there are very few benchmarks to test protocols against. Furthermore, in most publications the authors do not give the community access to the raw results or details of the performed experimental procedures. Therefore it is impossible to accurately reproduce their experiments. We propose to solve this problem by extending the state of the art experiment tool OMF with a public portal. This portal, while providing the experimenter with access to experimental resources, also provides the community with a system for comprehensive experiment description and result verification. The collection of both the measurement set and the experiment’s description is done in a transparent manner for the experimenter, who can decide to publish them via the portal once the research is mature enough.

#### Mobile Multimedia Streaming Improvements with Freeze-DCCP

Poster/Demonstration
Olivier Mehani, Roksana Boreli, Guillaume Jourjon and Thierry Ernst
ACM Mobicom 2010
Publication year: 2010.09

#### Measurement Architectures for Network Experiments with Disconnected Mobile Nodes

Conference
Jolyon White, Guillaume Jourjon, Thierry Rakatoarivelo and Maximilian Ott
TridentCom 2010
Publication year: 2010.05

Abstract: Networking researchers using testbeds containing mobile nodes face the problem of measurement collection from partially disconnected nodes. We solve this problem efficiently by adding a proxy server to the Orbit Measurement Library (OML) to transparently buffer measurements on disconnected nodes, and we give results showing our solution in action. We then add a flexible filtering and feedback mechanism on the server that enables a tailored hierarchy of measurement collection servers throughout the network, live context-based steering of experiment behaviour, and live context-based control of the measurement collection process itself.

#### From Learning to Researching, Ease the Shift through Testbeds

Conference
Guillaume Jourjon, Thierry Rakotoarivelo, and Max Ott
TridentCom 2010
Publication year: 2010.05

Abstract: This papers presents an e-learning platform that improves the current state of the art by successfully integrating four features. Firstly, it provides a web interface incorporating lecture notes, labs instruction and results. This remote interface also allows the teacher to easily implement new experiments using a high level description language. Secondly, the proposed architecture will provide a low deployment cost without limiting the experimental scope. Thirdly, the new platform can take advantage of many existing and emerging testbeds. Finally, we introduce a new framework for teaching and learning network concepts. Thus a student using this new tool during an introductory course will embrace a less difficult path to perform more advanced studies on currently widely deployed testbed.

#### High Performance Peer-to-Peer Distributed Computing with Application to Obstacle Problem

Conference
The Tung Nguyen, Didier El Baz, Pierre Spiteri, Guillaume Jourjon, Ming Chau
HotP2P 2010 in conjunction with IPDPS 2010
Publication year: 2010.04

Abstract: This paper deals with high performance Peer-to-Peer computing applications. We concentrate on the solution of large scale numerical simulation problems via distributed iterative methods. We present the current version of an environment that allows direct communication between peers. This environment is based on a self-adaptive communication protocol. The protocol configures itself automatically and dynamically in function of application requirements like scheme of computation and elements of context like topology by choosing the most appropriate communication mode between peers. A first series of computational experiments is presented and analyzed for the obstacle problem.

#### Promoting the Use of Reliable Rate Based Transport Protocols: The Chameleon Protocol

Journal
Emmanuel Lochin, Guillaume Jourjon, Sebastien Ardon and Patrick Senac
International Journal of Internet Protocol Technology, Vol. 5, No. 4, pp.175-189
Publication year: 2010.03

Abstract: Rate-based congestion control, such as TFRC, has not been designed to enable reliability. Indeed, the birth of TFRC protocol has resulted from the need for a congestion-controlled transport protocol in order to carry multimedia traffic. However, certain applications still prefer the use of UDP in order to implement their own congestion control on top of it. The present contribution proposes to design and validate a reliable rate-based protocol based on the combined use of TFRC, SACK and an adapted flow control. We argue that rate-based congestion control is a perfect alternative to window-based congestion control as most of today applications need to interact with the transport layer and should not be only limited to unreliable services. In this paper, we detail the implementation of a reliable rate-based protocol named Chameleon and bring out to the networking community an ns-2 implementation for evaluation purpose.

#### Models for an Energy-Efficient P2P Delivery Service

Conference
Guillaume Jourjon, Thierry Rakotoarivelo and Max Ott
PDP 2010 – The 18th Euromicro International Conference on Parallel, Distributed and Network-Based Computing
Publication year: 2010.02

Abstract: Data and service delivery have been historically based on a ”network centric” model, with datacentres being the focal sources. The amount of energy consumed by these datacentres has become an emerging issue for the companies operating them. Thus, many contributions have proposed solutions to improve the energy efficiency of current datacentre architecture and deployments. A recently proposed approach argues for removing the datacentres from the delivery architecture. Their functionalities will instead be distributed at the edge of the network, directly within operator-managed home devices, such as Home Gateways, or Set-Top-Box (STB). This paper presents a study of the overall energy consumption required by such a community of STBs in order to provide the same services as datacentres. This paper also investigates a possible distributed algorithm to further reduce this overall energy consumption. This algorithm will be deployed over a managed peer-to-peer network of STBs. It will make optimized decisions and instruct unused STBs to switch Off to save energy without altering the general Service Level Agreement. We demonstrate the potential benefit of such an algorithm through an off-line scheduling. Finally, we propose a service-delivery model that allows us to integrate the service availability in the energy optimization problem. The combination of these two models is the first step in the development of our energy optimisation distributed algorithm.

#### OMF: A control and management framework for networking nestbeds

Journal
Thierry Rakotoarivelo, Max Ott, Guillaume Jourjon, and Ivan Seskar
SIGOPS Operating Systems Review, 43(4):54–59
Publication year: 2010.01

Abstract: Networking testbeds are playing an increasingly important role in the development of new communication technologies. Testbeds are traditionally built for a particular project or to study a specific technology. An alternative approach is to federate existing testbeds to a) cater for experimenter needs which cannot be fullled by a single testbed, and b) provide a wider variety of environmental settings at different scales. These heterogenous settings allow the study of new approaches in environments similar to what one finds in the real world.

This paper presents OMF, a control, measurement, and management framework for testbeds. It describes through some examples the versatility of OMF’s current architecture and gives directions for federation of testbeds through OMF. In addition, this paper introduces a comprehensive experiment description language that allows an experimenter to describe resource requirements and their configurations, as well as experiment orchestration. Researchers would thus be able to reproduce their experiment on the same testbed or in a different environment with little changes. Along with the efficient support for large scale experiments, the use of testbeds and support for repeatable experiments will allow the networking field to build a culture of cross verification and therefore strengthen its scientific approach.

#### OMF: a Control and Management Framework for Networking Testbeds

Conference
Thierry Rakotoarivelo, Max Ott, Guillaume Jourjon and Ivan Seskar
SOSP Workshop on Real Overlays and Distributed Systems (ROADS ’09)
Publication year: 2009.10

Abstract: Networking testbeds are playing an increasingly important role in the development of new communication technologies. Testbeds are traditionally built for a particular project or to study a specific technology. An alternative approach is to federate existing testbeds to a) cater for experimenter needs which cannot be fillled by a single testbed, and b) provide a wider variety of environmental settings at different scales. These heterogenous settings allow the study of new approaches in environments similar to what one finds in the real world.

This paper presents OMF, a control, measurement, and management framework for testbeds. It describes through some examples the versatility of OMF’s current architecture and gives directions for federation of testbeds through OMF. In addition, this paper introduces a comprehensive experiment description language that allows an experimenter to describe resource requirements and their configurations, as well as experiment orchestration. Researchers would thus be able to reproduce their experiment on the same testbed or in a different environment with little changes. Along with the efficient support for large scale experiments, the use of testbeds and support for repeatable experiments will allow the networking field to build a culture of cross verification and therefore strengthen its scientific approach.

#### Mobile Experiments Made Easy with OMF/Orbit

Poster/Demonstration
Christoph Dwertmann, Mesut Ergin, Guillaume Jourjon, Max Ott, Thierry Rakotoarivelo and Ivan Seskar
ACM SIGCOMM 2009
Publication year: 2009.08

#### Design and Validation of a Reliable Rate Based Transport Protocol: The Chameleon Protocol

Conference
Emmanuel Lochin, Guillaume Jourjon and Sebastien Ardon
Global Information Infrastructure Symposium (IEEE GIIS 2009)
Publication year: 2009.06

Abstract: TFRC protocol has not been designed to enable reliability. Indeed, the birth of TFRC results from the need of a congestion controlled and realtime transport protocol in order to carry multimedia traffic. Historically, and following the anarchical deployment of congestion control mechanisms implemented on top of UDP protocol, the IETF decided to standardize such protocol in order to provide to multimedia applications developers a framework for their applications. In this paper, we propose to design a reliable rate-based transport protocol based on TFRC. This design is motivated by finding an alternative to TCP where its oscillating behaviour is known to be counterproductive over certain networks such as VANET. However, we found interesting results partly inherited from the smooth behaviour of TFRC in the context of wired networks. In particular, we show that TFRC can realize shorter data transfer compare to TCP over a complex and realistic topology. We firstly detail and fully benchmark our protocol in order to verify that our resulting prototype inherits from the good properties of TFRC in terms of TCP-friendliness. As a second contribution, we also propose a ns-2 implementation for testing purpose to the networking community. Following these preliminary tests, we drive a set of non-exhaustive experiments to illustrate some interesting behaviour of this protocol in the context of wired networks.

#### Towards sender-based TFRC

Journal
Guillaume Jourjon, Emmanuel Lochin and Patrick Senac
Journal of Internet Engineering pp: 193-201, Vol 3, No 1
Publication year: 2009.01

Abstract: Pervasive communications are increasingly sent over mobile devices and personal digital assistants. This trend is currently observed by mobile phone service providers which have measured a significant increase in multimedia traffic. To better carry multimedia traffic, the IETF standardized a new TCP Friendly Rate Control (TFRC) protocol. However, the current receiver-based TFRC design is not well suited to resource limited end systems. In this paper, we propose a scheme to shift resource allocation and computation to the sender. This senderbased approach led us to develop a new algorithm for loss notification and loss-rate computation. We detail the complete implementation of a user-level prototype and demonstrate the gain obtained in terms of memory requirements and CPU processing compared to the current design. We also evaluate the performance obtained in terms of throughtput smoothness and fairness with TCP and we note this shifting solves security issues raised by classical TFRC implementations.

#### Improvements in DCCP congestion control for satellite links

Conference
Golam Sarwar, Roksana Boreli, Emmanuel Lochin and Guillaume Jourjon
2008 International Workshop on Satellite and Space Communications (IWSSC 2008)
Publication year: 2008.10

Abstract: We propose modifications in the TCP-Friendly Rate Control (TFRC) congestion control mechanism from the Datagram Congestion Control Protocol (DCCP) intended for use with real-time traffic, which are aimed at improving its performance for long delay (primarily satellite) links. Firstly, we propose an algorithm to optimise the number of feedback messages per round trip time (RTT) rather than use the currently standard of at least one per RTT, based on the observed link delay. We analyse the improvements achievable with proposed modification in different phases of congestion control and present results from simulations with modified ns-2 DCCP and live experiments using the modified DCCP Linux kernel implementation. We demonstrate that the changes results in improved slow start performance and a reduced data loss compared to standard DCCP, while the introduced overhead remains acceptable.

#### Design, Implementation and Evaluation of a QoS-aware Transport Protocol

Journal
Guillaume Jourjon, Emmanuel Lochin and Patrick Senac
Elsevier Computer Communications, volume 31, issue 9, pp 1713-1722
Publication year: 2008.06

Abstract: In the context of a reconfigurable transport protocol framework, we propose a QoS-aware Transport Protocol (QSTP), specifically designed to operate over QoS-enabled networks with bandwidth guarantee. QSTP combines QoS-aware TFRC congestion control mechanism, which takes into account the network-level bandwidth reservations, with a Selective ACKnowledgment (SACK) mechanism in order to provide a QoS-aware transport service that fill the gap between QoS enabled network services and QoS constraint applications. We have developed a prototype of this protocol in the user-space and conducted a large range of measurements to evaluate this proposal under various network conditions. Our results show that QSTP allows applications to reach their negotiated QoS over bandwidth guaranteed networks, such as DiffServ/AF network, where TCP fails. This protocol appears to be the first reliable protocol especially designed for QoS network architectures with bandwidth guarantee.

#### Enhanced Transport Protocol, in End-to-End Quality of Service Over Heterogeneous Networks

Book Chapter
Nicolas Van Wambeke, Ernesto Exposito, Guillaume Jourjon, and Emmanuel Lochin
Springer, Eds Torsten Braun, Michel Diaz, Jose Enriquez-Gabeiras, and Thomas Stau
Publication year: 2008

#### Towards sender-based TFRC

Best Paper AwardsConference
Guillaume Jourjon, Emmanuel Lochin and Patrick Senac
IEEE International Conference on Communications 2007 (IEEE ICC 2007)
Publication year: 2007.06

Abstract: Pervasive communications are increasingly sent over mobile devices and personal digital assistants. This trend has been observed during the last football world cup where cellular phones service providers have measured a significant increase in multimedia traffic. To better carry multimedia traffic, the IETF standardized a new TCP Friendly Rate Control (TFRC) protocol. However, the current receiver-based TFRC design is not well suited to resource limited end systems. We propose a scheme to shift resource allocation and computation to the sender. This sender based approach led us to develop a new algorithm for loss notification and loss rate computation. We demonstrate the gain obtained in terms of memory requirements and CPU processing compared to the current design. Moreover this shifting solves security issues raised by classical TFRC implementations. We have implemented this new sender-based TFRC, named TFRC$_{light}$, and conducted measurements under real world conditions.

#### IREEL: Remote Experimentation with Real Protocols and Applications over Emulated Network

Journal
Laurent Dairaine, Guillaume Jourjon, Emmanuel Lochin and Sebastien Ardon
Inroads, the SIGCSE Bulletin, Volume 39, Issue 2, June 2007
Publication year: 2007.04

Abstract: This paper presents a novel e-learning platform called IREEL. IREEL is a virtual laboratory allowing students to drive experiments with real Internet applications and end-to-end protocols in the context of networking courses. This platform consists in a remote network emulator offering a set of predefined applications and protocol mechanisms. Experimenters configure and control the emulation and the end-systems behavior in order to perform tests, measurements and observations on protocols or applications operating under controlled specific networking conditions. A set of end-to-end mechanisms, mainly focusing on transport and application level protocols, are currently available. IREEL is scalable and easy to use thanks to an ergonomic web interface.

#### Optimization of Loss History Initialization

Journal
Guillaume Jourjon, Emmanuel Lochin and Laurent Dairaine
EEE Communications Letters, Volume 11, Number 3, March 2007, pp 276-278
Publication year: 2007.03

Abstract: This letter deals with the initialization of the loss history structure in the TFRC (TCP-friendly rate control) mechanism. This initialization occurs after the detection of the first loss event after every slowstart phase. The loss history is crucial for the algorithm since it returns the packet loss rate estimation. This estimation is used in the TFRC equation to compute the sending rate. In this letter, we propose a new method to compute the packet loss rate which is more computationally efficient and remains as accurate as the classical commonly used method. The motivation of this work is to reduce the computation time and formulate a unified computation scheme. This method is based on the Newton’s algorithm issued from numerical analysis of the TCP throughput equation. This proposal is evaluated analytically and the results show a significant improvement in terms of the computation time.

#### Study and enhancement of DCCP over DiffServ Assured Forwarding class

Conference
Emmanuel Lochin, Guillaume Jourjon and Laurent Dairaine
Fourth European Conference on Universal Multiservice Networks (ECUMN’07), pp. 250-262
Publication year: 2007.02

Abstract: The datagram congestion control protocol (DCCP) has been proposed as a transport protocol which supports real-time traffic. In this paper, we focus on the use of DCCP/CCID3 (Congestion Control ID 3) over a DiffServ/AF class. This class of service is used to build services that provide only a minimum throughput guarantee without any delay or jitter restrictions. This minimum throughput guarantee is called the target rate. In this context, the throughput obtained by DCCP/CCID3 mainly depends on RTT and loss probability. As a result, the application does not always get the negotiated target rate. To cope with this problem, we propose to evaluate a simple adaptation of the CCID3 congestion control mechanism, allowing the application to reach its target rate whatever the RTT value of the application’s flow is. As this adaptation can be seen as an extension to the DCCP with CCID3 congestion control, we call it gDCCP for guaranteed DCCP. Results from simulations are presented to illustrate the improvements of the proposed modification in various situations. Finally, we investigate the deployment of this proposal in terms of security

#### Towards a Versatile Transport Protocol

Poster/Demonstration
Guillaume Jourjon and Emmanuel Lochin and Patrick Senac
ACM CoNext 2006
Publication year: 2006.12

Abstract: In the context of a reconfigurable transport protocol, this paper introduces two protocol instances based on the composition and specialisation of the TFRC congestion control and Selective Acknowledgment mechanisms. The two resulting transport architectures lead respectively to the QTPAF protocol, specifically designed to operate over QoS-enabled networks and the QTPlight protocol, specifically designed for resource-limited end systems connected to powerful servers. QTPAF combines QoS-aware TFRC congestion control with full reliability to provide a transport service similar to TCP but additionally taking into account network-level bandwidth reservations. QTPlight proposes a modification of TFRC that shifts from the receiver to the sender the complexity of the loss rate estimation mechanism. This modification allows to alleviate the processing and communication load of “light” resource limited mobile receivers. We present the concept of these protocols and their adaptation in the EuQoS European project framework.

#### gTFRC, a TCP Friendly QoS-aware Rate Control for Diffserv Assured Service

Journal
Emmanuel Lochin, Laurent Dairaine, Guillaume Jourjon
Springer Telecommunication Systems Journal, 10.1007/s11235-006-9004-2, ISSN : 1018-4864 (Print) 1572-9451 (Online), Volume 33, Numbers 1-3 / December, 2006, pp 3-21
Publication year: 2006.12

Abstract: This study addresses the end-to-end congestion control support over the DiffServ Assured Forwarding (AF) class. The resulting Assured Service (AS) provides a minimum level of throughput guarantee. In this context, this article describes a new end-to-end mechanism for continuous transfer based on TCP-Friendly Rate Control (TFRC). The proposed approach modifies TFRC to take into account the QoS negotiated. This mechanism, named gTFRC, is able to reach the minimum throughput guarantee whatever the flow’s RTT and target rate. Simulation measurements and implementation over a real QoS testbed demonstrate the efficiency of this mechanism either in over-provisioned or exactly-provisioned network. In addition, we show that the >frc mechanism can be used in the same DiffServ/AF class with TCP or TFRC flows.

#### Implementation and performance analysis of a QoS-aware TFRC mechanism

Conference
Guillaume Jourjon, Emmanuel Lochin, Laurent Dairaine, Patrick Senac, Tim Moors and Aruna Seneviratne
14th IEEE ICON 2006 (International Conference on Networking).
Publication year: 2006.09

Abstract: This paper deals with the improvement of transport protocol behaviour over the DiffServ assured forwarding (AF) class. The assured service (AS) provides a minimum throughput guarantee that classical congestion control mechanisms, like window-based in TCP or equation-based in TCP-friendly rate control (TFRC), are not able to use efficiently. In response, this paper proposes a performance analysis of a QoS aware congestion control mechanism, named gTFRC, which improves the delivery of continuous streams. The gTFRC (guaranteed TFRC) mechanism has been integrated into an enhanced transport protocol (ETP) that allows protocol mechanisms to be dynamically managed and controlled. After comparing a ns-2 simulation and our implementation of the basic TFRC mechanism, we show that ETP/gTFRC extension is able to reach a minimum throughput guarantee whatever the flow’s RTT and target rate (TR) and the network provisioning conditions

#### IREEL: Remote Experimentation with Real Protocols and Applications over Emulated Network

Poster/Demonstration
Laurent Dairaine, Guillaume Jourjon, Ernesto Exposito
ACM ITiCSE
Publication year: 2006.06

#### gTFRC: a QoS-aware congestion control algorithm

Conference
Emmanuel Lochin, Laurent Dairaine and Guillaume Jourjon
Proc. of the 5th International Conference of Networking
Publication year: 2006.04

Abstract: This study addresses the end-to-end congestion control support over the DiffServ Assured Forwarding (AF) class. The resulting Assured Service (AS) provides a minimum level of throughput guarantee. In this context, this paper describes a new end-to-end mechanism for continuous transfer based on TCP-Friendly Rate Control (TFRC) originally proposed in [11]. The proposed approach modifies TFRC to take into account the QoS negotiated. This mechanism, named gTFRC, is able to reach the minimum throughput guarantee whatever the flow’s RTT and target rate. Simulation measurements show the efficiency of this mechanism either in over-provisioned or exactly-provisioned network. In addition, we show that the gTFRC mechanism can be used in the same DiffServ/AF class with TCP or TFRC flows.

#### Modeling, Simulation, and Emulation of QoS Oriented Transport Mechanisms

Poster/Demonstration
Guillaume Jourjon, Ernesto Exposito and Laurent Dairaine
ACM CoNext 2005
Publication year: 2005.12

Abstract: The design and development process of communication protocols and real-time systems and particularly transport protocol mechanisms requires adequate methodology and efficient instrumental support. In this paper, an extensible and QoS-oriented development framework integrating design and simulation with UML (Unified Modeling Language), and implementation and evaluation with emulation is introduced. An early use of the proposed framework is illustrated with the design and development of simple transport mechanism.

#### Some Solutions for Peer-to-Peer Global Computing

Conference
Guillaume Jourjon and Didier El Baz
13th Euromicro Conference on Parallel, Distributed and Network-Based Processing (PDP’05), pp 49-58
Publication year: 2005.09

Abstract: The emergence of Internet and new kind of architecture, like peer-to-peer (P2P) networks, provides great hope for distributed computation. However, the combination of the world of systems and the world of networking cannot be done as a simple melting of the existing solutions of each side. For example, it is quite obvious that one cannot use synchronized algorithms for global computing over large area network. We propose a non-exhaustive view of problems one could meet when he aims at building P2P architecture for global computing systems, which use asynchronous iterative algorithms. We also propose generic solutions for particular problems linked to both computing and networking sides. These problems involve the initialization of the computation (and its dual the conclusion), the task transparency over P2P network, and the routing in such networks. Finally a first computational experiment is presented for an asynchronous auction algorithm applied to the solution of the shortest path problem.