The virtual private network (VPN) system, which is one of the construction methods for private networks over the Internet, is gaining prominence. VPNs are currently used for corporate networks to support end to end ...The virtual private network (VPN) system, which is one of the construction methods for private networks over the Internet, is gaining prominence. VPNs are currently used for corporate networks to support end to end communications. But if they are applied to private networks for distributed departments in organizations, some problems should be concerned, such as low efficiency of packet transfer and nonsupport of unsymmetrical VPN connections. At first this paper analyzes the limitations of VPN used in the environment of multiple subnets, and then brings up a distributed module of VPN with low cost, high packet transfer efficiency and powerful functions of user authentication and access control.展开更多
Traffic classification research has been suffering from a trouble of collecting accurate samples with ground truth.A model named Traffic Labeller(TL) is proposed to solve this problem.TL system captures all user socke...Traffic classification research has been suffering from a trouble of collecting accurate samples with ground truth.A model named Traffic Labeller(TL) is proposed to solve this problem.TL system captures all user socket calls and their corresponding application process information in the user mode on a Windows host.Once a sending data call has been captured,its 5-tuple {source IP,destination IP,source port,destination port and transport layer protocol},associated with its application information,is sent to an intermediate NDIS driver in the kernel mode.Then the intermediate driver writes application type information on TOS field of the IP packets which match the 5-tuple.In this way,each IP packet sent from the Windows host carries their application information.Therefore,traffic samples collected on the network have been labelled with the accurate application information and can be used for training effective traffic classification models.展开更多
Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like Chi...Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.展开更多
Based on the massive data collected with a passive network monitoring equipment placed in China's backbone, we present a deep insight into the network backbone traffic and evaluate various ways for inproving traffic ...Based on the massive data collected with a passive network monitoring equipment placed in China's backbone, we present a deep insight into the network backbone traffic and evaluate various ways for inproving traffic classifying efficiency in this pa- per. In particular, the study has scrutinized the net- work traffic in terms of protocol types and signatures, flow length, and port distffoution, from which mean- ingful and interesting insights on the current Intemet of China from the perspective of both the packet and flow levels are derived. We show that the classifica- tion efficiency can be greatly irrproved by using the information of preferred ports of the network applica- tions. Quantitatively, we find two traffic duration thresholds, with which 40% of TCP flows and 70% of UDP flows can be excluded from classification pro- cessing while the in^act on classification accuracy is trivial, i.e., the classification accuracy can still reach a high level by saving 85% of the resources.展开更多
E-mail communication network evolution model based on user information propagation is studied. First, mathematical representation of weighted e-mail communication network is proposed, and network center parameters of ...E-mail communication network evolution model based on user information propagation is studied. First, mathematical representation of weighted e-mail communication network is proposed, and network center parameters of Enron dataset and the distribution of node degree and strength are analyzed. Then, some rules of e-mail communication network evolution are found. Second, the model of e-mail information propagation is described, and e-mail communication network evolution model based on user information propagation is proposed. Lastly, the simulation proves the correctness of the distribution characteristic of degree and strength of the model proposed and then verifies that the model proposed is closer to the real situation of e-mail communication network through parameter comparison. This research provides the basis for other researches on social network evolution and data communication.展开更多
A new approach, named TCP-I2NC, is proposed to improve the interaction between network coding and TCP and to maximize the network utility in interference-free multi-radio multi-channel wireless mesh networks. It is gr...A new approach, named TCP-I2NC, is proposed to improve the interaction between network coding and TCP and to maximize the network utility in interference-free multi-radio multi-channel wireless mesh networks. It is grounded on a Network Utility Maxmization (NUM) formulation which can be decomposed into a rate control problem and a packet scheduling problem. The solutions to these two problems perform resource allocation among different flows. Simulations demonstrate that TCP-I2NC results in a significant throughput gain and a small delay jitter. Network resource is fairly allocated via the solution to the NUM problem and the whole system also runs stably. Moreover, TCP-I2NC is compatible with traditional TCP variants.展开更多
Cooperation allows wireless network users to benefit from various gains such as an in- crease in the achieved rate or an improvement in the bit error rate. In the paper, we propose a distributed Hierarchical Game (HG...Cooperation allows wireless network users to benefit from various gains such as an in- crease in the achieved rate or an improvement in the bit error rate. In the paper, we propose a distributed Hierarchical Game (HG) theoretic framework over multi-user cooperative communication networks to stimulate cooperation and improve the network performance. First, we study a two- user decision making game in the OFDMA based subscriber cooperative relaying network, in which subscribers transmit their own data in the first phase, while helping to retransmit their partner's or choosing to freeride in the second phase. Instead of consulting to a global optimal solution, we decouple the cooperation resource allocation into two level subproblems: a user level Nash game for distributed cooperation decision and a Base Station (BS) level coalition game for centralized resource allocation. In the proposed HG algorithm, where mutual cooperation is preferred and total payoff is transferable, we prove it converges to a unique optimal equilibrium and resolve the subcarrier as-signment and power allocation among the couples. Besides, we discuss the existence of the publishing and rewarding coefficients in order to encourage cooperation. Then, we extend the HG to multi-user cases by coupling among subscribers according to the location information. The simulation results show that the proposed scheme with the distributed HG game achieves a well tradeoff between fairness and efficiency by improving the transmission efficiency of adverse users and outperforms those employing centralized schemes.展开更多
This paper introduces an adaptive traffic allocation scheme with cooperation of multiple Radio Access Networks (RANs) in universal wireless environments.The different cooperation scenarios are studied,and based on the...This paper introduces an adaptive traffic allocation scheme with cooperation of multiple Radio Access Networks (RANs) in universal wireless environments.The different cooperation scenarios are studied,and based on the scenario of cooperation in both network layer and terminal layer,an open queuing system model,which is aiming to depict the characteristics of packet loss rate of wireless communication networks,is proposed to optimize the traffic allocation results.The analysis and numerical simulations indicate that the proposed scheme achieves inter-networking load balance tominimize the whole transmission delay and expands the communication ability of single-mode terminals to support high data rate traffics.展开更多
Service modeling offers fundamental guidance to the construction and operation of mobile telecommunication networks. As the domestic LTE networks have been deployed massively, the refined LTE services model needs to b...Service modeling offers fundamental guidance to the construction and operation of mobile telecommunication networks. As the domestic LTE networks have been deployed massively, the refined LTE services model needs to be established urgently. In this paper, we firstly extract characteristic parameters of services from statistical data in 3G networks, especially in time, space and user dimension. Secondly, the development trends of LTE services are analyzed. And the refined LTE service model is established. Finally, prediction results of LTE service development in China is given, which could provide effi cient support for networks' optimization and evolution.展开更多
Network and communications models are built for target tracking and pursuing in the Internet of Things (IoT).According to these models,two tracking schemes which jointly optimize the pursuing energy and delay are prop...Network and communications models are built for target tracking and pursuing in the Internet of Things (IoT).According to these models,two tracking schemes which jointly optimize the pursuing energy and delay are proposed.The merits of these schemes are that they can enhance energy efficiency of both the pursuing route and communication in the network.Moreover,experimental results are provided to demonstrate the benefits of the proposed schemes which will be used as optimization schemes for the IoT tracking service.展开更多
With the rapid growth of mobile data traffic and vast traffic offloaded from cellular network, Wi-Fi has been considered as an essential component to cope with the tremendous growth of mobile data traffic. Although op...With the rapid growth of mobile data traffic and vast traffic offloaded from cellular network, Wi-Fi has been considered as an essential component to cope with the tremendous growth of mobile data traffic. Although operators have deployed a lot of carrier grade Wi-Fi networks, but there are still a multitude of arrears for nowadays Wi-Fi networks, such as supporting seamless handover between APs, automatic network access and unified authentication, etc. In this paper, we propose an SDN based carrier grade Wi-Fi network framework, namely SWN. The key conceptual contribution of SWN is a principled refactoring of Wi-Fi networks into control and data planes. The control plane has a centralized global view of the whole network, can perceive the underlying network state by network situation awareness(NAS) technique, and bundles the perceived information and network management operations into northbound Application Programming Interface(API) for upper applications. In the data plane, we construct software access point(SAP) to abstract the connection between user equipment(UE) and access point(AP). Network operators can design network applications by utilizing these APIs and the SAP abstraction to configure and manage the whole network, which makes carrier grade Wi-Fi networks more flexible, user-friendly, and scalable.展开更多
文摘The virtual private network (VPN) system, which is one of the construction methods for private networks over the Internet, is gaining prominence. VPNs are currently used for corporate networks to support end to end communications. But if they are applied to private networks for distributed departments in organizations, some problems should be concerned, such as low efficiency of packet transfer and nonsupport of unsymmetrical VPN connections. At first this paper analyzes the limitations of VPN used in the environment of multiple subnets, and then brings up a distributed module of VPN with low cost, high packet transfer efficiency and powerful functions of user authentication and access control.
基金ACKNOWLEDGEMENT This research was partially supported by the National Basic Research Program of China (973 Program) under Grant No. 2011CB30- 2605 the National High Technology Research and Development Program of China (863 Pro- gram) under Grant No. 2012AA012502+3 种基金 the National Key Technology Research and Dev- elopment Program of China under Grant No. 2012BAH37B00 the Program for New Cen- tury Excellent Talents in University under Gr- ant No. NCET-10-0863 the National Natural Science Foundation of China under Grants No 61173078, No. 61203105, No. 61173079, No. 61070130, No. 60903176 and the Provincial Natural Science Foundation of Shandong under Grants No. ZR2012FM010, No. ZR2011FZ001, No. ZR2010FM047, No. ZR2010FQ028, No. ZR2012FQ016.
文摘Traffic classification research has been suffering from a trouble of collecting accurate samples with ground truth.A model named Traffic Labeller(TL) is proposed to solve this problem.TL system captures all user socket calls and their corresponding application process information in the user mode on a Windows host.Once a sending data call has been captured,its 5-tuple {source IP,destination IP,source port,destination port and transport layer protocol},associated with its application information,is sent to an intermediate NDIS driver in the kernel mode.Then the intermediate driver writes application type information on TOS field of the IP packets which match the 5-tuple.In this way,each IP packet sent from the Windows host carries their application information.Therefore,traffic samples collected on the network have been labelled with the accurate application information and can be used for training effective traffic classification models.
基金supported by the National Natural Science Foundation of China (Grant NO.61332019, NO.61402342, NO.61202387)the National Basic Research Program of China ("973" Program) (Grant No.2014CB340600)the National High–Tech Research and Development Program of China ("863" Program) (Grant No.2015AA016002)
文摘Trusted computing,which can effectively increase the credibility of information system,has made great achievements and is in continuous development. For country who is going to strengthen network construction like China,it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing,such as various trusted platform modules(TPM、TCM、TPCM),TCG Software Stack(TSS),trusted cloud server and Trusted Execution Environment(TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.
基金This paper was partially supported by the National Natural Science Foundation of China under Crant No. 61072061111 Project of China under Crant No. B08004 the Fundamental Research Funds for the Central Universities under Grant No. 2009RC0122. References
文摘Based on the massive data collected with a passive network monitoring equipment placed in China's backbone, we present a deep insight into the network backbone traffic and evaluate various ways for inproving traffic classifying efficiency in this pa- per. In particular, the study has scrutinized the net- work traffic in terms of protocol types and signatures, flow length, and port distffoution, from which mean- ingful and interesting insights on the current Intemet of China from the perspective of both the packet and flow levels are derived. We show that the classifica- tion efficiency can be greatly irrproved by using the information of preferred ports of the network applica- tions. Quantitatively, we find two traffic duration thresholds, with which 40% of TCP flows and 70% of UDP flows can be excluded from classification pro- cessing while the in^act on classification accuracy is trivial, i.e., the classification accuracy can still reach a high level by saving 85% of the resources.
基金sponsored by the National Natural Science Foundation of China under grant number No. 61100008, 61201084the China Postdoctoral Science Foundation under Grant No. 2013M541346+3 种基金Heilongiiang Postdoctoral Special Fund (Postdoctoral Youth Talent Program) under Grant No. LBH-TZ0504Heilongjiang Postdoctoral Fund under Grant No. LBH-Z13058the Natural Science Foundation of Heilongjiang Province of China under Grant No. QC2015076Funds for the Central Universities of China under grant number HEUCF100602
文摘E-mail communication network evolution model based on user information propagation is studied. First, mathematical representation of weighted e-mail communication network is proposed, and network center parameters of Enron dataset and the distribution of node degree and strength are analyzed. Then, some rules of e-mail communication network evolution are found. Second, the model of e-mail information propagation is described, and e-mail communication network evolution model based on user information propagation is proposed. Lastly, the simulation proves the correctness of the distribution characteristic of degree and strength of the model proposed and then verifies that the model proposed is closer to the real situation of e-mail communication network through parameter comparison. This research provides the basis for other researches on social network evolution and data communication.
基金This work was supported by the State Key Program of Na- tional Nature Science Foundation of China under Grants No. U0835003, No. 60872087.
文摘A new approach, named TCP-I2NC, is proposed to improve the interaction between network coding and TCP and to maximize the network utility in interference-free multi-radio multi-channel wireless mesh networks. It is grounded on a Network Utility Maxmization (NUM) formulation which can be decomposed into a rate control problem and a packet scheduling problem. The solutions to these two problems perform resource allocation among different flows. Simulations demonstrate that TCP-I2NC results in a significant throughput gain and a small delay jitter. Network resource is fairly allocated via the solution to the NUM problem and the whole system also runs stably. Moreover, TCP-I2NC is compatible with traditional TCP variants.
基金Acknowledgements This work is supported by the National Natural Science Foundation of China under Grant No. 60971083, National High-Tech Research and Development Plan of China under Grant No. 2009AA01Z206 and National International Science and Technology Cooperation Project under Granted NO.2008DFA12090.
文摘Cooperation allows wireless network users to benefit from various gains such as an in- crease in the achieved rate or an improvement in the bit error rate. In the paper, we propose a distributed Hierarchical Game (HG) theoretic framework over multi-user cooperative communication networks to stimulate cooperation and improve the network performance. First, we study a two- user decision making game in the OFDMA based subscriber cooperative relaying network, in which subscribers transmit their own data in the first phase, while helping to retransmit their partner's or choosing to freeride in the second phase. Instead of consulting to a global optimal solution, we decouple the cooperation resource allocation into two level subproblems: a user level Nash game for distributed cooperation decision and a Base Station (BS) level coalition game for centralized resource allocation. In the proposed HG algorithm, where mutual cooperation is preferred and total payoff is transferable, we prove it converges to a unique optimal equilibrium and resolve the subcarrier as-signment and power allocation among the couples. Besides, we discuss the existence of the publishing and rewarding coefficients in order to encourage cooperation. Then, we extend the HG to multi-user cases by coupling among subscribers according to the location information. The simulation results show that the proposed scheme with the distributed HG game achieves a well tradeoff between fairness and efficiency by improving the transmission efficiency of adverse users and outperforms those employing centralized schemes.
基金supported by the National Natural Science Foundation of China under Grant No.60971125National Major Project under Grant No.2011ZX03003-003-01
文摘This paper introduces an adaptive traffic allocation scheme with cooperation of multiple Radio Access Networks (RANs) in universal wireless environments.The different cooperation scenarios are studied,and based on the scenario of cooperation in both network layer and terminal layer,an open queuing system model,which is aiming to depict the characteristics of packet loss rate of wireless communication networks,is proposed to optimize the traffic allocation results.The analysis and numerical simulations indicate that the proposed scheme achieves inter-networking load balance tominimize the whole transmission delay and expands the communication ability of single-mode terminals to support high data rate traffics.
文摘Service modeling offers fundamental guidance to the construction and operation of mobile telecommunication networks. As the domestic LTE networks have been deployed massively, the refined LTE services model needs to be established urgently. In this paper, we firstly extract characteristic parameters of services from statistical data in 3G networks, especially in time, space and user dimension. Secondly, the development trends of LTE services are analyzed. And the refined LTE service model is established. Finally, prediction results of LTE service development in China is given, which could provide effi cient support for networks' optimization and evolution.
基金supported by the Special Funds for Key Program of China(No.2009ZX01039-002-001-07,2010ZX03005-001-03)the National Natural Science Foundation of China(Grant Nos.61070205and61070206)+1 种基金Beijing Municipal Commission of Education Build Together Project Ministry of Education Infrastructure Construction Project(2-5-2)
文摘Network and communications models are built for target tracking and pursuing in the Internet of Things (IoT).According to these models,two tracking schemes which jointly optimize the pursuing energy and delay are proposed.The merits of these schemes are that they can enhance energy efficiency of both the pursuing route and communication in the network.Moreover,experimental results are provided to demonstrate the benefits of the proposed schemes which will be used as optimization schemes for the IoT tracking service.
基金supported by the WLAN achievement transformation based on SDN project of Beijing Municipal Commission of Education,the grant number is 201501001
文摘With the rapid growth of mobile data traffic and vast traffic offloaded from cellular network, Wi-Fi has been considered as an essential component to cope with the tremendous growth of mobile data traffic. Although operators have deployed a lot of carrier grade Wi-Fi networks, but there are still a multitude of arrears for nowadays Wi-Fi networks, such as supporting seamless handover between APs, automatic network access and unified authentication, etc. In this paper, we propose an SDN based carrier grade Wi-Fi network framework, namely SWN. The key conceptual contribution of SWN is a principled refactoring of Wi-Fi networks into control and data planes. The control plane has a centralized global view of the whole network, can perceive the underlying network state by network situation awareness(NAS) technique, and bundles the perceived information and network management operations into northbound Application Programming Interface(API) for upper applications. In the data plane, we construct software access point(SAP) to abstract the connection between user equipment(UE) and access point(AP). Network operators can design network applications by utilizing these APIs and the SAP abstraction to configure and manage the whole network, which makes carrier grade Wi-Fi networks more flexible, user-friendly, and scalable.
