The authors develop a simulation model for asynchronous transfer mode available bit rate (ATM ABR) service and use it to engineer ABR congestion control behavior. Although significant work has been performed on ABR rate allocation algorithms at network switches, little work has focused on the end system behavior, which is examined in this article. The effect of (1) the speed of the links on the path from the source to the destination and (2) the connection round trip time on the selection of ABR parameter values is studied. Simulation results illustrate the impact of the key parameters that control rate reduction in the absence of network feedback on performance, in terms of connection throughputs, queue lengths at the switches, and link utilizations. These results have been incorporated into the ABR standards and can be generalized to cooperative congestion control with explicit congestion notification in the Internet.

This paper proposes an algorithm for aggregating virtual channel connections (VCCs) onto virtual path connections (VPSs) in asynchronous transfer mode (ATM) networks. We focus on the interesting problem of multiplexing onto an available bit rate (ABR) VPC. ABR VPCs are particularly useful for connecting enterprise sites over the Internet, providing a virtual private network (VPN). The VPC/VCC hierarchy is also important for supporting Internet differentiated services over ATM. The coupling between the flow control mechanisms for VCCs and VPCs is not standardized. We propose fairness definitions for VPC bandwidth allocation, and describe an algorithm for allocating the VPC capacity to the multiplexed VCCs. Preliminary simulation results indicate that the algorithm achieves the required fair allocations, while controlling queue sizes

The unprecedented increase in the number of Internet users, routers, and service providers has introduced significant challenges to the design of scalable network architectures and end-to-end protocols. Web driven demand and traffic can exhibit extreme variability; providing predictable quality of service (QoS) without resorting to major over-provisioning is a difficult problem; facilitating dynamic group communication and multicast has spurred a multitude of proposals, each with its own idiosyncrasies and trade-offs; QoS routing faces the computational complexity barrier; congestion control is asked to be fair, efficient, and stable in a complex environment; mobility and wireless channels impose new control dimensions and constraints; and faults in software and hardware introduce disruptions that may persist in time and spread in space. A common denominator to many of these examples is scalability, which, to varying degrees, plays an important role when designing and evaluating feasible solutions.

While the DETER testbed provides a safe environment and basic tools for security experimentation, researchers face a significant challenge in assembling the testbed pieces and tools into realistic and complete experimental scenarios. In this paper, we describe our work on developing a set of sampled and comprehensive benchmark scenarios, and a workbench for experiments involving denial-of-service (DoS) attacks. The benchmark scenarios are developed by sampling features of attacks, legitimate traffic and topologies from the real Internet. We have also developed a measure of DoS impact on network services to evaluate the severity of an attack and the effectiveness of a proposed defense. The benchmarks are integrated with the testbed via the experimenter’s workbench - a collection of traffic generation tools, topology and defense library, experiment control scripts and a graphical user interface. Benchmark scenarios provide inputs to the workbench, bypassing the user’s selection of topology and traffic settings, and leaving her only with the task of selecting a defense, its configuration and deployment points. Jointly, the benchmarks and the experimenter’s workbench provide an easy, point-and-click environment for DoS experimentation and defense testing.

While the DETER testbed provides a safe environment and basic tools for security experimentation, researchers face a significant challenge in assembling the testbed pieces and tools into realistic and complete experimental scenarios. In this paper, we describe our work on automating experimentation for distributed denial-of-service attacks. We developed the following automation tools: (1) the Experimenter’s Workbench that provides a graphical user interface, tools for topology, traffic and monitoring setup and tools for statistics collection, visualization and processing, (2) a DDoS benchmark suite that contains a set of diverse and comprehensive attack scenarios, (3) the Experiment Generator that combines chosen AS-level and edge-level topologies, legitimate traffic and a set of attacks into DETER-compatible scripts. Jointly, these tools facilitate easy experimentation even for novice users.

The central paradigm of today’s successful Internet is to keep the network core simple and move complexity towards the network end points. Unfortunately, this very paradigm limits network management and control capabilities, and creates opportunities for attacks such as worms, viruses, and spam that often seriously disrupt and degrade Internet and user performance. The thrust of this paper is that such problems cannot be effectively solved unless a paradigm shift is adopted. Towards a more secure and manageable Internet, we propose “virtualization” of the Internet, by carefully balancing its scalability and programmability properties. Our objective is to provide a programmable virtual Internet to users and to let them manage, control, and optimize it based on their individual needs.

Introducation to Parallel Computing is a complete end-to-end source of information on almost all aspects of parallel computing from introduction to architectures to programming paradigms to algorithms to programming standards. It is the only book to have complete coverage of traditional Computer Science algorithms (sorting, graph and matrix algorithms), scientific computing algorithms (FFT, sparse matrix computations, N-body methods), and data intensive algorithms (search, dynamic programming, data-mining).

Serendipity refers to making fortunate discoveries quite by accident, so transitioning to a science might seem like an inherently difficult task. But that is just what modern data mining hopes to accomplish.

The authors explore the conflict between personalization and privacy that arises from the existence of straddlers - users with eclectic tastes who rates products across several different types or domains—in recommender systems. While straddlers enable serendipitous recommendations, information about their existence could be used in conjunction with other data sources to uncover identities and reveal personal details. This article discusses a graph­theoretic model for studying the benefit for and risk to straddlers.

This paper presents an efficient framework for error-bounded compression of high-dimensional discrete attributed datasets. Such datasets, which frequently arise in a wide variety of applications, pose some of the most significant challenges in data analysis. Subsampling and compression are two key technologies for analyzing these datasets. PROXIMUS provides a technique for reducing large datasets into a much smaller set of representative patterns, on which traditional (expensive) analysis algorithms can be applied with minimal loss of accuracy. We show desirable properties of PROXIMUS in terms of runtime, scalability to large datasets, and performance in terms of capability to represent data in a compact form. We also demonstrate applications of PROXIMUS in association rule mining. In doing so, we establish PROXIMUS as a tool for preprocessing data before applying computationally expensive algorithms or as a tool for directly extracting correlated patterns. Our experimental results show that use of the compressed data for association rule mining provides excellent precision and recall values (near 100%) across a range of support thresholds while reducing the time required for association rule mining drastically.

Discrete optimization problems arise in a variety of domains, such as VLSI design, transportation, scheduling and management, and design optimization. Very often, these problems are solved using state space search techniques. Due to the high computational requirements and inherent parallel nature of search techniques, there has been a great deal of interest in the development of parallel search methods since the dawn of parallel computing. Significant advances have been made in the use of powerful heuristics and parallel processing to solve large-scale discrete optimization problems. Problem instances that were considered computationally intractable only a few years ago are routinely solved currently on server-class symmetric multiprocessors and small workstation clusters. Parallel game-playing programs are challenging the best human minds at games like chess. In this paper, we describe the state of the art in parallel algorithms used for solving discrete optimization problems. We address heuristic and nonheuristic techniques for searching graphs as well as trees, and speed-up anomalies in parallel search that are caused by the inherent speculative nature of search techniques