Many services on the Internet are provided by multiple identical servers in order to improve performance and robustness. The number, the location and the distribution of servers affect the performance and reliability of a service. The server placement is, however, often determined based on the empirical knowledge of the administrators. This paper investigates issues of the server placement in terms of the service performance and the server load. We identify that a server selection mechanism plays an important role in server placement, and thus, evaluate different server selection algorithms. The result shows that it is essential to the robustness of a service to employ a mechanism which distributes service requests to the servers according to the measured response time of each server. As a case study, we evaluate the server selection mechanisms employed by different DNS (Domain Name System) implementations. Then, we show the effects of the different server selection algorithms using root-server measurements taken at different locations around the world.

A prompt rescue is a serious operation when a catastrophic disaster occurs. In an uncommunicable area where the existing communication systems are damaged, it is, however, difficult to collect SOS messages of victims. So far, we have proposed a smartphone application named SOSCast to collect SOS messages via device-to-device transmission in such an area. However, with the limitation of coverage area and battery consumption, it decreases the possibility of finding the victim due to the risk of losing the SOS messages. In this paper, thus, we propose an information-sharing cluster to virtually extend the communication coverage area and to secure the SOS messages by reducing the battery consumption. In the performance evaluation, compared with the original SOSCast, we showed that the proposed method can reduce battery consumption to secure the message through a prototype system and simulation experiments.

Hash routing is an algorithm for a distributed WWW caching system that achieves a high hit rate by preventing overlaps of objects between caches. However, one of the drawbacks of hash routing is its lack of robustness against failure. Because WWW becomes a vital service on the Internet, the capabilities of fault tolerance of systems that provide the WWW service come to be important. In this paper, we propose a duplicated hash routing algorithm, an extension of hash routing. Our algorithm introduces minimum redundancy to keep system performance when some caching nodes are crashed. In addition, we optionally allow each node to cache objects requested by its local clients (local caching), which may waste cache capacity of the system but it can cut down the network traffic between caching nodes. We evaluate various aspects of the system performance such as hit rates, error rates and network traffic by simulations and compare them with those of other algorithms. The results show that our algorithm achieves both high fault tolerance and high performance with low system overhead.

A management of WWW server is still relying on the expertise and heuristic of administrators, because the comprehensive understandings of server behavior are missing. The administrators should maintain the WWW server with good states that they should investigate the WWW server in real time. Therefore, it is exactly desirable to provide a measurement application that enables the WWW server administrators to monitor WWW servers in the actual operational environment. We developed a measurement application called ENMA (Enhanced Network Measurement Agent) which is specially designed for WWW server state analysis. Furthermore, we applied this application to the large scale WWW server operation to show its implementation and advantages. In this paper, we analyze the WWW server states based on precise monitoring of performance indices of WWW system to help the server management.

In the IETF, discussions on the authentication method of the Dynamic Host Configuration Protocol (DHCP) message are active and several methods have been proposed. These related specifications were published and circulated as the IETF Internet-Drafts. However, they still have several drawbacks. One of the major drawbacks is that any user can reuse addresses illegally. A user can use an expired address that was allocated to a host. This kind of "illegal use" of the addresses managed by the DHCP server may cause serious security problems. In order to solve them, we propose a new access control method to be used as the DHCP message authentication mechanism. Furthermore, we have designed and developed the DAG (DHCP Access Control Gateway) according to our method. The DAG serves as a gateway that allows only network accesses from clients with the address legally allocated by the DHCP server. This provides secure DHCP service if DHCP servers do not have an authentication mechanism, which is most likely to occur. If a DHCP server has such an authentication scheme as being proposed in IETF Internet-Draft, the DAG can offer a way to enable only a specific client to access the network.

Although IP Multicast offers efficient data delivery for large group communications, the most critical issue delaying widespread deployment of IP Multicast is the scalability of multicast forwarding state as the number of multicast groups increases. Sender-Initiated Multicast (SIM) was proposed as an alternative multicast forwarding scheme for small group communications with incremental deployment capability. The key feature of SIM is in its Preset mode with the automatic SIM tunneling function, which maintaining forwarding information states only on the branching routers. To demonstrate how SIM increases scalability with respect to the number of groups, in this paper we evaluate the proposed protocol both through simulations and real experiments. As from the network operator's point of view, the bandwidth consumption, memory requirements on state-and-signaling per session in routers, and the processing overhead are considered as evaluation parameters. Finally, we investigated the strategies for incremental deployment.

In the near future, wireless local area networks (WLANs) will overlap to provide continuous coverage over a wide area. In such ubiquitous WLANs, a mobile node (MN) moving freely between multiple access points (APs) requires not only permanent access to the Internet but also continuous communication quality during handover. In order to satisfy these requirements, an MN needs to (1) select an AP with better performance and (2) execute a handover seamlessly. To satisfy requirement (2), we proposed a seamless handover method in a previous study. Moreover, in order to achieve (1), the Received Signal Strength Indicator (RSSI) is usually employed to measure wireless link quality in a WLAN system. However, in a real environment, especially if APs are densely situated, it is difficult to always select an AP with better performance based on only the RSSI. This is because the RSSI alone cannot detect the degradation of communication quality due to radio interference. Moreover, it is important that AP selection is completed only on an MN, because we can assume that, in ubiquitous WLANs, various organizations or operators will manage APs. Hence, we cannot modify the APs for AP selection. To overcome these difficulties, in the present paper, we propose and implement a proactive AP selection method considering wireless link condition based on the number of frame retransmissions in addition to the RSSI. In the evaluation, we show that the proposed AP selection method can appropriately select an AP with good wireless link quality, i.e., high RSSI and low radio interference.

In a large scale distributed environment or large open networks like WIDE Internet which is an academic and reserch network in Japan, the authentication system is the fundamental building block for providing security mechanisms. We have developed a trusted third-party authentication system called SPLICE|AS for the WIDE Interet. The authetication protocol adopted in SPLICE|AS is based on the public-key encryptosystem, originally proposed by Needham. We made several extensions to detct some sort of security attacks like replay attacks which were not considered in the original Needham's approach. Furthermore, the domain-based management scheme and protocol extensions are introduced to our system since management principals are scatterd across the WIDE Internet. The whole network is logically subdivided into several domains based on network management policies, and each domain is managed by a single authentication server. Then, the domain concept is applied in a hierarchical manner to provide the inter-domain access. An authentication server existing in an upper domain authorizes and controls inter-domain accesses between subdomains. This paper describes the design of SPLICE|AS, and its implementatins.

Improvements of Internet technology during the last decade have shifted the technical focus from reachability to the quality of communication. There are many technical frameworks, such as Integrated Service and Differentiated Services, which have been standardized to assure the quality of communication. QoS routing is also one of such frameworks. It changes or fixes a route that IP datagrams take, and is also indispensable to put a variety of services into practice. Nevertheless, experiment reports of QoS routing on operational network are quite few, especially with dynamic SLA. Therefore, we still do not know much about the important factors for QoS-enabled network to be realized, such as users' behavior, suitable services to offer, and configuration parameters. In this paper, we carried out field-trial with pseudo QoS routing and dynamic SLA in an actual network built at the WIDE retreat in autumn 2000. In this field-trial, we provided two different types of links to attendees. Attendees chose one of the links, through which their flows go, with our dynamic SLA. We describe the details and the results of this experiment. Our results could help to understand the customers' behavior for differentiated services, and therefore be useful for designing and deploying various QoS technologies.

Switching a communication path from one Access Point (AP) to another in inter-domain WLANs is a critical challenge for delay-sensitive applications such as Voice over IP (VoIP) because communication quality during handover (HO) is more likely to be deteriorated. To maintain VoIP quality during HO, we need to solve many problems. In particular, in bi-directional communication such as VoIP, an AP becomes a bottleneck with the increase of VoIP calls. As a result, packets queued in the AP buffer may experience a large queuing delay or packet losses due to increase in queue length or buffer overflow, thereby causing the degradation of VoIP quality for the Mobile Nodes (MNs) side. To avoid this degradation, MNs need to appropriately and autonomously execute HO in response to the change in wireless network condition, i.e., the deterioration of wireless link quality and the congestion state at the AP. In this paper, we propose an HO decision strategy considering frame retries, AP queue length, and transmission rate at an MN for maintaining VoIP quality during HO. Through simulation experiments, we then show that our proposed method can maintain VoIP quality during HO by properly detecting the wireless network condition.

In this paper, we focus on how to correct address mapping violation, in which an attacker rewrites the address mapping table of a victim to perform a Man-in-the-Middle (MITM) attack. We propose a technique for preventing MITM attacks in which a malicious user intercepts and possibly alters the data transmitted between two hosts. MITM attack is hard for legitimate users to notice during their normal communication, because each user believes they are communicating directly. Address mapping violation can occur because of vulnerability of address resolution protocols, Address Resolution Protocol (ARP) in IPv4 and Neighbor Discovery (ND) protocol in IPv6. Accordingly, a good method to prevent MITM attack by address mapping violation is essential for both current and future communications, i.e. wireless networks with roaming users and an interconnected world. Hence, our proposal mainly aims to have high usability in future applications such as embedded devices.

In this research, we focused on fair bandwidth allocation on the Internet. The Internet provides communication services based on exchanged packets. The bandwidth available for each customer is often fluctuated. Fair bandwidth allocation is an important issue for ISPs to gain customer satisfaction. Static bandwidth allocation allows an exclusive bandwidth for specific traffic. Although it gives communications a QoS guarantee, it requires muany bandwidth resources as known as over-provisioning. In contrast with static control, dynamic control allocates bandwidth resources dynamically. It therefore utilizes bandwidth use more effectively. However, it needs control overhead in monitoring traffic and estimating the optimum allocation. The Transmission Control Protocol, or TCP is the dominant protocol on the Internet. It is also equipped with a traffic-rate-control mechanism. An adaptive bandwidth-allocation mechanism must control traffic that is under TCP control. Rapid feedback makes it possible to gain an advantage over TCP control. In this paper, we propose an Adaptive Bandwidth Allocation (ABA) mechanism as a feedback system for MPLS. Our proposal allows traffic to be regulated adaptively as its own weight value which can be assigned by administrators. The feedback bandwidth allocation in the previous work needs round-trip control delay in collecting network status along the communication path. We call this "round-trip feedback control." Our proposal, called "one-way feedback control," collects network status in half the time of roundtrip delay. We compare the performance of our one-way feedback-based mechanism and traditional round-trip feedback control under a simulation environment. We demonstrate the advantages of our rapid feedback control has using experimental results.

Polling I/O mechanisms on the Unix platform such as select() and poll() cause high processing overhead when they are used in a heavily-loaded network server with many concurrent open sockets. Large waste of processing power incurs not only service degradation but also various troubles such as high electronic power consumption and worsened MTBF of server hosts. It is thus a serious issue especially in large-scale service providers such as an Internet data center (iDC) where a great number of heavily-loaded network servers are operated. As a solution of this problem, we propose a technique of fine-grained control on the invocation intervals of the polling I/O function. The uniqueness of this study is the utilization of POSIX real-time scheduling to enable the fine-grained execution control. Although earlier solutions such as an explicit event delivery mechanism also addressed the problem, they require major modification in the OS kernel and transition from the traditional polling I/O model to the new explicit event-notification model. On the other hand, our technique can be implemented with low cost because it just inserts a few small blocks of codes into the server program and does not require any modification in the OS kernel.

In order to prevent the degradation of TCP performance while traversing two WLANs, we present an implementation design of an inter-domain TCP handover method based on cross-layer and multi-homing. The proposed handover manager (HM) in the transport layer uses two TCP connections previously established via two WLANs (multi-homing) and switches the communication path between the two connections according to the handover trigger and the comparison of new/old APs. The handover trigger and comparison are conducted by assessing the wireless link quality using the frame-retry information obtained from the MAC layer (cross-layer). In a previous study, we proposed a preliminary concept for this method and evaluated its functional effectiveness through simulations. In the present study, we design an implementation considering a real system and then examine the effective performance in a real environment because a real system has several system constraints and suffers from fluctuations in an actual wireless environment. Indeed, depending on the cross-layer design, the implementation often degrades the system performance even if the method exhibits good functional performance. Moreover, the simple assessments of wireless link quality in the previous study indicated unnecessary handovers and inappropriate AP selection in a real environment. Therefore, we herein propose a new architecture that performs cross-layer collaboration between the MAC layer and the transport layer while avoiding degradation of system performance. In addition, we use a new assessment scheme of wireless link quality, i.e., double thresholds of frame retry and comparison of frame retry ratio, in order to prevent handover oscillation caused by fluctuations in the wireless environment. The experimental results demonstrate that the prototype system works well by controlling two TCP connections based on assessments of wireless link quality thereby achieving efficient inter-domain TCP handover in a real WLAN environment.

In future mobile networks, new technologies will be needed to enable a mobile host to move across heterogeneous wireless access networks without disruption of the connection. In the past, many researchers have studied handover in such IP networks. In almost all cases, special network devices are needed to maintain the host's mobility. Moreover, a host cannot move across heterogeneous wireless access networks without degradation of the goodput for real-time communication, although a mobile host with multiple network interfaces can connect to multiple wireless access networks. For these reasons, we consider that a mobile host needs to manage seamless handover on an end-to-end basis. In this paper, we propose a multi-path transmission algorithm for end-to-end seamless handover. The main purpose of this algorithm is to improve the goodput during handover by sending the same packets along multiple paths, minimizing unnecessary consumption of network resources. We evaluate our algorithm through simulations and show that a mobile host gains a better goodput.

Detecting traffic anomalies is an indispensable component of overall security architecture. As Internet and traffic data with more sophisticated attacks grow exponentially, preserving security with signature-based traffic analyzers or analyzers that do not support massive traffic are not sufficient. In this paper, we propose a novel method based on combined sketch technique and S-transform analysis for detecting anomalies in massive traffic streams. The method does not require any prior knowledge such as attack patterns and models representing normal traffic behavior. To detect anomalies, we summarize the entropy of traffic data over time and maintain the summarized data in sketches. The entropy fluctuation of the traffic data aggregated to the same bucket is observed by S-transform to detect spectral changes referred to as anomalies in this work. We evaluated the performance of the method with real-world backbone traffic collected at the United States and Japan transit link in terms of both accuracy and false positive rates. We also explored the method parameters' influence on detection performance. Furthermore, we compared the performance of our method to S-transform-based and Wavelet-based methods. The results demonstrated that our method was capable of detecting anomalies and overcame both methods. We also found that our method was not sensitive to its parameter settings.

We investigated client honeypots for detecting and circumstantially analyzing drive-by download attacks. A client honeypot requires both improved inspection performance and in-depth analysis for inspecting and discovering malicious websites. However, OS overhead in recent client honeypot operation cannot be ignored when improving honeypot multiplication performance. We propose a client honeypot system that is a combination of multi-OS and multi-process honeypot approaches, and we implemented this system to evaluate its performance. The process sandbox mechanism, a security measure for our multi-process approach, provides a virtually isolated environment for each web browser. It prevents system alteration from a compromised browser process by I/O redirection of file/registry access. To solve the inconsistency problem of file/registry view by I/O redirection, our process sandbox mechanism enables the web browser and corresponding plug-ins to share a virtual system view. Therefore, it enables multiple processes to be run simultaneously without interference behavior of processes on a single OS. In a field trial, we confirmed that the use of our multi-process approach was three or more times faster than that of a single process, and our multi-OS approach linearly improved system performance according to the number of honeypot instances. In addition, our long-term investigation indicated that 72.3% of exploitations target browser-helper processes. If a honeypot restricts all process creation events, it cannot identify an exploitation targeting a browser-helper process. In contrast, our process sandbox mechanism permits the creation of browser-helper processes, so it can identify these types of exploitations without resulting in false negatives. Thus, our proposed system with these multiplication approaches improves performance efficiency and enables in-depth analysis on high interaction systems.