The Common Media Application Format (CMAF) is a standard for adaptive bitrate live streaming. The CMAF adapts chunk encoding and enables low-latency live streaming. However, conventional bandwidth estimation for adaptive bitrate streaming underestimates bandwidth because download time is affected not only by network bandwidth but also by the idle times between chunks in the same segment. Inaccurate bandwidth estimation decreases the quality of experience of the streaming client. In this paper, we propose a chunk-grouping method to estimate the available bandwidth for adaptive bitrate live streaming. In the proposed method, by delaying HTTP request transmission and bandwidth estimation using grouped chunks, the client estimates the available bandwidth accurately due to there being no idle times in the grouped chunks. In addition, we extend the proposed method to dynamically change the number of grouping chunks according to buffer length during downloading of the previous segment. We evaluate the proposed methods under various network conditions in order to confirm the effectiveness of the proposed methods.

HTTP Distributed Denial of Service (DDoS) flooding attack aims to deplete the connection resources of a targeted web server by transmitting a massive amount of HTTP request packets using botnets. This type of attack seriously deteriorates the service quality of the web server by tying up its connection resources and uselessly holds up lots of network resources like link capacity and switching capability. This paper proposes a defense method for mitigating HTTP DDoS flooding attack based on software-defined networking (SDN). It is demonstrated in this paper that the proposed method can effectively defend the web server and preserve network resources against HTTP DDoS flooding attacks.

In this paper, we propose a quality-level selection method for adaptive video streaming with scalable video coding (SVC). The proposed method works on the client with the dynamic adaptive streaming over HTTP (DASH) with SVC. The proposed method consists of two components: introducing segment group and a buffer-aware layer selection algorithm. In general, quality of experience (QoE) performance degrades due to stalling (playback buffer underflow), low playback quality, frequent quality-level switching, and extreme-down quality switching. The proposed algorithm focuses on reducing the frequent quality-level switching, and extreme-down quality switching without increasing stalling and degrading playback quality. In the proposed method, a SVC-DASH client selects a layer every G segments, called a segment group to prevent frequent quality-level switching. In addition, the proposed method selects the quality of a layer based on a playback buffer in a layer selection algorithm for preventing extreme-down switching. We implement the proposed method on a real SVC-DASH system and evaluate its performance by subjective evaluations of multiple users. As a result, we confirm that the proposed algorithm can obtain better mean opinion score (MOS) value than a conventional SVC-DASH, and confirm that the proposed algorithm is effective to improve QoE performance in SVC-DASH.

Video streaming over HTTP/2 is a new trend in multimedia delivery. Compared to the pull-based HTTP/1.1 protocol, the new HTTP/2 protocol's Server Push feature is very effective in reducing the overheads (e.g., in terms of energy, processing, bandwidth) for clients, servers, and network nodes. This paper presents an HTTP/2 push-based adaptation method for on-demand video streaming that reduces the number of requests and provides high video quality. In our method, for each client request, the server sends video segments continuously until it receives another client request with a new quality. Since a request is sent only if the client wants to update the video bitrate, our method can significantly reduce the request related overhead. For this context, a buffer based algorithm is proposed to provide high and smooth video quality while avoiding buffer underflows. Experiments show that the proposed method can provide a lower number of requests, higher average quality and better quality smoothness than existing methods.

Damage caused by malware has become a serious problem. The recent rise in the spread of evasive malware has made it difficult to detect it at the pre-infection timing. Malware detection at post-infection timing is a promising approach that fulfills this gap. Given this background, this work aims to identify likely malware-infected devices from the measurement of Internet traffic. The advantage of the traffic-measurement-based approach is that it enables us to monitor a large number of endhosts. If we find an endhost as a source of malicious traffic, the endhost is likely a malware-infected device. Since the majority of malware today makes use of the web as a means to communicate with the C&C servers that reside on the external network, we leverage information recorded in the HTTP headers to discriminate between malicious and benign traffic. To make our approach scalable and robust, we develop the automatic template generation scheme that drastically reduces the amount of information to be kept while achieving the high accuracy of classification; since it does not make use of any domain knowledge, the approach should be robust against changes of malware. We apply several classifiers, which include machine learning algorithms, to the extracted templates and classify traffic into two categories: malicious and benign. Our extensive experiments demonstrate that our approach discriminates between malicious and benign traffic with up to 97.1% precision while maintaining the false positive rate below 1.0%.

In this paper, we propose a quality-level control method based on quality of experience (QoE) characteristics for HTTP adaptive streaming (HAS). The proposed method works as an adaptive bitrate controller on the HAS client. The proposed method consists of two operations: buffer-aware control and QoE-aware control. We implement the proposed method on an actual dynamic adaptive streaming over HTTP (DASH) program and evaluate the QoE performance of the proposed method via both objective and subjective evaluations. The results show that the proposed method effectively improves both objective and subjective QoE performances by preventing stalling events and quality-level switchings that have a negative influence on subjective QoE performance.

HTTP Adaptive Streaming (HAS) has become a popular solution for media delivery over the mobile Internet. However, existing HAS systems are based on the pull-based HTTP/1.1 protocol, leading to high overheads (e.g., in terms of energy, processing, bandwidth) for clients, servers, as well as network nodes. The new HTTP/2 protocol provides a server push feature, which allows the client to receive more than one video segment for each request in order to reduce request-related overheads. In this study, we propose an adaptation method to leverage the push feature of HTTP/2. Our method takes into account not only the request-related overhead but also buffer stability and gradual transitions. The experimental results show that our proposed method performs well under strong throughput variations of mobile networks.

The study focuses on the adaptation problem for HTTP low-delay live streaming over mobile networks. In this context, the client's small buffer could be easily underflown due to throughput variations. To maintain seamless streaming, we present a probabilistic approach to adaptively decide the bitrate for each video segment by taking into account the instant buffer level. The experimental results show that the proposed method can significantly reduce buffer underflows while providing high video bitrates.

It is crucial to provide Internet videos with the best possible content value (or quality) to users. To adapt to network fluctuations, existing solutions provide various client-based heuristics to change video versions without considering the actual quality. In this work, we present for the first time the use of a quality model in making adaptation decisions to improve the overall quality. The proposed method also estimates the buffer level in the near future to prevent the client from buffer underflows. Experiment results show that the proposed method is able to provide high and consistent video quality under strongly fluctuating bandwidths.

Considering diversified HTTP types, the performance bottleneck of signature-based classification must be resolved. We define a signature model classifying the traffic in multiple dimensions and suggest a hierarchical signature structure to remove signature redundancy and minimize search space. Our experiments on campus traffic demonstrated 1.8 times faster processing speed than the Aho-Corasick matching algorithm in Snort.

This paper proposes a device discovery method for consolidated IP and ZigBee home networks. The method broadcasts an IP multicasted device discovery request of UPnP, m-search, in the ZigBee network as a Constrained Application Protocol (CoAP) message. Upon receiving the m-search broadcast, ZigBee devices respond after a constant time delay with their device description Universal Resource Name (URN). We refer to this device discovery mechanism as transparent msearch. Transparent m-search enables reliable and swift device discovery in home networks which may include constrained networks such as ZigBee. It is revealed by an experiment with 41 ZigBee devices that the delayed response from ZigBee devices is essential to avoid collisions between m-search broadcast and responses from devices and, as a result, to secure the reliability of device discovery. Since the transparent m-search requires the receiving ZigBee devices to respond with their device description URNs, the execution time of device discovery is significantly improved. In our experiment with 41 ZigBee devices, a conventional m-search took 38.1 second to complete device discovery while that of transparent m-search took only 6.3 second.

Current Web authentication frameworks have well-known weaknesses. HTTP provides an access authentication framework, but it is rarely used because it lacks presentational control. Forms and cookies, which are most commonly used, have the long-standing privacy issue raised by tracking. URI sessions, which are used in some mobile services like i-mode 1.0, disclose session identifiers unintentionally. This paper proposes iAuth, which integrates better parts of the existing frameworks and fixes their problems; iAuth allows servers to provide log-in forms, and introduces a session header to avoid servers' tracking and unintentional disclosure. Since iAuth has backward compatibility with the major legacy browsers, developers can freely introduce iAuth into their Web sites or browsers as needed. Experiments confirm its correct operation; an iAuth server is shown to support not only an iAuth client but major legacy browsers. We believe that iAuth will resolve the long-standing issues in Web authentication.

Parallel downloading retrieves different pieces of a file from different servers simultaneously and so is expected to greatly shorten file fetch times. A key requirement is that the different servers must hold the same file. We have already proposed a proxy system that can ensure file freshness and concordance. In this paper, we combine parallel downloading with the proxy server technology in order to download a file quickly and ensure that it is the latest version. Our previous paper on parallel downloading took neither the downloading order of file fragments nor the buffer space requirements into account; this paper corrects those omissions. In order to provide the user with the required file in correct order as a byte stream, the proxy server must reorder the pieces fetched from multiple servers and shuffle in the delayed blocks as soon as possible. Thus, "substitution download" is newly introduced, which requests delayed blocks from other servers to complete downloading earlier. Experiments on substitution download across the Internet clarify the tradeoff between the buffering time and the redundant traffic generated by duplicate requests to multiple servers. As a result, the pseudo-optimum balance is discovered and our method is shown both not to increase downloading time and to limit the buffer space. This network software can be applied to download files smoothly absorbing the difference in performance characteristics among heterogeneous networks.

This paper proposes a Real-Time Compression Architecture (RTCA), which maximizes the efficiency of web services, while reducing the response time at the same time. The developed architecture not only guarantees the freshness of compressed contents but also minimizes the time needed to compress the message, especially when the traffic is heavy.

In high-speed data networks, it is important to execute high-speed address resolution for packets at a router. To accomplish high-speed address resolution, address cache is effective. For HTTP accesses, it has been discussed that the Dual Zipfian Model can describe the distribution of the destination IP addresses, and it enabled us to derive the cache miss ratio in the steady state, i. e. , the cache miss ratio when the cache has full entries. However, at the time that systems are initialized or network topology is changed, the address cache has no address information or invalid address information. This paper shows the compulsory miss ratio which is the cache miss ratio when the cache has no address entry. In addition, we discuss the replacement policies of cache entries, for fast recovery of packet reachability, when the cache has information of unreachable address.

This paper proposes the Dual Zipfian Model addressing how to describe HTTP access trends in large-scale data communication networks, and discusses how to design the capacity of address cache tables in an edge router of the networks. We show that destination addresses of packets can be characterized by two types of Zipf's law. Fundamental concept of the Dual Zipfian Model is in complementary use of these laws, and we can derive the relationship between the number of accesses and the number of destination addresses. Experimental results show that the relation gives a good approximation. Applying this relation, we derive cache hit probabilities of the address cache table that incorporates high-speed address resolution. Using the probabilities, design issues including the capacity of the cache tables and aging algorithms of cache entries are also discussed.

As the Hypertext Transfer Protocol (HTTP) becomes more popular for network communication, network loads in areas with less developed network infrastructures will be an increasing problem. This paper presents a system which extends a WWW-server with a gateway to an RDBMS and a mail program, allowing for interactive query formulation together with return of potentially large query results by e-mail. These results can then be downloaded by the user when network loads are low.