-
Detection and Mitigation of Cyberattacks: We develop algorithms and techniques to detect and
analyze critical Internet infrastructure failures and the Internet's behavior under stress towards
understanding and mitigating evolving threats in an increasingly complex Internet ecosystem. We also infer
attack mitigation strategies by Internet stakeholders and efficiently mitigate Tbps-level attacks.
In the process, we uncover vulnerabilities in the global routing system, investigate the prooagation
of software updates in end-user devices such as smartphones and study privacy and security issues of
deployed IoT devices. This work is a collaboration with DE-CIX, Akamai, BENOCS,
MIT, Naval Postgradfuate School, Imperial College London, Northeastern
University, IIJ,
and Max Planck Institute for Informatics (2017-present).
-
Web Privacy: We perform a large-scale study to assess the compliance of ad and tracking services with
the recently implemented European Union General Data Protection Regulation(GDPR), concerning the
physical location of the servers and the sensitive topics that they track. We also develop classifiers to
identify sensitive Websites in the Web. This work is a collaboration with IMDEA Networks, the Data
Transparency Lab, and BENOCS (2018-present).
-
Internet Sustainability:
We explore measurement-driven models and architectures towards a more sustainable
Internet in
light of the ever-increasing traffic demand
and competitiveness in the
Internet ecosystem.
We develop and evaluate algorithms for
incremental and sustainable upgrades of ISP networks and
innovative use of in-network
storage, as well as a multi-discipline analysis of the
forces that shape Internet content
delivery.
[2016-present, collaboration with
This is a collaboration with MIT, Akamai, RIPE, DE-CIX, Yale University,
Trinity College Dublin, and University of Freiburg]
-
Internet and Content Delivery Analytics: We develop novel and
scalable techniques to assess the state and health of the Internet and to
improve content delivery in a rapidly changing
Internet. We push the envelope in Internet
measurement by relying on a voluminous amount of data collected from both public
and private vantage points and introduce new techniques to map peering interconnections to the level of a
single building. We also exploit the distributed
platform of a large content delivery network, composed of thousands of servers
around the globe, to assess the performance characteristics of the Internet's
core. We investigate the cost-performance tradeoffs the
different interconnection service offerings that are available to networks in
today's Internet in one and the same colocation facility would go a long way
towards putting this debate on scientifically solid
foundations. In the process, we designed a
fully decentralized, open-source analytics system for network traffic data that
relies on smart partitioning storage schemes to support fast join algorithms and
efficient execution of filtering queries. [2014-present, the
projected is hosted at MIT and TU Berlin, and it is a collaboration with
Akamai].
-
Enabling ISP and CDN Collaboration:
We develop protocols and systems
to enable the collaboration between ISPs and CDNs.
We design and evaluate a service provided by an ISP, called PaDIS, to improve
end-users experience based on the network information and end-user location
available to an ISP, as well as server and path diversity information gathered
by an ISP. We also introduce Content-aware Traffic Engineering (CaTE) which
dynamically adapts server selection for CDNized content by ut ilizing server
and path diversity and without changing routing.
Moreover, we show how to enable CDN and ISP collaboration, with our NetPaaS
prototype, in light of recent CDN-ISP alliances and
advances in network function virtualization. Our results show that CDN-ISP
Collaboration leads to a win-win situation
for both parties and improves end-user experience. [2008-today]
- Content Cartography and DNS:
We propose a lightweight and fully automated approach to discover hosting
infrastructures based only on DNS measurements and BGP routing table snapshots.
Our classification enables us to derive content-centric AS rankings that
complement existing AS rankings and sheds light on recent observations about
shifts in interdomain traffic and the AS topology. In a parallel effort we
undertake a large scale study to assess DNS performance in the wild and we
highlight the implications of DNS deployment to end-users, ISPs and
applications. [2009-2017]
- IXP Data Analysis:
Large Internet Exchange Points (IXPs) are responsible for exchanging more than
25 Petabytes of data daily but have received very little attention from the
research community. We have established a pioneer research project to assess the
importance of IXPs for today's Internet ecosystem. Our measurement results show
that large IXPs are unique vantage points to observe trends in peering and
routing, content delivery, Internet services and applications,
and revisit AS-level view of the Internet.
[2012-today]
-
Delay Tolerant Bulk Transfers on the Internet:
We design and evaluate scheduling algorithms, some assisted by network-attached
storage, to transfer delay tolerant bulk data over the Internet with the most
cost effective way. [2008-2013]
-
Selfish Neighbor Selection:
We re-examine the problem of overlay network creation, taking into
consideration the existence of selfish overlay nodes. We develop a
general game-theoretic framework that provides a unified approach to
modeling Neighbor Selection procedures on behalf
of selfish nodes.
To capitalize on the substantial performance improvement of best
response wirings for overlay nodes, we design, deploy and evaluate, EGOIST,
a Selfish Neighbor Selection inspired prototype. We also show the benefits
Selfish Neighbor Selection may offers to applications. [2006-2013]
-
Distributed Facility Location:
We design and evaluate distributed algorithms
for scalable and efficient service deployment and migration. [2006-2013]
|