• Complex
  • Title
  • Author
  • Keyword
  • Abstract
  • Scholars
Search
High Impact Results & Cited Count Trend for Year Keyword Cloud and Partner Relationship

Query:

学者姓名:胡成臣

Refining:

Source

Submit Unfold

Co-Author

Submit Unfold

Language

Submit

Clean All

Export Sort by:
Default
  • Default
  • Title
  • Year
  • WOS Cited Count
  • Impact factor
  • Ascending
  • Descending
< Page ,Total 6 >
COIN: A fast packet inspection method over compressed traffic EI SCIE
期刊论文 | 2019 , 127 , 122-134 | Journal of Network and Computer Applications
Abstract&Keyword Cite

Abstract :

Matching multiple patterns simultaneously is a key technique in Deep Packet Inspection systems, such as firewall, Intrusion Detection Systems, etc. However, most web services nowadays tend to compress their traffic for less data transferring and better user experience, which has challenged the original multi-pattern matching method that work on raw content only. The straightforward solutions directly match decompressed data which multiply the data to be matched. The state-of-the-art works skip scanning some data in compressed segments, but still exist the redundant checking, which are not efficient enough. In this paper, we propose COmpression INspection (COIN) method for multi-pattern matching over compressed traffic. COIN does not recheck the patterns within compressed segment if it has been matched before, so as to further improve the performance of matching, we have collected real traffic data from Alexa top sites and performed the experiments. The evaluation results show that COIN achieves 20.3% and 17.0% in the average of improvement than the state-of-the-art approaches on the string and regular expression matching with real traffic and rule sets. © 2018 Elsevier Ltd

Keyword :

Data transferring Deep packet inspection Evaluation results Intrusion Detection Systems Multi-pattern matching Packet inspection Regular-expression matching State-of-the-art approach

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Sun, Xiuwen , Li, Hao , Zhao, Dan et al. COIN: A fast packet inspection method over compressed traffic [J]. | Journal of Network and Computer Applications , 2019 , 127 : 122-134 .
MLA Sun, Xiuwen et al. "COIN: A fast packet inspection method over compressed traffic" . | Journal of Network and Computer Applications 127 (2019) : 122-134 .
APA Sun, Xiuwen , Li, Hao , Zhao, Dan , Lu, Xingxing , Hou, Kaiyu , Hu, Chengchen . COIN: A fast packet inspection method over compressed traffic . | Journal of Network and Computer Applications , 2019 , 127 , 122-134 .
Export to NoteExpress RIS BibTex
Fast Data Plane Testing for Software-Defined Networks With RuleChecker SCIE
期刊论文 | 2019 , 27 (1) , 173-186 | IEEE-ACM TRANSACTIONS ON NETWORKING
Abstract&Keyword Cite

Abstract :

A key feature of software-defined networking (SDN) is the decoupling of control pane and data plane. Although delivering huge benefits, such a decoupling also brings a new risk: the data plane states (i.e., flow tables) may deviate from the control plane policies. Existing data plane testing tools such as RuleScope check the correctness of flow tables by injecting probes. However, they are limited in four aspects: 1) are slow in generating probes due to solving SAT problems; 2) may raise false negatives when there are multiple missing rules; 3) cannot test cascaded flow tables used by OpenFlow switches; and 4) either does not support incremental update or has a slow update speed. To overcome these limitations, we present RuleChecker, a fast data plane testing tool for SDN. In contrast to previous tools that generate each probe by solving an SAT problem, the RuleChecker takes the flow table as whole and generates all probes through an iteration of simple set operations. By leveraging binary decision diagram to encode sets, we make the RuleChecker extremely fast: nearly 20x faster than the RuleScope, and can update probes in less than 2 ms for 90% of the cases, based on the Stanford backbone rule set.

Keyword :

data plane faults probe generation Software defined network binary decision diagram

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Zhang, Peng , Zhang, Cheng , Hu, Chengchen . Fast Data Plane Testing for Software-Defined Networks With RuleChecker [J]. | IEEE-ACM TRANSACTIONS ON NETWORKING , 2019 , 27 (1) : 173-186 .
MLA Zhang, Peng et al. "Fast Data Plane Testing for Software-Defined Networks With RuleChecker" . | IEEE-ACM TRANSACTIONS ON NETWORKING 27 . 1 (2019) : 173-186 .
APA Zhang, Peng , Zhang, Cheng , Hu, Chengchen . Fast Data Plane Testing for Software-Defined Networks With RuleChecker . | IEEE-ACM TRANSACTIONS ON NETWORKING , 2019 , 27 (1) , 173-186 .
Export to NoteExpress RIS BibTex
ShiftRoute: Achieving Location Privacy for Map Services on Smartphones EI SCIE Scopus
期刊论文 | 2018 , 67 (5) , 4527-4538 | IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY
Abstract&Keyword Cite

Abstract :

Map services, e.g., Google Maps, are gaining popularity for vehicle navigation. However, map service users have to provide sensitive information like precise geographic locations or detailed addresses, which are susceptible to accidental leakage or even data mining in the future. We find existing general-purposed location privacy protection mechanisms (LPPMs) not effective, when applied to map service on smartphones. This paper presents ShiftRoute, a new LPPM specially designed for map services on smartphones. ShiftRoute enables smartphone users to query a route between two endpoints on the map, without revealing any meaningful location information. The basic idea is to strategically shift the endpoints to nearby ones, such that: 1) the semantic meanings encoded in these endpoints (e.g., their addresses) change much, i.e., location privacy is largely protected; 2) the routes returned by map services change little, i.e., service usability is preserved. Specifically, we design a protocol to allow a mobile client to retrieve point of interests (POIs) close to the original endpoints, and an algorithm that selects shifted endpoints from these POIs, that achieves the privacy property of geo-indistinguishability. We implement an application of ShiftRoute on Android, and conduct experiments with real traces from a production map service. Experimental results show that ShiftRoute strikes a good tradeoff between location privacy and service usability.

Keyword :

Map service smartphone location privacy

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Zhang, Peng , Hu, Chengchen , Chen, Di et al. ShiftRoute: Achieving Location Privacy for Map Services on Smartphones [J]. | IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY , 2018 , 67 (5) : 4527-4538 .
MLA Zhang, Peng et al. "ShiftRoute: Achieving Location Privacy for Map Services on Smartphones" . | IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY 67 . 5 (2018) : 4527-4538 .
APA Zhang, Peng , Hu, Chengchen , Chen, Di , Li, Hao , Li, Qi . ShiftRoute: Achieving Location Privacy for Map Services on Smartphones . | IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY , 2018 , 67 (5) , 4527-4538 .
Export to NoteExpress RIS BibTex
A Mechanism of Taming the Flow Table Overflow in OpenFlow Switch EI Scopus CSCD PKU
期刊论文 | 2018 , 41 (9) , 2003-2015 | Jisuanji Xuebao/Chinese Journal of Computers
Abstract&Keyword Cite

Abstract :

Software Defined Networking is an emerging network architecture, which decouples the control plane from the data plane and operates the global network with elaborate abstraction. The flow table plays an important role in an OpenFlow Switch(OFS) and is the key resource to support the SDN/OpenFlow abstraction. To provide wire-speed processing, fast memory(e.g., TCAM, QDR, SRAM) is utilized to form the flow table. Unfortunately, the development of such kind of fast memories is far behind the hungry requirement on its usage, especially for the TCAM. As a result, the flow table installed in OFS has tremendous risk to be overflow, possibly leading to large quantity of Packet-In/Packet-Out messages between OFS and controller. Generally, an incoming packet from a flow is processed according to the action specified in the according flow entry in the flow table(s). If no entry is matched in the flow table, a packet-in message querying how to process the packet will be sent to the controller from the switch. If the number of active flows always touches the maximum number of entries in the flow table, the table-miss events are not avoidable. So that at first we investigate how to mitigate the overhead when occurring table-miss events based on the phenomenon of uneven flow table distribution. The basic idea is to distribute the packets facing table-miss event in heavily loaded switch to other lightly loaded switches instead of triggering packet-in messages always in hot switches. The conceptual simplicity of FTS idea hides two significant challenges. (1) How to select a right port randomly by SDN switch. (2) How to make this progress "pipeline-able" in a general SDN switch without changing its Hardware. The new mechanism proposed in this paper to handle the Table-Miss event is named Flow Table Sharing (FTS). The evaluations have demonstrated that FTS reduces both control messages quantity and RTT time by two orders of magnitude compared to current state-of-the-art OpenFlow Table-Miss handler. We first build a switch in MININET (test environment), and measure the number of control messages generated by setting up a new flow transfer (TCP, UDP) when the flow table of the switch is overflow, as well as the packet loss rate and the average delay. Then, we evaluate the flow table demand in the optimal way that all switches have enough flow table resources and set this result as the control group. Then, on the one hand, we evaluate the additional flow table demand which is required by rebuilding the interrupted flow, when the FTS try to fix the problem caused by the overflow. On the other hand, we evaluate the total flow table consumption which is required by building the new transmission for the first time, after the overflow happened. Even during the flow table overflow period, denial of service for new flows does not happen. We designed an external user switch-computed Group Table select algorithm and show its validity and fastness. It is easy to implement, easy to control and the current state-of-the-art OpenFlow Table-Miss handler is a special case of FTS. © 2018, Science Press. All right reserved.

Keyword :

Flow tables Group-table Openflow Over-flow Table-Miss

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Qiao, Si-Yi , Hu, Cheng-Chen , Li, Hao et al. A Mechanism of Taming the Flow Table Overflow in OpenFlow Switch [J]. | Jisuanji Xuebao/Chinese Journal of Computers , 2018 , 41 (9) : 2003-2015 .
MLA Qiao, Si-Yi et al. "A Mechanism of Taming the Flow Table Overflow in OpenFlow Switch" . | Jisuanji Xuebao/Chinese Journal of Computers 41 . 9 (2018) : 2003-2015 .
APA Qiao, Si-Yi , Hu, Cheng-Chen , Li, Hao , Guan, Xiao-Hong , Zou, Jian-Hua . A Mechanism of Taming the Flow Table Overflow in OpenFlow Switch . | Jisuanji Xuebao/Chinese Journal of Computers , 2018 , 41 (9) , 2003-2015 .
Export to NoteExpress RIS BibTex
Reducing the Southbound Interface Overhead for OpenFlow Based on the Flow Volume Characteristics EI Scopus CSCD PKU
期刊论文 | 2018 , 55 (2) , 346-357 | Jisuanji Yanjiu yu Fazhan/Computer Research and Development
Abstract&Keyword Cite

Abstract :

Software defined networking (SDN) decouples the control plane from the switch in the data plane, which forms the SDN controller. This paradigm introduces many benefits, e.g., openness, management simplicity, etc. Nevertheless, the separation of the SDN switch and the controller also leads to great communication overhead between them due to controlling the network (the number of the control message and Table-Miss packets), and the overhead becomes the major bottleneck of SDN. On the one hand, each Table-Miss event can produce multiple Flow-Mod messages which add extra bandwidth overhead as well as delay to the southbound interface. On the other hand, controller has no awareness of flow characteristic information behind the Flow-Mod messages which make the overhead worse. This paper proposes a new architecture uFlow (split up Flow) to mitigate the overhead at the controller side based on the flow volume characteristics. We implemented the prototype of uFlow system both in software-based platform mininet and hardware-based platform ONetSwitch. Experimental results driven by the real traffic show that uFlow can significantly reduce the communication overhead between control plane and data plane, the number of the control message has a decrease of 70% off on average, eliminate redundant update of flow entries in switch and reduce the transmission delay of packets. © 2018, Science Press. All right reserved.

Keyword :

Communication overheads Flow optimization Openflow Software defined networking (SDN) Table-Miss

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Zheng, Peng , Hu, Chengchen , Li, Hao . Reducing the Southbound Interface Overhead for OpenFlow Based on the Flow Volume Characteristics [J]. | Jisuanji Yanjiu yu Fazhan/Computer Research and Development , 2018 , 55 (2) : 346-357 .
MLA Zheng, Peng et al. "Reducing the Southbound Interface Overhead for OpenFlow Based on the Flow Volume Characteristics" . | Jisuanji Yanjiu yu Fazhan/Computer Research and Development 55 . 2 (2018) : 346-357 .
APA Zheng, Peng , Hu, Chengchen , Li, Hao . Reducing the Southbound Interface Overhead for OpenFlow Based on the Flow Volume Characteristics . | Jisuanji Yanjiu yu Fazhan/Computer Research and Development , 2018 , 55 (2) , 346-357 .
Export to NoteExpress RIS BibTex
FOCES: Detecting forwarding anomalies in software defined networks EI Scopus
会议论文 | 2018 , 2018-July , 830-840 | 38th IEEE International Conference on Distributed Computing Systems, ICDCS 2018
Abstract&Keyword Cite

Abstract :

A crucial requirement for Software Defined Network (SDN) is that data plane forwarding behaviors should always agree with control plane policies. Such requirement cannot be met when there are forwarding anomalies, where packets deviate from the paths specified by the controller. Most anomaly detection methods for SDN install dedicated rules to collect statistics of each flow, and check whether the statistics conform to the flow conservation principle. Such per-flow detection methods have a limited detection scope: they look at one flow each time, thus can only check a limited number of flows simultaneously. In addition, dedicated rules for statistics collection can impose a large overhead on flow tables of SDN switches. To this end, this paper presents FOCES, a network-wide forwarding anomaly detection method in SDN. Different from previous methods, FOCES applies a new kind of flow conservation principle at network wide, and can check forwarding behaviors of all flows in the network simultaneously, without installing any dedicated rules. Experiments show FOCES can achieve a detection precision higher than 90% for four network topologies, even when packet loss rates are as high as 10%. © 2018 IEEE.

Keyword :

Anomaly detection methods Control planes Detection precision Equation systems Flow conservation Forwarding anomaly Network topology Packet loss rates

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Zhang, Peng , Xu, Shimin , Yang, Zuoru et al. FOCES: Detecting forwarding anomalies in software defined networks [C] . 2018 : 830-840 .
MLA Zhang, Peng et al. "FOCES: Detecting forwarding anomalies in software defined networks" . (2018) : 830-840 .
APA Zhang, Peng , Xu, Shimin , Yang, Zuoru , Li, Hao , Li, Qi , Wang, Huanzhao et al. FOCES: Detecting forwarding anomalies in software defined networks . (2018) : 830-840 .
Export to NoteExpress RIS BibTex
Taming the Wild: a Scalable Anycast-based CDN Architecture (T-SAC) EI Scopus SCIE
期刊论文 | 2018 , 36 (12) , 2757-2774 | IEEE Journal on Selected Areas in Communications
Abstract&Keyword Cite

Abstract :

IEEE The prohibitive cost of deploying a sophisticated DNS-based CDN makes anycast-based CDN an attractive alternative for new or small CDN operators. In anycast-based CDNs, user requests are naturally routed to the &#x201C;closest&#x201D; server determined by Internet routing. For the operators, however, this comes at a cost&#x2013;loss of control&#x2013;how the traffic is routed is entirely at the mercy of BGP routing. The &#x201C;closest&#x201D; server may be overloaded, or simply not the best choice. This &#x201C;loss of control&#x201D; undermines the scalability of anycast-based CDN architectures. To have control over how traffic is routed, existing work either requires adding a large amount of complexity to the system (high Capex/Opex) or is unable to achieve precise and fine-grained control. This paper proposes T-SAC, a scalable anycast-based CDN architecture that capitalizes on the programmability and flexibility of SDN/NFV, enabling fine-grained traffic redirection among CDN servers. T-SAC achieves precise control by leveraging a load-based redirection algorithm and a single 1-bit noredirect flag. We implement T-SAC in the real system and evaluate its performance from various aspects using DASH and web applications. The results show that T-SAC is capable of redirecting the right amount of traffic at the right time to the right servers, making the system highly scalable.

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Fu, Qiang , Rutter, Bradley , Li, Hao et al. Taming the Wild: a Scalable Anycast-based CDN Architecture (T-SAC) [J]. | IEEE Journal on Selected Areas in Communications , 2018 , 36 (12) : 2757-2774 .
MLA Fu, Qiang et al. "Taming the Wild: a Scalable Anycast-based CDN Architecture (T-SAC)" . | IEEE Journal on Selected Areas in Communications 36 . 12 (2018) : 2757-2774 .
APA Fu, Qiang , Rutter, Bradley , Li, Hao , Zhang, Peng , Hu, Chengchen , Pan, Tian et al. Taming the Wild: a Scalable Anycast-based CDN Architecture (T-SAC) . | IEEE Journal on Selected Areas in Communications , 2018 , 36 (12) , 2757-2774 .
Export to NoteExpress RIS BibTex
CORA: Conflict Razor for Policies in SDN EI Scopus
会议论文 | 2018 , 2018-April , 423-431
Abstract&Keyword Cite

Abstract :

© 2018 IEEE. Software Defined Network (SDN) enables flexible update of network functions with a well-defined abstraction between the control and the data plane. However, multiple active network functions with the same priority will potentially trigger conflicts among policies with overlapped flow space, causing the flow table explosion. In contrast to the local switch conflict resolution schemes proposed by previous works, this paper tackles the same problem from a different angle and resolves the policy conflict problem by coordinating all switches under a global centralized view. Specifically, we propose COnflict RAzor (CORA), which tremendously reduces the storage cost of conflicting policies leveraging the global network information obtained in the controller. The basic idea of CORA is migrating policies causing large explosions across the network if necessary, while keeping the semantics equivalence. We prove CORA's NP hardness and propose a heuristic to efficiently search a near-optimal policy migration strategy. Our experiments demonstrate that, CORA can effectively reduce the flow table storage occupation by at least 49% within less than 40 seconds.

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Li, Hao , Chen, Kaiyue , Pan, Tian et al. CORA: Conflict Razor for Policies in SDN [C] . 2018 : 423-431 .
MLA Li, Hao et al. "CORA: Conflict Razor for Policies in SDN" . (2018) : 423-431 .
APA Li, Hao , Chen, Kaiyue , Pan, Tian , Zhou, Yadong , Qian, Kun , Zheng, Kai et al. CORA: Conflict Razor for Policies in SDN . (2018) : 423-431 .
Export to NoteExpress RIS BibTex
ShadowP4: Building and testing modular programs EI Scopus
会议论文 | 2018 , 150-152
Abstract&Keyword Cite

Keyword :

Code merge Programmable data plane Testing

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Zheng, Peng , Benson, Theophilus , Hu, Chengchen . ShadowP4: Building and testing modular programs [C] . 2018 : 150-152 .
MLA Zheng, Peng et al. "ShadowP4: Building and testing modular programs" . (2018) : 150-152 .
APA Zheng, Peng , Benson, Theophilus , Hu, Chengchen . ShadowP4: Building and testing modular programs . (2018) : 150-152 .
Export to NoteExpress RIS BibTex
SoftRing: Taming the Reactive Model for Software Defined Networks EI CPCI-S Scopus
会议论文 | 2017 | 25th IEEE International Conference on Network Protocols (ICNP)
WoS CC Cited Count: 1
Abstract&Keyword Cite

Abstract :

The reactive model of Software Defined Networking (SDN) invokes controller to dynamically determine the behaviors of a new flow without any pre-knowledge in the data plane. However, the reactive events raised by such flexible model meanwhile consume lots of the bottleneck resources of the fast memory in switch and bandwidth between controller and switches. To address this problem, we propose SoftRing with the motivation to mitigate the overhead to handle a reactive event. In fact, the reactive packets are not necessarily stored in the switch or sent to the controller; instead, they are forwarded to traverse a pre-defined loop path. The packets will finally leave the loop path after the switch rules related to the packet flow being updated to switches in the loop with fewer flow entries. We have implemented a SoftRing system that integrates the controller and software/hardware SDN switches. The results show that SoftRing can eliminate the fast memory requirement for reactive packets and reduce the control channel bandwidth consumption up to 80%, with the cost of less than 5% data plane bandwidth, an average of three extra flow entries in each switch, and minor extra latency for the flow forwarding.

Cite:

Copy from the list or Export to your reference management。

GB/T 7714 Hu, Chengchen , Hou, Kaiyu , Li, Hao et al. SoftRing: Taming the Reactive Model for Software Defined Networks [C] . 2017 .
MLA Hu, Chengchen et al. "SoftRing: Taming the Reactive Model for Software Defined Networks" . (2017) .
APA Hu, Chengchen , Hou, Kaiyu , Li, Hao , Wang, Ruilong , Zheng, Peng , Zhang, Peng et al. SoftRing: Taming the Reactive Model for Software Defined Networks . (2017) .
Export to NoteExpress RIS BibTex
10| 20| 50 per page
< Page ,Total 6 >

Export

Results:

Selected

to

Format:
FAQ| About| Online/Total:2976/54983947
Address:XI'AN JIAOTONG UNIVERSITY LIBRARY(No.28, Xianning West Road, Xi'an, Shaanxi Post Code:710049) Contact Us:029-82667865
Copyright:XI'AN JIAOTONG UNIVERSITY LIBRARY Technical Support:Beijing Aegean Software Co., Ltd.