| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | August 30, 2013 |
| Latest Amendment Date: | May 29, 2015 |
| Award Number: | 1321115 |
| Award Instrument: | Standard Grant |
| Program Manager: |
John Brassil
CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | October 1, 2013 |
| End Date: | September 30, 2016 (Estimated) |
| Total Intended Award Amount: | $300,000.00 |
| Total Awarded Amount to Date: | $300,000.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
1850 RESEARCH PARK DR STE 300 DAVIS CA US 95618-6153 (530)754-7700 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
One Shields Avenue Davis CA US 95616-5294 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Networking Technology and Syst |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
A key tool for understanding and engineering Internet backbone is the analysis of packet traces. However, given the increasing backbone speed towards 100Gbps, it is prohibitive to monitor individual flows at all times. This project develops optimal online learning and adaptation strategies for accurate traffic sampling, inference, and detection under hard resource constraints (e.g., limited CPU or memory at routers) and dynamic network/traffic conditions. Based on theories and techniques in multi-arm bandits, group testing, and compressed sensing, optimal or near-optimal solutions will be developed by exploiting the unique structures of the specific measurement application under study. Challenges addressed include learning from observations with heavy-tailed distributions and long-range dependencies, coping with sparse and/or imperfect observations, and distributed learning strategies that involve multiple monitors and decision points.
If successful, this research will provide fundamental design principles for a flexible traffic measurement infrastructure under the software-defined networking (SDN) paradigm. Reconfigurable measurements based on a learning process can be realized in commodity router/switches using SDN APIs such as OpenFlow, leading to potential development of new services. As this project examines problems at the intersection of networking and stochastic learning/optimization, it provides interdisciplinary training to graduate and undergraduate students in a team environment.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Traffic measurement is central to network operation, management, and security. Our overall project objective is to design optimal learning algorithms to improve the measurement performance (in terms of both accuracy and delay) for a wide variety of traffic measurement, network inference, and anomaly detection problems.
We have developed stochastic online learning strategies for traffic matrix estimation based on theories such as multi-arm bandit (MAB), heavy hitter detection based on group testing, and active learning theories under known and unknown traffic models. We successfully developed the optimal test plan that identifies all the heavy hitters with a minimum number of tests/measurements. We established the optimal test-plan in closed form and shows that it is order optimal among all test plans as the population size grows to infinity. We show via simulation examples orders of magnitude improvement of the group testing approach over two prevailing sampling-based approaches in detection accuracy and counter consumption.
With a reconfigurable control plan and a global view of the network, SDN architecture allows SDN controller to optimally and dynamically allocate measurement resources to support a variety of monitoring applications. We leverage this flexibility to develop adaptive flow measurement strategies that are tightly coupled with network inference engine to address a variety of network tomography problems, including traffic matrix estimation, link (performance) identification, and network anomaly detection. First, we developed a framework called iSTAMP (Intelligent SDN-based Traffic (de)Aggregation and Measurement Paradigm), which uses the flexibility of SDN to partition TCAM entries of switches/routers into two parts to: 1) optimally aggregate flows to meet routing constraints while providing best observations for network inference, and 2) directly measure K most informative flows. We have built and a prototype of iSTAMP on GENI platform and delivered demos/posters in three GEC conferences. We proceeded to address practical challenges of deploying iSTAMP in multi-node environment, including (1) how to design pseudo-optimal aggregation matrix in real time while meeting the routing and longest-prefix match constraints (i.e., make the rules implementable), (2) how to learn the K most important flows in a scalable manner with minimal “learning/exploration” phase, and (3) how to allocate flow measurement rules among distributed SDN switches spread across the networks.
Looking beyond passive traffic measurement, our team has also developed online learning-based framework for passive and active network performance measurement. For instance, our system can intelligently measure a small sub-set of the precisely determined entries of the matrix of per-flow measurements (known as Optimal Observation Matrix (OOM)) which leads to the best possible estimation accuracy via applying matrix completion techniques
Through collaboration with our industry partners, we have applied our measurement and analysis techniques on a variety of data sets, ranging from traffic from backbone ISPs and data centers. This project has graduated one PhD and five MS students. It also provided training for two other PhD and one other MS students. In total, this project has recruited one female PhD and three female MS students (two of which have graduated). Four undergraduate students have conducted independent research studies under this project.
Last Modified: 10/27/2016
Modified by: Chen-Nee Chuah
Please report errors in award information by writing to: awardsearch@nsf.gov.
