researResearch - Télécom Bretagne
researResearch - Télécom Bretagne
researResearch - Télécom Bretagne
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
h Research<br />
9<br />
RESEARCH<br />
Main achievements of the project<br />
Metrology of Traffic for the Security<br />
and Performance of Networks<br />
For his PhD thesis, Pedro Casas is jointly<br />
supervised by Telecom <strong>Bretagne</strong> and the<br />
university of the Republic in Montevidéo, Uruguay<br />
(ARTES group). Differents aspects related to<br />
network monitoring are studied in this thesis.<br />
Work related to the traffic matrix is continuing, in<br />
collaboration with the Technology University of<br />
Compiègne (UTC). A parsimonious linear model of<br />
the matrix has been proposed which allows<br />
resolving the fundamental problem of nonobservability.<br />
Once the model was introduced,<br />
numerous theoretical issues have been addressed<br />
and algorithms, whose theoretical properties are<br />
known, have been used to estimate the traffic<br />
matrix, to follow traffic variations, or to detect<br />
anomalies in the traffic matrix. We worked<br />
particularly on the detection and localisation of<br />
anomalies in the traffic matrix, with sequential<br />
and non-sequential approaches. We showed the<br />
excellent performance of this approach compared<br />
to other approaches described in the literature.<br />
Pedro Casas also addressed perceived QoS<br />
issues. The aim of these studies is to<br />
automatically qualify the perceived QoS for a video<br />
data stream, looking solely at network and/or<br />
multimedia related parameters (encoding format,<br />
loss, delay, jitter…). This is done thanks to a<br />
random neural network, whose inputs are the<br />
network and multimedia parameters and whose<br />
output is the perceived quality of service mark.<br />
The neural network is calibrated during a learning<br />
phase; once calibrated the network automatically<br />
supplies perceived quality of service indicators. A<br />
software tool box has been developed and been<br />
made freely available to the scientific community.<br />
Together with Christian Callegari from Pisa<br />
University (TLCNETGROUP) we have worked on<br />
Network Intrusion Detection Systems (NIDS). This<br />
NIDS is developed for anomaly detection, that is<br />
to say it detects unusual deviations in certain<br />
traffic descriptors. We observe the chain of flags<br />
(ACK, SYN, URG, PSH, RST, FIN) corresponding to<br />
each TCP connection and any “unusual behavior”<br />
is detected. Various statistical models have been<br />
proposed and compared. The method has first<br />
been validated on a set of DARPA data, which is<br />
generally used as reference for testing IDS<br />
performance. As the 1999 DARPA set is now<br />
outdated, we set up a means of collecting traffic<br />
from laboratories that corresponds to current<br />
usage and recent attacks. The proposed NIDS was<br />
tested on both sets of data and gave good results.<br />
Overlay and autonomous networks<br />
Three PhD students, Bing Han, Yiping Chen and<br />
Yaning Liu, and a post doc, Jimmy Leblet, have<br />
worked in 2008 on the topic of autonomous<br />
spontaneous networks. The application field for<br />
these studies is the diffusion of video images on<br />
the Internet. As this topic was new for us, we had<br />
to assess the characteristics (advantages and<br />
drawbacks) of a totally decentralized and<br />
autonomous systems. The interactions in this<br />
team led us to approach the problems in a kind of<br />
combined optimisation and operational research<br />
manner.<br />
The start point is that video is now sent as<br />
multiple independent streams, containing little<br />
information, which must then be re-combined to<br />
reconstruct the whole video. So we tried to use<br />
this concept in peer to peer networks; notably we<br />
tried to reconcile (i) a kind of organisation allowing<br />
each peer to specialise in the transmission of a<br />
certain type of stream and (ii) the structure-less<br />
logic of peer to peer networks, a popular<br />
approach in which the topography of the network<br />
is not pre-arranged, but rather emerges from the<br />
action of algorithms which are largely based on<br />
random processes. Our approach allowed to<br />
model the problem as a problem linked to<br />
domination in planar graphs. This idea allowed us<br />
to present papers and aroused the interest of<br />
researchers both at EPFL and Linköping<br />
University. We hope to take advantage of these<br />
contacts in 2009 and organize some exchanges or<br />
visits.<br />
The other major study that we undertook in 2008<br />
is finalizing Bing Han’ PhD on capacity sharing in<br />
sensor networks. We identified the theoretical<br />
95