UCL logo
People Overview Publications Seminars Calls for Papers Reading Group Networking Resources PhD and Job Applications




The Networks Group meets regularly throughout the year for informal discussions, presentations, and a reading group.

Unless otherwise indicated, the informal meetings will be held every Wednesday at 4pm until 5pm in room 6.12, and usually last about an hour. We have moved building located here. (check the deptartmental room bookings page or the central college room bookings page if in doubt). Please contact Felipe Huici (f.huici@cs.ucl.ac.uk) if you have any questions or if you would like to book a seminar slot for a speaker.

January 2006

  • January 23rd
    Speaker: Nina Taft
    Biography: Nina Taft is currently a senior researcher at Intel Research Berkeley. Her main research interests at Intel focus on traffic monitoring for network security, end-host profiling, anomaly detection as well as traffic modeling and network-wide traffic generation tools. Prior to joining Intel, Nina worked at Sprint for 5 years in the IP Group working on backbone Internet measurement. She conducted research in various areas such as traffic matrix estimation, traffic characterization, routing protocols and IP-over-WDM network design problems. Prior to Sprint, Nina worked at SRI International for four years. There her work focused on congestion control and QoS routing in ATM networks. She received her PhD degree from the University of Berkeley in 1994 on traffic characterization. Nina is currently serving as an associate editor for the IEEE Transactions on Networking (ToN) journal and is a member of the ACM Internet Measurement Conference (IMC) steering committee.
    Title: The evolution of traffic matrix techniques and applications: past, present and future.
    Abstract:In this overivew talk, we summarize how inference techniques to estimate traffic matrices have evolved, what we have learned along the way in terms of modeling of origin-destination (OD) flows, some emerging applications of traffic matrices, and lastly, where research in this area might lead to next. We can taxonomize this history into generations and categorize solutions as either first, second or third generation techniques. Each generational step has been motivated by trying to obtain additional data to incorporate in an inherently ill-posed problem. Incorporating additional sources of data requires a model to capture the information in a way that is useful to traffic matrix estimation. This body of research has thus resulted in the development of a number of interesting traffic models for origin-destination flows. Modeling such flows presents additional challenges beyond the traditional flow modeling, as it now becomes important to incorporate both spatial and temporal correlations. In addition to producing interesting OD flow models, traffic matrix reseach has also lead to an increase of applications using traffic matrices. These application areas, that include routing analysis and network security, illustrate how new research problems can be enabled by having a traffic matrix available. In order to further enhance the use of traffic matrices for other research activities, we show there is a need to be able to generate traffic matrices synthetically. Having such traffic descriptions would enable a much richer ability to do benchmarking and performance evaluation of any traffic engineering solution. We summarize the problems of synthetic traffic matrix generation that turns out to be quite challenging.

February 2006

  • February 22 (Canceled due to sickness, will be rescheduled)
    Speaker: Steve Marsh

March 2006

  • March 22nd
    Speaker: Michael Dales (Intel Research, Cambridge)
    Title: SWIFT: A High-Capacity Wavelength-Striped Optically-Switched Interconnect
    Abstract: High capacity optical networks are well established in the long-haul networks arena, with new developments, such as all optical switching, being pursued to further benefit these networks. Research at Intel has show that high capacity optical links can offer advantages for short range networks, such as device interconnects and computer clusters. However, there are many challenges in taking the technologies used in the long-haul and applying them to short range networks. Here we present a high-capacity, wavelength-striped, optically-switched interconnect architecture, SWIFT, suitable for short range networks, which we hope will scale from chip-to-chip interconnects up to computer-to-computer. This talk will present an outline of some of the challenges, discuss our proposed network architecture, and describe some of the experimental work we are doing, including the building of a full testbed. We will also outline some of the challenges that remain, both in making such a network a reality, and in how one can actually evaluate such a network.

April 2006

  • April 5th
    Speaker: Daniele Quercia
    Title: Supporting Trust in the Dynamic Establishment of peering coaLitions
    Abstract:The Coalition Peering Domain (CPD) is a recent innovation within the field of mesh networking. It facilitates the management of community-area networks in a distributed and scalable form, allowing devices to pool their network resources (particularly egress links) to the common good. However, as in P2P systems, this form of cooperative sharing architecture raises significant concerns about the effect of free-riders: nodes that utilise the bandwidth of others without providing an adequate return to the community. To address this problem, we propose STRUDEL, a distributed framework that tackles the problem of free-riders and consists of: (i) a mechanism for the detection of malicious peers; (ii) a formal Bayesian trust model, to assess peers' trustworthiness; (iii) a forwarding mechanism based on the maximisation of trust-informed utility.

  • April 12th No seminar, Easter
  • April 19th No seminar, Easter
  • April 27th (THURSDAY)
    Room: 1.03
    Speaker: Colin Perkins
    Title: Scaling Multimedia Conferencing
    Abstract:A key problem in the deployment of high quality multimedia conferencing over IP networks is congestion control: how to adjust the transmission of a real-time media flow to match changes in network capacity, while maintaining media quality and being fair to other traffic on the network. This talk will describe a new high definition multimedia conferencing system which attempts to provide congestion control for interactive video. I shall describe this system, outline its performance in wide-area tests, and describe our initial attempts to make the system congestion controlled. Following on from this, I shall outline current research directions and challenges for congestion control for interactive multimedia conferencing.

May 2006

  • May 3rd
    Room: 1.02
    Speaker: Dhiraj Bhuyan, Senior Security Researcher, BT
    Title: Discovering and Disrupting IRC-Based Botnets
    Abstract: A botnet is a network of compromised computers that can be remotely controlled by an attacker through a predefined communication channel. A computer becomes part of a botnet when it gets infected by a software agent commonly known as a bot. Studies carried out by various research groups show the presence of hundreds and thousands of such compromised computers across the Internet. The sheer presence of such a large number of bots poses a serious threat to the Internet community. There have already been a number of well-documented incidents where such an army of bots has been used to launch Distributed Denial of Service (DDoS) attacks against corporate networks. Research carried out by various bot activity-monitoring groups also indicates that in recent months there has been a shift towards using these bots and botnets for monetary gains and espionage activities. The threat posed by bots and botnets is real and serious. As such, telecom operators and Internet Service Providers (ISP) across the globe are looking at ways and means to clean up their network and place detective and preventive mechanisms to counter the threat. In this presentation, I will talk about how honeynets can be used for discovering and then disrupting IRC-based botnet command and control infrastructures. I will also talk about a new behavioural approach towards identifying all or most of the botnet servers or proxies on any given network.

  • May 9th
    Room: 6.02
    Speaker: Andrea Bittau
    Title: The Final Nail in WEP's Coffin
    Abstract: The 802.11 encryption standard Wired Equivalent Privacy (WEP) is still widely used today despite the numerous discussions on its insecurity. In this paper, we present a novel vulnerability which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet. Furthermore, we present techniques for real-time decryption of data packets, which may be used under common circumstances. Vendor produced mitigation techniques which cause frequent WEP re-keying prevent traditional attacks, whereas our attack remains effective even in such scenarios. We implemented a fully automatic version of this attack which demonstrates its practicality and feasibility in real networks. As even rapidly re-keyed networks can be quickly compromised, we believe WEP must now be abandoned rather than patched yet again.

  • May 17th
    Speaker: Dr. Thomas Fuhrmann
    Biography: Thomas Fuhrmann is with the faculty of informatics at the University of Karlsruhe. He heads a small group of currently four PhD students, established in 2003 by the Deutsche Forschungsgemeinschaft (DFG) as part of the Emmy-Noether excellence programme. Thomas pursued post-doctoral studies with Prof. Zitterbart in Karlsruhe (2001-03) and with Prof. Effelsberg in Mannheim (1998-2000). In the years 2000/01 he was with the Boston Consulting Group top management consultancy, mainly working in strategy projects in the Internet and new media industry. Thomas studied mathematical physics in Heidelberg and Cambridge (UK) and holds a PhD of the University of Heidelberg. His thesis was on computer simulations in physics.
    Title: Peer-to-Peer Self-Organization and Embedded Systems
    Abstract:Peer-to-peer computing (P2P) has become popular recently, but the concept itself has been successfully employed for decades in computer networks and distributed systems. In a pure P2P system all instances start out as equal. Self-organization then structures the specialization process according to the capabilities of the individual instances and the needs of the entire system. As a result, self-organizing systems are often very robust (no single point of failure) and highly scalable (instances both supply and demand resources). In this talk, Thomas Fuhrmann illustrates the workings of self-organization by describing a new routing algorithm, scalable source routing (SSR). SSR transfers a well-known P2P algorithm, Chord, into an entirely different application area: SSR provides network layer routing, especially in large unstructured networks of resource-limited embedded devices. Here, it outperforms mobile ad hoc routing protocols such as the ad hoc on demand distance vector (AODV) routing protocol. At the same time, SSR directly provides the semantics of a structured routing overlay. Thus SSR can serve as efficient basis for the development of distributed applications and services, for example, in the field of "ambient intelligence".

September 2006

  • September 6th
    Speaker: Yang Cheng Huang
    Title: Tuning OLSR
    Abstract: Optimised Link State Routing (OLSR) is a popular protocol for use in MANET networks. In this paper, we investigate the different impacts of tuning refresh interval timers on OLSR performance under various scenarios (varying node density and node speed). Based on the simulation results with NS2, we find that although reducing refresh intervals could improve s performance, the intervals for some message types (HELLO messages) have a bigger impact on OLSR performance than for other message types. We find that the impact of the interval timer grows with increased network mobility and node density.

  • September 7th
    Speaker: Costin Raiciu
    Title: Exploit Hijacking: Side Effects of Smart Defenses
    Abstract: Recent advances in the defense of networked computers use instrumented binaries to track tainted data and can detect attempted break-ins automatically. These techniques identify how the transfer of execution to the attacker takes place,allowing the automatic generation of defenses. However, as with many technologies, these same techniques can also be used by the attackers: the information provided by detectors is accurate enough to allow an attacker to create a new worm using the same vulnerability, hijacking the exploit. Hijacking changes the threat landscape by pushing attacks to extremes (targeting selectively or creating a rapidly spreading worm), and increasing the requirements for automatic worm containment mechanisms. In this paper, we show that hijacking is feasible for two categories of attackers: those running detectors and those using Self-Certifying Alerts, a novel mechanism proposed by Costa et al. for end-to-end worm containment. We provide a discussion of the effects of hijacking on the threat landscape and list a series of possible countermeasures.

  • September 19th
    Speaker: Joe Touch (USC/ISI)
    Bio: Joe is Director of the Postel Center at USC/ISI and a Research Associate Professor in the CS and EE/Systems Depts. of USC, where he has been since receiving his Ph.D. from the Univ. of Pennsylvania in 1992. His research focuses on network architecture, protocols, configuration, and performance in the areas of Internet, optical nets, overlays, and security.
    Title: One Protocol / Many Layers: A Recursive Network Architecture
    Abstract: The Recursive Network Architecture (RNA) explores layering in protocol stacks. The conventional OSI 7-layer stack and its derivatives differentiate layers by protocol capability and service. The emergence of additional overlay layers, as well as the diffusion of services (e.g., retransmission) into multiple layers calls these traditional architectures into question. RNA examines the implications of using a single, tunable protocol for different layers of the protocol stack. RNA reuses basic protocol operations across different protocol layers, avoiding recapitulation of implementation as well as encouraging cleaner cross-layer interaction. It allows protocols and protocol stacks to adjust at runtime, which allows more dynamic composition of services, both within stacks and in the way networking combines the stacks of individual hops into an overall network architecture. The RNA project, which is just commencing, uses this approach to explore the relationship of layering to protocol and network architecture. Joe will also present an overview of the Global Information Grid (GIG), by which the US is overhauling its defense network. Joe will be starting in October as a program manager on the GIG, overseeing the development of a high-performance satellite router.

October 2006

  • October 12th
    Speaker: Tara Small (University of Toronto)
    Title: Efficiently Delivering Packets in Intermittently-Connected Networks
    Abstract:Wireless and mobile network technologies often impose severe resource limitations, resulting in poor and often unsatisfactory performance of the commonly used wireless networking protocols. For instance, power and memory/storage constraints of miniaturized network nodes reduce the throughput and increase the network latency. Through various approaches and technological advances, researchers attempt to compensate somehow for such hardware limitations. However, this is not always necessary. Sometimes, the required performance of such networks does not need to adhere to the level of services that would be required for performance-critical applications. For example, for some applications of sensor networks, minimal latency is not a critical factor and it could be traded off for a more limited resource, such as energy or throughput. Thus, to reduce the energy expenditure, the transmission range of such sensor nodes would be quite short, leading to network topologies in which the average number of neighbors of the network nodes is very small. If the sensor nodes are mobile, then most of the time a node has no neighbors; only infrequently another node migrates into its neighborhood. This means that the classical networking approach of immediate packet forwarding would not work well, as there is nearly never an intact path between a source and a destination. In this talk, I will use the Shared Wireless Infostation Model (SWIM) as a mathematical model to analytically represent the the propagation of packets in networks with frequent partitions. I will discuss the ways that the analytical Markov chains of SWIM can help a network designer to achieve tradeoffs between the network resources and non-critical performance such as the tradeoffs between energy, delay, storage, capacity, and processing complexity.

  • October 18th
    Speaker: Mirco Musolesi
    Title: Context-aware Routing for Delay Tolerant Mobile Ad Networking
    Abstract: Delay tolerant networking has received considerable attention from the research community in the recent years. Advances in wireless and mobile technologies have enabled new application scenarios where intermittent disconnections are common and not exceptional. Examples include communication in sparse mobile ad hoc networks and infostation-based systems and data collection in sensor networks. At the same time, most of the existing research work in mobile networking is based on the assumption that a path exists between the sender and the receiver(s). Therefore, new communication paradigms and techniques have to be designed to make communication possible also in case of temporarily partitioned networks, due, for example, to host mobility. In this talk, I will discuss the design and evaluation of the Context- aware Adaptive Routing (CAR) protocol. The protocol is based on the idea of exploiting nodes as carriers of messages among network partitions to achieve their delivery. The choice of the best carrier is made using Kalman filter based predictions over movement and connectivity. I will also discuss a technique to evaluate the predictability of the available information on which the prediction is made.

December 2006

  • December 13th, 4 pm
    Room: 212, Roberts Building
    Speaker: Mohamed Ahmed (UCL)
    Title: A game theoretic analysis of the utility of reputation management in wireless sensor networks
    Abstract:Reputation-management is gaining credibility as a technique that augments conventional cryptographic approaches to securing wireless sensor networks, since these tend to be heavyweight and rely on central control, both of which do not necessarily fit well with such an application domain. The proposed role of reputation management is to provide analysis of the behaviour of nodes/agents and to distribute this information so that nodes/agents judged to be acting against the interests of a community can be caught in time and their effects limited. This questions some of the assumptions made about the suitability of reputation-management as a decision making tool and highlight its limitations with regard to the incentives required to realise the benefits that are claimed for it. Moreover, we show that these benefits may not be realisable in reality without enforcing tight constraints on the behaviour of agents and on environmental features of systems.

  • December 15th, 4 pm
    Room: 309, Roberts Building
    Speaker: Andrea Bittau (UCL)
    Title: Involving Programmers in Security
    Abstract: Although it is difficult to write secure code, it is simple to identify sensitive information within a program (e.g. passwords) or sections of code that are likely to be exploited (e.g. parsing user-input). We allow the programmer to attach different security policies (enforced by the operating system) to different pieces of a program. By doing so, the programmer no longer needs to write secure code but merely needs to apply the right policy before invoking ``dangerous'' portions of code. We will discuss our preliminary implementation of three new OS abstractions: 1) Memory tags: a mechanism for labeling memory. 2) Security threads: threads restricted by a policy (e.g. can only access memory with specific labels). 3) Callgates: small portions of trusted code that run with a predefined policy. These abstractions seem to secure a wide range of applications. We also wrote a proof-of-concept static analysis tool that enables programmers to sanity check whether their code meets the desired security requirements.