• Publications
  • Influence
A flexible and efficient container-based NFV platform for middlebox networking
TLDR
This work proposes a high-performance platform based on Docker containers and DPDK for the deployment of multiple virtual middleboxes that provides proper isolation of NFs with 4% overhead and outperforms the Single Root I/O Virtualization platform with 7x the throughput.
Identification and Analysis of Skype Peer-to-Peer Traffic
TLDR
This paper obtains the Skype clients and super nodes by analyzing the process of login and calling in different network environments, and proposes a method to identify Skype traffic based on Skype nodes and flow features, which makes the previously hard-to-detect Skype traffic much easier to identify.
CookieMiner: Towards real-time reconstruction of web-downloading chains from network traces
TLDR
CookieMiner can reconstruct the web-downloading chains and find their entry points with high precision and low false positive rate by by a user study involving 6 pair-wise downloading applications.
Janus: A User-Level TCP Stack for Processing 40 Million Concurrent TCP Connections
TLDR
Janus is presented, a high-performance user-level TCP stack that focuses on serving massive TCP connections and significantly outperforms Linux and state-of-the-art user-space network stacks in both throughput and connection concurrency.
ITP-KNN: Encrypted Video Flow Identification Based on the Intermittent Traffic Pattern of Video and K-Nearest Neighbors Classification
TLDR
A video flow identification method, called ITP-KNN, is proposed, which utilizes the intermittent traffic pattern-related features (ITP) and the K-nearest neighbors (KNN) algorithm, and shows the promise of high identification recall and precision over a range of video content and encoding qualities.
DOOM: a Training-Free, Real-Time Video Flow Identification Method for Encrypted Traffic
TLDR
A method named detecting ON-OFF mode (DOOM) is proposed, which is a training-free, real-time and lightweight video flow identification method suitable for Gateway or Internet Backbone Provider (IBP) middle-boxes.
Limited Dictionary Builder: An approach to select representative tokens for malicious URLs detection
TLDR
This paper tries to address the problem of detecting malicious URLs by selecting some representative members from the initial feature set which should have the best predictive ability among the same number of selected features, and shows that this approach may work efficiently in the big data era.
VegaStar: An Illegal Domain Detection System on Large-Scale Video Traffic
TLDR
It is argued that VegaStar represents an important development in the field of video traffic identification, and it can be significantly improve the efficiency of former methods.
GuidedTracker: Track the victims with access logs to finding malicious web pages
TLDR
GuidedTracker is the first to introduce visit relations to tackle the malicious URL detection problem, which limits the scope of URL inspection and enables this approach to have the ability of self-learning.
MES: A memory-efficient key-value storage with user-level network stack
TLDR
The system MES is evaluated against the latest version of Redis, and experiments illustrate that the system is up to 4x faster than Redis across various skewness, write-intensiveness and key-value sizes.
...
...