-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.json
1 lines (1 loc) · 34.1 KB
/
index.json
1
[{"authors":["lucas-muller"],"categories":null,"content":"Hello 👋, I am a Technical Lead at Cisco, transforming networking with the Network Analytics team in the global Cloud Infrastructure Engineering organization. As a computer scientist, I\u0026rsquo;m a believer in the power of science, technology, and education to improve the future and human well being. I love to see my scientific knowledge translated into products that help people.\nMy work informs the design and implementation of systems via characterization and empirical evaluation of outcomes. Over the past 9+ years in academia, I have mentored, trained, and led many students and researchers to build and deploy systems to accomplish these goals. Besides, I have 12 years of experience with the software industry, where I led the development of innovative business projects and co-founded a startup.\n","date":1595878560,"expirydate":-62135596800,"kind":"term","lang":"en","lastmod":1595878560,"objectID":"41f1ce74ccf2e56f0cf1237a249031fd","permalink":"","publishdate":"0001-01-01T00:00:00Z","relpermalink":"","section":"authors","summary":"Hello 👋, I am a Technical Lead at Cisco, transforming networking with the Network Analytics team in the global Cloud Infrastructure Engineering organization. As a computer scientist, I\u0026rsquo;m a believer in the power of science, technology, and education to improve the future and human well being.","tags":null,"title":"Lucas Müller, Ph.D.","type":"authors"},{"authors":["Lucas Müller, Ph.D.","Matthew Luckie","Bradley Huffaker","Kc Claffy","Marinho Barcellos"],"categories":[],"content":"","date":1595878560,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1595878560,"objectID":"5871c7bd076291dcd409fd2b94335702","permalink":"https://www.lucasmuller.com.br/publication/2020-journal-ixps-spoofing-muller/","publishdate":"2020-07-27T16:36:00-03:00","relpermalink":"/publication/2020-journal-ixps-spoofing-muller/","section":"publication","summary":"Ascertaining that a network will forward spoofed traffic usually requires an active probing vantage point in that network, effectively preventing a comprehensive view of this global Internet vulnerability. Recently, researchers have proposed using Internet Exchange Points (IXPs) as observatories to detect spoofed packets, by leveraging Autonomous System (AS) topology knowledge extracted from Border Gateway Protocol (BGP) data to infer which source addresses should legitimately appear across parts of the IXP switch fabric. We demonstrate that the existing literature does not capture several fundamental challenges to this approach, including noise in BGP data sources, heuristic AS relationship inference, and idiosyncrasies in IXP interconnectivity fabrics. We propose Spoofer-IX, a novel method to navigate these challenges, leveraging customer cone semantics of AS relationships to guide precise classification of inter-domain traffic as in-cone, out-of-cone (spoofed), unverifiable, bogon, and unassigned. We apply our method in three distinct periods to two IXPs, with 200+ and 1,600+ members each, and find an upper bound volume of out-of-cone traffic to be more than an order of magnitude less than the previous method inferred on the same data, revealing the practical importance of customer cone semantics in such analysis. We observed no significant improvement in deployment of Source Address Validation (SAV) in networks using the mid-size IXP between 2017 and 2019. In hopes that our methods and tools generalize to use by other IXPs who want to avoid use of their infrastructure for launching spoofed-source DoS attacks, we explore the feasibility of scaling the system to larger and more diverse IXP infrastructures. To promote this goal, and broad replicability of our results, we make the source code of Spoofer-IX publicly available.","tags":["Internet Measurements","Network Security","IXP","Spoofing","Customer Cone","BGP","Internet Routing","Reproducibility","Replicability"],"title":"Spoofed Traffic Inference at IXPs: Challenges, Methods and Analysis","type":"publication"},{"authors":["Lucas Müller, Ph.D.","Matthew Luckie (University of Waikato)","Bradley Huffaker (CAIDA/UCSD)","Kc Claffy (CAIDA/UCSD)","Marinho Barcellos (UFRGS)"],"categories":[],"content":"A new methodology to accurately classify spoofed traffic in the inter-domain level using heavily aggregated Internet traffic data, revealing the deep subtleties of scientific assessments of operational Internet infrastructure (2016-2020).\n","date":1583422839,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1583422839,"objectID":"d2487d94020bf97a607881456ef0148a","permalink":"https://www.lucasmuller.com.br/project/2016-2020-spooferix/","publishdate":"2020-03-05T12:40:39-03:00","relpermalink":"/project/2016-2020-spooferix/","section":"project","summary":"Improving the Accuracy of Spoofed Traffic Inference at Internet eXchange Points (IXPs) (2016-2020).","tags":["Internet Measurements","Network Security","IXP","Spoofing","Customer Cone","BGP","Internet Routing","Reproducibility","Replicability","recent","concluded"],"title":"Spoofer-IX","type":"project"},{"authors":["Lucas Muller (INF/UFRGS)","Rodrigo Oliveira (INF/UFRGS)","Pedro Marcos (INF/UFRGS)","Fabricio Mazzola (INF/UFRGS)","Marinho Barcellos (INF/UFRGS)","Renata Teixeira (INRIA/PARIS)"],"categories":[],"content":"The adoption of network monitoring techniques has culminated in a broad availability of raw data. However, giving the large-scale and complexity of long-distance networks and the massive volume of distributed data, minor progress has been achieved regarding the in-depth analysis of this collected data and inferences about the network behavior. This project investigates methods to analyze the data measured by the existing monitoring tools present in the Brazilian Academic IPÊ backbone network. The result is a service that provides inferences to aid the process of operation, traffic engineering and network planning.\n","date":1578241518,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1578241518,"objectID":"04a88accc7cb709e77d16f73242670d1","permalink":"https://www.lucasmuller.com.br/project/2017-2020-ipeanalytics/","publishdate":"2020-01-05T13:25:18-03:00","relpermalink":"/project/2017-2020-ipeanalytics/","section":"project","summary":"Transforming raw monitoring data to generate valuable information to assist network management and planning (2017-2020).","tags":["Internet Measurements","Network Security","Spoofing","BGP","Internet Routing","Traffic Engineering","Network Planning","recent","concluded"],"title":"IPE-Analytics","type":"project"},{"authors":["Lucas Müller, Ph.D.","Matthew Luckie","Bradley Huffaker","Kc Claffy","Marinho Barcellos"],"categories":null,"content":"","date":1576002683,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1576002683,"objectID":"d4a18e464a1c4688f0a11f233dc40846","permalink":"https://www.lucasmuller.com.br/talk/challenges-in-inferring-spoofed-traffic-at-ixps/","publishdate":"2019-12-10T15:31:23-03:00","relpermalink":"/talk/challenges-in-inferring-spoofed-traffic-at-ixps/","section":"event","summary":"","tags":["Internet Measurements","Network Security","IXP","Spoofing","Customer Cone","BGP","Internet Routing","Reproducibility","Replicability"],"title":"Challenges in Inferring Spoofed Traffic at IXPs","type":"event"},{"authors":["Lucas Müller, Ph.D.","Matthew Luckie","Bradley Huffaker","Kc Claffy","Marinho Barcellos"],"categories":[],"content":"","date":1575498555,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1575498555,"objectID":"7f315b1dfcab9dada73813f2df5ae614","permalink":"https://www.lucasmuller.com.br/publication/acm-conext-2019-lfmuller/","publishdate":"2019-12-04T19:29:15-03:00","relpermalink":"/publication/acm-conext-2019-lfmuller/","section":"publication","summary":"Ascertaining that a network will forward spoofed traffic usually requires an active probing vantage point in that network, effectively preventing a comprehensive view of this global Internet vulnerability. Recently, researchers have proposed using Internet Exchange Points (IXPs) as observatories to detect spoofed packets, by leveraging Autonomous System (AS) topology knowledge extracted from Border Gateway Protocol (BGP) data to infer which source addresses should legitimately appear across parts of the IXP switch fabric. We demonstrate that the existing literature does not capture several fundamental challenges to this approach, including noise in BGP data sources, heuristic AS relationship inference, and idiosyncrasies in IXP interconnectivity fabrics. We propose a novel method to navigate these challenges, leveraging *customer cone* semantics of AS relationships to guide precise classification of inter-domain traffic as in-cone, out-of-cone (*spoofed*), unverifiable, bogon, and unassigned. We apply our method to a mid-size IXP with approximately 200 members, and find an upper bound volume of out-of-cone traffic to be more than an order of magnitude less than the previous method inferred on the same data. Our work illustrates the subtleties of scientific assessments of operational Internet infrastructure, and the need for a community focus on reproducing and repeating previous methods.","tags":["Internet Measurements","Network Security","IXP","Spoofing","Customer Cone","BGP","Internet Routing","Reproducibility","Replicability"],"title":"Challenges in Inferring Spoofed Traffic at IXPs","type":"publication"},{"authors":["Lucas Müller, Ph.D.","Matthew Luckie","Bradley Huffaker","Kc Claffy","Marinho Barcellos"],"categories":null,"content":"","date":1568124870,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1568124870,"objectID":"7ca1442b06839e373ae53a35f65fea3a","permalink":"https://www.lucasmuller.com.br/talk/challenges-in-inferring-spoofed-traffic-at-ixps/","publishdate":"2019-09-10T11:14:30-03:00","relpermalink":"/talk/challenges-in-inferring-spoofed-traffic-at-ixps/","section":"event","summary":"","tags":["Internet Measurements","Network Security","IXP","Spoofing","Customer Cone","BGP","Internet Routing","Reproducibility","Replicability"],"title":"Challenges in Inferring Spoofed Traffic at IXPs","type":"event"},{"authors":["Pedro Marcos (UFRGS/FURG)","Marco Chiesa (KTH)","Lucas Muller (UFRGS/CAIDA)","Pradeeban Kathiravelu (ULisboa and UCLouvain)","Christoph Dietzel (DE-CIX and TU Berlin)","Marco Canini (KAUST)","Marinho Barcellos (UFRGS)"],"categories":[],"content":"Problem\nAutonomous Systems (ASes) can now reach hundreds of networks directly through Internet eXchange Points (IXPs). Despite the benefits, any pair of ASes needs first to agree on exchanging traffic. Such process is mainly manual and lengthy. Because of the hassle, ASes miss interconnection opportunities and prefer long-term agreements, even if not matching current Internet traffic dynamics.\nApproach\nTo improve wide-area traffic delivery performance Dynam-IX enables IXP members with a protocol to find interconnection opportunities and establish interconnection agreements, a high-level interconnection intent abstraction to express peering policies, a legal framework to digitally handle contracts, and a distributed tamper-proof ledger to allow ASes to cooperatively build trust.\n","date":1551802055,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1551802055,"objectID":"d8fca0736660c18e7d6cfa4858d62f09","permalink":"https://www.lucasmuller.com.br/project/2016-2019-dynamix/","publishdate":"2019-03-05T13:07:35-03:00","relpermalink":"/project/2016-2019-dynamix/","section":"project","summary":"Improves wide-area traffic delivery performance through dynamic interconnection agreements (2016-2019).","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship","recent","concluded"],"title":"Dynam-IX","type":"project"},{"authors":["Fabricio Mazzola","Lucas Müller, Ph.D.","Rodrigo Oliveira","Marinho Barcellos"],"categories":[],"content":"","date":1551790630,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1551790630,"objectID":"71197cf4e1999a927c0701c5c7650150","permalink":"https://www.lucasmuller.com.br/publication/2019-pam-mazzola/","publishdate":"2019-03-05T09:57:10-03:00","relpermalink":"/publication/2019-pam-mazzola/","section":"publication","summary":"How routers are configured directly influences the performance and security of a network. The set of configurations can provide useful information, but has been rarely used to analyze the structure of a network, and never for a large network longitudinally over a period of several years.","tags":["Internet Measurements","Router","Configuration","Security","Academic Networks","Point-of-Presence","Network Evolution"],"title":"A Decade of Backbone Evolution of the Brazilian Academic Network: observations from the perspective of the routers","type":"publication"},{"authors":null,"categories":null,"content":"","date":1546300800,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1546300800,"objectID":"8576ec274c98b3831668a172fa632d80","permalink":"https://www.lucasmuller.com.br/about/","publishdate":"2019-01-01T00:00:00Z","relpermalink":"/about/","section":"","summary":"A little more about me and how to get in touch","tags":null,"title":"About","type":"widget_page"},{"authors":["Lucas Muller (INF/UFRGS)","Rodrigo Oliveira (INF/UFRGS)","Marinho Barcellos (INF/UFRGS)"],"categories":[],"content":"Uncovering the Hidden Dynamics of Changing Internet Interconnections. Investigates the dynamics of network peering infrastructures to better understand how it impacts Internet performance, funded by Microsoft Research (Microsoft Azure Research Award) (2017 and 2018).\n","date":1544030203,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1544030203,"objectID":"d513c4208393ab488c605f3a30b89ff8","permalink":"https://www.lucasmuller.com.br/project/2017-2018-mshiddendynamics/","publishdate":"2018-12-05T14:16:43-03:00","relpermalink":"/project/2017-2018-mshiddendynamics/","section":"project","summary":"Uncovering the Hidden Dynamics of Changing Internet Interconnections (2017-2018).","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship","concluded"],"title":"Hidden Dynamics","type":"project"},{"authors":["Pedro Marcos","Marco Chiesa","Lucas Müller, Ph.D.","Pradeeban Kathiravelu","Christoph Dietzel","Marco Canini","Marinho Barcellos"],"categories":[],"content":"","date":1544015213,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1544015213,"objectID":"608e1f42a7f2211f291bbfd31bb544db","permalink":"https://www.lucasmuller.com.br/publication/2018-conext-marcos/","publishdate":"2018-12-05T10:06:53-03:00","relpermalink":"/publication/2018-conext-marcos/","section":"publication","summary":"Autonomous Systems (ASes) can reach hundreds of networks via Internet eXchange Points (IXPs), allowing improvements in traffic delivery performance and competitiveness. Despite the benefits, any pair of ASes needs first to agree on exchanging traffic. By surveying 100+ network operators, we discovered that most interconnection agreements are established through ad-hoc and lengthy processes heavily influenced by personal relationships and brand image. As such, ASes prefer long-term agreements at the expense of a potential mismatch between actual delivery performance and current traffic dynamics. ASes also miss interconnection opportunities due to trust reasons. To improve wide-area traffic delivery performance, we propose Dynam-IX, a framework that allows operators to build trust cooperatively and implement traffic engineering policies to exploit the rich interconnection opportunities at IXPs quickly. Dynam-IX offers a protocol to automate the interconnection process, an intent abstraction to express interconnection policies, a legal framework to digitally handle contracts, and a distributed tamper-proof ledger to create trust among ASes. We build and evaluate a Dynam-IX prototype and show that an AS can establish tens of agreements per minute with negligible overhead for ASes and IXPs.","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship"],"title":"Dynam-IX: a Dynamic Interconnection eXchange","type":"publication"},{"authors":["Pedro Marcos","Marco Chiesa","Lucas Müller, Ph.D.","Pradeeban Kathiravelu","Christoph Dietzel","Marco Canini","Marinho Barcellos"],"categories":null,"content":"","date":1537194603,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1537194603,"objectID":"0d0dcaa42b3f6b39c89ee8ab65aadfbf","permalink":"https://www.lucasmuller.com.br/talk/dynam-ix-a-dynamic-agreement-marketplace-on-internet-exchange-points/","publishdate":"2018-09-17T11:30:03-03:00","relpermalink":"/talk/dynam-ix-a-dynamic-agreement-marketplace-on-internet-exchange-points/","section":"event","summary":"","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship"],"title":"Dynam-IX: a Dynamic Agreement Marketplace on Internet eXchange Points","type":"event"},{"authors":["Pedro Marcos","Marco Chiesa","Lucas Müller, Ph.D.","Pradeeban Kathiravelu","Christoph Dietzel","Marco Canini","Marinho Barcellos"],"categories":[],"content":"","date":1533475214,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1533475214,"objectID":"e971fc0324f88a23f0fda1113f37f126","permalink":"https://www.lucasmuller.com.br/publication/2018-sigcomm-marcos/","publishdate":"2018-08-05T10:20:14-03:00","relpermalink":"/publication/2018-sigcomm-marcos/","section":"publication","summary":"Internet connectivity is changing. Autonomous Systems (ASes) can now reach hundreds of networks directly through Internet eXchange Points (IXPs). Despite the benefits, any pair of ASes needs first to agree on exchanging traffic. By surveying 100+ network operators, we discovered that this process is mainly manual and lengthy. Because of the hassle, ASes miss interconnection opportunities and prefer long-term agreements, even if not matching current Internet traffic dynamics. To facilitate establishing agreements in short time frames, we propose Dynam-IX, a framework that arms operators with two components: a high-level interconnection intent abstraction, which allows them to express their interconnection policies, and a protocol to automate discovering and offering interconnection opportunities. Dynam-IX provides a trustworthy environment where networks agree to interconnect without relying on any central entity. To realize this, we use a blockchain infrastructure to allow operators to query for interconnection proposals and securely store agreement records. We evaluate a prototype built atop Hyperledger Fabric and show that an AS can establish tens of agreements within a minute, unleashing possibilities for traffic engineering, increasing link utilization and creating economic opportunities. Our proposal has already spurred interest for deployment at an international service provider and a large IXP.","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship"],"title":"Dynam-IX: a Dynamic Interconnection eXchange","type":"publication"},{"authors":["Pedro Marcos","Marco Chiesa","Lucas Müller, Ph.D.","Pradeeban Kathiravelu","Christoph Dietzel","Marco Canini","Marinho Barcellos"],"categories":null,"content":"","date":1531751945,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1531751945,"objectID":"f70d665ec8ba6f8f638be4b68f19d3b2","permalink":"https://www.lucasmuller.com.br/talk/dynam-ix-a-dynamic-interconnection-exchange/","publishdate":"2018-07-16T11:39:05-03:00","relpermalink":"/talk/dynam-ix-a-dynamic-interconnection-exchange/","section":"event","summary":"","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship"],"title":"Dynam-IX: a Dynamic Interconnection eXchange","type":"event"},{"authors":["Pedro Marcos","Marco Chiesa","Lucas Müller, Ph.D.","Pradeeban Kathiravelu","Christoph Dietzel","Marco Canini","Marinho Barcellos"],"categories":null,"content":"","date":1526481805,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1526481805,"objectID":"9e6d4f606a2a8da5a19dddcdcb1a53ad","permalink":"https://www.lucasmuller.com.br/talk/dynam-ix-a-dynamic-interconnection-exchange/","publishdate":"2020-03-06T11:43:25-03:00","relpermalink":"/talk/dynam-ix-a-dynamic-interconnection-exchange/","section":"event","summary":"","tags":["Internet Measurements","Wide-area Traffic Delivery","BGP","Routing","IXP","Peering","AS Relationship"],"title":"Dynam-IX: A Dynamic Interconnection eXchange","type":"event"},{"authors":["Lucas Müller, Ph.D.","Matthew Luckie","Bradley Huffaker","Kc Claffy","Marinho Barcellos"],"categories":null,"content":"","date":1521123830,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1521123830,"objectID":"c86ddb196b69ebd99b718548385f2c35","permalink":"https://www.lucasmuller.com.br/talk/using-ixps-to-measure-improvements-of-source-address-validation-filtering-in-inter-domain-traffic/","publishdate":"2018-03-15T11:23:50-03:00","relpermalink":"/talk/using-ixps-to-measure-improvements-of-source-address-validation-filtering-in-inter-domain-traffic/","section":"event","summary":"","tags":["Internet Measurements","Network Security","IXP","Spoofing","Customer Cone","BGP","Internet Routing","Reproducibility","Replicability"],"title":"Using IXPs to Measure Improvements of Source Address Validation Filtering in Inter-Domain Traffic","type":"event"},{"authors":null,"categories":[],"content":"Project\nSecuring Networks in the Programmable Data Plane Era, funded by NSF and RNP/CTIC (2017-2020).\nContext\nRecent advances in Software Defined Networking (SDN) have expanded our ability to program the network to its data plane. Through domain specific languages like P4, network operators can quickly deploy new protocols on forwarding devices, customize their functionality, and develop innovative services. This flexibility comes however with a cost: network-wide security and correctness properties (e.g., isolation, reachability, etc.) become much harder to ensure, because network behavior is now determined by a combination of the control plane-driven configuration and the data plane program that resides on devices (also called switches). Existing network verification tools, which rely on a fixed, invariant model of the data plane, are inadequate for programmable data planes.\nGoal\nResearch new techniques to verify and enforce security properties in data plane networks. The verification techniques we work on extend existing verification tools by automatically generating a data plane model from a P4 program. We also work on adapting existing verification tools to integrate with our dynamically-generated models to verify network configuration updates issued by an SDN controller. We also research novel approaches to ensure that network security properties are satisfied by a network configuration that is based on data plane enforcement. We work to develop an in-line monitor, implemented in the data plane itself, that enforces critical security properties, such as isolation and bandwidth limits, even in the presence of a faulty user data plane program or controller.\n","date":1511900305,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1511900305,"objectID":"7fe912ba0b7d867b5656415c540fa719","permalink":"https://www.lucasmuller.com.br/project/2017-2020-p4sec/","publishdate":"2017-11-28T17:18:25-03:00","relpermalink":"/project/2017-2020-p4sec/","section":"project","summary":"Securing Networks in the Programmable Data Plane Era (2017-2020).","tags":["network security","p4","shared resources","recent","concluded"],"title":"P4Sec","type":"project"},{"authors":["Lucas Müller, Ph.D."],"categories":null,"content":"","date":1510325287,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1510325287,"objectID":"0d8e1a34c948a1f4041c8c8dd51d7990","permalink":"https://www.lucasmuller.com.br/talk/internet-infrastructure-measurement-trends-and-challenges/","publishdate":"2017-11-10T11:48:07-03:00","relpermalink":"/talk/internet-infrastructure-measurement-trends-and-challenges/","section":"event","summary":"","tags":["Internet Measurements","Network Security","IXP","BGP","Internet Routing"],"title":"Internet Infrastructure Measurement: Trends and Challenges","type":"event"},{"authors":["Lucas Müller, Ph.D.","Rodrigo Oliveira","Pedro Marcos","Leandro Bertholdo","Marinho Barcellos"],"categories":null,"content":"","date":1480949554,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1480949554,"objectID":"34bc95f82a88f4de7be4c9b6b64ae566","permalink":"https://www.lucasmuller.com.br/talk/routing-coverage-analysis-at-ixps-in-brazil/","publishdate":"2016-12-05T11:52:34-03:00","relpermalink":"/talk/routing-coverage-analysis-at-ixps-in-brazil/","section":"event","summary":"","tags":["Internet Measurements","Geolocation","IXP","BGP","Internet Routing","network planning"],"title":"Routing Coverage Analysis At IXPs in Brazil","type":"event"},{"authors":["Lucas Muller (INF/UFRGS)","Rodrigo Oliveira (INF/UFRGS)","Daniel Stefani (INF/UFRGS)","Miguel Neves (INF/UFRGS)","Tobias Petry (INF/UFRGS)","Marinho Barcellos (INF/UFRGS)"],"categories":[],"content":"Aimed at developing optimization techniques that can be applied both at network design and during its lifespan in order to improve network performance, funded by Microsoft Research (Microsoft Azure Research Award) (2014–2016).\n","date":1452451996,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1452451996,"objectID":"5d601775367aa5f8683a321d9e800da8","permalink":"https://www.lucasmuller.com.br/project/2014-2016-netdesign/","publishdate":"2016-01-10T15:53:16-03:00","relpermalink":"/project/2014-2016-netdesign/","section":"project","summary":"Towards Better Networking Design and Maintenance (2014-2016).","tags":["Software-Defined Networking","enhanced controller placement strategy","SDN survivability","device-controller connectivity","failover mechanisms","Survivor","path diversity","capacity-awareness","concluded"],"title":"Network Design","type":"project"},{"authors":["Lucas Muller (INF/UFRGS)","Rodrigo Oliveira (INF/UFRGS)","Daniel Stefani (INF/UFRGS)","Miguel Neves (INF/UFRGS)","Tobias Petry (INF/UFRGS)","Marinho Barcellos (INF/UFRGS)"],"categories":[],"content":"Proposed to investigate and develop an architecture that strengthens current guarantees and coordinates mechanisms to improve survivability, funded by MCTI/CNPq (2014–2016).\n","date":1451674065,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1451674065,"objectID":"f7f1c0d07a05350be2f86ab8f9bce79a","permalink":"https://www.lucasmuller.com.br/project/2014-2016-phoenix/","publishdate":"2016-01-01T15:47:45-03:00","relpermalink":"/project/2014-2016-phoenix/","section":"project","summary":"Towards a robust and survivable Software-Defined Networking (SDN) architecture (2014-2016).","tags":["Software-Defined Networking","enhanced controller placement strategy","SDN survivability","device-controller connectivity","failover mechanisms","Survivor","path diversity","capacity-awareness","concluded"],"title":"Phoenix","type":"project"},{"authors":["Lucas Müller, Ph.D.","Rodrigo Oliveira","Marcelo Luizelli","Luciano Gaspary","Marinho Barcellos"],"categories":[],"content":"","date":1417787059,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1417787059,"objectID":"f70004a8452fb5349738c025ba6be3f6","permalink":"https://www.lucasmuller.com.br/publication/2014-globecom-muller/","publishdate":"2014-12-05T10:44:19-03:00","relpermalink":"/publication/2014-globecom-muller/","section":"publication","summary":"In SDN, forwarding devices can only operate correctly while connected to a logically centralized controller. To avoid single-point-of-failure, controller architectures are usually implemented as distributed systems. In this context, recent literature identified fundamental issues, such as device isolation and controller overload, and proposed controller placement strategies to tackle them. However, current proposals have crucial limitations: (i) device-controller connectivity is modeled using single paths, yet in practice multiple concurrent connections may occur; (ii) peaks in the arrival of new flows are only handled on-demand, assuming that the network itself can sustain high request rates; and (iii) failover mechanisms require predefined information, which, in turn, has been overlooked. This paper proposes Survivor, a controller placement strategy that addresses these challenges. The strategy explicitly considers path diversity, capacity, and failover mechanisms at network design. Comparisons to the state-of-the-art on survivable controller placement show that Survivor is superior because (a) path diversity increases the survivability significantly; and (b) capacity-awareness is essential to handle overload during both normal and failover states.","tags":["Software-Defined Networking","enhanced controller placement strategy","SDN survivability","device-controller connectivity","failover mechanisms","Survivor","path diversity","capacity-awareness","Mathematical model"],"title":"Survivor: an Enhanced Controller Placement Strategy for Improving SDN Survivability","type":"publication"},{"authors":[],"categories":[],"content":"Project:\nSecurity for the Future Networks using trusted components, funded by FP7 and CNPq (2011-2014).\nGoal:\nThe goal of the SecFuNet was to design and develop a coherent security architecture for virtual networks and cloud accesses. The proposed architecture would provide solutions allowing the management of communications security for all machines connected to a public cloud using virtual networks. This architecture should guarantee security in the virtualized infrastructure, through isolation of virtual networks and access control for users and managers, without compromising authorized users' privacy.\n","date":1417460850,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1417460850,"objectID":"26bb6efa35cd3b25e01274bd8738be5f","permalink":"https://www.lucasmuller.com.br/project/2011-2014-secfunet/","publishdate":"2014-12-01T16:07:30-03:00","relpermalink":"/project/2011-2014-secfunet/","section":"project","summary":"Security Architecture for the Future Networks using trusted components (2011-2014).","tags":["network security","cloud","authentication","shared resources","virtual networks","concluded"],"title":"SecFuNet","type":"project"},{"authors":["Lucas Muller (INF/UFRGS)","Rodrigo Mansilha (INF/UFRGS)","Leonardo Bays (INF/UFRGS)","Luciano Gaspary (INF/UFRGS)","Marinho Barcellos (INF/UFRGS)"],"categories":[],"content":"Project: GT-UNIT: Observing the BitTorrent Universe Through Telescopes, funded by RNP (2010–2013).\nGoal: development of a monitoring architecture to allow the observation of BitTorrent networks seeking to pinpoint sharing of illegal files (e.g. child pornography) and copyrighted content.\nNowadays, the service is in use by the Incident Response and Security Team at the Brazilian Academic backbone network (RNP).\n","date":1383333115,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1383333115,"objectID":"a7111f04842d5a5558dfd379a798e3a2","permalink":"https://www.lucasmuller.com.br/project/2010-2013-torrentu/","publishdate":"2013-11-01T16:11:55-03:00","relpermalink":"/project/2010-2013-torrentu/","section":"project","summary":"Observing the BitTorrent Universe Through Telescopes pinpointing unlawful content (2010-2013).","tags":["BitTorrent","security","network monitoring","copyrighted content","illegal files","concluded"],"title":"GT-UniT","type":"project"},{"authors":["Matheus Lehmann","Lucas Müller, Ph.D.","Rodolfo Antunes","Marinho Barcellos"],"categories":[],"content":"","date":1349446e3,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1349446e3,"objectID":"4f126bc34e2129b5cde2f4c3ac09a520","permalink":"https://www.lucasmuller.com.br/publication/2012-p2p-lehmann/","publishdate":"2012-10-05T11:06:40-03:00","relpermalink":"/publication/2012-p2p-lehmann/","section":"publication","summary":"The significance of BitTorrent motivated various studies focused on modeling and evaluating the protocol characteristics and its current implementations in the Internet. So far, however, no work has investigated Optimistic Disconnect (OD), an ad hoc connection management mechanism widely employed in BitTorrent agents. OD allows a peer to search for “better” neighbors in the swarm by disconnecting peers from the current neighborhood and connecting to others. This paper presents an extensive experimental evaluation to study and quantify potential benefits of OD, such as average download time and topology robustness. We evaluate different scenarios and the impact of factors such as average peer reachability and arrival pattern. We found that OD generally improves the overall performance of the swarm (in up to 30% in the evaluated scenarios), while improving the robustness of its topology.","tags":["optimistic disconnection","protocol characteristics","ad hoc connection management mechanism","BitTorrent","topology robustness","peer reachability","arrival pattern"],"title":"Disconnecting to Connect: understanding Optimistic Disconnection in BitTorrent","type":"publication"},{"authors":["Lucas Bondan","Lucas Müller, Ph.D.","Maicon Kist"],"categories":[],"content":"","date":1338905795,"expirydate":-62135596800,"kind":"page","lang":"en","lastmod":1338905795,"objectID":"d476eb9520c6d992ca2c026f089af724","permalink":"https://www.lucasmuller.com.br/publication/2012-journalacr-bondan/","publishdate":"2012-06-05T11:16:35-03:00","relpermalink":"/publication/2012-journalacr-bondan/","section":"publication","summary":"Increasingly popular, Internet applications for multimedia broadcasting require multipoint communication, in order to reduce network traffic rates. However, the widespread adoption of traditional multicast protocols is still held back by the current Internet structure, where the responsibility for management of multicast groups is distributed among network devices. By using distributed algorithms, such protocols generate delays in processing control groups events. In this paper we propose a clean-slate approach for multimedia multicasting, where the end to end calculation of the best route is performed to decrease delays in group configuration. The prototype developed implements this approach using OpenFlow technology. Results obtained through experimentation show a performance gain in relation to traditional IP multicasting.","tags":["Multicast","SDN","OpenFlow"],"title":"Multiflow: Multicast clean-slate with anticipated route calculation on OpenFlow programmable networks","type":"publication"}]