@article{almutairi_neumann_harfoush_2024, title={Fingerprinting VPNs with Custom Router Firmware: A New Censorship Threat Model}, ISSN={["2331-9852"]}, DOI={10.1109/CCNC51664.2024.10454833}, journal={2024 IEEE 21ST CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE, CCNC}, author={Almutairi, Sultan and Neumann, Yogev and Harfoush, Khaled}, year={2024}, pages={976–981} } @article{tenneti_jakhar_harfoush_2024, title={Reactive Jamming of the Helium Network}, ISSN={["2331-9852"]}, DOI={10.1109/CCNC51664.2024.10454757}, journal={2024 IEEE 21ST CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE, CCNC}, author={Tenneti, Srinivas and Jakhar, Romika and Harfoush, Khaled}, year={2024}, pages={296–301} } @article{cunha_li_wilson_harfoush_2023, title={Performance Benchmarking of the QUIC Transport Protocol}, ISSN={["2331-9852"]}, DOI={10.1109/CCNC51644.2023.10060785}, abstractNote={QUIC is a transport protocol that was proposed by Google and standardized by the Internet Engineering Task Force (IETF). The protocol is gaining popularity, and there seems to be an urge to use it in several use cases and applications. However, while some research efforts have demonstrated performance improvements by switching to QUIC, others have shown performance degradation. In this paper, we conduct a thorough investigation of QUIC under different network and workload conditions, both in a controlled environment and in the wild. Our results highlight the conditions in which QUIC excels and when it underperforms and provide a foundation for an educated choice of the transport protocol based on the constraints and needs of a specific use case.}, journal={2023 IEEE 20TH CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE, CCNC}, author={Cunha, Bruno Volpato and Li, Xiaochen and Wilson, Wayne and Harfoush, Khaled}, year={2023} } @article{wu_fan_harfoush_2022, title={Measurement-Driven Flow Selection for Open vSwitch Offload}, ISSN={["1550-3607"]}, DOI={10.1109/ICC45855.2022.9838661}, abstractNote={Open vSwitch has become increasingly popular in the network virtualization world due to its flexible, flow-based forwarding scheme. However, this flexibility comes at a performance cost. To mitigate the cost, in recent years, organizations have begun to download flow-table entries to a hardware cache to improve throughput. This mechanism is known as OVS Offload. In this paper, we introduce MEG, a new algorithm to select flow candidates for offload that minimizes the offload cost while maintaining a high hardware cache hit ratio. MEG builds on a measurement study of traffic handled by Internet core routers. Experimental results reveal that MEG outperforms other offload algorithms and traditional OVS.}, journal={IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC 2022)}, author={Wu, Zhihao and Fan, Xulu and Harfoush, Khaled}, year={2022}, pages={3635–3640} } @article{huang_tay_harfoush_2021, title={MASS Communication for Constrained Devices}, ISSN={["1095-2055"]}, DOI={10.1109/ICCCN52240.2021.9522167}, abstractNote={In this paper, we introduce MASS, a Multiple channel Access solution for constrained devices relying on M-Ary direct sequence Spread Spectrum. MASS is uncoordinated in the sense that it does not require a per-device pre-shared key with the access point. It does not require per-device signal power adaptation to counter the popular near-far problem, and does not assume fixed size messages. As such, MASS does not need expensive coordination or complex hardware for the constrained sensors, and its multi-access solution leads to higher throughput and longer (and more predictable) lifetimes for constrained IoT devices compared to typical contention-based media access protocols. These benefits are achieved by trading-off the processing capacity at powerful access points for more efficient communication and more power savings for resource-constrained devices. Experimental results highlight the efficacy of MASS communication.}, journal={30TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS AND NETWORKS (ICCCN 2021)}, author={Huang, Cheng and Tay, Zeng Huy and Harfoush, Khaled}, year={2021} } @inproceedings{amos-binks_clark_weston_winters_harfoush_2017, title={Efficient attack plan recognition using automated planning}, DOI={10.1109/iscc.2017.8024656}, abstractNote={Network attacks are becoming ever more sophisticated and are able to hide more easily in the increasing amount of traffic being generated by everyday activity. Administrators are placed in the unfortunate position of distinguishing between the two. The attack graph has been in use for some time because it provides a concise knowledge representation, and has had successful security metrics developed from it. Previous methods of attack plan recognition have relied on statistical inference to capture network attacks, however they are computationally expensive and can fail to capture obvious cause and effect relationships. In this paper, we use automated planning to capture new properties of attack graphs and use it for plan recognition. Experimental results demonstrate the efficacy of our approach.}, booktitle={2017 ieee symposium on computers and communications (iscc)}, author={Amos-Binks, A. and Clark, J. and Weston, K. and Winters, M. and Harfoush, K.}, year={2017}, pages={1001–1006} } @inproceedings{carpenter_harfoush_2017, title={SafeRelay: Improving safety in the time-constrained VANET with geoaddresing relay}, DOI={10.1109/icves.2017.7991899}, abstractNote={In a vehicular ad hoc network (VANET), vehicles attempt to improve safety by emitting safety messages that others receive to increase their awareness of one another. Yet, the conflicting data delivery requirements of safety applications can potentially jeopardize safety itself. While many information dissemination techniques have been proposed to improve data delivery in a VANET, such as flooding and geocasting, evaluations do not focus on measuring safety efficiency in terms of safety application requirements and often fail to include mobility considerations, such as time to contact (TTC). To improve safety in a VANET, we propose SafeRelay, a flooding-based message dissemination technique that relays safety messages within a geographically addressed forwarding zone (FZ). We evaluate different forwarding zone sizes in terms of several metrics, including safety awareness probability, which combines both communications and mobility performance. Simulation results of an urban downtown scenario show that SafeRelay can significantly improve safety awareness using moderately-sized nearby forwarding zones.}, booktitle={2017 IEEE International Conference on Vehicular Electronics and Safety (ICVES)}, author={Carpenter, S. E. and Harfoush, K.}, year={2017}, pages={44–50} } @inproceedings{xiong_gong_qu_du_harfoush_2015, title={CSI-based device-free gesture detection}, booktitle={2015 12th International Conference on High-Capacity Optical Networks and Enabling/Emerging Technologies (HONET)}, author={Xiong, H. and Gong, F. Y. and Qu, L. and Du, C. L. and Harfoush, K.}, year={2015}, pages={122–126} } @article{lapo_gogny_chatagnon_lalanne_harfoush_assane_desfontis_mallem_2014, title={Equine digital veins are more sensitive to superoxide anions than digital arteries}, volume={740}, ISSN={0014-2999}, url={http://dx.doi.org/10.1016/J.EJPHAR.2014.06.016}, DOI={10.1016/J.EJPHAR.2014.06.016}, abstractNote={This work was designed to investigate (i) the effect of superoxide dismutase (SOD) inhibition on endothelial function and (ii) the free radical-induced endothelial dysfunction in equine digital veins (EDVs) and equine digital arteries (EDAs) isolated from healthy horses. EDV and EDA rings were suspended in a 5 ml organ bath containing Krebs solution. After a 60 min equilibration period, EDV and EDA rings were contracted with phenylephrine. Then, cumulative concentration-response curves (CCRCs) to acetylcholine were performed. In both EDVs and EDAs, acetylcholine (1 nM to 10 µM) produced concentration-dependent relaxation. We investigated the influence of SOD inhibition by diethyldithiocarbamate (DETC; 100 µM), a CuZnSOD inhibitor, on EDAs and EDVs relaxant responses to acetylcholine. Acetylcholine -mediated relaxation was impaired by DETC only in EDVs. SOD activity assayed by a xanthine-xanthine oxidase method was higher in EDAs compared with EDVs (P<0.05). CCRCs to acetylcholine established in the presence of pyrogallol (30 µM) or homocysteine (20 µM), two superoxide anions generating systems showed that in both EDVs and EDAs, the acetylcholine-mediated relaxation was significantly impaired by pyrogallol and homocysteine. This impairment was more pronounced in EDVs than in EDAs. Moreover, the pyrogallol-induced impairment of acetylcholine-mediated relaxation was potentiated by DETC to a greater extent in EDVs. We concluded that due to the lower activity of SOD, EDVs are more sensitive to superoxide anions than EDAs. So, any alteration of superoxide anions metabolism is likely to have a more important impact on venous rather than arterial relaxation.}, journal={European Journal of Pharmacology}, publisher={Elsevier BV}, author={Lapo, Rock Allister and Gogny, Marc and Chatagnon, Gérard and Lalanne, Valérie and Harfoush, Khaled and Assane, Moussa and Desfontis, Jean-Claude and Mallem, Mohamed Yassine}, year={2014}, month={Oct}, pages={66–71} } @inproceedings{ma_harfoush_2013, title={On the efficacy of WDM virtual topology design strategies}, DOI={10.1109/iccnc.2013.6504115}, abstractNote={Existing WDM virtual topology models mainly aim at maximizing the network throughput by optimizing predetermined objective functions. While the literature is rich in variants of such objective functions, they share a few deficiencies. Specifically, they abstract the problem with one fixed objective assuming that the throughput hindrance is uniform across the network, and do not consider node structure nor router utilization. These factors, when considered, affect network bottlenecks limiting a network throughput. As a result, none of the existing models fits all ISP networks. In this paper, we introduce a novel algorithm to determine a network bottleneck based on the 1) physical topology, 2) traffic demand and 3) technology constraints, and a topology model leading to optimized network throughput.}, booktitle={2013 international conference on computing, networking and communications (icnc)}, author={Ma, X. Z. and Harfoush, K.}, year={2013} } @inproceedings{chaudhry_malibiradar_mathur_chugh_harfoush_2013, title={Performance analysis of iSCSI with data center bridging suite of protocols}, DOI={10.1109/honet.2013.6729782}, abstractNote={Storage Area Networks (SAN) are the leading storage infrastructure in modern data centers. A traditional SAN deployment relies on the Fibre Channel Protocol (FCP) over an over-engineered and expensive Fibre Channel network to provide lossless communication and predictable performance. Alternatives were proposed to reduce the deployment cost: (1)iSCSI over Ethernet, and (2) Fibre Channel over Ethernet (FCoE). The former recovers from packet losses relying on the services of TCP in the TCP/IP stack, and the latter enjoys lossless transport using the Data Center Bridging (DCB) suite of protocols. Running iSCSI over existing IP networks is desirable as it is easier to implement and maintain. However, packet losses and TCP retransmissions in best effort IP networks, tend to make the performance of iSCSI non-deterministic. In this paper, we investigate the benefits of running iSCSI over DCB enhanced Ethernet as compared to iSCSI over traditional Ethernet to overcome its performance limitations.}, booktitle={2013 10th International Conference on High Capacity Optical Networks and Enabling Technologies (HONET-CNS)}, author={Chaudhry, M. and Malibiradar, P. and Mathur, V. and Chugh, R. and Harfoush, K.}, year={2013}, pages={179–183} } @inproceedings{hussain_odeh_shivakumar_chauhan_harfoush_2013, title={Real-time traffic congestion management and deadlock avoidance for vehicular ad hoc networks}, DOI={10.1109/honet.2013.6729791}, abstractNote={Traffic congestion is common in heavily populated cities. In this paper, we introduce a novel protocol to guide vehicles to their destinations while managing congestion and avoiding deadlock situations in urban city grids. The protocol relies on vehicle-to-infrastructure (V2I) communication, infrastructure-to-infrastructure (I2I) communication as well as GPS information to disseminate congestion information to city grid intersections. Our proposal pro-actively aims at avoiding congestion scenarios and reacts to arising congestion in case it happens due to unpredictable events such as collisions. Simulation results reveal that vehicles enjoy reduced travel times even during rush hours and in the presence of collisions.}, booktitle={2013 10th International Conference on High Capacity Optical Networks and Enabling Technologies (HONET-CNS)}, author={Hussain, S. R. and Odeh, A. and Shivakumar, A. and Chauhan, S. and Harfoush, K.}, year={2013}, pages={223–227} } @article{guo_harfoush_xu_2012, title={An Analytical Model for the Node Degree in Wireless Ad Hoc Networks}, volume={66}, ISSN={["1572-834X"]}, DOI={10.1007/s11277-011-0339-y}, number={2}, journal={WIRELESS PERSONAL COMMUNICATIONS}, author={Guo, Lifang and Harfoush, Khaled and Xu, Huimin}, year={2012}, month={Sep}, pages={291–306} } @article{castillo_rouskas_harfoush_2011, title={Online algorithms for advance resource reservations}, volume={71}, ISSN={["1096-0848"]}, DOI={10.1016/j.jpdc.2011.01.003}, abstractNote={We consider the problem of providing QoS guarantees to Grid users through advance reservation of resources. Advance reservation mechanisms provide the ability to allocate resources to users based on agreed-upon QoS requirements and increase the predictability of a Grid system, yet incorporating such mechanisms into current Grid environments has proven to be a challenging task due to the resulting resource fragmentation. We use concepts from computational geometry to present a framework for tackling the resource fragmentation, and for formulating a suite of scheduling strategies. We also develop efficient implementations of the scheduling algorithms that scale to large Grids. We conduct a comprehensive performance evaluation study using simulation, and we present numerical results to demonstrate that our strategies perform well across several metrics that reflect both user- and system-specific goals. Our main contribution is a timely, practical, and efficient solution to the problem of scheduling resources in emerging on-demand computing environments.}, number={7}, journal={JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING}, author={Castillo, C. and Rouskas, G. N. and Harfoush, K.}, year={2011}, month={Jul}, pages={963–973} } @article{ma_kim_harfoush_2009, title={Towards Realistic Physical Topology Models for Internet Backbone Networks}, ISBN={["978-1-4244-5992-6"]}, DOI={10.1109/honet.2009.5423064}, abstractNote={In this paper 1, we consider the problem of physical topology design (i.e., physical connectivity) for Internet backbone networks. We explore the driving forces for service providers to layout fiber links, and propose a new problem formulation that can accurately emulate the existing optical backbone networks. Unlike previous studies which mainly focused on deployment cost, our model captures the physical design principles including (1) the cost of the infrastructure, (2) the expected performance, (3) geographical constraints, and (4) the resilience of the network to link/node failures (survivability). Obtaining an optimal solution is shown to be NP-hard, we thus present a polynomial time heuristic algorithm, HINT, to determine the number and the choice of constituent links. The efficacy of HINT is established in comparison with the published maps of three major scientific and commercial backbone networks: Internet2 Abilene, AT&T domestic express backbone, and Level3 network. Preliminary results reveal that taking performance, resilience and geographical constraints into consideration is necessary to emulate real backbones. The HINT heuristic yields a similarity of more than 90% with the published structures.}, journal={2009 6TH INTERNATIONAL SYMPOSIUM ON HIGH CAPACITY OPTICAL NETWORKS AND ENABLING TECHNOLOGIES (HONET 2009)}, author={Ma, Xuezhou and Kim, Sangmin and Harfoush, Khaled}, year={2009}, pages={36–42} } @article{harfoush_bestavros_byers_2009, title={Measuring Capacity Bandwidth of Targeted Path Segments}, volume={17}, ISSN={["1558-2566"]}, DOI={10.1109/TNET.2008.2008702}, abstractNote={Accurate measurement of network bandwidth is important for network management applications as well as flexible Internet applications and protocols which actively manage and dynamically adapt to changing utilization of network resources. Extensive work has focused on two approaches to measuring bandwidth: measuring it hop-by-hop, and measuring it end-to-end along a path. Unfortunately, best-practice techniques for the former are inefficient and techniques for the latter are only able to observe bottlenecks visible at end-to-end scope. In this paper, we develop end-to-end probing methods which can measure bottleneck capacity bandwidth along arbitrary, targeted subpaths of a path in the network, including subpaths shared by a set of flows. We evaluate our technique through ns simulations, then provide a comparative Internet performance evaluation against hop-by-hop and end-to-end techniques. We also describe a number of applications which we foresee as standing to benefit from solutions to this problem, ranging from network troubleshooting and capacity provisioning to optimizing the layout of application-level overlay networks, to optimized replica placement.}, number={1}, journal={IEEE-ACM TRANSACTIONS ON NETWORKING}, author={Harfoush, Khaled and Bestavros, Azer and Byers, John}, year={2009}, month={Feb}, pages={80–92} } @article{wang_harfoush_2008, title={Shortest-path routing in randomized DHT-based Peer-to-Peer systems}, volume={52}, ISSN={["1872-7069"]}, DOI={10.1016/j.comnet.2008.07.014}, abstractNote={Randomized DHT-based Peer-to-Peer (P2P) systems grant nodes certain flexibility in selecting their overlay neighbors, leading to irregular overlay structures but to better overall performance in terms of path latency, static resilience and local convergence. However, routing in the presence of overlay irregularity is challenging. In this paper, we propose a novel routing protocol, RASTER, that approximates shortest overlay routes between nodes in randomized DHTs. Unlike previously proposed routing protocols, RASTER encodes and aggregates routing information. Its simple bitmap-encoding scheme together with the proposed RASTER routing algorithm enable a performance edge over current overlay routing protocols. RASTER provides a forwarding overhead of merely a small constant number of bitwise operations, a routing performance close to optimal, and a better resilience to churn. RASTER also provides nodes with the flexibility to adjust the size of the maintained routing information based on their storage/processing capabilities. The cost of storing and exchanging encoded routing information is manageable and grows logarithmically with the number of nodes in the system.}, number={18}, journal={COMPUTER NETWORKS}, author={Wang, Chih-Chiang and Harfoush, Khaled}, year={2008}, month={Dec}, pages={3307–3317} } @inbook{neginhal_harfoush_perros_2007, place={Berlin Heidelberg}, series={Lecture Notes in Computer Science}, title={Measuring Bandwidth Signatures of Network Paths}, ISBN={9783540726050 9783540726067}, ISSN={0302-9743 1611-3349}, url={http://dx.doi.org/10.1007/978-3-540-72606-7_92}, DOI={10.1007/978-3-540-72606-7_92}, abstractNote={In this paper, we propose a practical and efficient technique, Forecaster, to estimate (1) the end-to-end available bandwidth, and (2) the speed of the most congested (tight) link along an Internet path. Forecaster is practical since it does not assume any a priori knowledge about the measured path, does not make any simplifying assumptions about the nature of cross-traffic, does not assume the ability to capture accurate packet dispersions or packet queueing delays, and does not try to preserve inter-packet spacing along path segments. It merely relies on a simple binary test to estimate whether each probe packet has queued in the network or not. Forecaster is efficient as it only requires two streams of probe packets that are sent end-to-end at rates that are much lower than the available bandwidth of the investigated path, thus avoiding path saturation. Theoretical analysis and experimental results validate the efficacy of the proposed technique.}, booktitle={NETWORKING 2007. Ad Hoc and Sensor Networks, Wireless Networks, Next Generation Internet}, publisher={Springer Berlin Heidelberg}, author={Neginhal, Mradula and Harfoush, Khaled and Perros, Harry}, editor={Akyildiz, I.F. and Sivakumar, R. and Ekici, E. and Oliveira, J.C. and McNair, J.Editors}, year={2007}, pages={1072–1083}, collection={Lecture Notes in Computer Science} } @article{bestavros_byers_harfoush_2005, title={Inference and labeling of metric-induced network topologies}, volume={16}, ISSN={["1558-2183"]}, DOI={10.1109/tpds.2005.138}, abstractNote={The development and deployment of distributed network-aware applications and services require the ability to compile and maintain a model of the underlying network resources with respect to one or more characteristic properties of interest. To be manageable, such models must be compact; and to be general-purpose, should enable a representation of properties along temporal, spatial, and measurement resolution dimensions. In this paper, we propose MINT - a general framework for the construction of such metric-induced models using end-to-end measurements. We present the basic theoretical underpinnings of MINT for a broad class of performance metrics, and describe PERISCOPE, a Linux embodiment of MINT constructions. We instantiate MINT and PERISCOPE for a specific metric of interest - namely, packet loss rates - and present results of simulations and Internet measurements that confirm the effectiveness and robustness of our constructions over a wide range of network conditions.}, number={11}, journal={IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS}, author={Bestavros, A and Byers, JW and Harfoush, KA}, year={2005}, month={Nov}, pages={1053–1065} }