Jorge Crichigno

Jorge Crichigno
University of South Carolina | USC · Department of Integrated Information Technology

PhD

About

106
Publications
38,937
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,061
Citations

Publications

Publications (106)
Conference Paper
Full-text available
The ever-increasing botnet presence has enabled attackers to compromise millions of nodes and launch a plethora of Internet-scale coordinated attacks within a very short period of time. While the challenge of identifying and patching the vulnerabilities that these botnets exploit in a timely manner has proven elusive, a more promising solution is t...
Conference Paper
Full-text available
This paper describes a cloud infrastructure and virtual laboratories on P4 programmable data plane switches. P4 programmable data planes emerged as a technology that enables innovation in networking. P4 is a programming language used to describe how network packets are processed. This paper explains an entry-level training library on P4. The virtua...
Article
Full-text available
The increasing performance requirements of today’s Internet applications demand a reliable mechanism to transfer data. Many applications rely on the Transmission Control Protocol (TCP) as the transport protocol, due to its ability to adapt to properties of the network and to be robust in the face of many kinds of failures. However, improving the pe...
Conference Paper
Full-text available
One of the main roles of the Domain Name System (DNS) is to map domain names to IP addresses. Despite the importance of this function, DNS traffic often passes without being analyzed, thus making the DNS a center of attacks that keep evolving and growing. Software-based mitigation approaches and dedicated state-of-the-art firewalls can become a bot...
Article
Full-text available
The emergence of the IoT, cloud systems, data centers, and 5G networks is increasing the demand for a rapid development of new applications and protocols at all levels of the protocol stack. However, traditional fixed-function data planes have been characterized by a lengthy and costly development process at the hand of few chip manufacturers. Rece...
Chapter
This section discusses security aspects in high-speed networks. The section pays particular attention to operational security, which addresses potential attackers attempting unauthorized access, introducing malware into devices, and conducting denial of service (DoS) attacks. The chapter describes router’s access-control, firewalls, intrusion preve...
Conference Paper
Full-text available
The router's buffer size imposes significant implications on the performance of the network. Network operators nowadays configure the router's buffer size manually and statically. They typically configure large buffers that fill up and never go empty, increasing the Round-trip Time (RTT) of packets significantly, and decreasing the application perf...
Book
This book provides practical knowledge and skills on high-speed networks, emphasizing on Science Demilitarized Zones (Science DMZs). The Science DMZ is a high-speed network designed to facilitate the transfer of big science data which is presented in this book. These networks are increasingly important, as large data sets are now often transferred...
Conference Paper
Full-text available
This paper describes the development of an Academic Cloud and hands-on virtual laboratories that run on this cloud. The system has been deployed by the University of South Carolina, Stanly Community College, and the Network Development Group. The Academic Cloud provides remote-access capability to laboratory equipment via the Internet and seamlessl...
Conference Paper
Mobile cloud computing provides on-demand resources. The architecture of mobile cloud computing is composed of a cluster of mobile devices. It is gaining popularity because of its cost-effectiveness and availability. There are numerous security issues like data breaches due to many data being stored with all of its benefits. According to recent sea...
Conference Paper
Full-text available
Although the importance of router's buffer sizing in network performance is well known, estimating the current size of the bottleneck buffer is an open research problem. This paper presents a method to achieve such estimation, for the case where the bottleneck buffer operates under a finite number of buffer sizing regimes. The scheme uses a supervi...
Article
Full-text available
Traditionally, the data plane has been designed with fixed functions to forward packets using a small set of protocols. This closed-design paradigm has limited the capability of the switches to proprietary implementations which are hard-coded by vendors, inducing a lengthy, costly, and inflexible process. Recently, data plane programmability has at...
Chapter
The extent to which cyber crimes are taking place has reached a frequency that has never been observed before. Moreover, the increasing network traffic rates have made the storing and subsequent analysis of the resultant stockpile of traffic data in order to attribute such crimes increasingly challenging and time consuming. As a result, inadequate...
Preprint
Full-text available
Traditionally, the data plane has been designed with fixed functions to forward packets using a small set of protocols. This closed-design paradigm has limited the capability of the switches to proprietary implementations which are hardcoded by vendors, inducing a lengthy, costly, and inflexible process. Recently, data plane programmability has att...
Article
Full-text available
Google published the first release of the Bottleneck Bandwidth and Round-trip Time (BBR) congestion control algorithm in 2016. Since then, BBR has gained a widespread attention due to its ability to operate efficiently in the presence of packet loss and in scenarios where routers are equipped with small buffers. Such characteristics were not attain...
Conference Paper
The current livestock industry in certain parts of the world still runs on archaic infrastructure. Using dated systems built on inefficient database structures are not ideal moving into the next millennial as the central point of failure. A lack of data sharing and data transfer also limits the methods by which cattle farmers can operate. In this p...
Conference Paper
Full-text available
Ever since the inception of the networking industry, routing and switching devices have been limited to tightly-coupled hardware and software components. Vendors provide closed source proprietary stacks, restraining network operators from utilizing customized features, and hence hindering innovation. This aggregated model is costly, time consuming,...
Conference Paper
Full-text available
The alpha version of Bottleneck Bandwidth and Round-trip Time version 2 (BBRv2) has been recently presented, which aims to mitigate the shortcomings of its predecessor, BBR version 1 (BBRv1). Previous studies show that BBRv1 provides a high link utilization and low queuing delay by estimating the available bottleneck bandwidth. However, its aggress...
Conference Paper
Full-text available
Blockchain technology is the cornerstone of digital trust and systems' decentralization. The necessity of eliminating trust in computing systems has triggered researchers to investigate the applicability of Blockchain to decentralize the conventional security models. Specifically, researchers continuously aim at minimizing trust in the well-known P...
Conference Paper
Full-text available
This paper describes the deployment of a private cloud and the development of virtual laboratories and companion material to teach and train engineering students and Information Technology (IT) professionals in high-throughput networks and cybersecurity. The material and platform, deployed at the University of South Carolina, are also used by other...
Conference Paper
Full-text available
Distributed Denial of Service (DDoS) attacks have terrorized our networks for decades, and with attacks now reaching 1.7 Tbps, even the slightest latency in detection and subsequent remediation is enough to bring an entire network down. Though strides have been made to address such maliciousness within the context of Software Defined Networking (SD...
Conference Paper
Full-text available
According to estimations, approximately 80% of Internet traffic represents media traffic. Much of it is generated by end users communicating with each other (e.g., voice, video sessions). A key element that permits the communication of users that may be behind Network Address Translation (NAT) is the relay server. This paper presents a scheme for o...
Conference Paper
Full-text available
Ransomware attacks cost businesses more than $75 billion/year, and it is predicted to cost $6 trillion/year by 2021. These numbers demonstrate the havoc produced by ransomware on a large number of sectors and urge security researches to tackle it. Several ransomware detection approaches have been proposed in the literature that interchange between...
Article
Full-text available
The insecurity of the Internet-of-Things (IoT) paradigm continues to wreak havoc in consumer and critical infrastructures. The highly heterogeneous nature of IoT devices and their widespread deployments has led to the rise of several key security and measurement-based challenges, significantly crippling the process of collecting, analyzing and corr...
Article
Full-text available
Network Address Translation (NAT) is a method that enables devices with private IP addresses to connect to the Internet by sharing a public IP address. Traversing the NAT device remains a challenge for a wide range of applications such as Voice over IP (VoIP) and Internet of Things (IoT). The Port Control Protocol (PCP) is a relatively new protocol...
Conference Paper
Full-text available
This paper describes a project led by the University of South Carolina (USC) to address the cybersecurity workforce gap. The project creates curricular material based on virtual laboratories (vLabs). As vLabs are developed, they are adopted and tested at USC and Northern New Mexico College (NNMC), the main partnering institution in this project. Th...
Conference Paper
Full-text available
The deployment of Over-The-Top (OTT) Voice over IP (VoIP) applications has been accelerated after the adoption of high-speed communications technologies (e.g.: LTE) by mobile operators. Additionally, the high incurring costs imposed on subscribers who are roaming outside their Home Public Land Mobile Network (HPLMN) has also contributed to the wide...
Conference Paper
Full-text available
Previous studies have observed that TCP pacing-evenly spacing out packets-minimizes traffic burstiness, reduces packet losses, and increases throughput. However, the main drawback of pacing is that the number of flows and the bottleneck link capacity must be known in advance. With this information, pacing is achieved by manually tuning sender nodes...
Conference Paper
Full-text available
Network function virtualization (NFV) allows service provides to implement network processing functionality in software using standard computing servers. As such, this approach precludes the need for deploying costly and proprietary hardware-based networking devices, i.e., black boxes, greatly reducing infrastructure and operational costs. Instead,...
Article
Full-text available
The security issue impacting the Internet-of-Things (IoT) paradigm has recently attracted significant attention from the research community. To this end, several surveys were put forward addressing various IoT-centric topics including intrusion detection systems, threat modeling and emerging technologies. In contrast, in this work, we exclusively f...
Conference Paper
Full-text available
The network function virtualization (NFV) paradigm focuses on increasing manageability and scalability of modern complex heterogeneous networks and network services by decoupling the network functions and hosting devices. However, as new promising solutions become available, the need for availability and reliability techniques grow, particularly fo...
Conference Paper
Full-text available
This paper presents a flow-based entropy characterization of a small/medium-sized campus network that uses network address translation (NAT). Although most networks follow this configuration, their entropy characterization has not been previously studied. Measurements from a production network show that the entropies of flow elements (external IP a...
Article
Full-text available
Large-scale nuclear electromagnetic pulse (EMP) attacks and natural disasters can cause extensive network failures across wide geographic regions. Although operational networks are designed to handle most single or dual faults, recent efforts have also focused on more capable multi-failure disaster recovery schemes. Concurrently, advances in softwa...
Preprint
Green communications is the practice of selecting energy efficient communications, networking technologies and products. This process is followed by minimizing resource use whenever possible in all branches of communications. In this day and age, green communication is vital to the footprint we leave on this planet as we move into a completely digi...
Article
Full-text available
Science and engineering applications are now generating data at an unprecedented rate. From large facilities such as the Large Hadron Collider to portable DNA sequencing devices, these instruments can produce hundreds of terabytes and above in short periods of time. Researchers and other professionals rely on networks to move data between sensing l...
Article
Multicast virtual network (MVN) cloud services have tight restrictions in terms of coverage, delay, delay variation, and reliability. However large disasters impose key challenges, and there are no known solutions that incorporate stochastic multi-failure risk into the MVN embedding process. Hence, this letter presents novel proactive 'risk-aware'...
Article
Full-text available
A Monte Carlo algorithm is designed to predict the average time to graduate by enrolling virtual students in a degree plan. The algorithm can be used to improve graduation rates by identifying bottlenecks in a degree plan (e.g., low pass rate courses and prerequisites). Random numbers are used to determine whether students pass or fail classes by c...
Conference Paper
Full-text available
Abstract—Network function virtualization (NFV) and software- defined networking (SDN) are two recent networking paradigms that strive to increase manageability, scalability, programmability and dynamism. The former decouples network functions and host- ing devices, while the latter decouples the data and control planes. As more and more operators a...
Conference Paper
Full-text available
The Internet of Things [IoT] promises to revolutionize the way we interact with our surroundings. Smart cars, smart cities, smart homes are now being realized with the help of various embedded devices that operate with little to no human interaction. However these embedded devices bring forth a plethora of security challenges as most manufacturers...
Article
Full-text available
Virtualization is a fast-growing technology that is being widely adopted by companies of all sizes, mainly due to its flexibility, manageability and resources usage optimization. However, along with the technology growth, challenges arise, such as management complexity. In order to deliver a higher level of flexible and dynamic management, two tech...
Conference Paper
Full-text available
Technological advances and innovative business models led to the modernization of the cyber-physical concept with the realization of the Internet of Things (IoT). While IoT envisions a plethora of high impact benefits in both, the consumer as well as the control automation markets, unfortunately, security concerns continue to be an afterthought. Se...
Article
Full-text available
A major challenge for intrusion prevention system (IPS) sensors in today’s Internet is the amount of traffic these devices have to inspect. Hence this paper presents a linear program (LP) for traffic scheduling in multi-sensor environments that alleviates inspection loads at IPS sensors. The model discriminates traffic flows so that the amount of i...
Article
Cloud infrastructure services allow organizations to outsource their computing, storage, and networking needs to external providers. These offerings use network virtualization to provision customized, interconnected resource pools across substrate infrastructures comprised of datacenter computing/storage systems and interconnecting networking switc...
Article
Advance reservation services are being used by a range of applications to schedule connection bandwidth resources at future time intervals. To date many different algorithms have been developed to support various point-to-point reservation models. However, with expanding data distribution needs there is a need to schedule more complex service types...
Article
Full-text available
Determining the optimum angle for a solar panel is important if tracking systems are not used and a tilt angle remains constant. This article determines the sensitivity of the optimum angle to surface reflectivity at different latitudes using a mathematical model that accounts for direct, diffuse and reflected radiation. A quadratic correlation is...