Your search keyword '"Networking hardware"' showing total 46 results

1. SDN-Based Detection of Self-Propagating Ransomware: The Case of BadRabbit

Author

Fahad M. Alotaibi and Vassilios G. Vassilakis

Subjects

Ping (video games), Honeypot, General Computer Science, business.industry, Computer science, intrusion detection and prevention, SDN security, General Engineering, 020206 networking & telecommunications, Deep packet inspection, 02 engineering and technology, Self-propagating ransomware, Networking hardware, BadRabbit detection, Header, 0202 electrical engineering, electronic engineering, information engineering, Ransomware, 020201 artificial intelligence & image processing, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Software-defined networking, lcsh:TK1-9971, Computer network

Abstract

In the last decade, many ransomware attacks had the ability to spread within local networks or even outside them. At the same time, software defined networking (SDN) has provided a major boost to networks by transferring intelligence from network devices to a programmable logically centralised controller. The latter can be programmed to be compatible with the requirements of a wide range of networks and environments in a straightforward manner. This has motivated researchers to design SDN-based security solutions against threats targeting traditional networks and systems. This article investigates the use of SDN to detect and mitigate the risk of self-propagating ransomware. The infamous BadRabbit ransomware has been used for the proof of concept. To achieve this, an extensive analysis of BadRabbit was performed to identify its characteristics and understand its behaviour at both the infected device level and at the network level. As a result, several unique artifacts were extracted from BadRabbit, which could facilitate its detection. These artifacts were relied upon to design an SDN-based intrusion detection and prevention system. Our system comprises five modules, namely deep packet inspection, ARP scanning detection, packet header inspection, honeypot, and SMB checker. The first two modules have been inspired by other works and have been included for comparison with the existing solutions. Three other modules rely on novel SDN-based methods for ransomware detection. We have also evaluated the efficiency and the performance of our system in terms of detection time, CPU utilisation, as well as TCP and ping latency. Finally, the proposed approach has also been tested for other ransomware families, such as WannaCry and NotPetya. Our experimental results show that the system is effective in terms of detecting self-propagating ransomware and outperforms other proposed approaches.

Published

2021

2. On Performance and Scalability of Cost-Effective SNMP Managers for Large-Scale Polling

Author

Paula Roquero, Javier Aracil, UAM. Departamento de Tecnología Electrónica y de las Comunicaciones, and High Performance Computing And Networking

Subjects

Flexibility (engineering), Telecomunicaciones, parallelism, General Computer Science, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Adaptive polling, networking, General Engineering, Parallelism, 020207 software engineering, 02 engineering and technology, Simple Network Management Protocol, Networking hardware, Networking, Scalability, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, Polling, lcsh:TK1-9971, Protocol (object-oriented programming), SNMP

Abstract

As networks grow larger in size and complexity, their monitoring is becoming an increasing challenge because of the required polling performance and also due to heterogeneity of devices. As it turns out, SNMP (Simple Network Management Protocol) is by far the most popular monitoring protocol. However, due to the increase in the number of network devices, it becomes necessary to employ multiple SNMP managers, which is not cost-effective due to the hardware requirements. Additionally, the different proprietary SNMP implementations require custom configuration very often, as new devices are being incorporated into the network. Therefore, current SNMP managers not only require capabilities for large-scale monitoring but also a high degree of flexibility and programmability. In response, we propose an SNMP manager architecture with a flexible multi-threaded architecture, which effectively reduces the hardware resources necessary to poll the increasing number of SNMP agents. In addition, it features a scripting component to deal with the different data representations caused by proprietary implementations. Our experience has shown that SNMP agents can have high variability in their response times. Actually, our findings show a strong correlation between high response times and CPU load. As a solution, we propose and analyze novel adaptive polling algorithms that decrease the load on agents' CPUs while keeping the desired polling rate for fast agents. Finally, we present several real-world use cases where we show the benefits of the polling algorithms and the scripting component, by means of extensive measurement campaigns, This work was supported by Ayudas para la formación de doctores en empresas, Doctorados Industriales, under Grant DI-16-08979

Published

2021

3. Internet of Things 2.0: Concepts, Applications, and Future Directions

Author

Justin Lipman, Mehran Abolhasan, Imran Makhdoom, Muhammad Raza, Negin Shariati, Abbas Jamalipour, Ian Zhou, and Rasool Keshavarz

Subjects

energy harvesting, IoT, IoT2.0, General Computer Science, Computer science, Interoperability, Mission critical, mission critical communication, 02 engineering and technology, World Wide Web, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, scalability, Edge computing, User Friendly, 08 Information and Computing Sciences, 09 Engineering, 10 Technology, business.industry, General Engineering, 020206 networking & telecommunications, Networking hardware, TK1-9971, machine learning, Scalability, Electrical engineering. Electronics. Nuclear engineering, Internet of Things, business, 5G

Abstract

Applications and technologies of the Internet of Things are in high demand with the increase of network devices. With the development of technologies such as 5G, machine learning, edge computing, and Industry 4.0, the Internet of Things has evolved. This survey article discusses the evolution of the Internet of Things and presents the vision for Internet of Things 2.0. The Internet of Things 2.0 development is discussed across seven major fields. These fields are machine learning intelligence, mission critical communication, scalability, energy harvesting-based energy sustainability, interoperability, user friendly IoT, and security. Other than these major fields, the architectural development of the Internet of Things and major types of applications are also reviewed. Finally, this article ends with the vision and current limitations of the Internet of Things in future network environments.

Published

2021

4. Passive and Active Wireless Device Secure Identification

Author

Sébastien Lugan, Benoît Macq, Louai Kechtban, Oscar Delgado, and UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique

Subjects

covert channel, General Computer Science, business.industry, Computer science, computer.internet_protocol, WiFi, Transmitter, Radioprint, General Engineering, Covert channel, Eavesdropping, Jamming, Networking hardware, Identification (information), machine learning, Wireless, Wireless Application Protocol, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, PUF, computer, lcsh:TK1-9971, Computer network

Abstract

Secure wireless device identification is necessary if we want to ensure that any transmitted data reach only a desired receiver. However the fact that wireless communications are by nature broadcast creates unique challenges such as identity theft, eavesdropping for data interception, jamming attacks to disrupt legitimate transmissions, etc. This paper proposes a new integrated radioprint framework (IRID) that has two main components. First, we propose a machine learning-based radio identification solution that relies on hardware variabilities of internal components of the transmitter caused during manufacturing, allowing us to achieve passive device identification. Second, we introduce a new kind of covert channel, based on variations in the emitted signal strength, which allows us to implement unique active device identification. We evaluate our proposed framework on an experimental test-bed of 20 identical WiFi devices. Although our experiments deal only with IEEE 802.11b, the approach can easily be extended to any wireless protocol. The experimental results show that our proposed solution can differentiate between network devices with accuracy in excess of 99% on the basis of a standard-compliant implementation.

Published

2020

5. Efficient and Robust Syslog Parsing for Network Devices in Datacenter Networks

Author

Shenglin Zhang, Ying Liu, Yongqian Sun, Weibin Meng, Yuzhi Zhang, Dan Pei, Ming Zhang, Jiahao Bu, Lei Song, Sen Yang, and Jun Xu

Subjects

General Computer Science, computer.internet_protocol, Computer science, Rand index, 02 engineering and technology, computer.software_genre, network device, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, prefix tree, datacenter network, Measure (data warehouse), Parsing, Syslog parsing, Template matching, General Engineering, 020206 networking & telecommunications, Networking hardware, syslog, Template, Data mining, lcsh:Electrical engineering. Electronics. Nuclear engineering, computer, frequent pattern, lcsh:TK1-9971

Abstract

Syslog parsing is of vital importance for the detection, diagnosis and prediction of network device failures in a datacenter. A common approach to syslog parsing is to extract templates from historical syslogs, after which syslogs are matched to these templates. To address the problems in the existing syslog parsing techniques, we propose a novel framework, Craftsman, which identifies frequent combinations of (syslog) words and then applies them as templates. Craftsman empirically extracts templates accurately, is extremely efficient in template matching, and naturally supports incremental learning. To compare the performance of Craftsman and three other template learning techniques designed for network devices, we experiment them on two-years' worth of syslogs collected from network devices deployed across 10+ datacenters of a tier-one service provider. The experiments demonstrate that Craftsman achieves a close-to-one accuracy (as measured by rand index), and improves the computational efficiency by 6.88 to 10.25 times in template matching, and by 730 to 6847 times in syslog parsing. It also improves the accuracy (as measured by F1 measure) of failure prediction by 13.07% to 188%. In addition, we demonstrate Craftsman's superior generality by comparing it with three widely-applied log parsing methods over five large log datasets collected from servers, distributed systems and applications.

Published

2020

6. A Distributed Architecture for DDoS Prediction and Bot Detection

Author

Aldri Santos, Bruno Martins Rahal, and Michele Nogueira

Subjects

network traffic analysis, cybersecurity, General Computer Science, Statistical learning, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Advanced stage, Resource constraints, General Engineering, Botnet, Attack prediction, Denial-of-service attack, botnet detection, Networking hardware, Server, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, Architecture, lcsh:TK1-9971

Abstract

Distributed Denial-of-Service (DDoS) attacks disrupt servers, services and the network, overloading the target resources and denying normal traffic. In order to defend from this attack, mitigation actions usually overprovision and sinkhole malicious traffic. Sooner the attack is detected, better is the mitigation. Hence, we advocate for using a prediction technique aiming to anticipate actions against the possible attack, before it effectively starts. Then, this article contributes to advance the state-of-the-art presenting a distributed architecture that identifies early signals of a possible DDoS attack and detects bots composing a botnet. The architecture identifies the malicious actors (bots) participating in the attack. The bot detection technique is triggered by the prediction of DDoS supported by early signals. Prediction identifies signals of attack on the network before it reaches advanced stages. Based on the metastability theory, it provides unsupervised statistical learning and identifies the imminence of DDoS attacks. The botnet detection is challenging because of the high dimension of data involved and because of resource constraints (memory and processing) in network devices. Network devices are clustered based on features extracted from the traffic and based on the causality between devices. Detection is performed per cluster. Performance evaluations took as input the CTU-13 Czech Republic University, CAIDA and Botnet 2014 datasets, efficiently detecting the bots in the dataset with an accuracy of 99.9%.

Published

2020

7. On Designing a Resilient SDN C/M-Plane for Multi-Controller Failure in Disaster Situations

Author

Luis Guillen, Satoru Izumi, Takuo Suganuma, Toru Abe, and Hiroyuki Takahira

Subjects

Disaster resilient networks, General Computer Science, multi-controller failure, Computer science, IT service continuity, Reliability (computer networking), 02 engineering and technology, Network topology, SDN, Control theory, 0202 electrical engineering, electronic engineering, information engineering, Forwarding plane, General Materials Science, Electrical and Electronic Engineering, business.industry, Network survivability, General Engineering, 020206 networking & telecommunications, network management, Networking hardware, Network management, Management plane, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Software-defined networking, lcsh:TK1-9971, Computer network

Abstract

Network survivability is the ability to maintain service continuity in the presence of failures. This ability might be critical in times where large-scale failures occur, as in the case of disasters. In the past years, Software Defined Networking (SDN) has shown a great potential to allow network programmability by segregating the Control/Management Plane (C/M-Plane) from the forwarding or Data Plane (D-Plane). The controller, a centralized entity, has an overview of the entire network under its domain, which allows it to make informed routing decisions. However, the controller becomes a single-point-of-failure as network devices will have limited knowledge if not connected to a controller. Moreover, in disaster situations, if the affected area is considerably large, there is a high probability that more than a single controller will fail in a short period. Various studies, either following a protection or restoration techniques, have been proposed to address resiliency on SDN, but most of them only consider link or device failure; however, the failure of various controllers due to a large-scale disaster is less explored. In this paper, we consider multi-controller failure and propose a mechanism to reduce the non-operational network devices in disaster situations. Preliminary results show that, by applying the proposed approach, it is possible to achieve substantial improvements in network survivability, with considerably less cost of implementation than existing methods. In particular, using simulation, we achieved a 20% decrease of non-operational devices at the C/M-Plane; and an increase of 30% of success rate at the D-Plane, even if half of the controllers in the topology failed.

Published

2020

8. A Novel Fog-Based Multi-Level Energy-Efficient Framework for IoT-Enabled Smart Environments

Author

Abdullah A. Alaulamie, Carsten Maple, Joel J. P. C. Rodrigues, Saiful Islam, Shafaq Mussadiq, Muhammad Ammad, Usman Tariq, and Munam Ali Shah

Subjects

IoT, General Computer Science, business.industry, Computer science, Process (engineering), Distributed computing, smart environment, General Engineering, Context (language use), Energy consumption, energy constraint devices, Networking hardware, TK1-9971, fog, Smartwatch, Task (computing), Energy efficiency, cloud, General Materials Science, Smart environment, Electrical engineering. Electronics. Nuclear engineering, Internet of Things, business, Efficient energy use

Abstract

The Internet of Things (IoT) has emerged as a promising paradigm to enhance the living standard of human life by employing varied smart devices including smart phones, smart watches, sensors, on-board units and other networking equipment. However, these devices consume a considerable amount of energy to perform their operations that has a significant impact on the environment, product cost and life of the device. Given this fact, energy-efficient solutions for smart environments have gained great attention from researchers and the industrial community. In this context, a novel fog-based multi-level energy-efficient framework for IoT-enabled smart environments has been proposed. To achieve this, the proposed framework adds additional two layers in the existing IoT-fog-cloud architecture - sensors-based energy-efficient hardware layer and policy layer, to monitor the energy consumption and to enable the energy-aware decision making. Initially, the main sources of energy consumption in an IoT-enabled smart environment are identified. Further, the energy requirements of a device to perform a specific task are estimated. Moreover, the alternative devices to perform the same task using less energy are searched out. Finally, a device or a set of devices, to process the job consuming lower energy while ensuring the job requirements, is selected. To validate the proposed framework, four case studies are considered - smart parking, smart hospital specifically ICU, smart agriculture and smart airport. Simulations are conducted using iFogsim toolkit and results show that a significant amount of energy can be conserved by employing the proposed framework.

Published

2020

9. Green Fog Planning for Optimal Internet-of-Thing Task Scheduling

Author

Zhiming He, Yin Zhang, Byungchul Tak, and Limei Peng

Subjects

IoT, General Computer Science, Edge device, Computer science, Distributed computing, Cloud computing, 02 engineering and technology, Scheduling (computing), 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Integer programming, network planning, energy efficiency, Edge computing, business.industry, cloud computing, 020208 electrical & electronic engineering, General Engineering, 020206 networking & telecommunications, Provisioning, Networking hardware, Fog computing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, 5G

Abstract

The incoming 5G technology is expected to proliferate tremendous internet-of-thing (IoT) services with real-time and mobility requirements, which are quite different from the legacy cloud services. Due to the centralized management relying on distant datacenters, cloud computing is short of satisfying the stringent IoT requirements, such as ultra-low latency, mobility, etc. Instead, distributed edge computing, such as fog computing has been coined as a promising approach and has received enormous attention in recent years. In this paper, to optimally provision the huge volume of IoT services with significant diversity, we propose to efficiently organize the leisure network devices in the network edge to form fog networks (fogs), which are then integrated with the cloud to provide storage and computing resources. Specifically, we propose two Integer Linear Programming (ILP) models to solve the fog planning issue under the integrated Cloud-Fog (iCloudFog) framework. In the first ILP model, the objective is to minimize the CAPEX cost caused by planning fogs and the OPEX cost caused by utilizing the planned fogs. In the second ILP model, the objective is to minimize the power consumption while maximizing the number of successfully provisioned IoT tasks on the planned fogs. The proposed ILP models are numerically evaluated by considering different IoT task requirements, such as real-time and mobility. The numerical results show that efficiently planned fogs can help to reduce the planning overhead while satisfying diverse IoT task requirements.

Published

2020

10. A Delay-Tolerant Data Transmission Scheme for Internet of Vehicles Based on Software Defined Cloud-Fog Networks

Author

Fanyu Kong, Jun Zhou, Hong Gong, Xiaosong Tang, and Bin Xia

Subjects

General Computer Science, Transmission delay, Computer science, Real-time computing, the Internet of Vehicles, load balancing strategy, Cloud computing, 02 engineering and technology, Delay-tolerant data transmission, partially observable Markov decision process, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, 020203 distributed computing, Network architecture, business.industry, General Engineering, 020206 networking & telecommunications, Energy consumption, Load balancing (computing), Networking hardware, The Internet, lcsh:Electrical engineering. Electronics. Nuclear engineering, fog computing, business, Software-defined networking, lcsh:TK1-9971, software defined network, Data transmission

Abstract

The low-latency advantages of fog computing can be applied to solve high transmission latency problems of many network architectures in Internet of Vehicles. Therefore, this paper studies the application of fog computing in Internet of Vehicles. Considering that the fog network equipment deployed in Internet of Vehicles is relatively scattered, a new network architecture is proposed, which integrates cloud computing, fog computing and software defined network and other technologies. The proposed framework uses software defined network to centrally control fog network and obtains equipment performance of fog network. Furthermore, the optimal load balancing strategy is developed by communication overhead and other information. Based on time delay modeling of fog network, we study the time delay modeling of cloud-fog network and the energy consumption modeling of fog network. In addition, this paper models the selection process of data transmission network and data calculation execution server of delay-tolerant data as a partially observable Markov decision process optimization strategy in software defined Internet of Vehicles. By observing the state of system, current storage makes optimal decisions on data transmission and selection of computing nodes, thereby minimizing system overhead. Simulation results show that the proposed scheme can effectively reduce transmission delay and system overhead, improve data calculation efficiency.

Published

2020

11. Reinforced Secure Gossiping Against DoS Attacks in Post-Disaster Scenarios

Author

Christian Esposito, Zhongliang Zhao, and Jacek Rak

Subjects

game theory, reinforcement learning, General Computer Science, Computer science, Routing table, Retransmission, gossiping algorithm, Denial-of-service attack, Cryptography, 02 engineering and technology, 000 Computer science, knowledge & systems, 510 Mathematics, 020210 optoelectronics & photonics, Gossip, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, disaster-resilience, Cryptographic primitive, Network packet, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, 020206 networking & telecommunications, Networking hardware, Flooding (computer networking), Communication system security, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Game theory, Computer network

Abstract

During and after a disaster, the perceived quality of communication networks often becomes remarkably degraded with an increased ratio of packet losses due to physical damages of the networking equipment, disturbance to the radio frequency signals, continuous reconfiguration of the routing tables, or sudden spikes of the network traffic, e.g., caused by the increased user activity in a post-disaster period. Several techniques have been introduced so far (mainly using data retransmission mechanisms) to tolerate such circumstances. Among them, gossiping has been shown to be efficient in the recovery from message losses. However, a conventional gossiping scheme may exhibit security problems, which can be exploited for further attacks (such as Denial of Service - DoS attack). For instance, the flooding method used by the gossiping can be used to forward the traffic towards many vulnerable nodes to drain their resources and compromise them. Typically, protection against DoS attacks is realized by using cryptographic primitives. However, their scalability limits and costs make them improper for emergency communications after a disaster. In this article, we introduce an approach based on reinforcement learning and game theory to protect the gossiping scheme from DoS attacks without incurring the costs of cryptographic primitives. In our method, nodes properly select which requests to satisfy, which in turn helps other nodes to avoid receiving manipulated gossip messages from malicious and colluded nodes. Additionally, our method operates without exploiting any cryptographic primitives, which prevents excessive energy waste that is undesired in post-disaster resilient networking. Simulation experiments performed in OMNeT++ confirmed the advantages of our approach over the reference schemes in terms of reliability, security, overhead, latency, and power efficiency.

Published

2020

12. No Soldiers Left Behind: An IoT-Based Low-Power Military Mobile Health System Design

Author

Gordana Dermody, Paul Haskell-Dowland, James Jin Kang, Mohammadreza Ghasemian, Wencheng Yang, and Sasan Adibi

Subjects

LPWAN, General Computer Science, Computer science, Real-time computing, Wearable computer, 02 engineering and technology, multilayer inference system (MIS), 0202 electrical engineering, electronic engineering, information engineering, Wireless, wireless body area network (WBAN), General Materials Science, Electrical and Electronic Engineering, mobile health (mHealth), Authentication, business.industry, General Engineering, 020206 networking & telecommunications, emergency alarm notification, Sensor fusion, Networking hardware, low power wide area network (LPWAN), Systems design, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Multilayer inference algorithm (MIA), lcsh:TK1-9971

Abstract

There has been an increasing prevalence of ad-hoc networks for various purposes and applications. These include Low Power Wide Area Networks (LPWAN) and Wireless Body Area Networks (WBAN) which have emerging applications in health monitoring as well as user location tracking in emergency settings. Further applications can include real-time actuation of IoT equipment, and activation of emergency alarms through the inference of a user's situation using sensors and personal devices through a LPWAN. This has potential benefits for military networks and applications regarding the health of soldiers and field personnel during a mission. Due to the wireless nature of ad-hoc network devices, it is crucial to conserve battery power for sensors and equipment which transmit data to a central server. An inference system can be applied to devices to reduce data size for transfer and subsequently reduce battery consumption, however this could result in compromising accuracy. This paper presents a framework for secure automated messaging and data fusion as a solution to address the challenges of requiring data size reduction whilst maintaining a satisfactory accuracy rate. A Multilayer Inference System (MIS) was used to conserve the battery power of devices such as wearables and sensor devices. The results for this system showed a data reduction of 97.9% whilst maintaining satisfactory accuracy against existing single layer inference methods. Authentication accuracy can be further enhanced with additional biometrics and health data information.

Published

2020

13. IEEE 1815.1-Based Power System Security With Bidirectional RNN-Based Network Anomalous Attack Detection for Cyber-Physical System

Author

Hyunguk Yoo, Sungmoon Kwon, and Taeshik Shon

Subjects

General Computer Science, Computer science, Network security, Anomaly detection, 02 engineering and technology, Intrusion detection system, Electric power system, DNP3, IEC 61850, network security, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, cyber-physical system (CPS), supervisory control and data acquisition (SCADA), smart grid communications, business.industry, General Engineering, Cyber-physical system, 020206 networking & telecommunications, Networking hardware, cyberattack, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Computer network

Abstract

The introduction of the cyber-physical system (CPS) into power systems has created a variety of communication requirements and functions that existing legacy systems do not support. To this end, the IEEE 1815.1 standard defines the mapping between existing distributed network protocol networks and IEC 61850 networks that reflect new requirements. However, advanced CPS cyberattacks have been reported, and in order to address cyberattacks, security research on new power systems that use network devices and heterogeneous communication is necessary. In this study, we propose an intrusion detection system for an IEEE 1815.1-based power system using CPS. We 1) analyze an IEEE 1815.1-based power system network and propose a suitable application method for an intrusion detection system, 2) suggest a bidirectional recurrent neural network-based anomaly detection system for an IEEE 1815.1-based network, and 3) demonstrate the verification of the proposed technique using various power system-specific attack data, including real power system using CPS network traffic, CPS malware behavior (CMB), false data injection (FDI), and disabling reassembly (DR) attacks. Proposed technique successfully detected five types of CMB attacks, three types of FDI and DR attacks.

Published

2020

14. Novel Three-Tier Intrusion Detection and Prevention System in Software Defined Network

Author

Amir Ali and Muhammad Murtaza Yousaf

Subjects

RFID, packet classification, Authentication, IoT, General Computer Science, Edge device, Computer science, Network packet, business.industry, intrusion prevention system, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, SDN security, Denial-of-service attack, Throughput, Encryption, Networking hardware, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Software-defined networking, lcsh:TK1-9971, Computer network

Abstract

Software Defined Network (SDN) is a flexible paradigm that provides support for a variety of data-intensive applications with real-world smart Internet of Things (IoT) devices. This emerging architecture updates with the managing ability and network control. Still, the benefits are challenging to achieve due to the presence of intruder flow into the network. The research topic of intrusion detection and prevention system (IDPS) has grasped the attention to reduce the effect of intruders. Distributed Denial of Service (DDoS) is a targeted attack that develops malicious traffic is flooded into a particular network device. These intruders also involve even with legitimate network devices, the authenticated device will be compromised to inject malicious traffic. In this paper, we investigate the involvement of intruders in three-Tier IDPS with regard to user validation, packet validation and flow validation. Not all the authentication users can be legitimate, since they are compromised, so that the major contribution is to identify all the compromised devices by knee analysis of the packets. Routers are the edge devices employed in first tier which is responsible to validate the IoT user with RFID tag and encrypted signature. Then the authenticated user's packets are submitted into second tier with switches that validates the packets using type-II fuzzy filtering. Then the key features are extracted from packets and they are classified into normal, suspicious and malicious. The mismatched packets are analyzed in controllers which maintain two queues as suspicious and normal. Then suspicious queue packets are classified and predicted using deep learning method. The proposed work is experimented in OMNeT++ environment and the performances are evaluated in terms of intruder Detection Rate, Failure Rate, Delay, Throughput and Traffic Load.

Published

2020

15. A Reputation Value-Based Early Detection Mechanism Against the Consumer-Provider Collusive Attack in Information-Centric IoT

Author

Ting Zhi, Ying Liu, and Jun Wu

Subjects

General Computer Science, Computer science, media_common.quotation_subject, Reliability (computer networking), Internet of Things, Botnet, Context (language use), Computer security, computer.software_genre, reputation value, Information-centric networking, General Materials Science, early detection, media_common, Network architecture, Network packet, business.industry, General Engineering, collusive attack, Networking hardware, The Internet, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, computer, Reputation

Abstract

As the Internet of Things (IoT) has connected large number of devices to the Internet, it is urgently needed to guarantee the low latency, security, scalable content distribution of the IoT network. The benefits of Information-Centric Networking (ICN) in terms of fast and efficient data delivery and improved reliability have raised ICN as a highly promising networking model for IoT environments. However, with the widely spread of the viruses and the explosion of kinds of network devices, the attackers can easily control the devices to form a botnet such as the Mirai. Once the devices are under control, the attackers can launch a consumer-provider collusive attack in the Information-Centric IoT context. In this attack, the malicious clients issue Interest packets that can only be satisfied by the malicious content provider, and the malicious provider replies to the clients just before exceeding the Pending Interest Table entry's expiration time, to occupy the limited resources. In this paper, we expound the model of the consumer-provider collusive attack and analyze the negative effect of the attack. Then we propose a Reputation Value based Early Detection (RVED) mechanism to relieve the impact of the collusive attack. The method aims to adjust the packet dropping rates of different interfaces based on their reputation value, thus to protect the legitimate packets from being dropped as possible. We implement the consumer-provider collusive model and evaluate our defend mechanism in the simulator, and simulation results verify the feasibility and effectiveness against the collusive attack of the RVED mechanism.

Published

2020

16. IEEE Access Special Section Editorial: Survivability Strategies for Emerging Wireless Networks

Author

Irfan Awan, Ejaz Ahmed, Muhammad Imran, Joel J. P. C. Rodrigues, Ahmed E. Kamal, and Feng Xia

Subjects

General Computer Science, Computer science, business.industry, Wireless network, Mesh networking, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, Survivability, Provisioning, WiMAX, Networking hardware, Wireless broadband, General Materials Science, Network performance, Mobile telephony, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Computer network

Abstract

Recent developments in mobile and wireless networks have paved the way for them to become a fabric of society and the economy. The ever-increasing penetration rate of mobile telephony and wireless broadband data access, and the ubiquity of WiFi are just a few examples of this phenomenon. While multihop wireless networks (e.g., WiMax, LTE-A, ad hoc, sensor, and mesh networks) offer many advantages, such as enhanced capacity, extended communication range, deployment, and operational flexibility, they usually lack provisioning for network robustness and do not, in general, withstand network equipment failures. Network failures may have drastic effects on network performance and hinder network operation. The capability of a network to deliver data successfully in a timely manner and continue its services despite the presence of failures and attacks is referred to as survivability, which is an important system design and operational characteristic that must be provisioned.

Published

2020

17. IEEE Access Special Section Editorial: Green Signal Processing for Wireless Communicationsand Networking

Author

Yi Qian, David Shiung, Andres Kwasinski, Woongsup Lee, Wen-Long Chin, and Yansha Deng

Subjects

Signal processing, General Computer Science, business.industry, Computer science, Aviation, General Engineering, Networking hardware, Information and Communications Technology, Wireless, General Materials Science, The Internet, Environmental impact assessment, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Telecommunications, lcsh:TK1-9971

Abstract

Wireless devices, including smartphones/PDAs and the network equipment that connects them, consume a significant amount of power. The global greenhouse gas emissions produced by the operation of information and communication technology (ICT) infrastructure is comparable to that produced by the aviation industry. This situation is getting worse since billions of wireless devices, such as the Internet of Things devices, are expected to be newly added to the Internet in the coming decade. Consequently, there are multiple research and development projects that aim at addressing this issue, including some IEEE standards intended to reduce the environmental impact of the ICT industry. These standards include energy-efficient communications and networking. Although these emerging techniques have attracted considerable attention and have been studied recently, there are still many open research challenges to be addressed.

Published

2020

18. Characteristics of Skilled and Unskilled System Engineers in Troubleshooting for Network Systems

Author

Takahiro Ochi, Jun Ota, Taiki Ogata, Shota Fukuda, Akihide Takeuchi, Kazuyoshi Inoue, and Tomonori Yamada

Subjects

General Computer Science, Computer science, business.industry, 05 social sciences, network troubleshooting, General Engineering, 050301 education, 020206 networking & telecommunications, Expert and novice, 02 engineering and technology, Troubleshooting, skilled system engineer, Networking hardware, Information and Communications Technology, Server, ComputingMilieux_COMPUTERSANDEDUCATION, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, Software engineering, business, information and communication technology, lcsh:TK1-9971, 0503 education, Virtual network

Abstract

As information and communication technology systems become larger and more complex, system troubleshooting difficulty increases. To date, however, no efficient method for troubleshooting training has been developed owing to a lack of understanding of how skilled system engineers perform troubleshooting. The goal of this study was to investigate and compare the network troubleshooting characteristics of skilled and unskilled system engineers. We hypothesized that to efficiently troubleshoot a network system, skilled system engineers divided the overall network into functional and non-functional sub-networks by confirming connections between network devices using similar method. To observe troubleshooting behavior, we developed a virtual network comprising several servers, routers, and terminals on which a group of six skilled and unskilled system engineers performed normal troubleshooting activities. It was found that the skilled system engineers tended to narrow down the problem space by connection confirmation between network devices. The coincidences of connection confirmation between the skilled system engineers were significantly higher amongst the whole group. At the beginning of the troubleshooting assessment, the most skilled participants appropriately hypothesized which device was experiencing trouble, based on information presented in advance of the assessment. In contrast, the unskilled system engineers, and/or those unfamiliar with network troubleshooting, did not narrow the problem space but instead randomly searched for obstacle causes in selected network devices. These results suggest that unskilled system engineers should be taught methods for the appropriate and logical reduction of the problem space in network troubleshooting.

Published

2020

19. Formal Verification of SDN-Based Firewalls by Using TLA+

Author

Miyoung Kang and Young Mi Kim

Subjects

Correctness, General Computer Science, Computer science, business.industry, General Engineering, Complex network, Networking hardware, Network management, Firewall (construction), Scalability, General Materials Science, The Internet, business, Formal verification, Computer network

Abstract

Software-defined networking (SDN) has generated increased interest due to the rapid growth in the amount of data generated by the development of the Internet and communications, the commercialization of 5G, and increasingly complex networks. While SDN is more advantageous than traditional networks in terms of efficient network management, rapid deployment, and dynamic scalability, the correctness of a network configuration must be ensured in advance. In other words, SDN components such as network devices, SDN controllers, and applications need to be deployed correctly and must be free of rule conflicts, particularly between various application policies; otherwise, it may result in network paralysis in the worst case. This paper assumes that the SDN network is free of rule conflicts when the rules in the SDN switches correctly obey firewall application or policies. To solve this problem, this paper proposes a verification framework for SDN using TLA+. We show that the firewall rule behavior of switches can be formalized using TLA+, and this is verified with the TLC model checker that uses TLA+ as the model description language. We check two different types of topology models through our verification framework to ensure that the same firewall rules are maintained even if the topology changes. The findings show that the firewall rules may be inconsistent as the topology changes.

Published

2020

20. A Flexible Sketch-Based Network Traffic Monitoring Infrastructure

Author

Wen-Yaw Chung, Yu-Kuen Lai, Theophilus Wellem, and Chao-Yuan Huang

Subjects

traffic monitoring, 020203 distributed computing, Streaming mode, General Computer Science, Computer science, Real-time computing, General Engineering, 020206 networking & telecommunications, Throughput, 02 engineering and technology, Network monitoring, Traffic flow, hashing, Networking hardware, Sketch, Traffic flow (computer networking), Bloom filter, 0202 electrical engineering, electronic engineering, information engineering, Forwarding plane, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, network measurement, lcsh:TK1-9971, Streaming algorithm, FPGA

Abstract

Sketch-based data streaming algorithms are used in many network traffic monitoring applications to obtain accurate estimates of traffic flow statistics. However, the current implementation of sketch-based methods in network monitoring is too application-specific. Their flexibility is limited as the hardware implementation of sketch data structure in the network device depends on the measurement tasks. The sketch counters only summarize flow statistics that are relevant to a specific measurement task and cannot be reused for different measurement tasks. In this paper, we propose FlexSketchMon, a system designed to provide the flexibility of using various sketch-based algorithms for traffic monitoring and measurement tasks. FlexSketchMon leverages on a novel data plane architecture that collects traffic flow statistics and provides arbitrary flow aggregations to the monitoring applications. The data plane design comprises a flow counter table and a flow key table for storing flow-level data. FlexSketchMon is implemented on the NetFPGA-SUME platform and is capable of processing network traffic at line rate in a worst-case scenario corresponding to a 64-byte minimum Ethernet frame size. The update of the flow counter table, which is the critical path in the proposed system, can achieve a throughput of 96 Gbps. The simulation results based on a real-world network traffic traces for three monitoring applications-estimation, superspreader detection, and heavy hitter detection-are presented to demonstrate the performance of FlexSketchMon. The results show that FlexSketchMon yields comparable and better measurement accuracy compared to previous approaches.

Published

2019

21. A High-Speed, Scalable, and Programmable Traffic Manager Architecture for Flow-Based Networking

Author

Imad Benacer, Francois-Raymond Boyer, and Yvon Savaria

Subjects

General Computer Science, Computer science, 020209 energy, Traffic manager (TM), Throughput, 02 engineering and technology, Scheduling (computing), high-level synthesis (HLS), field-programmable gate array (FPGA), 0202 electrical engineering, electronic engineering, information engineering, Forwarding plane, General Materials Science, Queueing theory, Network packet, business.industry, flow-based networking, General Engineering, Networking hardware, Bandwidth allocation, Embedded system, Scalability, 020201 artificial intelligence & image processing, data plane, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971

Abstract

In this paper, we present a programmable and scalable traffic manager (TM) architecture, targeting requirements of high-speed networking devices, especially in the software-defined networking context. This TM is intended to ease the deployability of new architectures through field-programmable gate array (FPGA) platforms and to make the data plane programmable and scalable. Flow-based networking allows treating traffic in terms of flows rather than as a simple aggregation of individual packets, which simplifies scheduling and bandwidth allocation for each flow. Programmability brings agility, flexibility, and rapid adaptation to changes, allowing to meet network requirements in real-time. Traffic management with fast queuing and reduced latency plays an important role to support the upcoming 5G cellular communication technology. The proposed TM architecture is coded in C++ and is synthesized with the Vivado High-Level Synthesis tool. This TM is capable of supporting links operating beyond 40 Gb/s, on the ZC706 board and XCVU440-FLGB2377–3-E FPGA device from Xilinx, while achieving 80 Gb/s and 100 Gb/s throughput, respectively. The resulting placed and routed design was tested on the ZC706 board with its embedded ARM processor controlling table updates.

Published

2019

22. An Interactive Traffic Replay Method in a Scaled-Down Environment

Author

Hongri Liu, Bailing Wang, Lun An, and Jiawei Ren

Subjects

General Computer Science, Network security, business.industry, Computer science, traffic aggregation, 020208 electrical & electronic engineering, Real-time computing, Aggregate (data warehouse), General Engineering, 02 engineering and technology, Construct (python library), Networking hardware, Traffic replay, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, self-elected strategy, IP mapping

Abstract

Network traffic replay plays an essential role in network security tests. However, performing traffic replay in a network is still a challenge due to the different scales of the live network and the replay network. In this study, we investigate three problems of the interactive traffic replay under a scaled-down replay environment and then propose a multi-node traffic replay method. In this method, a self-elected IP mapping algorithm is designed to construct the IP mapping between the target network and the live network, which reproduce the interaction between the nodes of the live network. We prove that the traffic aggregation problem is an NP-complete problem and design a divide and conquer algorithm to approximate an optimal solution. On this basis, a traffic replay algorithm based on minimum-delay forwarding mechanism is proposed to perform low-delay interactive traffic replay. The experimental results show that the method mentioned above enables us to better aggregate elephant flows and achieve high similarity in replay timing series and bandwidth, which can be employed to reproduce a real network scenario in network device tests and network security experiments.

Published

2019

23. Software-Defined Cloud Computing: A Systematic Review on Latest Trends and Developments

Author

Shahaboddin Shamshirband, Aaqif Afzaal Abbasi, Antonio Pescape, Almas Abbasi, Anthony T. Chronopoulos, Valerio Persico, Abbasi, A. A., Abbasi, A., Shamshirband, S., Chronopoulos, A. T., Persico, V., and Pescape, A.

Subjects

General Computer Science, Computer science, infrastructure management, Interoperability, networking, Cloud computing, 02 engineering and technology, data center, computer.software_genre, Software, software defined networking, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Orchestration (computing), scalability, network functions virtualization, business.industry, General Engineering, 020206 networking & telecommunications, Virtualization, Data science, Networking hardware, data centers, Key (cryptography), 020201 artificial intelligence & image processing, Data center, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, computer

Abstract

Cloud computing concepts offer effective and efficient tools for addressing resource-hungry computational problems. While conventional methods, architectures, and processing techniques may limit cloud data center performance, software-defined cloud computing (SDCC) is an approach where virtualization services to all network resources in a dc are software-defined and where software-defined networking (SDN) and cloud computing go hand in hand. SDCC-related concepts change the previous state of affairs by promoting the centralized control of networking functions in a data center. A key objective of developing software-driven cloud infrastructure is that the networking hardware, software, storage, security, and network traffic management is open and interoperable. This facilitates easy installation and management of networking functions in the cloud infrastructure. Employing SDCC concepts to cloud data centers can improve resource administration challenges to a greater extent. This paper presents a survey on SDCC. We begin by introducing SDCC environments and explain its main architectural components. We identify the essential contributions of various developments to this field and discuss the implementation challenges and limitations faced in their adoption. We also explore the potential of SDCC in two domains, namely, resource orchestration and application development, as case studies of specific interest. In an attempt to anticipate the future evolution, we discuss the important research opportunities and challenges in this promising field.

Published

2019

24. Low-Latency Oriented Network Planning for MEC-Enabled WDM-PON Based Fiber-Wireless Access Networks

Author

Lin Bai, Jiawei Zhang, Min Zhang, Xin Wang, and Yuefeng Ji

Subjects

General Computer Science, Computer science, 02 engineering and technology, Power budget, 020210 optoelectronics & photonics, Technology planning, Broadband, 0202 electrical engineering, electronic engineering, information engineering, FiWi networks, General Materials Science, Latency (engineering), network planning, Mobile edge computing, Access network, business.industry, latency-sensitive application, MEC-enabled access networks, General Engineering, 020206 networking & telecommunications, Networking hardware, Network planning and design, WDM-PON, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, 5G, Computer network

Abstract

WDM-PON-based mobile edge computing (MEC)-enabled fiber wireless access networks (MFWAN) have been identified as a promising technology for next-generation broadband access. Low-latency oriented network planning of the WDM-PON-based MFWAN would be required for low-latency access to newly emerging latency-sensitive applications in the fifth-generation (5G) era. However, this would require a low-latency oriented network design in the network planning phase and has thus become a crucial challenge. In this paper, we investigate low-latency oriented network planning of the WDM-PON-based MFWAN under physical and management constraints. To this end, we develop a mathematical model to minimize total transmission latency for all latency-sensitive services. Our model is composed of the propagation latency on the paths and the processing latency on the network equipment and is subject to constraints of maximal transmission distance, maximal PON power budget, bandwidth requests, and the fronthaul latency limit under some functional split options. Given the model's complexity, we also propose a heuristic algorithm called latency-minimized integrated multi-associated positioning and routing algorithm (LMI-MAPRA). The simulation results show that the proposed algorithm outperforms the benchmark algorithm with more total transmission latency reductions in both sparse and dense networks. We also analyze the impact of key parameters on comparisons of different approaches in terms of low-latency optimal performances.

Published

2019

25. A New Resource Allocation Mechanism for Security of Mobile Edge Computing System

Author

Xingshuo An, Fuhong Lin, Hongwen Hui, and Chengcheng Zhou

Subjects

stability theory, Mathematical optimization, Mobile edge computing, General Computer Science, Edge device, Differential equation, Computer science, business.industry, General Engineering, resource allocation, Cloud computing, stochastic perturbation, Networking hardware, Stochastic differential equation, Mobile-edge computing, Stability theory, intrusion detection systems, Resource allocation, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971

Abstract

Mobile-Edge Computing (MEC) is a new computing paradigm that provides a capillary distribution of cloud computing capabilities to the network edge. In this paper, we studied the security defense problem in MEC network environment. One big challenge is how to efficiently allocate resources to deploy Mobile-Edge Computing-Intrusion Detection Systems (MEC-IDS) in this system, since all the MEC hosts are composed of resource-constrained network devices. To tackle this challenge, a new resource allocation mechanism based on deterministic differential equation model is proposed and investigated. Existence, uniqueness and stability of the positive solution of this model are obtained by using Lyapuonv stability theory. Furthermore, we extended our study to MEC network environment with stochastic perturbation and established a new stochastic differential equation model. We proved the existence, uniqueness, persistence and oscillatory of the positive solution of this model and quantitatively analyzed the relationship between oscillation and intensity of stochastic perturbation. Numerical simulations are carried out to illustrate the effectiveness of the main results.

Published

2019

26. An Optimal Strategy for Resource Utilization in Cloud Data Centers

Author

Yuhong Zhang, Wenlong Ni, and Wei Li

Subjects

General Computer Science, Computer science, Distributed computing, resource allocation, Cloud computing, 02 engineering and technology, computer.software_genre, continuous-time Markov decision process, Resource (project management), Server, 0202 electrical engineering, electronic engineering, information engineering, datacenter, General Materials Science, Resource management, 020203 distributed computing, business.industry, General Engineering, 020206 networking & telecommunications, Networking hardware, Virtual machine, Service level, virtual machine, optimal control policy, Data center, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, computer

Abstract

Cloud computing has emerged in recent years as one of the most interesting developments in technology. With the gaining popularity of cloud-based solutions, more and more applications are migrating into the Cloud and thus have highly demanding critical requirements for networking resources. Virtual technology associated with a Data Center consists of a set of servers, storage and network devices, power systems, cooling systems, etc., and makes it possible for the resource management of physical machines to be more finely tuned and thus support multiple virtual machines well. The growing challenge, however, is how to efficiently provision these resources to meet the requirements of the different qualities of service levels. This paper offers and investigates a general situation wherein a datacenter can determine the cost of using resources and a Cloud service user can decide whether it will pay the price for the resource or not for an incoming task. By establishing a Continuous-Time Markov Decision Process model for both an average reward model and a discounted expected reward model, the optimal policy of each model for admitting tasks can be verified to be a State-related control limit (threshold) policy, respectively. Further, a detailed statement and verification of the upper boundaries for such an optimal policy, and a comprehensive set of experiments on the various cases to validate this proposed solution are provided. Particularly, the machine learning method is implemented to obtain the optimal threshold values by using a feed-forward neural network model. Several numerical examples are also provided on how to derive optimal threshold values. The results offered in this paper can be easily utilized to help datacenter operate in an economically optimal way when providing different needed application services to Cloud service users.

Published

2019

27. Cache Aware User Association for Wireless Heterogeneous Networks

Author

Choong Seon Hong, S. M. Ahsan Kazmi, Rim Haw, Kyi Thar, and Golam Rabiul Alam

Subjects

General Computer Science, Computer science, 02 engineering and technology, heterogeneous networks, Base station, caching, 0202 electrical engineering, electronic engineering, information engineering, Wireless, General Materials Science, Network performance, business.industry, wireless small cell networks, General Engineering, 020206 networking & telecommunications, Networking hardware, Backhaul (telecommunications), matching games, Software deployment, 020201 artificial intelligence & image processing, User association, Cache, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Heterogeneous network, Computer network

Abstract

The proliferation of network devices and novel bandwidth hungry applications over the existing network imposes novel challenges in terms of fulfilling the users’ requirements. Dense deployment of small cells is thought to be a promising solution to fulfill these requirements. However, the user association in such dense networks becomes challenging and can greatly affect the network performance, as a user in such dense deployments can be connected to any of the available base stations. Traditionally, the user association has been performed based on the signal strength, however, such an approach does not apply when taking into account novel bandwidth hungry applications. Moreover, in recent years, a successful paradigm has been proposed to handle such bandwidth hungry applications, i.e., caching at small cell base stations. In this paper, we aim to solve this joint problem of user association and content caching in a dense small cell setting. To solve this problem, we present a novel iterative scheme that uses matching theory and a learning approach to find a suboptimal solution of the joint NP hard problem. Note that the user association and cache placement are strongly coupled, i.e., the association of users at a base station will determine the cache placement at base stations and the availability of cache at base stations will force the users to change their associations. Simulation results show that the proposed scheme (i.e., cache aware user association) significantly outperforms the cache unaware scheme and achieves a performance gain of up to 31% in terms of normalized utility and saves up to twice the backhaul bandwidth. Moreover, the proposed scheme also achieves up to 82% of the utility obtained by the optimal solution.

Published

2019

28. HPQS: A Fast, High-Capacity, Hybrid Priority Queuing System for High-Speed Networking Devices

Author

Yvon Savaria, Imad Benacer, and Francois-Raymond Boyer

Subjects

General Computer Science, business.industry, Computer science, Network packet, 020209 energy, General Engineering, 02 engineering and technology, Networking hardware, Scheduling (computing), networking devices, Priority queue, field-programmable gate array (FPGA), high-level synthesis, 0202 electrical engineering, electronic engineering, information engineering, Wireless, 020201 artificial intelligence & image processing, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Queue, lcsh:TK1-9971, 5G, Computer network

Abstract

In this paper, we present a fast hybrid priority queue architecture intended for scheduling and prioritizing packets in a network data plane. Due to increasing traffic and tight requirements of high-speed networking devices, a high capacity priority queue, with constant latency and guaranteed performance is needed. We aim at reducing latency to best support the upcoming 5G wireless standards. The proposed hybrid priority queuing system (HPQS) enables pipelined queue operations with almost constant time complexity in practice. The proposed architecture is implemented in C++, and is synthesized with the Vivado High-Level Synthesis (HLS) tool. Two configurations are proposed. The first one is intended for scheduling with a multi-queuing system for which implementation results of 64 up to 512 independent queues are reported. The second configuration is intended for large capacity priority queues, that are placed and routed on a ZC706 board and a XCVU440-FLGB2377-3-E Xilinx FPGA supporting a total capacity of 1/2 million packet tags. The reported results are compared across a range of priority queue depths and performance metrics with existing approaches. The proposed HPQS supports links operating at 40 Gb/s.

Published

2019

29. Cooperative Multi-Path Routing Solution With Real-Time Optimization for Streaming Application Using Auction Theory

Author

Ahmed E. Kamal, Yu Jie, and Mohammed Abdullah Alnuem

Subjects

Service (systems architecture), General Computer Science, Computer science, Auction theory, User cooperation, Throughput, 02 engineering and technology, 0203 mechanical engineering, 0202 electrical engineering, electronic engineering, information engineering, Wireless, General Materials Science, streaming applications, business.industry, General Engineering, 020302 automobile design & engineering, 020206 networking & telecommunications, Energy consumption, auction theory, multi-path communication, Networking hardware, Transport layer, Network service, lcsh:Electrical engineering. Electronics. Nuclear engineering, Routing (electronic design automation), business, lcsh:TK1-9971, Computer network

Abstract

Cooperation among network devices is a promising approach to improve network throughput and network service quality. In addition, it can be used to enhance network survivability against failures. In this paper, we study a cooperative multi-path routing solution for wireless Users Equipment (UEs)' streaming applications. We assume that UEs use multi-path transport layer service, and establish two paths for streaming, one path goes through its cellular link, and the other path is established using a Wi-Fi connection with a neighbor UE. We study a user coordinated multi-path routing solution with two different energy cost functions, a Linear Cost Function (LCF) and Energy As the Cost (EAC) and design user cooperative real-time optimization and failure protection operations for the streaming application. To stimulate UEs to participate in the user cooperation operation, we design a credit system enabled by an auction mechanism. We compare the performance of user cooperation schemes to the non-cooperative scheme, and using simulation results show that applying the proposed user cooperation scheme and establishing multi-path connections for streaming has an advantage in improving the service rate and streaming success rate, and reduces energy consumption compared to non-cooperation solutions. User cooperation scheme with LCF energy cost function can also help balance the energy consumption among UEs in the system compared to user cooperation scheme with EAC energy cost function.

Published

2019

30. An Edge Computing Platform for Intelligent Operational Monitoring in Internet Data Centers

Author

Yeliang Qiu, Honghao Gao, Jian Wan, Congfeng Jiang, Kangkang Li, and Tiantian Fan

Subjects

Job scheduler, General Computer Science, Computer science, Big data, Cloud computing, 02 engineering and technology, computer.software_genre, Server, 0202 electrical engineering, electronic engineering, information engineering, intelligent operation, General Materials Science, Edge computing, energy efficiency, business.industry, General Engineering, 020206 networking & telecommunications, Workload, Grid, Networking hardware, data centers, monitoring, 020201 artificial intelligence & image processing, The Internet, Data center, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, computer, lcsh:TK1-9971, Efficient energy use, Computer network

Abstract

The increasing demand for cloud-based services, such as big data analytics and online e-commerce, leads to rapid growth of large-scale internet data centers. In order to provide highly reliable, cost effective, and high quality cloud services, data centers are equipped with sensors to monitor the operational states of infrastructure hardware, such as servers, storage arrays, networking devices, and computer room air conditioning systems. However, such coarse grained monitoring cannot provide fine grained real time information for resource multiplexing and job scheduling. Moreover, the monitoring of node level power consumption plays an important role in the optimization of workload placement and energy efficiency in data centers. In this paper, we propose an edge computing platform for intelligent operational monitoring in data centers. The platform integrates wireless sensors and on-board built-in sensors to collect data during the operation and maintenance of data centers. Using logical functions, we divide the data center clusters into grids, and then deploy wireless sensors and edge servers in each grid. As such, data processing on edge servers can reduce the latency in data transmission to central clouds and thereby enhance the real time resource mapping decisions in data centers. In addition, the proposed platform also provides predictions of resource utilization, workload characteristics, and hardware health trends in data centers.

Published

2019

31. Quantitative Evaluation of Data Centers’ Participation in Demand Side Management

Author

M. H. Hocaoglu, Tuba Gozel, and Mehmet Turker Takci

Subjects

General Computer Science, Computer science, business.industry, 020209 energy, 05 social sciences, General Engineering, 02 engineering and technology, 7. Clean energy, Networking hardware, Reliability engineering, Compensation (engineering), Electric power system, 13. Climate action, Peaking power plant, Server, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, The Internet, General Materials Science, business, Dispatchable generation, 050203 business & management

Abstract

In recent years, the rapid increase in the number of internet users and widespread usage of internet applications have obliged large servers and networking equipment to manage large data stack and optimize the instantaneous transmission of digital information. The COVID-19 Pandemic has also caused an increase in data exchanges and digital information generation. In order to manage large-scale data, there is a need for gigantic data centers (DCs) which are tremendous energy consumers and have relatively flexible loads that are easier to control by means of shifting in time and space. Therefore, DCs can be regarded as dispatchable loads and are considered good candidates for participating in demand side management (DSM) programs for power curve smoothing and compensation of power fluctuation in electrical power systems. In this paper, the question of why DCs should participate in DSM has been investigated rather than the technical methods used in DSM. The amount of DCs’ participation energy is used by peak shaving/shifting method for power curve smoothing using actual data. The possible environmental and financial effects of it for Turkey and all the world have been carried out. The study results show that DCs’ participation in DSM for Turkey decreases peak load by up to 2.18%, defers up to 34% of the installed power plants launched in 2019, and improves load and loss factors by up to 2.2% and 4.3% respectively. Additionally, global DC’s participation in DSM decreases the peak point by up to 0.77% and reduces $CO_{2}$ emission by 0.03%.

Published

2021

32. Edge of Things: The Big Picture on the Integration of Edge, IoT and the Cloud in a Distributed Computing Environment

Author

Manoranjan Mohanty, Deepak Puthal, Sharmi Sankar, Chin-Teng Lin, Akshansh Gupta, Mukesh Prasad, and Hesham El-Sayed

Subjects

IoT, General Computer Science, Wireless ad hoc network, Computer science, Distributed computing, Mobile computing, Cloud computing, 02 engineering and technology, edge computing, multi-cloud, Server, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Resource management, Edge computing, Distributed Computing Environment, Wireless network, business.industry, cloud computing, General Engineering, 020206 networking & telecommunications, Network dynamics, Networking hardware, Smart grid, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, fog computing, business, lcsh:TK1-9971

Abstract

© 2013 IEEE. A centralized infrastructure system carries out existing data analytics and decision-making processes from our current highly virtualized platform of wireless networks and the Internet of Things (IoT) applications. There is a high possibility that these existing methods will encounter more challenges and issues in relation to network dynamics, resulting in a high overhead in the network response time, leading to latency and traffic. In order to avoid these problems in the network and achieve an optimum level of resource utilization, a new paradigm called edge computing (EC) is proposed to pave the way for the evolution of new age applications and services. With the integration of EC, the processing capabilities are pushed to the edge of network devices such as smart phones, sensor nodes, wearables, and on-board units, where data analytics and knowledge generation are performed which removes the necessity for a centralized system. Many IoT applications, such as smart cities, the smart grid, smart traffic lights, and smart vehicles, are rapidly upgrading their applications with EC, significantly improving response time as well as conserving network resources. Irrespective of the fact that EC shifts the workload from a centralized cloud to the edge, the analogy between EC and the cloud pertaining to factors such as resource management and computation optimization are still open to research studies. Hence, this paper aims to validate the efficiency and resourcefulness of EC. We extensively survey the edge systems and present a comparative study of cloud computing systems. After analyzing the different network properties in the system, the results show that EC systems perform better than cloud computing systems. Finally, the research challenges in implementing an EC system and future research directions are discussed.

Published

2018

33. Software-Defined WAN via Open APIs

Author

Depeng Jin, Wenxia Dong, Yong Li, and Huan Yan

Subjects

General Computer Science, bandwidth allocation, Computer science, policy conflict, Cloud computing, 02 engineering and technology, Dynamic priority scheduling, Network topology, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, Bandwidth (computing), General Materials Science, wide area network (WAN), Channel allocation schemes, business.industry, 05 social sciences, General Engineering, 020206 networking & telecommunications, Networking hardware, Wide area network, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Software-defined network (SDN), lcsh:TK1-9971, 050203 business & management, Private network, Computer network

Abstract

Cloud applications require the ability to customize bandwidth and network policies for desired wide area network (WAN) connections. Unfortunately, currently widely used virtual private network is difficult to achieve such customization where sophisticated manual configurations and operator expertise are required. Software-defined network (SDN) creates the opportunities to provide this ability. In this paper, we design Grace, a SDN-based system to provide diverse connections with flexible bandwidth and customized policies, implementing WAN as a service. Our contributions can be listed as follows: 1) We introduce open APIs for customers by abstracting WAN connections based on connection types, bandwidth, latency sensitivity, and policy-related information; 2) We develop an effective conflict detection algorithm considering both resource reservation and safety guarantee; 3) We propose a linear programming - based bandwidth algorithm for latency-sensitive connections by dynamic scheduling of time and bandwidth, and design a pricing scheme for various connection demands to address the case that network cannot fulfill all the connection requests. A prototype implementation and extensive evaluations show that Grace provides the ability to customize WAN connections without policy conflicts, allocates required bandwidth optimally, translates them into low-level configurations for underlying network devices, and successfully deploys WAN in a short time.

Published

2018

34. Optimizing Segment Routing With the Maximum SLD Constraint Using Openflow

Author

Liaoruo Huang, Wenjuan Shao, Cui Xiaoyu, and Qingguo Shen

Subjects

OpenFlow, General Computer Science, computer.internet_protocol, Computer science, MPLS, Multiprotocol Label Switching, 02 engineering and technology, 020210 optoelectronics & photonics, Header, 0202 electrical engineering, electronic engineering, information engineering, Forwarding plane, General Materials Science, path encoding, openflow, business.industry, label stack, Segment routing, General Engineering, 020206 networking & telecommunications, Networking hardware, Constraint (information theory), lcsh:Electrical engineering. Electronics. Nuclear engineering, Routing (electronic design automation), business, lcsh:TK1-9971, computer, Computer network

Abstract

Segment routing is an emerging routing technology that was initially driven by commercial vendors to achieve scalable, flexible, and controllable routing. In segment routing, multiple multi-protocol label switch labels are stacked in the packet header to complete end-to-end transmission, which may lead to a large label stack and a long packet header. Thus, scalability issues may occur when segment routing is applied to large-scale networks. To address this issue, multiple mechanisms and algorithms have been proposed for minimizing the label stack size. However, we argue that these methods ignore the constraint on the maximum segment list depth (SLD), since the typical network equipment can currently only support three to five layers of labels. In this paper, we study segment routing with the maximum SLD constraint and demonstrate that issues, such as explosive increases in the size of the label space and the management overheads will arise when the maximum SLD constraint is imposed. To address these issues, we make contributions from two main aspects. First, based on the network programmability that is provided by openflow, a novel segment routing architecture with improved data plane is proposed that reduces the overhead of additional flow entries and label space. Second, a new path encoding scheme is designed to minimize the SLD under the given maximum constraint, while taking multiple types of overhead into consideration. Moreover, we also perform simulations under different scenarios to evaluate the performances of the proposed algorithms. The simulation results demonstrate that the proposed mechanisms and algorithms can address the issues of segment routing when there is a constraint on the maximum SLD.

Published

2018

35. User-Participatory Fog Computing Architecture and Its Management Schemes for Improving Feasibility

Author

Won-Suk Kim and Sang-Hwa Chung

Subjects

Service (systems architecture), General Computer Science, Computer science, Distributed computing, Internet of Things, Cloud computing, 02 engineering and technology, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, software defined networking, Resource allocation (computer), General Materials Science, Architecture, Edge computing, Firmware, business.industry, General Engineering, 020206 networking & telecommunications, Service provider, Networking hardware, Resource allocation, Fog computing, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, computer, optimization, lcsh:TK1-9971

Abstract

The evolution of computing and networking technologies has opened the era of cloud computing, and the advent of the Internet of Things (IoT) paradigm has been questioning its limitations. Owing to advances in computer networks, cloud computing is improving, and the most promising technology is fog computing. Although fog computing is recognized as the most appropriate computing model for the IoT, it has not yet been widely used, and the major reasons are as follows. The replacement of the firmware and hardware of network equipment is inevitable; however, the operator in charge of carrying out this expensive task is unclear, and even if the operator is selected, the reason may be not rational. In addition, although fog computing is based on collaboration between several infrastructure operators and service providers, it is not clear who operates and manages the infrastructure. Furthermore, there is still a resource allocation problem for a fog service instance. In this paper, we propose a user participatory fog computing architecture and its management schemes to address the above problems related to its feasibility. In the proposed architecture, fog service instance placement optimization is performed based on service usage of participating users, which is formulated into a mixed-integer non-linear programming problem and then linearized. The proposed architecture and the fog service placement method are evaluated based on simulation, taking into account actual parameters of the IoT services and devices.

Published

2018

36. A Services Routing Based Caching Scheme for Cloud Assisted CRNs

Author

Neal N. Xiong, Yuxin Liu, Mingfeng Huang, Anfeng Liu, Houbing Song, Zhiwen Zeng, and Ning Zhang

Subjects

General Computer Science, Edge device, Computer science, Big data, Services computing, Cloud computing, 02 engineering and technology, services joint data routing, services fusion, edge computing, in-network caching, Server, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Edge computing, Network architecture, business.industry, General Engineering, 020206 networking & telecommunications, Energy consumption, Service provider, Networking hardware, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Computer network

Abstract

With the emergence of Internet of Things, the number of connected devices has been dramatically increasing, causing severe spectrum shortage problem. To fully explore the spectrum resources, big data, and cloud computing can be employed by cognitive radio networks, to make efficient use of various sensing results from different sensing sources. However, the massive growth of sensing data brings tremendous load pressure on the data center, resulting in long service response time and poor Quality of Experience. Edge computing and fog computing deal with these issues by placing computation resources at the network edge. However, compared with the data center, the capabilities at edge servers are limited. Therefore, a services routing-based caching scheme (SRCS) is proposed, which can greatly lighten the load on the data center and maintain the advantages of global intelligent computing of traditional cloud computing. Specifically, SRCS first introduces the concept of transmitting service flow. At the edge layer, data are converted to service flow by network hardware and software, thus achieving the network architecture centered on service computing. Then, SRCS proposes a service routing based on service similarity, transmits similar services through the same path, and service data are fused on the path to minimize transmission load. Moreover, SRCS caches services in content routers (CRs). When the service is requested again, CRs are used as service providers to return data, thus achieving the nearest access to the content. Both theoretical analysis and experiment results demonstrate that comparing existing schemes, SRCS improves service response time by 13.67%–51.15%, reduces transmitting data amount by 23.62%–30.3%, and makes energy consumption more balanced.

Published

2018

37. A Learning Framework for Size and Type Independent Transient Stability Prediction of Power System Using Twin Convolutional Support Vector Machine

Author

Hadi Hosseini, Ali Amiri, and Alireza Bashiri Mosavi

Subjects

convolutional neural network (CNN), General Computer Science, Computer science, 020209 energy, General Engineering, 02 engineering and technology, size and type independent trajectory features (s&tIF), Networking hardware, Reliability engineering, Support vector machine, Electric power system, Hyperplane, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Thermal stability, Transient stability assessment (TSA), lcsh:Electrical engineering. Electronics. Nuclear engineering, Electrical and Electronic Engineering, lcsh:TK1-9971, Classifier (UML), Network analysis

Abstract

Real-time transient stability assessment (TSA) of power systems is an important real world problem in electrical energy engineering and pattern recognition scope. The definition of most discriminative trajectory features and proper supervised trajectory-based classifier has remained a motivational challenge for scholars vis-à-vis real-time TSA. In addition, increase in the consumption of electrical energy along with constraints such as amortization of network equipment induces electric power system inadequacy risk. The retrieval of power system adequacy involves network expansion planning such as installing new power plants for the network. This policy affects the structure and electrical specification of the network significantly. Furthermore, due to sudden or the scheduled tripping of network equipment stemming from action of protection devices or maintenance procedures, the network must undergo shallow structural changes. The different level of changes in network specification is becoming a potential barrier for network analysis tools like real-time TSA platform. In fact, the lack of consideration of the incompatibility of TSA tool with expansion planning affects the performance of TSA learning model that is trained using the preexpansion network. However, this paradoxical problem can be solved by generalized learning for power system size & type independent (PSs&tInd) real-time TSA. For this purpose, first, we used a set of PSs&tInd trajectory features. Next, we presented a trajectory-based deep neuro classifier to eliminate kernel functions weaknesses plugged into the hyperplane-based classifier. Finally, experimental comparisons were conducted to assess the efficacy of the proposed framework. The results showed that the proposed technique offered high-generalization capacity on real-time TSA during network expansion.

Published

2018

38. Mimic Encryption System for Network Security

Author

Qinglei Zhou, Xueming Si, Bin Li, and Jinhua Fu

Subjects

General Computer Science, Computer science, Network security, Hash function, 0211 other engineering and technologies, 02 engineering and technology, Encryption, Brute-force attack, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, mimic encryption, FPGA, 020203 distributed computing, 021110 strategic, defence & security studies, business.industry, General Engineering, Plaintext, Attack surface, Networking hardware, The Internet, one frame - one key, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Computer network, Data link layer

Abstract

With the rapid development of the Internet, increasingly more attention has been paid to network security problems. A network security defense technology has become a very important research field. Currently, most network equipment transmits data in plaintext at the data link layer, which exposes important information, such as IP addresses, port numbers, and application protocols, to an attacker and provides an opportunity for network attacks. To protect a network against attacks and ensure its security, this paper proposes a mimic encryption system for network security. Based on the concepts of moving target defense and mimic security defense, using the principles of randomization, dynamism, and diversification, a data link layer mimic encryption system is constructed from the underlying network of an information system. By transforming the frame format, a reconfigurable encryption algorithm, an hash algorithm, and a pseudo-random number generator are used to design different combination encryption modes. Then, the hash value of an encrypted frame is obtained by performing the hash operation, and feedback update is performed to generate new key parameters for the hash key pool. In addition, the pseudo-random selection of combinations of encryption algorithms and keys is performed to achieve “one frame-one key”. Finally, an FPGA is used as the network encryption card, and a CPU is used to realize two-party key agreement and the upper layer application. Using the FPGA + CPU hardware and software collaboration, the attack surface is expanded. Taking advantage of the high anti-interference property of an FPGA, part of the attack against the software system is filtered. The experimental results and analysis show that the encryption and decryption performance of this system in a 10 G network are approximately 500 MB/s. Thus, the system can effectively prevent the leakage of user data and resist network sniffing, vulnerability attacks, exhaustive key search attacks, and ciphertext-only attacks. Moreover, this system provides high security.

Published

2018

39. Advancing Software-Defined Networks: A Survey

Author

Jacob H. Cox, Jared Ivey, George F. Riley, Joaquin Chung, Russell J. Clark, Henry L. Owen, and Sean Donovan

Subjects

network virtualization (NV), General Computer Science, Computer science, Control (management), 02 engineering and technology, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, SDN interfaces and APIs, Government, Network architecture, SIMPLE (military communications protocol), business.industry, General Engineering, 020206 networking & telecommunications, Virtualization, Networking hardware, standards, network functions virtualization (NFV), data plane, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, Software-defined networking (SDN), Software-defined networking, Telecommunications, business, lcsh:TK1-9971, computer

Abstract

Having gained momentum from its promise of centralized control over distributed network architectures at bargain costs, software-defined Networking (SDN) is an ever-increasing topic of research. SDN offers a simplified means to dynamically control multiple simple switches via a single controller program, which contrasts with current network infrastructures where individual network operators manage network devices individually. Already, SDN has realized some extraordinary use cases outside of academia with companies, such as Google, AT&T, Microsoft, and many others. However, SDN still presents many research and operational challenges for government, industry, and campus networks. Because of these challenges, many SDN solutions have developed in an ad hoc manner that are not easily adopted by other organizations. Hence, this paper seeks to identify some of the many challenges where new and current researchers can still contribute to the advancement of SDN and further hasten its broadening adoption by network operators.

Published

2017

40. CaaS: Caching as a Service for 5G Networks

Author

Xiaofei Wang, Keqiu Li, Xiuhua Li, and Victor C. M. Leung

Subjects

General Computer Science, Computer science, Distributed computing, Mobile computing, content delivery network, 050801 communication & media studies, Cloud computing, 02 engineering and technology, computer.software_genre, 0508 media and communications, 0202 electrical engineering, electronic engineering, information engineering, caching as a service (CaaS), Mobile search, General Materials Science, Resource management, Mobile technology, Network packet, business.industry, 05 social sciences, General Engineering, 020206 networking & telecommunications, Service provider, Virtualization, virtualization, Networking hardware, Elasticity (cloud computing), lcsh:Electrical engineering. Electronics. Nuclear engineering, business, computer, lcsh:TK1-9971, 5G, Computer network

Abstract

In recent years, demands for rich multimedia services over mobile networks have been soaring at a tremendous pace. Traditional dedicated networking equipment may not be able to efficiently support the phenomenal growth of the traffic load and user demand dynamics while consuming an unnecessarily large amount of energy resources. Recently, mobile content caching, whereby popular contents are cached inside the mobile front-haul and back-haul networks so that demands for these contents from users in proximity can be easily accommodated without redundant transmissions from the remote sources, has emerged as an efficient technique for multimedia content delivery. Mobile content caching is particularly suitable for fifth generation (5G) mobile systems that are being designed to incorporate advanced cloud computing technologies and network function virtualization techniques. Therefore, in this paper, we first propose the concept of “Caching-as-a-Service” (CaaS) based on cloud-based radio access networks, and virtualized evolved packet core, which provides the capability to cache anything at anytime, anywhere in the cloud-based 5G mobile systems to satisfy user demands from any service location with high elasticity and adaptivity, and to empower third-party service providers with flexible controllability and programmability. Then, we study the potential techniques related to the virtualization of caching, and discuss the technical details of virtualization and optimization of CaaS in 5G mobile networks. Some novel schemes for CaaS are proposed to target different mobile applications and services. We also explore new opportunities and challenges for further research.

Published

2017

41. Auto-Configuration of ACL Policy in Case of Topology Change in Hybrid SDN

Author

Babar Shah, Nadir Shah, Omar Alfandi, and Rashid Amin

Subjects

Network segmentation, business.product_category, General Computer Science, Computer science, Distributed computing, Logical topology, graph difference, Core network, 02 engineering and technology, Topology, Network topology, Network simulation, Network management application, Bus network, 0202 electrical engineering, electronic engineering, information engineering, Forwarding plane, General Materials Science, Network performance, policy configuration, Network architecture, Topology change, business.industry, Network packet, General Engineering, Packet forwarding, 020206 networking & telecommunications, Network traffic control, Networking hardware, tree, Intelligent computer network, Network management, Network Access Control, Open network architecture, communication switching, 020201 artificial intelligence & image processing, Network switch, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Network management station, Computer network

Abstract

Software-defined networking (SDN) has emerged as a new network architecture, which decouples both the control and management planes from data plane at forwarding devices. However, SDN deployment is not widely adopted due to the budget constraints of organizations. This is because organizations are always reluctant to invest too much budget to establish a new network infrastructure from scratch. One feasible solution is to deploy a limited number of SDN-enabled devices along with traditional (legacy) network devices in the network of an organization by incrementally replacing traditional network by SDN, which is called hybrid SDN (Hybrid SDN) architecture. Network management and control in Hybrid SDN are vital tasks that require significant effort and resources. Manual handling of these tasks is error prone. Whenever network topology changes, network policies (e.g., access control list) configured at the interfaces of forwarding devices (switches/routers) may be violated. That creates severe security threats for the whole network and degrades the network performance. In this paper, we propose a new approach for Hybrid SDN that auto-detects the interfaces of forwarding devices and network policies that are affected due to change in network topology. In the proposed approach, we model network-wide policy and local policy at forwarding device using a three-tuple and a six-tuple, respectively. We compute graph to represent the topology of the network. By using graph difference technique, we detect a possible change in topology. In the case of topology change, we verify policy for updated topology by traversing tree using six-tuple. If there is any violation in policy implementation, then affected interfaces are indicated and policies that need to be configured are also indicated. Then, policies are configured on the updated topology according to specification in an improved way. Simulation results show that our proposed approach enhances the network efficiency in term of successful packet delivery ratio, the ratio of packets that violated the policy and normalized overhead.

Published

2016

42. Nonequivalent Quasi-Experimental Study of Wireless Telecommunication Traffic During Severe Winter Storms

Author

Robert R. Jakubek

Subjects

education.field_of_study, General Computer Science, business.industry, Computer science, Population, General Engineering, Winter storm, Telecommunications service, Computer security, computer.software_genre, winter storms, Networking hardware, traffic volume, disaster, Wireless, General Materials Science, Code division multiple access (CDMA), lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Natural disaster, education, Telecommunications, computer, lcsh:TK1-9971

Abstract

As wireless communication has become completely integrated into people’s day-to-day lives, so has its reliance on wireless connectivity. The Centers for Disease Control reports that in 2013 39.4% of the U.S. population did not own a traditional wired telephone. While the convenience of a wireless phone is clear, it has created a situation where it is the only communication device that people have during a natural disaster. Far too often during disasters communications with these devices fail, often occurring in one of two ways. First, natural disasters destroy the network hardware that provides the required network connectivity. Second, as people need these devices for safety and security, the network that these devices utilize becomes overloaded. The research in this paper provides evidence that there is a statistically measurable increase in wireless communication traffic during a severe winter storm. This empirical study explores the increase of voice minutes of use and text messaging during a severe winter storm.

Published

2015

43. [Untitled]

Subjects

Access network, Vehicular ad hoc network, General Computer Science, Computer science, media_common.quotation_subject, Distributed computing, General Engineering, 020206 networking & telecommunications, 020302 automobile design & engineering, 02 engineering and technology, Load balancing (computing), Adaptability, Networking hardware, 0203 mechanical engineering, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), General Materials Science, Software-defined networking, Mobility management, media_common

Abstract

To ensure high performance for vehicular access networks, Software Defined Networking (SDN) technology is an efficient solution offering programmability, flexibility and a centralized view of the network. Nevertheless, to guarantee an efficient mobility management, some improvements are needed. In particular, a limitation on the number of exchanges between SDN controller and network devices and a better flow tables’ management are required. To achieve that, the ideas of flow rules’ pre-deployment and mobility-aware management of flow rules’ lifetime have been proposed. However, existing approaches have two major limitations: accuracy and adaptability. Indeed, network load (accuracy) and network devices’ feedbacks (adaptability) are not considered, two factors impacting flow rules management. That is why, in this paper, we define a state-based approach using connection/disconnection information reported by network devices to improve adaptability. Moreover, we propose a mobility-aware and load-aware flow rules management to improve accuracy. Finally, we specify a new flow rules’ pre-deployment policy based on flow tables occupancy rate, vehicles mobility and SDN control channel load. The evaluations carried out confirm the benefits of the approach, compared to existing solutions, both in terms of recovery delay, control overhead, hard timeout calculation and flow table occupancy.

44. [Untitled]

Subjects

General Computer Science, Computer science, business.industry, Distributed computing, General Engineering, Evolutionary algorithm, 020302 automobile design & engineering, 020206 networking & telecommunications, 02 engineering and technology, Load balancing (computing), Networking hardware, Network planning and design, 0203 mechanical engineering, Betweenness centrality, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Destination-Sequenced Distance Vector routing, business, Computer network

Abstract

The widespread use of mobile networking devices, such as smart phones and tablets, has substantially increased the number of nodes in the operational networks. These devices often suffer from the lack of power and bandwidth. Hence, we have to optimize their message routing for the sake of maximizing their capabilities. However, the optimal routing typically relies on a delicate balance of diverse and often conflicting objectives, such as the route's delay and power consumption. The network design also has to consider the nodes' user-centric social behavior. Hence, the employment of socially aware load balancing becomes imperative for avoiding the potential formation of bottlenecks in the network's packet-flow. In this paper, we propose a novel algorithm, referred to as the multi-objective decomposition quantum optimization (MODQO) algorithm, which exploits the quantum parallelism to its full potential by reducing the database correlations for performing multi-objective routing optimization, while at the same time balancing the teletraffic load among the nodes without imposing a substantial degradation on the network's delay and power consumption. Furthermore, we introduce a novel socially aware load balancing metric, namely, the normalized entropy of the normalized composite betweenness of the associated socially aware network, for striking a better tradeoff between the network's delay and power consumption. We analytically prove that the MODQO algorithm achieves the full-search based accuracy at a significantly reduced complexity, which is several orders of magnitude lower than that of the full search. Finally, we compare the MODQO algorithm to the classic non-dominated sort genetic algorithm II evolutionary algorithm and demonstrate that the MODQO succeeds in halving the network's average delay, while simultaneously reducing the network's average power consumption by 6 dB without increasing the computational complexity.

45. [Untitled]

Subjects

021103 operations research, General Computer Science, Wireless network, business.industry, Computer science, 0211 other engineering and technologies, General Engineering, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Energy consumption, Communications system, 7. Clean energy, Networking hardware, Renewable energy, Smart grid, 13. Climate action, 11. Sustainability, 0202 electrical engineering, electronic engineering, information engineering, Cellular network, General Materials Science, business, Telecommunications, 5G, Efficient energy use

Abstract

The heated 5G network deployment race has already begun with the rapid progress in standardization efforts, backed by the current market availability of 5G-enabled network equipment, ongoing 5G spectrum auctions, early launching of non-standalone 5G network services in a few countries, among others. In this paper, we study current and future wireless networks from the viewpoint of energy efficiency (EE) and sustainability to meet the planned network and service evolution toward, along, and beyond 5G, as also inspired by the findings of the EU Celtic-Plus SooGREEN Project. We highlight the opportunities seized by the project efforts to enable and enrich this green nature of the network as compared to existing technologies. In specific, we present innovative means proposed in SooGREEN to monitor and evaluate EE in 5G networks and beyond. Further solutions are presented to reduce energy consumption and carbon footprint in the different network segments. The latter spans proposed virtualized/cloud architectures, efficient polar coding for fronthauling, mobile network powering via renewable energy and smart grid integration, passive cooling, smart sleeping modes in indoor systems, among others. Finally, we shed light on the open opportunities yet to be investigated and leveraged in future developments.

46. [Untitled]

Subjects

General Computer Science, business.industry, Network packet, Computer science, Mobile broadband, Testbed, General Engineering, 020302 automobile design & engineering, 020206 networking & telecommunications, Throughput, 02 engineering and technology, Energy consumption, Networking hardware, 0203 mechanical engineering, Linear network coding, 0202 electrical engineering, electronic engineering, information engineering, Cellular network, General Materials Science, business, 5G, Computer network, Efficient energy use

Abstract

The continuous increase of mobile data traffic calls for the design of energy-efficient content distribution mechanisms, to be incorporated in the fifth generation of mobile networks, 5G. One of the biggest concerns of the companies and the research community is to reduce the energy consumption in both the user equipments (UEs) and the network equipment. In this article, we present a novel content distribution framework called Network-Coded Cooperative (NCC) Networks, which benefits from the interplay between mobile clouds (MC) and Random Linear Network Coding (RLNC) to reduce the overall energy consumption in the devices that take part in the communication. This novel framework leads to reduced energy consumption by offloading the cellular interface to a link with greater energy efficiency, for instance, WiFi, within the mobile small cell. We evaluate the performance of our framework analytically and in practical implementation (i.e., testbed) in terms of throughput, energy savings, packet decoding ratio, latency, and synchronicity. In comparison to the conventional content distribution system, for the case of four users, the analytical model and the testbed implementation show energy savings of more than 12% and 8%, respectively. Furthermore, network usage is reduced, losses are neutralized, and the content is synchronously distributed to all users.