Search

Your search keyword '"Fernando M. V. Ramos"' showing total 33 results
Start Over Author "Fernando M. V. Ramos" Language undetermined
33 results on '"Fernando M. V. Ramos"'

2. Near-Optimal Probing Planning for In-Band Network Telemetry

Author

Ariel Góes De Castro, Fernando M. V. Ramos, Arthur Francisco Lorenzon, Marcelo Caggiani Luizelli, Roberto Iraja Tavares da Costa Filho, Christian Esteve Rothenberg, and Fábio Diniz Rossi

Subjects
Computer science, Heuristic (computer science), Network packet, Real-time computing, 020206 networking & telecommunications, 02 engineering and technology, Network monitoring, Computer Science Applications, Data modeling, Modeling and Simulation, Factor (programming language), Telemetry, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Routing (electronic design automation), computer, computer.programming_language
Abstract

In-band Network Telemetry (INT) is gaining traction as an advanced network monitoring approach. Despite a few recent initiatives to orchestrate the collection of in-band network statistics, state-of-the-art approaches fall short when it comes to efficiently collect telemetry items while subjected to real-world constraints. In this letter, we propose Probe Planning for In-Band Network Telemetry (P2INT) to coordinate how probing packets are generated and routed to ensure that all links are covered so that the required in-band network telemetry data is collected. We theoretically formalize the problem as a Integer Linear Programming model and propose an efficient mathematical programming-based heuristic to solve it. Our results show that P2INT outperforms the closest contender by a factor of up to 6x concerning the number of probing cycles generated.

Published
2021
Full Text
View/download PDF

4. Towards generic traffic change detection in the data plane

Author

Salvatore Signorello, Fernando M. V. Ramos, and Gonçalo Matos

Subjects
Computer science, Microburst, Computation, Detector, Real-time computing, Forwarding plane, Intrusion detection system, Software-defined networking, Sketch, Change detection
Abstract

Identifying traffic changes accurately sits at the core of many network tasks, from congestion analysis to intrusion detection. Modern telemetry systems perform traffic change detection but restrict their detection to heavy-hitters, failing to identify relevant traffic changes, including microbursts or low-volume attacks. We present k-meleon, an in-switch online change detection system that identifies heavy-changes - instead of changes amongst heavy-hitters only, a subtle but crucial difference. k-meleon is a variant of the k-ary sketch (a well-known heavy-change detector) that leverages programmable switches for detection. To overcome the batch-based design of the original k-ary, k-meleon features a new stream-based design that matches the switch's pipelined computation model and fits its tight constraints. The preliminary evaluation of the current prototype shows the potential of k-meleon in achieving the same level of accuracy for online detection as the offline k-ary.

Published
2021
Full Text
View/download PDF

5. Secure Multi-Cloud Network Virtualization

Author

Eric Vial, Fernando M. V. Ramos, Max Alaluna, and Nuno Neves

Subjects
Computer Networks and Communications, business.industry, Computer science, Network virtualization, 020206 networking & telecommunications, Context (language use), Cloud computing, 02 engineering and technology, Network topology, Container (abstract data type), Scalability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Data center, business, Virtual network, Computer network
Abstract

Existing network virtualization systems share a few characteristics, namely they target one data center of a single operator and only offer traditional networking services. As such, their support for critical applications that need to be deployed across multiple trust domains, while enforcing diverse security requirements, is limited. This paper enhances the state-of-the-art by presenting a multi-cloud network virtualization system, allowing the provision of virtual networks of containers. Our solution enables a provider to enrich its network substrate with public and private cloud-based resources, increasing flexibility and the range of supplied services. One challenging aspect that we tackle is the embedding of virtual network requests to the substrate infrastructure, as existing work is unfit to a modern data center context, scales poorly or does not consider the security of virtual resources. We propose a scalable heuristic that considers security as a first-class citizen and is specifically tailored to a hybrid multi-cloud domain. We evaluate our algorithm with large-scale simulations that consider realistic network topologies and our prototype in a substrate composed of one private data center and two public clouds. The system scales well for networks of thousands of switches employing diverse topologies and improves on the virtual network acceptance ratio, provider revenue, and embedding delays. Our results show that the acceptance ratios are less than 1% from the optimal and that the system can provision a 10 thousand container virtual network in approximately 2 minutes.

Published
2019
Full Text
View/download PDF

8. Poster: Speeding Up Network Intrusion Detection

Author

Fernando M. V. Ramos, Miguel Correia, Joao Romeiras Amado, and Salvatore Signorello

Subjects
Ask price, Computer science, Network data, Forwarding plane, Unsupervised learning, Data mining, Network monitoring, Network intrusion detection, computer.software_genre, computer, Classifier (UML), Sketch
Abstract

Modern network data planes have enabled new measurement approaches, including efficient sketch-based techniques with provable trade-offs between memory and accuracy, directly in the data plane, at line rate. We thus ask the question: can one leverage this richer measurement plane to improve network intrusion detection? Our answer is SPID, a push-based, feature-rich network monitoring approach to assist learning-based attack detection. SPID switches run a diverse set of measurement primitives and proactively push measurements to the monitoring system when relevant changes occur. Network measurements are then fed as input features to a classifier based on unsupervised learning to detect ongoing attacks, as they occur. In consequence, SPID aims to reduce attack detection time, when comparing to existing solutions present in large scale networks.

Published
2020
Full Text
View/download PDF

9. Elastic Network Virtualization

Author

Fernando M. V. Ramos, Nuno Neves, and Max Alaluna

Subjects
Computer science, business.industry, Distributed computing, Control reconfiguration, Network virtualization, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Virtualization, computer.software_genre, Network topology, Elasticity (cloud computing), 020204 information systems, Scalability, 0202 electrical engineering, electronic engineering, information engineering, business, Virtual network, computer
Abstract

Network virtualization allows multiple tenant networks to coexist on a shared infrastructure. Core to its realization is the embedding of virtual networks onto the underlying substrate. Existing approaches are not suitable for cloud environments as they lack a fundamental requirement: elasticity. To address this issue we explore the capacity of flexibly changing the topology of a virtual network by proposing an embedding solution that adds elasticity to the tenant’s virtual infrastructures. For this purpose, we introduce four primitives to tenants’ virtual networks – including scale in and scale out – and propose new algorithms to materialize them. The main challenge is to enable these new services while maximizing resource efficiency and without impacting service quality. Instead of further improving existing online embedding algorithms – always limited by the inability to predict future demand – we follow a different approach. Specifically, we leverage network migration for our embedding procedures and to introduce a new reconfiguration primitive for the infrastructure provider. As migration introduces network churn, our solution uses this technique judiciously, to limit the impact to running services. Our solution improves on network efficiency over the state-of-the-art, while reducing the migration footprint by at least one order of magnitude.

Published
2020
Full Text
View/download PDF

10. ANCHOR

Author

Fernando M. V. Ramos, Jiangshan Yu, Diego Kreutz, and Paulo Esteves-Verissimo

Subjects
Pace of innovation, OpenFlow, General Computer Science, Computer science, Interoperability, 020206 networking & telecommunications, 02 engineering and technology, Gas meter prover, Computer security, computer.software_genre, Forward secrecy, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Dependability, Safety, Risk, Reliability and Quality, Software-defined networking, Enforcement, computer
Abstract

Software-defined networking (SDN) decouples the control and data planes of traditional networks, logically centralizing the functional properties of the network in the SDN controller. While this centralization brought advantages such as a faster pace of innovation, it also disrupted some of the natural defenses of traditional architectures against different threats. The literature on SDN has mostly been concerned with the functional side, despite some specific works concerning non-functional properties such as security or dependability. Though addressing the latter in an ad-hoc, piecemeal way may work, it will most likely lead to efficiency and effectiveness problems. We claim that the enforcement of non-functional properties as a pillar of SDN robustness calls for a systemic approach. We further advocate, for its materialization, the reiteration of the successful formula behind SDN: ‘logical centralization’. As a general concept, we propose anchor , a subsystem architecture that promotes the logical centralization of non-functional properties. To show the effectiveness of the concept, we focus on security in this article: we identify the current security gaps in SDNs and we populate the architecture middleware with the appropriate security mechanisms in a global and consistent manner. Essential security mechanisms provided by anchor include reliable entropy and resilient pseudo-random generators, and protocols for secure registration and association of SDN devices. We claim and justify in the article that centralizing such mechanisms is key for their effectiveness by allowing us to define and enforce global policies for those properties; reduce the complexity of controllers and forwarding devices; ensure higher levels of robustness for critical services; foster interoperability of the non-functional property enforcement mechanisms; and promote the security and resilience of the architecture itself. We discuss design and implementation aspects, and we prove and evaluate our algorithms and mechanisms, including the formalisation of the main protocols and the verification of their core security properties using the T amarin prover.

Published
2019
Full Text
View/download PDF

11. On the Design of Resilient Multicloud MapReduce

Author

Fernando M. V. Ramos, Miguel Correia, and Pedro Costa

Subjects
Computer Networks and Communications, Computer science, business.industry, Distributed computing, Data_MISCELLANEOUS, Big data, 020206 networking & telecommunications, Context (language use), Fault tolerance, Cloud computing, 02 engineering and technology, Multi-cloud, Computer Science Applications, Fault-tolerance, Hadoop, Software deployment, 020204 information systems, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Computer Science (miscellaneous), Systems design, MapReduce, Resilience (network), business, Software
Abstract

MapReduce is a popular distributed data-processing system for analyzing big data in cloud environments. This platform is often used for critical data processing, e.g., in the context of scientific or financial simulation. Unfortunately, there is accumulating evidence of severe problems - including arbitrary faults and cloud outages - affecting the services that run atop cloud services. Faced with this challenge, we have recently explored multicloud solutions to increase the resilience and availability of MapReduce. Based on this experience, we present system design guidelines that allow to scale out MapReduce computation to multiple clouds in order to tolerate arbitrary and malicious faults, as well as cloud outages. Crucially, the techniques we introduce have reasonable cost and do not require changes to MapReduce or to the users’ code, enabling immediate deployment.

Published
2017
Full Text
View/download PDF

12. Network Defragmentation in Virtualized Data Centers

Author

Oliver Michel, Eric Keller, and Fernando M. V. Ramos

Subjects
Network architecture, Computer science, business.industry, Distributed computing, Network virtualization, Cloud computing, Virtualization, computer.software_genre, Network topology, Server, Network performance, Defragmentation, business, computer
Abstract

Network virtualization is an extensively used approach to allow multiple tenants with different network architectures and services to coexist on a shared data center infrastructure. Core to its realization is the mapping (or embedding) of virtual networks onto the underlying substrate infrastructure. Existing approaches are not suitable for cloud environments as they lack its most fundamental requirement: elasticity. To address this issue, we introduce two new network primitives –expand and contract– which allow virtual networks to scale up and down. Mapping and scaling virtual networks over time, however, introduces fragmentation in the substrate network. This is akin to fragmentation in a file system where files are not laid out in contiguous physical blocks of the storage device. This problem impacts network performance and reliability for tenants and their applications. Instead of further improving embedding algorithms to tackle this problem, in this work, we present a yet unexplored approach: leveraging network migration techniques to defragment the network. We introduce network defragmentation as a new management primitive and propose algorithms to materialize it. We show through extensive simulations that our techniques significantly improve network performance while maintaining high utilization of the infrastructure, thus increasing provider revenue. On average, using defragmentation leads to 20% reduction in path length and utilization and cuts the number of very long paths (longer than half of the network diameter) between 52% and 62%. Moreover, it doubles the number of servers utilized by 50% or less as a result of consolidation.

Published
2019
Full Text
View/download PDF

13. Named Data Networking with Programmable Switches

Author

Fernando M. V. Ramos, Salvatore Signorello, and Rui Miguel

Subjects
Router, business.industry, Computer science, Packet processing, 020206 networking & telecommunications, State of affairs, 02 engineering and technology, Networking hardware, Software, Scalability, 0202 electrical engineering, electronic engineering, information engineering, The Internet, Architecture, business, Computer network
Abstract

The Internet today is mainly used for distributing content, in a fundamental departure from its original goal of enabling communication between endpoints. As a response to this change, Named Data Networking (NDN) is a new architecture rooted on the concept of naming data, in contrast to the original paradigm based on naming hosts. This radical architectural shift results in packet processing in NDN to differ substantially from IP. As a consequence, current network equipment cannot be seamlessly extended to offer NDN data-plane functions. To address this challenge, available NDN router solutions are usually software-based, and even the highly-optimised designs tailored to specific hardware platforms present limited performance, hindering adoption. In addition, these tailor-made solutions are hardly reusable in research and production networks. The emergence of programmable switching chips and of languages to program them, like P4, brings hope for the state of affairs to change. In this paper, we present the design of an NDN router written in P4. We improve over the state-of-the-art solution by extending the NDN functionality, and by addressing its scalability limitations. A preliminary evaluation of our open-source solution running on a software target demonstrates its feasibility.

Published
2018
Full Text
View/download PDF

14. Secure network monitoring using programmable data planes

Author

Fabio Henrique Pereira, Nuno Neves, and Fernando M. V. Ramos

Subjects
business.industry, Computer science, NetFlow, Process (computing), Forwarding plane, sort, Cloud computing, Network monitoring, Routing (electronic design automation), business, Sketch, Computer network
Abstract

The accuracy provided by traditional sampling-based monitoring approaches, such as NetFlow, is increasingly being considered insufficient to meet the requirements of today's networks. By summarizing all traffic for specific statistics of interest, sketch-based alternatives have been shown to achieve higher levels of accuracy for the same cost. Existing switches, however, lack the necessary capability to perform the sort of processing required by this approach. The emergence of programmable switches and the processing they enable in the data plane has recently led sketch-based solutions to be made possible in switching hardware. One limitation of existing solutions is that they lack security. At the scale of the datacenter networks that power cloud computing, this limitation becomes a serious concern. For instance, there is evidence of security incidents perpetrated by malicious insiders inside cloud infrastructures. By compromising the monitoring algorithm, such an attacker can render the monitoring process useless, leading to undesirable actions (such as routing sensitive traffic to disallowed locations). In this paper we propose, for the first time, a secure sketch-based monitoring solution that can run in programmable switches. Our algorithm — a secure version of the well-known count-min sketch — was implemented in P4, a programming language for switches. The evaluation of our solution demonstrates the performance penalty introduced by security to be negligible.

Published
2017
Full Text
View/download PDF

15. Chrysaor: Fine-Grained, Fault-Tolerant Cloud-of-Clouds MapReduce

Author

Fernando M. V. Ramos, Miguel Correia, and Pedro Costa

Subjects
Scheme (programming language), Correctness, Source code, business.industry, Computer science, media_common.quotation_subject, Distributed computing, Fault tolerance, Cloud computing, Context (language use), 02 engineering and technology, Parallel computing, Replication (computing), 020204 information systems, Scalability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, media_common, computer.programming_language
Abstract

MapReduce is a framework for processing large data sets much used in the context of cloud computing. MapReduce implementations like Hadoop can tolerate crashes and file corruptions, but not arbitrary faults. Unfortunately, there is evidence that arbitrary faults do occur and can affect the correctness of MapReduce job executions. Furthermore, many outages of major cloud offerings have been reported, raising concerns about the dependence on a single cloud. In this paper we propose a novel execution system that allows to scale out MapReduce computations to a cloud-of-clouds and tolerate arbitrary faults, malicious faults, and cloud outages. Our system, Chrysaor, is based on a fine-grained replication scheme that tolerates faults at the task level. Our solution has three important properties: it tolerates the above-mentioned classes of faults at reasonable cost; it requires minimal modifications to the users’ applications; and it does not involve changes to the Hadoop source code.We performed an extensive evaluation of our system in Amazon EC2, showing that our fine-grained solution is efficient in terms of computation by recovering only faulty tasks. This is achieved without incurring a significant penalty for the baseline case (i.e., without faults) in most workloads.

Published
2017
Full Text
View/download PDF

16. Secure and Dependable Multi-Cloud Network Virtualization

Author

Eric Vial, Nuno Neves, Fernando M. V. Ramos, and Max Alaluna

Subjects
Network virtualization platform, Network topology, Cloud computing security, business.industry, Computer science, cloud computing, Network virtualization, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Virtualization, computer.software_genre, Computer security, network hypervisor, First class, virtualisation, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Dependability, business, computer, Computer network
Abstract

Existing multi-tenant network virtualization platforms have so far focused on the offer of conventional Networking services by a single cloud provider. As such, they face limitations in terms of security and dependability, both in terms of the infrastructure itself and of the services offered to its customers. To address these challenges we present the design and implementation of Sirius, a network virtualization platform for multi-cloud environments. Contrary to existing solutions, Sirius considers not only connectivity and performance, but also security and dependability as first class citizens, leveraging from a substrate infrastructure composed of both public clouds and private data centers.

Published
2017
Full Text
View/download PDF

17. Mitigating IPTV zapping delay

Author

Fernando M. V. Ramos

Subjects
Computer Networks and Communications, business.industry, Computer science, Synchronization (computer science), Real-time computing, IPTV, Electrical and Electronic Engineering, business, Media Delivery Index, Computer Science Applications, Computer network, Communication channel
Abstract

Zapping delay, the latency experienced by users when switching between TV channels, is one of the most severe problems affecting IPTV deployment. Synchronization and buffering of video streams can cause channel change delays of several seconds. In this article we analyze the root causes of the problem and survey some of the most relevant techniques proposed to mitigate it.

Published
2013
Full Text
View/download PDF

18. Towards decentralised resilient community clouds

Author

Fernando M. V. Ramos, Roger Baig, Leandro Navarro, Adisorn Lertsinsrubtavee, Felix Freitag, Arjuna Sathiaseelan, Carlos Molina, and Mennan Selimi

Subjects
Process management, business.industry, Computer science, Reliability (computer networking), Environmental resource management, 020206 networking & telecommunications, Fault tolerance, Cloud computing, 02 engineering and technology, Virtualization, computer.software_genre, Decentralization, 0202 electrical engineering, electronic engineering, information engineering, Community cloud, Position paper, 020201 artificial intelligence & image processing, Software-defined networking, business, computer
Abstract

Recent years have seen a trend towards decentralisation - from initiatives on decentralized web to decentralized network infrastructures. In this position paper, we present an architectural vision for decentralising cloud service infrastructures. Our vision is on community cloud infrastructures on top of decentralised access infrastructures i.e. community networks, using resources pooled from the community. Our architectural vision considers some fundamental challenges of integrating the current state of the art virtualisation technologies such as Software Defined Networking (SDN) into community infrastructures which are highly unreliable. Our proposed design goal is to include lightweight network and processing virtualization with fault tolerance mechanisms to ensure sufficient level of reliability to support local services.

Published
2017
Full Text
View/download PDF

19. Secure Multi-Cloud Virtual Network Embedding

Author

José Rui Figueira, Luís Ferrolho, Max Alaluna, Fernando M. V. Ramos, and Nuno Neves

Subjects
Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Computer Networks and Communications, business.industry, Computer science, Network virtualization, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Encryption, Network topology, Computer Science - Networking and Internet Architecture, 0202 electrical engineering, electronic engineering, information engineering, Redundancy (engineering), Resource allocation, 020201 artificial intelligence & image processing, Data center, business, Virtual network, Computer network
Abstract

Modern network virtualization platforms enable users to specify custom topologies and arbitrary addressing schemes for their virtual networks. These platforms have, however, been targeting the data center of a single provider, which is insufficient to support (critical) applications that need to be deployed across multiple trust domains, while enforcing diverse security requirements. This paper addresses this limitation by presenting a novel solution for the central resource allocation problem of network virtualization -- the virtual network embedding, which aims to find efficient mappings of virtual network requests onto the substrate network. We improve over the state-of-the-art by considering security as a first-class citizen of virtual networks, while enhancing the substrate infrastructure with resources from multiple cloud providers. Our solution enables the definition of flexible policies in three core elements: on the virtual links, where alternative security compromises can be explored (e.g., encryption); on the virtual switches, supporting various degrees of protection and redundancy if necessary; and on the substrate infrastructure, extending it across multiple clouds, including public and private facilities, with their inherently diverse trust levels associated. We propose an optimal solution to this problem formulated as a Mixed Integer Linear Program (MILP). The results of our evaluation give insight into the trade-offs associated with the inclusion of security demands into network virtualization. In particular, they provide evidence that enhancing the user's virtual networks with security does not preclude high acceptance rates and an efficient use of resources, and allows providers to increase their revenues., Comment: 1. Paper title changed to be more suitable; 2. Rewrite Introduction (section 1), Secure Virtual Network Embedding Problem (section 3) and MILP Formulation (Section 5) to make it clearer; 3. Figure 3 inserted to help in explanation on the main and backup VNE mappings; 4. Added references on Related Work (Section 7)

Published
2017
Full Text
View/download PDF

20. Design and Implementation of a Consistent Data Store for a Distributed SDN Control Plane

Author

Fernando M. V. Ramos, Alysson Bessani, Tulio A. Ribeiro, Paulo Ferreira, and Fabio Botelho

Subjects
Distributed database, Computer science, business.industry, Distributed computing, Strong consistency, 020206 networking & telecommunications, 02 engineering and technology, Storage model, Paxos, 020204 information systems, Scalability, Distributed data store, 0202 electrical engineering, electronic engineering, information engineering, Programming paradigm, Software-defined networking, business, Computer network
Abstract

Scalable and fault-tolerant distributed Software-Defined Networking (SDN) controllers usually give up strong consistency for the network state, adopting instead the more efficient eventually consistent storage model. This decision is mostly due to the performance overhead of the strongly consistent replication protocols (e.g., Paxos, RAFT), which limits the responsiveness and scalability of network applications. Unfortunately, this lack of consistency leads to a complex programming model for network applications and can lead to network anomalies. In this paper we show how the lack of control plane consistency can lead to network problems and propose a distributed SDN control plane architecture to address this issue. Our modular architecture is supported by a fault-tolerant data store that provides the strong consistency properties necessary for transparent distribution of the control plane. In order to deal with the fundamental concern of such design, we apply a number of techniques tailored to SDN for optimizing the data store performance. To evaluate the impact of these techniques we analyze the workloads generated by three real SDN applications as they interact with the data store. Our results show a two-to four-fold improvement in latency and throughput, respectively, when compared with a non-optimized design.

Published
2016
Full Text
View/download PDF

21. Medusa: An Efficient Cloud Fault-Tolerant MapReduce

Author

Fernando M. V. Ramos, Pedro Costa, Xiao Bai, and Miguel Correia

Subjects
FOS: Computer and information sciences, 021110 strategic, defence & security studies, Distributed database, business.industry, Computer science, Distributed computing, Testbed, 0211 other engineering and technologies, Cloud computing, Fault tolerance, 02 engineering and technology, computer.software_genre, Software framework, Computer Science - Distributed, Parallel, and Cluster Computing, 020204 information systems, Server, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Distributed, Parallel, and Cluster Computing (cs.DC), Resilience (network), business, computer
Abstract

Applications such as web search and social networking have been moving from centralized to decentralized cloud architectures to improve their scalability. MapReduce, a programming framework for processing large amounts of data using thousands of machines in a single cloud, also needs to be scaled out to multiple clouds to adapt to this evolution. The challenge of building a multi-cloud distributed architecture is substantial. Notwithstanding, the ability to deal with the new types of faults introduced by such setting, such as the outage of a whole datacenter or an arbitrary fault caused by a malicious cloud insider, increases the endeavor considerably. In this paper we propose Medusa, a platform that allows MapReduce computations to scale out to multiple clouds and tolerate several types of faults. Our solution fulfills four objectives. First, it is transparent to the user, who writes her typical MapReduce application without modification. Second, it does not require any modification to the widely used Hadoop framework. Third, the proposed system goes well beyond the fault-tolerance offered by MapReduce to tolerate arbitrary faults, cloud outages, and even malicious faults caused by corrupt cloud insiders. Fourth, it achieves this increased level of fault tolerance at reasonable cost. We performed an extensive experimental evaluation in the ExoGENI testbed, demonstrating that our solution significantly reduces execution time when compared to traditional methods that achieve the same level of resilience.

Published
2016
Full Text
View/download PDF

22. Blending photons with electrons to reduce the energy footprint of IPTV networks

Author

Ian H. White, Jon Crowcroft, and Fernando M. V. Ramos

Subjects
Engineering, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Real-time computing, Bandwidth (computing), IPTV, Energy consumption, Routing (electronic design automation), Optical burst switching, business, Optical switch, Energy (signal processing), Efficient energy use
Abstract

The rapid growth of IPTV services and the resulting increase in traffic volumes is raising concerns over energy consumption. In this paper we propose to save energy by shifting particular IPTV traffic from power-hungry electronic routing to greener optical switching. The traffic profile of IPTV results in such a hybrid switching approach to allow both energy and bandwidth efficiencies. To achieve this goal we designed a novel protocol that allows the use of optical bypass in IPTV networks. By means of a trace-driven analysis of a large dataset we demonstrate the energy efficiencies obtained to be substantial, reaching power savings of over 40% under normal load conditions. This result represents a four-fold increase in energy efficiency when compared with recent proposals.

Published
2016
Full Text
View/download PDF

23. Reducing channel change delay in IPTV by predictive pre-joining of TV channels

Author

Fernando M. V. Ramos, Ian H. White, Richard J. Gibbens, Jon Crowcroft, and Pablo Rodriguez

Subjects
SIMPLE (military communications protocol), Multicast, business.industry, Event (computing), Computer science, Bandwidth (signal processing), Real-time computing, Latency (audio), Joins, IPTV, Signal Processing, Computer Vision and Pattern Recognition, Electrical and Electronic Engineering, business, Software, Computer network, Communication channel
Abstract

One of the major concerns of IPTV network deployment is channel change delay (also known as zapping delay). This delay can add up to 2 s or more, and its main culprits are synchronisation and buffering of the media streams. Proving the importance of the problem is the already significant amount of literature addressing it. We start this paper with a survey of techniques proposed to reduce IPTV channel change delay. Then, by analysing an extensive dataset from an operational IPTV provider – comprising 255 thousand users, 150 TV channels, and covering a 6-month period – we have observed that most channel switching events are relatively predictable: users very frequently switch linearly, up or down to the next TV channel. This fact motivated us to use this dataset to analyse in detail a specific type of solutions to this problem, namely, predictive pre-joining of TV channels. In these schemes each set top box (STB) simultaneously joins additional multicast groups (TV channels) along with the one that is requested by the user. If the user switches to any of these channels the switching latency is virtually eliminated, not affecting therefore user's experience. We start by evaluating a simple scheme, where the neighbouring channels (i.e., channels adjacent to the requested one) are pre-joined by the STB during zapping periods. Notwithstanding the simplicity of this scheme, trace-driven simulations show that the zapping delay can be virtually eliminated for a significant percentage of channel switching requests. For example, when sending the previous and the next channel concurrently with the requested one, for only 1 min after a zapping event, switching delay is eliminated for close to half of all channel switching requests. Importantly, this result is achieved with a negligible increase of bandwidth utilisation in the access link. Other more complex schemes where user behaviour is tracked were also evaluated, but the improvement over the simple scheme was insignificant.

Published
2011
Full Text
View/download PDF

24. Software-Defined Networking: A Comprehensive Survey

Author

Fernando M. V. Ramos, Diego Kreutz, Siamak Azodolmolky, Christian Esteve Rothenberg, Steve Uhlig, and Paulo Veríssimo

Subjects
FOS: Computer and information sciences, OpenFlow, Software defined networks, Computer science, Network virtualization, Cloud computing, computer.software_genre, IP networks, network hypervisor, software-defined environments, dependability, Computer Science - Networking and Internet Architecture, programming languages, Electrical and Electronic Engineering, Computer science [C05] [Engineering, computing & technology], Networking and Internet Architecture (cs.NI), Control systems, network virtualization, Carrier-grade networks, business.industry, Separation of concerns, flow-based networking, network operating systems (NOSs), Sciences informatiques [C05] [Ingénierie, informatique & technologie], Virtualization, Telecommunications network, Communication networks, Network management, programmable networks, business, Software-defined networking, computer, Computer network
Abstract

Software-Defined Networking (SDN) is an emerging paradigm that promises to change this state of affairs, by breaking vertical integration, separating the network's control logic from the underlying routers and switches, promoting (logical) centralization of network control, and introducing the ability to program the network. The separation of concerns introduced between the definition of network policies, their implementation in switching hardware, and the forwarding of traffic, is key to the desired flexibility: by breaking the network control problem into tractable pieces, SDN makes it easier to create and introduce new abstractions in networking, simplifying network management and facilitating network evolution. In this paper we present a comprehensive survey on SDN. We start by introducing the motivation for SDN, explain its main concepts and how it differs from traditional networking, its roots, and the standardization activities regarding this novel paradigm. Next, we present the key building blocks of an SDN infrastructure using a bottom-up, layered approach. We provide an in-depth analysis of the hardware infrastructure, southbound and northbound APIs, network virtualization layers, network operating systems (SDN controllers), network programming languages, and network applications. We also look at cross-layer problems such as debugging and troubleshooting. In an effort to anticipate the future evolution of this new paradigm, we discuss the main ongoing research efforts and challenges of SDN. In particular, we address the design of switches and control platforms -- with a focus on aspects such as resiliency, scalability, performance, security and dependability -- as well as new opportunities for carrier transport networks and cloud providers. Last but not least, we analyze the position of SDN as a key enabler of a software-defined environment., Comment: Version 2.01: 61 pages, 11 figures, 17 tables, 579 references

Published
2014
Full Text
View/download PDF

25. On the Feasibility of a Consistent and Fault-Tolerant Data Store for SDNs

Author

Fernando M. V. Ramos, Fabio Botelho, Alysson Bessani, and Diego Kreutz

Subjects
Distributed database, State machine replication, Computer science, Control theory, Distributed computing, Distributed data store, Fault tolerance, Software-defined networking, Central element, Replication (computing)
Abstract

Maintaining a strongly consistent network view in a Software Defined Network has been usually proclaimed as a synonym of low performance. We disagree. To support our view, in this paper we argue that with the use of modern distributed systems techniques it is possible to build a strongly consistent, fault-tolerant SDN control framework that achieves acceptable performance. The central element of our architecture is a highly-available, strongly consistent data store. We describe a prototype implementation of a distributed controller architecture integrating the Floodlight controller with a data store implemented using a state-of-the-art replication algorithm. We evaluate the feasibility of the proposed design by analyzing the workloads of real SDN applications (a learning switch, a load balancer and a device manager) and showing that the data store is capable of handling them with adequate performance.

Published
2013
Full Text
View/download PDF

26. Towards secure and dependable software-defined networks

Author

Paulo Veríssimo, Diego Kreutz, and Fernando M. V. Ramos

Subjects
Flexibility (engineering), Exploit, Computer science, business.industry, media_common.quotation_subject, Vulnerability, Access control, Computer security, computer.software_genre, Network management, Software, Debugging, Dependability, business, Software-defined networking, computer, media_common
Abstract

Software-defined networking empowers network operators with more flexibility to program their networks. With SDN, network management moves from codifying functionality in terms of low-level device configurations to building software that facilitates network management and debugging. By separating the complexity of state distribution from network specification, SDN provides new ways to solve long-standing problems in networking --- routing, for instance --- while simultaneously allowing the use of security and dependability techniques, such as access control or multi-path.However, the security and dependability of the SDN itself is still an open issue. In this position paper we argue for the need to build secure and dependable SDNs by design. As a first step in this direction we describe several threat vectors that may enable the exploit of SDN vulnerabilities. We then sketch the design of a secure and dependable SDN control platform as a materialization of the concept here advocated. We hope that this paper will trigger discussions in the SDN community around these issues and serve as a catalyser to join efforts from the networking and security & dependability communities in the ultimate goal of building resilient control planes.

Published
2013
Full Text
View/download PDF

27. On the Feasibility of Byzantine Fault-Tolerant MapReduce in Clouds-of-Clouds

Author

Miguel Correia, Fernando M. V. Ramos, Pedro Costa, Alysson Bessani, Paulo Veríssimo, and Marcelo Pasin

Subjects
Correctness, business.industry, Group method of data handling, Computer science, Computation, Distributed computing, Data_MISCELLANEOUS, Cloud computing, Parallel computing, Set (abstract data type), Data-intensive computing, The Internet, business, Byzantine fault tolerance
Abstract

MapReduce is a framework for processing large data sets largely used in cloud computing. MapReduce implementations like Hadoop can tolerate crashes and file corruptions, but there is evidence that general arbitrary faults do occur and can affect the correctness of job executions. Furthermore, many individual cloud outages have been reported, raising concerns about depending on a single cloud. We present a MapReduce runtime that tolerates arbitrary faults and runs in a set of clouds at a reasonable cost in terms of computation and execution time. The main challenge is to avoid sending through the internet the huge amount of data that would normally be exchanged between map and reduce tasks.

Published
2012
Full Text
View/download PDF

28. Efficient channel selection using hierarchical clustering

Author

Hyoungshick Kim, Fernando M. V. Ramos, and Jon Crowcroft

Subjects
Data stream clustering, Computational complexity theory, Computer science, Heuristic (computer science), Correlation clustering, Canopy clustering algorithm, Constrained clustering, Data mining, computer.software_genre, computer, Hierarchical clustering, Communication channel
Abstract

Increases in the number of TV channels requires users to spend more time to select their preferred channels since the user interaction for browsing is practically limited to the conventional remote control with a two-way scrolling button. We formally define the problem to construct the optimal channel ordering which minimizes the seek distance in selecting channels and show this problem is NP-hard. In addition, we present a reasonable heuristic to solve this problem. The proposed method constructs an efficient channel ordering by applying a hierarchical clustering algorithm based on the frequencies of switching events between channels. We demonstrate the feasibility of this method by applying a number of well-known hierarchical clustering algorithms and evaluating the number of user inputs required for selecting channels. Our experimental results show that the proposed method significantly decreases the number of user inputs compared with the conventional methods.

Published
2012
Full Text
View/download PDF

29. GREEN IPTV: a resource and energy efficient network for IPTV

Author

Fernando M. V. Ramos

Abstract

The distribution of television is currently dominated by three technologies: over-the-air broadcast, cable, and satellite. The advent of IP networks and the increased availability of broadband access created a new vehicle for the distribution of TV services. The distribution of digital TV services over IP networks, or IPTV, offers carriers flexibility and added value in the form of additional services. It causes therefore no surprise the rapid roll-out of IPTV services by operators worldwide in the past few years. IPTV distribution imposes stringent requirements on both performance and reliability. It is therefore challenging for an IPTV operator to guarantee the quality of experience expected by its users, and doing so in an efficient manner. In this dissertation I investigate some of the challenges faced by IPTV distribution network operators, and I propose novel techniques to address these challenges. First, I address one of the major concerns of IPTV network deployment: channel change delay. This is the latency experienced by users when switching between TV channels. Synchronisation and buffering of video streams can cause channel change delays of several seconds. I perform an empirical analysis of a particular solution to the channel change delay problem, namely, predictive pre-joining of TV channels. In this scheme each Set Top Box simultaneously joins additional multicast groups (TV channels) along with the one requested by the user. If the user switches to any of these channels next, switching latency is virtually eliminated, and user experience is improved. The results show that it is possible to eliminate zapping delay for a significant percentage of channel switching requests with little impact in access network bandwidth cost. Second, I propose a technique to increase the resource and energy efficiency of IPTV networks. This technique is based on a simple paradigm: avoiding waste. To reduce the inefficiencies of current static multicast distribution schemes, I propose a semi-dynamic scheme where only a selection of TV multicast groups is distributed in the network, instead of all. I perform an empirical evaluation of this method and conclude that its use results in significant bandwidth reductions without compromising service performance. I also demonstrate that these reductions may translate into significant energy savings in the future. Third, to increase energy efficiency further I propose a novel energy and resource friendly protocol for core optical IPTV networks. The idea is for popular IPTV traffic to optically bypass the network nodes, avoiding electronic processing. I evaluate this proposal empirically and conclude that the introduction of optical switching techniques results in a significant increase in the energy efficiency of IPTV networks. All the schemes I present in this dissertation are evaluated by means of trace-driven analyses using a dataset from an operational IPTV service provider. Such thorough and realistic evaluation enables the assessment of the proposed techniques with an increased level of confidence, and is therefore a strength of this dissertation.

Published
2012
Full Text
View/download PDF

30. Relative Delay Estimator for SCTP-Based Concurrent Multipath Transfer

Author

Fei Song, Jon Crowcroft, Hongke Zhang, Fernando M. V. Ramos, and Sidong Zhang

Subjects
Computer science, computer.internet_protocol, Retransmission, Real-time computing, One-way delay, Estimator, Throughput, Synchronization, Transfer (computing), Path (graph theory), Stream Control Transmission Protocol, computer, Algorithm, Multipath propagation
Abstract

By identifying the shortcomings of using RTT to evaluate the quality of different paths in a multipath scenario, we propose a Relative Delay Estimator (RDE) to compare the relative one way delay of different paths without clock synchronisation. This estimator enables the comparison and selection of the best forward and backward paths, in terms of delay. As an initial application of RDE, we design a novel retransmission policy (NcRDE). The main novelty of this policy is that, from the multiple paths available, the path chosen for retransmission is according to the value of one way delay. We also present an extension to this scheme that takes path failures into account (PF-NcRDE). Simulation results show that, when compared with recently proposed retransmission policies, NcRDE can improve throughput when the different paths have different forward and backward delays. Also, in case of path failure PF-NcRDE enhances the performance significantly over NcRDE.

Published
2010
Full Text
View/download PDF

31. Reducing energy consumption in IPTV networks by selective pre-joining of channels

Author

Jon Crowcroft, Richard J. Gibbens, Ian H. White, Fernando M. V. Ramos, Pablo Rodriguez, and Fei Song

Subjects
Service (business), Multicast, Computer science, business.industry, Quality of service, Core network, IPTV, Energy consumption, Service provider, Networking hardware, Bandwidth (computing), business, Telecommunications, Computer network
Abstract

IPTV services are the fastest growing television services in the world today. This is a bandwidth intensive service, requiring low latency and tight control of jitter. To guarantee the quality of service required, service providers opt to multicast all TV channels at all times to everywhere. However, a significant number of channels are rarely watched, so this method is provably resource- and energy-inefficient.In this paper, we argue that the expected increase in quantity and quality of TV channels will become a serious issue, both in terms of bandwidth and energy costs. To overcome this problem, we propose a dynamic scheme that pre-joins only a selection of TV channels. This scheme was evaluated by means of trace-driven simulations using a large dataset from a commercial nationwide IPTV service. The dataset comprises 255 thousand users, 150 TV channels, and covers a 6-month period.We show that by using our scheme IPTV service providers can save a considerable amount of bandwidth while affecting only a very small number of TV channel switching requests. To understand how these bandwidth savings are translated in energy savings, we developed a power consumption model for network equipment based on real measurements. The main conclusions are that while today the bandwidth savings will have reduced impact in energy consumption in the core network, with the introduction of very high definition channels this impact will become significant, justifying the use of resource-efficient distribution schemes such as the one proposed.

Published
2010
Full Text
View/download PDF

32. Relative delay estimator for multipath transport

Author

Hongke Zhang, Jon Crowcroft, Fernando M. V. Ramos, Fei Song, and Sidong Zhang

Subjects
Engineering, business.industry, Retransmission, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Real-time computing, Estimator, The Internet, Round-trip delay time, business, Multipath propagation, Computer network, Delay spread
Abstract

Due to the dynamic nature of the Internet, the characteristic parameters of network paths are continually changing. The round trip time (RTT) can be used to estimate retransmission timeouts with reasonable accuracy. However, using RTT to evaluate forward or backward delays is not suitable. By identifying this shortcoming, we propose a relative delay estimator (RDE) to make a distinction between all available paths and build a retransmission policy based on it.

Published
2009
Full Text
View/download PDF

33. Power excursion aware routing in GMPLS-based WSONs

Author

Filippo Cugini, Fernando M. V. Ramos, Alessio Giorgetti, Jon Crowcroft, Piero Castoldi, and Ian H. White

Subjects
business.industry, computer.internet_protocol, Computer science, Wavelength-division multiplexing, Excursion, Bit error rate, Multiprotocol Label Switching, Routing (electronic design automation), business, computer, Power (physics), Computer network, Degradation (telecommunications)
Abstract

A routing scheme is proposed for GMPLS-based WSONs to mitigate the effects of power transients due to WDM link failures. Simulations show that power transients are considerably reduced with negligible degradation of network resource utilization.

Catalog

Books, media, physical & digital resources
See catalog results