Pub Date : 2024-04-04DOI: 10.1109/LNET.2024.3385661
Diogo Pereira;Rodolfo Oliveira;Daniel Benevides da Costa;Hyong Kim
In recent medium access control (MAC) protocols, such as the ones adopted in IEEE 802.11ad and IEEE 802.11ay, stations mandatorily access one of the �$N_{S} gt 0 $ � consecutive slots forming a frame. This can be seen as a variant of the traditional slotted-aloha (SA), where instead of accessing a slot with probability p and not accessing in the finite frame with probability �$(1-p)^{N_{S}}$ �, a station always accesses at least once in a frame, i.e., stations mandatorily access in a frame’s slot. Additionally, a station can also perform multiple retries in the frame when the previous attempt did not succeed. Given the lack of modeling efforts and performance evaluation for SA schemes with mandatory access and retries (SAMAR), in this letter, we evaluate the expected number of stations that can successfully access the channel in a frame composed of a finite number of slots. Contrarily to SA, the analysis of SAMAR performance is challenging due to its enumerative nature. We propose an innovative recursive model of SAMAR performance, showing that SAMAR can achieve higher performance than that of SA parameterized with asymptotically optimal access probabilities. A comparative analysis shows the operational region where SAMAR overpasses SA’s performance, which is of crucial importance to define the number of slots of the SAMAR frame.
在最近的介质访问控制(MAC)协议中,例如在 IEEE 802.11ad 和 IEEE 802.11ay 中采用的协议,站点必须访问构成帧的 $N_{S}gt 0 $ 连续时隙中的一个。这可以看作是传统插槽式网络(SA)的一种变体,在这种变体中,一个站不是以概率 p 访问一个插槽,而是以概率 $(1-p)^{N_{S}}$ 在有限帧中不访问,在一个帧中总是至少访问一次,也就是说,站必须在一个帧的插槽中访问。此外,如果上一次尝试不成功,站点还可以在帧中进行多次重试。鉴于目前缺乏对强制接入和重试的 SA 方案(SAMAR)的建模工作和性能评估,我们在这封信中评估了在由有限个时隙组成的帧中能成功接入信道的台站的预期数量。与 SA 不同,SAMAR 的性能分析因其枚举性而具有挑战性。我们提出了一种创新的 SAMAR 性能递归模型,表明 SAMAR 可以达到比以渐近最优接入概率为参数的 SA 更高的性能。对比分析表明了 SAMAR 性能超过 SA 性能的运行区域,这对确定 SAMAR 框架的时隙数至关重要。
{"title":"Performance Analysis of Slotted-Aloha With Mandatory Access and Retries in a Finite Frame","authors":"Diogo Pereira;Rodolfo Oliveira;Daniel Benevides da Costa;Hyong Kim","doi":"10.1109/LNET.2024.3385661","DOIUrl":"https://doi.org/10.1109/LNET.2024.3385661","url":null,"abstract":"In recent medium access control (MAC) protocols, such as the ones adopted in IEEE 802.11ad and IEEE 802.11ay, stations mandatorily access one of the \u0000<inline-formula> <tex-math>$N_{S} gt 0 $ </tex-math></inline-formula>\u0000 consecutive slots forming a frame. This can be seen as a variant of the traditional slotted-aloha (SA), where instead of accessing a slot with probability p and not accessing in the finite frame with probability \u0000<inline-formula> <tex-math>$(1-p)^{N_{S}}$ </tex-math></inline-formula>\u0000, a station always accesses at least once in a frame, i.e., stations mandatorily access in a frame’s slot. Additionally, a station can also perform multiple retries in the frame when the previous attempt did not succeed. Given the lack of modeling efforts and performance evaluation for SA schemes with mandatory access and retries (SAMAR), in this letter, we evaluate the expected number of stations that can successfully access the channel in a frame composed of a finite number of slots. Contrarily to SA, the analysis of SAMAR performance is challenging due to its enumerative nature. We propose an innovative recursive model of SAMAR performance, showing that SAMAR can achieve higher performance than that of SA parameterized with asymptotically optimal access probabilities. A comparative analysis shows the operational region where SAMAR overpasses SA’s performance, which is of crucial importance to define the number of slots of the SAMAR frame.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 2","pages":"101-105"},"PeriodicalIF":0.0,"publicationDate":"2024-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141286585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-04-01DOI: 10.1109/LNET.2024.3383601
Anmol Kumar;Gaurav Somani;Mayank Agarwal
Web-services have become most common IT enablers today. Cyber attacks such as the distributed denial of service (DDoS) attacks pose availability concerns which may result into service outages and consequently financial and reputation losses. Load balancing software such as HAProxy (high availability proxy) is an important building block of the Web service delivery today. Load balancing software provides incoming request distribution among Web-servers and admission control which may even help with combating DDoS attacks. In this letter, we study and explore the performance of different load distribution or scheduling strategies in the presence of DDoS attacks. With the help of attack experiments, we find that First, HDR, Source, and URI scheduling algorithms performs best for both static and Poisson arrivals.
网络服务已成为当今最常见的 IT 手段。分布式拒绝服务(DDoS)攻击等网络攻击带来了可用性问题,可能导致服务中断,进而造成经济和声誉损失。负载平衡软件,如 HAProxy(高可用性代理),是当今网络服务交付的重要组成部分。负载均衡软件可在网络服务器之间分配接收到的请求,并进行接纳控制,甚至可帮助打击 DDoS 攻击。在这封信中,我们研究并探讨了在 DDoS 攻击情况下不同负载分配或调度策略的性能。在攻击实验的帮助下,我们发现 First、HDR、Source 和 URI 调度算法在静态和泊松到达情况下都表现最佳。
{"title":"Comparing HAProxy Scheduling Algorithms During the DDoS Attacks","authors":"Anmol Kumar;Gaurav Somani;Mayank Agarwal","doi":"10.1109/LNET.2024.3383601","DOIUrl":"https://doi.org/10.1109/LNET.2024.3383601","url":null,"abstract":"Web-services have become most common IT enablers today. Cyber attacks such as the distributed denial of service (DDoS) attacks pose availability concerns which may result into service outages and consequently financial and reputation losses. Load balancing software such as HAProxy (high availability proxy) is an important building block of the Web service delivery today. Load balancing software provides incoming request distribution among Web-servers and admission control which may even help with combating DDoS attacks. In this letter, we study and explore the performance of different load distribution or scheduling strategies in the presence of DDoS attacks. With the help of attack experiments, we find that First, HDR, Source, and URI scheduling algorithms performs best for both static and Poisson arrivals.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 2","pages":"139-142"},"PeriodicalIF":0.0,"publicationDate":"2024-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141286638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-03-28DOI: 10.1109/LNET.2024.3382955
Natchanon Luangsomboon;Jörg Liebeherr
Flow control in a data center network (DCN) prevents packet losses by pausing transmissions from upstream switches, whereas congestion control prevents network overload by regulating traffic sources. For two widely deployed flow and congestion control algorithms, namely PFC and DCQCN, we derive a necessary and sufficient condition that ensures that congestion control mechanisms in a shared-memory switch are triggered before flow control. The condition creates an imbalance of buffer requirements at the ingress and egress of a switch. For fair queuing and priority scheduling at the egress, we present traffic scenarios that saturate the condition. The lack of such traffic scenarios for FIFO scheduling suggests that choosing appropriate schedulers may help reducing minimal buffer requirements.
{"title":"Necessary and Sufficient Condition for Triggering ECN Before PFC in Shared Memory Switches","authors":"Natchanon Luangsomboon;Jörg Liebeherr","doi":"10.1109/LNET.2024.3382955","DOIUrl":"https://doi.org/10.1109/LNET.2024.3382955","url":null,"abstract":"Flow control in a data center network (DCN) prevents packet losses by pausing transmissions from upstream switches, whereas congestion control prevents network overload by regulating traffic sources. For two widely deployed flow and congestion control algorithms, namely PFC and DCQCN, we derive a necessary and sufficient condition that ensures that congestion control mechanisms in a shared-memory switch are triggered before flow control. The condition creates an imbalance of buffer requirements at the ingress and egress of a switch. For fair queuing and priority scheduling at the egress, we present traffic scenarios that saturate the condition. The lack of such traffic scenarios for FIFO scheduling suggests that choosing appropriate schedulers may help reducing minimal buffer requirements.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 2","pages":"119-123"},"PeriodicalIF":0.0,"publicationDate":"2024-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141286639","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-03-18DOI: 10.1109/LNET.2024.3377355
Ammar Ibrahim El Sayed;Mahmoud Abdelaziz;Mohamed Hussein;Ashraf D. Elbayoumy
The Internet of Things (IoT) has brought about flexible data management and monitoring, but it is increasingly vulnerable to distributed denial-of-service (DDoS) attacks. To counter these threats and bolster IoT device trust and computational capacity, we propose an innovative solution by integrating machine learning (ML) techniques with blockchain as a supporting framework. Analyzing IoT traffic datasets, we reveal the presence of DDoS attacks, highlighting the need for robust defenses. After evaluating multiple ML models, we choose the most effective one and integrate it with blockchain for enhanced detection and mitigation of DDoS threats, reinforcing IoT network security. This approach enhances device resilience, presenting a promising contribution to the secure IoT landscape.
物联网(IoT)带来了灵活的数据管理和监控,但也越来越容易受到分布式拒绝服务(DDoS)攻击。为了应对这些威胁并增强物联网设备的信任和计算能力,我们提出了一种创新解决方案,将机器学习(ML)技术与区块链作为支持框架进行整合。通过分析物联网流量数据集,我们发现了 DDoS 攻击的存在,突出了对强大防御的需求。在对多个 ML 模型进行评估后,我们选择了最有效的模型,并将其与区块链相结合,以增强对 DDoS 威胁的检测和缓解,从而加强物联网网络的安全性。这种方法增强了设备的恢复能力,为物联网安全领域做出了巨大贡献。
{"title":"DDoS Mitigation in IoT Using Machine Learning and Blockchain Integration","authors":"Ammar Ibrahim El Sayed;Mahmoud Abdelaziz;Mohamed Hussein;Ashraf D. Elbayoumy","doi":"10.1109/LNET.2024.3377355","DOIUrl":"https://doi.org/10.1109/LNET.2024.3377355","url":null,"abstract":"The Internet of Things (IoT) has brought about flexible data management and monitoring, but it is increasingly vulnerable to distributed denial-of-service (DDoS) attacks. To counter these threats and bolster IoT device trust and computational capacity, we propose an innovative solution by integrating machine learning (ML) techniques with blockchain as a supporting framework. Analyzing IoT traffic datasets, we reveal the presence of DDoS attacks, highlighting the need for robust defenses. After evaluating multiple ML models, we choose the most effective one and integrate it with blockchain for enhanced detection and mitigation of DDoS threats, reinforcing IoT network security. This approach enhances device resilience, presenting a promising contribution to the secure IoT landscape.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 2","pages":"152-155"},"PeriodicalIF":0.0,"publicationDate":"2024-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141286739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-03-18DOI: 10.1109/LNET.2024.3376435
Qiong Wu;Le Kuai;Pingyi Fan;Qiang Fan;Junhui Zhao;Jiangzhou Wang
In Internet of Things (IoT) networks, the amount of data sensed by user devices may be huge, resulting in the serious network congestion. To solve this problem, intelligent data compression is critical. The variational information bottleneck (VIB) approach, combined with machine learning, can be employed to train the encoder and decoder, so that the required transmission data size can be reduced significantly. However, VIB suffers from the computing burden and network insecurity. In this letter, we propose a blockchain-enabled VIB (BVIB) approach to relieve the computing burden while guaranteeing network security. Extensive simulations conducted by Python and C++ demonstrate that BVIB outperforms VIB by 36%, 22% and 57% in terms of time and CPU cycles cost, mutual information, and accuracy under attack, respectively.
在物联网(IoT)网络中,用户设备感知的数据量可能非常巨大,从而导致严重的网络拥塞。要解决这一问题,智能数据压缩至关重要。变异信息瓶颈(VIB)方法与机器学习相结合,可用于训练编码器和解码器,从而大幅减少所需的传输数据大小。然而,VIB 存在计算负担和网络不安全问题。在本文中,我们提出了一种支持区块链的 VIB(BVIB)方法,以减轻计算负担,同时保证网络安全。使用 Python 和 C++ 进行的大量仿真表明,BVIB 在时间和 CPU 周期成本、互信息和攻击下的准确性方面分别比 VIB 高出 36%、22% 和 57%。
{"title":"Blockchain-Enabled Variational Information Bottleneck for IoT Networks","authors":"Qiong Wu;Le Kuai;Pingyi Fan;Qiang Fan;Junhui Zhao;Jiangzhou Wang","doi":"10.1109/LNET.2024.3376435","DOIUrl":"10.1109/LNET.2024.3376435","url":null,"abstract":"In Internet of Things (IoT) networks, the amount of data sensed by user devices may be huge, resulting in the serious network congestion. To solve this problem, intelligent data compression is critical. The variational information bottleneck (VIB) approach, combined with machine learning, can be employed to train the encoder and decoder, so that the required transmission data size can be reduced significantly. However, VIB suffers from the computing burden and network insecurity. In this letter, we propose a blockchain-enabled VIB (BVIB) approach to relieve the computing burden while guaranteeing network security. Extensive simulations conducted by Python and C++ demonstrate that BVIB outperforms VIB by 36%, 22% and 57% in terms of time and CPU cycles cost, mutual information, and accuracy under attack, respectively.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 2","pages":"92-96"},"PeriodicalIF":0.0,"publicationDate":"2024-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140255059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-03-13DOI: 10.1109/LNET.2024.3400764
Murat Arda Onsu;Poonam Lohan;Burak Kantarci;Emil Janulewicz;Sergio Slobodrian
Network function virtualization (NFV) is a key foundational technology for 5G and beyond networks, wherein to offer network services, execution of Virtual Network Functions (VNFs) in a defined sequence is crucial for high-quality Service Function Chaining (SFC) provisioning. To provide fast, reliable, and automatic VNFs placement, Machine Learning (ML) algorithms such as Deep Reinforcement Learning (DRL) are widely being investigated. However, due to the requirement of fixed-size inputs in DRL models, these algorithms are highly dependent on network configuration such as the number of data centers (DCs) where VNFs can be placed and the logical connections among DCs. In this letter, a novel approach using the DRL technique is proposed for SFC provisioning which unlocks the reconfigurability of the networks, i.e., the same proposed model can be applied in different network configurations without additional training. Moreover, an advanced Deep Neural Network (DNN) architecture is constructed for DRL with an attention layer that improves the performance of SFC provisioning while considering the efficient resource utilization and the End-to-End (E2E) delay of SFC requests by looking up their priority points. Numerical results demonstrate that the proposed model surpasses the baseline heuristic method with an increase in the overall SFC acceptance ratio by 20.3% and a reduction in resource consumption and E2E delay by 50% and 42.65%, respectively.
{"title":"Unlocking Reconfigurability for Deep Reinforcement Learning in SFC Provisioning","authors":"Murat Arda Onsu;Poonam Lohan;Burak Kantarci;Emil Janulewicz;Sergio Slobodrian","doi":"10.1109/LNET.2024.3400764","DOIUrl":"https://doi.org/10.1109/LNET.2024.3400764","url":null,"abstract":"Network function virtualization (NFV) is a key foundational technology for 5G and beyond networks, wherein to offer network services, execution of Virtual Network Functions (VNFs) in a defined sequence is crucial for high-quality Service Function Chaining (SFC) provisioning. To provide fast, reliable, and automatic VNFs placement, Machine Learning (ML) algorithms such as Deep Reinforcement Learning (DRL) are widely being investigated. However, due to the requirement of fixed-size inputs in DRL models, these algorithms are highly dependent on network configuration such as the number of data centers (DCs) where VNFs can be placed and the logical connections among DCs. In this letter, a novel approach using the DRL technique is proposed for SFC provisioning which unlocks the reconfigurability of the networks, i.e., the same proposed model can be applied in different network configurations without additional training. Moreover, an advanced Deep Neural Network (DNN) architecture is constructed for DRL with an attention layer that improves the performance of SFC provisioning while considering the efficient resource utilization and the End-to-End (E2E) delay of SFC requests by looking up their priority points. Numerical results demonstrate that the proposed model surpasses the baseline heuristic method with an increase in the overall SFC acceptance ratio by 20.3% and a reduction in resource consumption and E2E delay by 50% and 42.65%, respectively.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 3","pages":"193-197"},"PeriodicalIF":0.0,"publicationDate":"2024-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142517983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-03-01DOI: 10.1109/LNET.2024.3372407
Anne Bouillard
Several techniques can be used for computing deterministic performance bounds in FIFO networks. The most popular one, as far as Network Calculus is concerned, is Total Flow Analysis (TFA). Its advantages are its algorithmic efficiency, acceptable accuracy and adapted to general topologies. However, handling cyclic dependencies is mostly solved for token-bucket arrival curves. Moreover, in many situations, flows are shaped at their admission in a network, and the network analysis does not fully take advantage of it. In this letter, we generalize the approach to piece-wise linear concave arrival curves and to shaping several flows together at their admission into the network. We show through numerical evaluation that the performance bounds are drastically improved.
{"title":"Admission Shaping With Network Calculus","authors":"Anne Bouillard","doi":"10.1109/LNET.2024.3372407","DOIUrl":"https://doi.org/10.1109/LNET.2024.3372407","url":null,"abstract":"Several techniques can be used for computing deterministic performance bounds in FIFO networks. The most popular one, as far as Network Calculus is concerned, is Total Flow Analysis (TFA). Its advantages are its algorithmic efficiency, acceptable accuracy and adapted to general topologies. However, handling cyclic dependencies is mostly solved for token-bucket arrival curves. Moreover, in many situations, flows are shaped at their admission in a network, and the network analysis does not fully take advantage of it. In this letter, we generalize the approach to piece-wise linear concave arrival curves and to shaping several flows together at their admission into the network. We show through numerical evaluation that the performance bounds are drastically improved.","PeriodicalId":100628,"journal":{"name":"IEEE Networking Letters","volume":"6 2","pages":"115-118"},"PeriodicalIF":0.0,"publicationDate":"2024-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141286615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: