Chang Liu, Jin Wang, Chang Liu Sr, Jie Wang, Li Tian, Xiao Yu, Min Wei
� �
Although many studies have conducted the traffic scheduling of time-sensitive networks, most focus on small-scale static scheduling for specific scenarios, which cannot cope with dynamic and rapid scheduling of time-triggered (TT) flows generated in scalable scenarios in the Industrial Internet of Things. In this paper, we propose a Scalable TT flow scheduling method based on Dynamic Online Grouping in industrial time-sensitive networks (SDOG). To achieve that, we establish an undirected weighted flow graph based on the conflict index between TT flows and divide available time into equally spaced time windows. We dynamically group the TT flows within each window locally. When the number of flows to be scheduled doubles, we can achieve scalable and efficient solutions to efficiently schedule dynamic TT flows, avoiding unnecessary conflicts during data communication. In addition, a topology pruning strategy is adopted to prune the network topology of each group, reducing unnecessary link variables and further effectively shortening the scheduling time. Experimental results validated our expected performance and demonstrated that our proposed SDOG scheduling method has advantages in terms of overall traffic schedulability and average time for scheduling individual traffic.
{"title":"SDOG: Scalable Scheduling of Flows Based on Dynamic Online Grouping in Industrial Time-Sensitive Networks","authors":"Chang Liu, Jin Wang, Chang Liu Sr, Jie Wang, Li Tian, Xiao Yu, Min Wei","doi":"10.1002/nem.70001","DOIUrl":"https://doi.org/10.1002/nem.70001","url":null,"abstract":"<div>\u0000 \u0000 <p>Although many studies have conducted the traffic scheduling of time-sensitive networks, most focus on small-scale static scheduling for specific scenarios, which cannot cope with dynamic and rapid scheduling of time-triggered (TT) flows generated in scalable scenarios in the Industrial Internet of Things. In this paper, we propose a Scalable TT flow scheduling method based on Dynamic Online Grouping in industrial time-sensitive networks (SDOG). To achieve that, we establish an undirected weighted flow graph based on the conflict index between TT flows and divide available time into equally spaced time windows. We dynamically group the TT flows within each window locally. When the number of flows to be scheduled doubles, we can achieve scalable and efficient solutions to efficiently schedule dynamic TT flows, avoiding unnecessary conflicts during data communication. In addition, a topology pruning strategy is adopted to prune the network topology of each group, reducing unnecessary link variables and further effectively shortening the scheduling time. Experimental results validated our expected performance and demonstrated that our proposed SDOG scheduling method has advantages in terms of overall traffic schedulability and average time for scheduling individual traffic.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 2","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143121256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Border Gateway Protocol (BGP) is known to have serious security vulnerabilities. One of these vulnerabilities is BGP route leaks. A BGP route leak describes the propagation of route announcements beyond their intended scope, violating the Gao-Rexford model. Route leaks may lead to traffic misdirection, causing performance issues and potential security risks, often due to mistakes and misconfiguration. Several potential solutions have been published and are currently greatly discussed within the Internet Engineering Task Force (IETF) but have yet to be widely implemented. One approach is the Autonomous System Provider Authorization (ASPA). In addition to these new approaches, there are also efforts to use existing BGP functionalities to detect and prevent route leaks. In this paper, we implement the Down Only (DO) Community and Only to Customer (OTC) Attribute approaches, using them isolated and in conjunction with ASPA. Our research indicates that implementing a DO/OTC deployment strategy focusing on well-interconnected ASes could significantly reduce route leaks. Specifically, we observed mitigation of over 98% of all route leaks when DO and OTC were deployed by the top 5% of the most connected ASes. We show that combining DO/OTC and ASPA can greatly enhance ASPA's route leak prevention capabilities.
众所周知,边界网关协议BGP (Border Gateway Protocol)存在严重的安全漏洞。其中一个漏洞是BGP路由泄漏。BGP路由泄漏描述了路由公告超出其预期范围的传播,违反了Gao-Rexford模型。路由泄漏可能导致流量方向错误,从而导致性能问题和潜在的安全风险,通常是由于错误和错误配置造成的。一些潜在的解决方案已经发表,并且目前在互联网工程任务组(IETF)内部进行了大量讨论,但尚未得到广泛实施。一种方法是自治系统提供者授权(ASPA)。除了这些新方法之外,也有人努力使用现有的BGP功能来检测和防止路由泄漏。在本文中,我们实现了Down Only (DO)社区和Only to Customer (OTC)属性方法,将它们与ASPA分离并结合使用。我们的研究表明,实施DO/OTC部署策略,重点关注互连良好的as,可以显著减少路由泄漏。具体来说,我们观察到,当连接最多的前5%的ase部署DO和OTC时,超过98%的路由泄漏得到缓解。研究表明,将DO/OTC与ASPA相结合可以大大提高ASPA的路由泄漏防护能力。
{"title":"Mitigating BGP Route Leaks With Attributes and Communities: A Stopgap Solution for Path Plausibility","authors":"Nils Höger, Nils Rodday, Gabi Dreo Rodosek","doi":"10.1002/nem.70002","DOIUrl":"https://doi.org/10.1002/nem.70002","url":null,"abstract":"<p>The Border Gateway Protocol (BGP) is known to have serious security vulnerabilities. One of these vulnerabilities is BGP route leaks. A BGP route leak describes the propagation of route announcements beyond their intended scope, violating the Gao-Rexford model. Route leaks may lead to traffic misdirection, causing performance issues and potential security risks, often due to mistakes and misconfiguration. Several potential solutions have been published and are currently greatly discussed within the Internet Engineering Task Force (IETF) but have yet to be widely implemented. One approach is the Autonomous System Provider Authorization (ASPA). In addition to these new approaches, there are also efforts to use existing BGP functionalities to detect and prevent route leaks. In this paper, we implement the Down Only (DO) Community and Only to Customer (OTC) Attribute approaches, using them isolated and in conjunction with ASPA. Our research indicates that implementing a DO/OTC deployment strategy focusing on well-interconnected ASes could significantly reduce route leaks. Specifically, we observed mitigation of over 98% of all route leaks when DO and OTC were deployed by the top 5% of the most connected ASes. We show that combining DO/OTC and ASPA can greatly enhance ASPA's route leak prevention capabilities.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 2","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.70002","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143121003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Anomaly detection in multitenant virtual networks presents significant challenges due to the dynamic, ephemeral nature of virtualized environments and the complex traffic patterns they generate. This paper presents a definition of preferable positions within virtual networks to enhance anomaly detection efficacy. Leveraging a combination of overlay and underlay capture positions, this paper examines the strategic impact of network positioning on anomaly detection accuracy, particularly in environments utilizing software-defined networking (SDN) and network function virtualization (NFV). Through controlled testing with realistic attack scenarios, including data exfiltration, denial of service, and malware infiltration, the advantages and constraints of each capture position are demonstrated. The findings underscore the necessity of adaptable capture mechanisms to address variability in data volume, encapsulation challenges, and privacy concerns unique to virtualized ecosystems. The paper further introduces a cost calculation model that evaluates each capture position by weighting key factors, enabling an optimized trade-off between detection accuracy and resource efficiency. The derived classification of the positional value significantly improves real-time detection of both internal and external threats within multitenant networks.
{"title":"Positional Packet Capture for Anomaly Detection in Multitenant Virtual Networks","authors":"Daniel Spiekermann","doi":"10.1002/nem.2326","DOIUrl":"https://doi.org/10.1002/nem.2326","url":null,"abstract":"<p>Anomaly detection in multitenant virtual networks presents significant challenges due to the dynamic, ephemeral nature of virtualized environments and the complex traffic patterns they generate. This paper presents a definition of preferable positions within virtual networks to enhance anomaly detection efficacy. Leveraging a combination of overlay and underlay capture positions, this paper examines the strategic impact of network positioning on anomaly detection accuracy, particularly in environments utilizing software-defined networking (SDN) and network function virtualization (NFV). Through controlled testing with realistic attack scenarios, including data exfiltration, denial of service, and malware infiltration, the advantages and constraints of each capture position are demonstrated. The findings underscore the necessity of adaptable capture mechanisms to address variability in data volume, encapsulation challenges, and privacy concerns unique to virtualized ecosystems. The paper further introduces a cost calculation model that evaluates each capture position by weighting key factors, enabling an optimized trade-off between detection accuracy and resource efficiency. The derived classification of the positional value significantly improves real-time detection of both internal and external threats within multitenant networks.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 2","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2326","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143120463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Alexander Brechlin, Jochen Schäfer, Frederik Armknecht
Cryptocurrency exchanges have become a multi-billion dollar industry. Although these platforms are not only relevant for economic reasons but also from a privacy and legal perspective, empirical studies investigating the operations of cryptocurrency exchanges and the behavior of their users are surprisingly rare. A notable exception is a study analyzing the cryptocurrency exchange ShapeShift. While this study described new heuristics to retrieve a significant fraction of trades made on the plaform, its approach relied on identifying cryptocurrency transactions based on previously scraped trade data. This limited the analysis to the timeframe for which data had been acquired and likely led to false negatives in the transaction identification process. In this paper, we replicate and extend previous work by conducting an in-depth investigation of the cryptocurrency exchange Evonax. Our analysis is based on actual trading data acquired by using a novel methodology allowing to extract detailed information from the public blockchain and the interface of the exchange platform. We are able to identify 30,402 transactions between the launch of Evonax in February 2018 and December 31, 2022, which should be close to a complete set of all transactions. This allows us not only to analyze the business practices of a cryptocurrency exchange but also to identify a number of interesting use cases that are likely to be associated with illegal activity. This paper is an extended version of a research article previously accepted at the CryptoEx Workshop at IEEE ICBC 2024.
{"title":"Buy Crypto, Sell Privacy: An Extended Investigation of the Cryptocurrency Exchange Evonax","authors":"Alexander Brechlin, Jochen Schäfer, Frederik Armknecht","doi":"10.1002/nem.2325","DOIUrl":"https://doi.org/10.1002/nem.2325","url":null,"abstract":"<p>Cryptocurrency exchanges have become a multi-billion dollar industry. Although these platforms are not only relevant for economic reasons but also from a privacy and legal perspective, empirical studies investigating the operations of cryptocurrency exchanges and the behavior of their users are surprisingly rare. A notable exception is a study analyzing the cryptocurrency exchange <i>ShapeShift</i>. While this study described new heuristics to retrieve a significant fraction of trades made on the plaform, its approach relied on identifying cryptocurrency transactions based on previously scraped trade data. This limited the analysis to the timeframe for which data had been acquired and likely led to false negatives in the transaction identification process. In this paper, we replicate and extend previous work by conducting an in-depth investigation of the cryptocurrency exchange <i>Evonax</i>. Our analysis is based on actual trading data acquired by using a novel methodology allowing to extract detailed information from the public blockchain and the interface of the exchange platform. We are able to identify 30,402 transactions between the launch of Evonax in February 2018 and December 31, 2022, which should be close to a complete set of all transactions. This allows us not only to analyze the business practices of a cryptocurrency exchange but also to identify a number of interesting use cases that are likely to be associated with illegal activity. This paper is an extended version of a research article previously accepted at the CryptoEx Workshop at IEEE ICBC 2024.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2325","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143119279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Network slicing, which enables efficient resource management to meet specific service requirements, provides a scalable solution for optimizing music transmission and live performance in mobile networks beyond 5G and into 6G. The research focuses on optimizing live performances as well as music transmission. Since AI-driven resource management improves performance quality and real-time music streaming in dynamic 6G network situations, these factors are interconnected. This approach allows multiple tenants, such as event organizers and music producers, to share infrastructure while customizing communication and quality standards for real-time music services. To ensure optimal resource allocation, including high bandwidth, low latency, and consistent service quality, network slices are dynamically configured by the infrastructure provider. Although the implementation of network slicing in the core network has been well studied, applying it within the radio access network (RAN) presents challenges, especially given the unpredictability of wireless channels and the strict quality of service (QoS) demands for live music streaming. For 6G networks, the article suggests a tenant-driven RAN slicing method improved by artificial intelligence (AI) to maximize music performance and transmission. A hybrid AI framework integrates a deep recurrent neural network (DRNN) for continuous monitoring and prediction of network conditions with a deep Q-network (DQN) augmented by prioritized experience replay (PER) for real-time resource adaptation. The DRNN forecasts network states to guide high-level resource allocation, whereas DQN with PER dynamically manages routing and bandwidth based on past critical network states, enabling rapid responses to fluctuating performance demands. Comparative results indicate that the suggested approach outperforms conventional techniques, achieving a latency of 25 ms, an audio quality of 4.6, and a bandwidth utilization of 90%. Simulation results in live music and enhanced mobile broadband (eMBB) environments demonstrate the proposed approach's effectiveness in minimizing latency, enhancing audio quality, and stabilizing transmission, surpassing traditional network allocation techniques.
{"title":"Music Transmission and Performance Optimization Based on the Integration of Artificial Intelligence and 6G Network Slice","authors":"Honghui Zhu","doi":"10.1002/nem.70000","DOIUrl":"https://doi.org/10.1002/nem.70000","url":null,"abstract":"<div>\u0000 \u0000 <p>Network slicing, which enables efficient resource management to meet specific service requirements, provides a scalable solution for optimizing music transmission and live performance in mobile networks beyond 5G and into 6G. The research focuses on optimizing live performances as well as music transmission. Since AI-driven resource management improves performance quality and real-time music streaming in dynamic 6G network situations, these factors are interconnected. This approach allows multiple tenants, such as event organizers and music producers, to share infrastructure while customizing communication and quality standards for real-time music services. To ensure optimal resource allocation, including high bandwidth, low latency, and consistent service quality, network slices are dynamically configured by the infrastructure provider. Although the implementation of network slicing in the core network has been well studied, applying it within the radio access network (RAN) presents challenges, especially given the unpredictability of wireless channels and the strict quality of service (QoS) demands for live music streaming. For 6G networks, the article suggests a tenant-driven RAN slicing method improved by artificial intelligence (AI) to maximize music performance and transmission. A hybrid AI framework integrates a deep recurrent neural network (DRNN) for continuous monitoring and prediction of network conditions with a deep Q-network (DQN) augmented by prioritized experience replay (PER) for real-time resource adaptation. The DRNN forecasts network states to guide high-level resource allocation, whereas DQN with PER dynamically manages routing and bandwidth based on past critical network states, enabling rapid responses to fluctuating performance demands. Comparative results indicate that the suggested approach outperforms conventional techniques, achieving a latency of 25 ms, an audio quality of 4.6, and a bandwidth utilization of 90%. Simulation results in live music and enhanced mobile broadband (eMBB) environments demonstrate the proposed approach's effectiveness in minimizing latency, enhancing audio quality, and stabilizing transmission, surpassing traditional network allocation techniques.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143117930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The information society has led to a shift in traditional English education methods, with the evolution of technology, particularly internet and communication network technologies, reshaping the teaching landscape. This facilitated innovative instructional approaches and enhanced the learning experience. This research introduces a novel virtual learn net architecture (VLNA) within the 6G network layers, which processes the performance of the virtual reality-based English education system (VR-EES) model to provide a seamless, personalized learning experience for online learners. This architecture is structured into several layers: The user equipment (UE) layer connects VR headsets to the network with ultrareliable, low-latency links; the radio access network (RAN) layer, employing massive MIMO and beam forming, enhances connection speed, capacity, and coverage. Edge computing handles latency-sensitive tasks like speech recognition and adaptive content delivery, reducing the load on the core network. The core network layer (CLN) manages network slices for specific learning tasks such as real-time interaction, high-definition multimedia, and computation-intensive processes, with control plane and user plane separation (CUPS) optimizing network management and security through end-to-end encryption. Software-defined networking (SDN) and network function virtualization (NFV) provide centralized, dynamic control, allowing real-time resource allocation based on demand. Cloud-edge integration supports Artificial intelligence (AI)-driven adaptive learning, optimizing educational content delivery based on individual progress. The study results demonstrate that stimulation of VLNA achieved significant improvements in latency reduction, bandwidth utilization, throughput, packet loss rate, jitter, user engagement, learning efficiency, and user satisfaction. The integration of edge computing and network slicing led to a significant reduction in latency, while the enhanced throughput enabled seamless VR experiences. In this study, latency reduction, bandwidth utilization, and user satisfaction emerge as the most significant factors, with user satisfaction standing out as the top performer due to its substantial impact on enhancing the overall learning experience. The packet loss rate is maintained to a certain level, ensuring reliable data transmission. The VR-EES model's experimental results also enhanced visual learning, multimedia quality, user pleasure, learning effectiveness, and user engagement.
{"title":"A New English Education Model Based on 6G and Sliced Network Virtual Reality Platform","authors":"Xiaozheng Liu","doi":"10.1002/nem.2324","DOIUrl":"https://doi.org/10.1002/nem.2324","url":null,"abstract":"<div>\u0000 \u0000 <p>The information society has led to a shift in traditional English education methods, with the evolution of technology, particularly internet and communication network technologies, reshaping the teaching landscape. This facilitated innovative instructional approaches and enhanced the learning experience. This research introduces a novel virtual learn net architecture (VLNA) within the 6G network layers, which processes the performance of the virtual reality-based English education system (VR-EES) model to provide a seamless, personalized learning experience for online learners. This architecture is structured into several layers: The user equipment (UE) layer connects VR headsets to the network with ultrareliable, low-latency links; the radio access network (RAN) layer, employing massive MIMO and beam forming, enhances connection speed, capacity, and coverage. Edge computing handles latency-sensitive tasks like speech recognition and adaptive content delivery, reducing the load on the core network. The core network layer (CLN) manages network slices for specific learning tasks such as real-time interaction, high-definition multimedia, and computation-intensive processes, with control plane and user plane separation (CUPS) optimizing network management and security through end-to-end encryption. Software-defined networking (SDN) and network function virtualization (NFV) provide centralized, dynamic control, allowing real-time resource allocation based on demand. Cloud-edge integration supports Artificial intelligence (AI)-driven adaptive learning, optimizing educational content delivery based on individual progress. The study results demonstrate that stimulation of VLNA achieved significant improvements in latency reduction, bandwidth utilization, throughput, packet loss rate, jitter, user engagement, learning efficiency, and user satisfaction. The integration of edge computing and network slicing led to a significant reduction in latency, while the enhanced throughput enabled seamless VR experiences. In this study, latency reduction, bandwidth utilization, and user satisfaction emerge as the most significant factors, with user satisfaction standing out as the top performer due to its substantial impact on enhancing the overall learning experience. The packet loss rate is maintained to a certain level, ensuring reliable data transmission. The VR-EES model's experimental results also enhanced visual learning, multimedia quality, user pleasure, learning effectiveness, and user engagement.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143114896","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this study, we propose and evaluate a model that utilizes both log data and state data to detect abnormal conditions in network switches. Building upon our previous research and drawing inspiration from TF-IDF used in natural language processing to measure word importance, we propose a statistical method, Log-TF-IDF, to quantify the rarity of each log pattern in the log data. Furthermore, based on this Log-TF-IDF, we introduce the AB Score, which quantifies how abnormal the current log pattern is. Our findings indicate that the AB Score is notably higher and more volatile in abnormal conditions. We confirm that anomaly detection is feasible through the AB Score, which has the advantage of being computationally efficient due to its statistical basis. We combined the metrics generated during the AB Score calculation with resource data collected with NETCONF and developed a machine-learning model to detect abnormal conditions in network switches. We confirm that this model can detect abnormal conditions with an F1 score of 0.86 on our collected dataset, confirming its viability for detecting abnormal states in network equipment.
{"title":"Log-TF-IDF and NETCONF-Based Network Switch Anomaly Detection","authors":"Sukhyun Nam, Eui-Dong Jeong, James Won-Ki Hong","doi":"10.1002/nem.2322","DOIUrl":"https://doi.org/10.1002/nem.2322","url":null,"abstract":"<div>\u0000 \u0000 <p>In this study, we propose and evaluate a model that utilizes both log data and state data to detect abnormal conditions in network switches. Building upon our previous research and drawing inspiration from TF-IDF used in natural language processing to measure word importance, we propose a statistical method, Log-TF-IDF, to quantify the rarity of each log pattern in the log data. Furthermore, based on this Log-TF-IDF, we introduce the AB Score, which quantifies how abnormal the current log pattern is. Our findings indicate that the AB Score is notably higher and more volatile in abnormal conditions. We confirm that anomaly detection is feasible through the AB Score, which has the advantage of being computationally efficient due to its statistical basis. We combined the metrics generated during the AB Score calculation with resource data collected with NETCONF and developed a machine-learning model to detect abnormal conditions in network switches. We confirm that this model can detect abnormal conditions with an F1 score of 0.86 on our collected dataset, confirming its viability for detecting abnormal states in network equipment.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143114895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Multitopology routing (MTR) provides an attractive alternative to segment routing (SR) for traffic engineering when network devices cannot be upgraded. However, due to a high overhead in terms of link state messages exchanged by topologies and the need to frequently update link weights to follow evolving network conditions, MTR is often limited to a small number of topologies and the satisfaction of loose QoS constraints. To overcome these limitations, we propose virtual MTR (vMTR), an MTR extension where demands are routed over virtual topologies that are silent; that is, they do not exchange LSA messages and that are continuously derived from a very limited set of real topologies, optimizing each QoS parameter. In this context, we present a polynomial and exact algorithm for vMTR and, as a benchmark, a local search algorithm for MTR. We show that vMTR helps to reduce drastically the number of real topologies and that it is more robust to QoS changes. In the case where SR can actually be rolled-out, we also show that vMTR allows to drastically reduce SR overhead.
{"title":"Multitopology Routing With Virtual Topologies and Segment Routing","authors":"Nicolas Huin, Sébastien Martin, Jérémie Leguay","doi":"10.1002/nem.2321","DOIUrl":"https://doi.org/10.1002/nem.2321","url":null,"abstract":"<div>\u0000 \u0000 <p>Multitopology routing (MTR) provides an attractive alternative to segment routing (SR) for traffic engineering when network devices cannot be upgraded. However, due to a high overhead in terms of link state messages exchanged by topologies and the need to frequently update link weights to follow evolving network conditions, MTR is often limited to a small number of topologies and the satisfaction of loose QoS constraints. To overcome these limitations, we propose virtual MTR (vMTR), an MTR extension where demands are routed over virtual topologies that are silent; that is, they do not exchange LSA messages and that are continuously derived from a very limited set of real topologies, optimizing each QoS parameter. In this context, we present a polynomial and exact algorithm for vMTR and, as a benchmark, a local search algorithm for MTR. We show that vMTR helps to reduce drastically the number of real topologies and that it is more robust to QoS changes. In the case where SR can actually be rolled-out, we also show that vMTR allows to drastically reduce SR overhead.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143114966","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Van Tu Nguyen, Sang-Woo Ryu, Kyung-Chan Ko, Jae-Hyoung Yoo, James Won-Ki Hong
� �
Many studies have used machine learning techniques for bitrate control to improve the quality of experience (QoE) of video streaming applications. However, most of these studies have focused on HTTP adaptive streaming with one-to-one connections. This research examines video conferencing applications that involve real-time, multiparty, and full-duplex communication among participants. In conventional video conferencing systems, a rule-based algorithm is typically employed to estimate the available bandwidth of each participant, and the outcomes are then used to control the video delivery rate to the participant. This paper proposes Muno, a bandwidth prediction framework based on deep reinforcement learning (DRL) for multiparty video conferencing systems. Muno aims to enhance the overall QoE by using DRL to improve bandwidth estimation for each connection. The experimental results indicate that Muno achieves a significantly higher video streaming rate, video resolution, and framerate while lowering delay in highly dynamic networks when compared to the state-of-the-art rule-based algorithms and roughly equivalent streaming rate and delay in stable networks. Moreover, Muno can generalize well to different network conditions which were not included in the training set. We also implemented a high-performance and scalable version of Muno for in-campus deployment.
{"title":"Muno: Improved Bandwidth Estimation Scheme in Video Conferencing Using Deep Reinforcement Learning","authors":"Van Tu Nguyen, Sang-Woo Ryu, Kyung-Chan Ko, Jae-Hyoung Yoo, James Won-Ki Hong","doi":"10.1002/nem.2323","DOIUrl":"https://doi.org/10.1002/nem.2323","url":null,"abstract":"<div>\u0000 \u0000 <p>Many studies have used machine learning techniques for bitrate control to improve the quality of experience (QoE) of video streaming applications. However, most of these studies have focused on HTTP adaptive streaming with one-to-one connections. This research examines video conferencing applications that involve real-time, multiparty, and full-duplex communication among participants. In conventional video conferencing systems, a rule-based algorithm is typically employed to estimate the available bandwidth of each participant, and the outcomes are then used to control the video delivery rate to the participant. This paper proposes Muno, a bandwidth prediction framework based on deep reinforcement learning (DRL) for multiparty video conferencing systems. Muno aims to enhance the overall QoE by using DRL to improve bandwidth estimation for each connection. The experimental results indicate that Muno achieves a significantly higher video streaming rate, video resolution, and framerate while lowering delay in highly dynamic networks when compared to the state-of-the-art rule-based algorithms and roughly equivalent streaming rate and delay in stable networks. Moreover, Muno can generalize well to different network conditions which were not included in the training set. We also implemented a high-performance and scalable version of Muno for in-campus deployment.</p>\u0000 </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143113096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Aristide Tanyi-Jong Akem, Guillaume Fraysse, Marco Fiore
Network traffic encryption has been on the rise in recent years, making encrypted traffic classification (ETC) an important area of research. Machine learning (ML) methods for ETC are widely regarded as the state of the art. However, most existing solutions either rely on offline ETC based on collected network data or on online ETC with models running in the control plane of software-defined networks, all of which do not run at line rate and would not meet the strict requirements of ultra-low-latency applications in modern networks. This work exploits recent advances in data plane programmability to achieve real-time ETC in programmable switches at line rate, with high throughput and low latency. An extensive analysis is first conducted to show how tree-based models excel in ETC on various datasets. Then, a workflow is proposed for in-switch ETC with tree-based models. The proposed workflow builds on (i) an ETC-aware random forest (RF) modelling process where only features based on packet size and packet arrival times are used and (ii) an encoding of the trained RF model into off-the-shelf P4-programmable switches. The performance of the proposed in-switch ETC solution is evaluated on three use cases based on publicly available encrypted traffic datasets. Experiments are then conducted in a real-world testbed with Intel Tofino switches, in the presence of high-speed background traffic. Results show how the solution achieves high classification accuracy of up to 95% in QUIC traffic classification, with submicrosecond delay while consuming less than 10% on average of the total hardware resources available on the switch.
{"title":"Real-Time Encrypted Traffic Classification in Programmable Networks with P4 and Machine Learning","authors":"Aristide Tanyi-Jong Akem, Guillaume Fraysse, Marco Fiore","doi":"10.1002/nem.2320","DOIUrl":"https://doi.org/10.1002/nem.2320","url":null,"abstract":"<p>Network traffic encryption has been on the rise in recent years, making encrypted traffic classification (ETC) an important area of research. Machine learning (ML) methods for ETC are widely regarded as the state of the art. However, most existing solutions either rely on offline ETC based on collected network data or on online ETC with models running in the control plane of software-defined networks, all of which do not run at line rate and would not meet the strict requirements of ultra-low-latency applications in modern networks. This work exploits recent advances in data plane programmability to achieve real-time ETC in programmable switches at line rate, with high throughput and low latency. An extensive analysis is first conducted to show how tree-based models excel in ETC on various datasets. Then, a workflow is proposed for in-switch ETC with tree-based models. The proposed workflow builds on (i) an ETC-aware random forest (RF) modelling process where only features based on packet size and packet arrival times are used and (ii) an encoding of the trained RF model into off-the-shelf P4-programmable switches. The performance of the proposed in-switch ETC solution is evaluated on three use cases based on publicly available encrypted traffic datasets. Experiments are then conducted in a real-world testbed with Intel Tofino switches, in the presence of high-speed background traffic. Results show how the solution achieves high classification accuracy of up to 95<i>%</i> in QUIC traffic classification, with submicrosecond delay while consuming less than 10<i>%</i> on average of the total hardware resources available on the switch.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2320","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143113095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号