首页 > 最新文献

NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium最新文献

英文 中文
A decision-making mechanism of network risk control based on grey relation 基于灰色关联的网络风险控制决策机制
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406300
Meng Li, Wenjing Li, Xiangjian Zeng, Peng Yu, Xue-song Qiu
The existing network risk control mechanisms are lack of scientific and normative decision-making and rely too much on subjective judgments, which brings a great uncertainty on network risk management. In this paper, a risk control decision-making mechanism of power data network based on grey relation is put forward, and puts emphasis on the prior risk control based on the prediction results. This mechanism first constructs a matrix of positive and negative ideal measures according to the risk control objective. Then, the grey relation coefficient matrix between the candidate and ideal measures is calculated to evaluate the similarity between measures. Finally, we define the grey relation projection coefficient to evaluate the degree of closeness between the candidate measure and the positive ideal measure and the degree of deviation between the candidate measure and the negative ideal measure. Simulation results show that this mechanism can make timely and accurate decision-making of network risk control measures.
现有的网络风险控制机制缺乏科学规范的决策,过于依赖主观判断,给网络风险管理带来了很大的不确定性。本文提出了一种基于灰色关联的电力数据网风险控制决策机制,并强调了基于预测结果的事前风险控制。该机制首先根据风险控制目标构建了正、负理想措施矩阵。然后,计算候选测度与理想测度之间的灰色关联系数矩阵,评价测度之间的相似性;最后,定义灰色关联投影系数来评价候选测度与正理想测度的接近程度以及候选测度与负理想测度的偏离程度。仿真结果表明,该机制能够对网络风险控制措施做出及时、准确的决策。
{"title":"A decision-making mechanism of network risk control based on grey relation","authors":"Meng Li, Wenjing Li, Xiangjian Zeng, Peng Yu, Xue-song Qiu","doi":"10.1109/NOMS.2018.8406300","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406300","url":null,"abstract":"The existing network risk control mechanisms are lack of scientific and normative decision-making and rely too much on subjective judgments, which brings a great uncertainty on network risk management. In this paper, a risk control decision-making mechanism of power data network based on grey relation is put forward, and puts emphasis on the prior risk control based on the prediction results. This mechanism first constructs a matrix of positive and negative ideal measures according to the risk control objective. Then, the grey relation coefficient matrix between the candidate and ideal measures is calculated to evaluate the similarity between measures. Finally, we define the grey relation projection coefficient to evaluate the degree of closeness between the candidate measure and the positive ideal measure and the degree of deviation between the candidate measure and the negative ideal measure. Simulation results show that this mechanism can make timely and accurate decision-making of network risk control measures.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"49 1","pages":"1-4"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86780210","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
RTP packet loss healing on a bare-metal switch 裸机交换机上的RTP丢包修复
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406114
Leonhard Nobach, Jeremias Blendin, H. Kolbe, Georg Schyguda, D. Hausheer
Bare-metal switches (BMS) are switches sold without an operating system (OS), i.e. including only the switch hardware. For network operators this may not only provide a cost advantage, it also allows them to customize the OS behavior to their own needs. The aim of this demonstration is to show the applicability of BMS in a carrier-grade environment. To this end, a representative use case has been implemented on a BMS, which includes the healing of RTP packet loss by automatically selecting a stream with the least packet loss from redundant uplinks. This use case demonstrates the flexibility of BMS to be adaptable to even such specific needs in a network.
裸机交换机(Bare-metal switch, BMS)是指没有操作系统(OS)的交换机,即只包括交换机硬件。对于网络运营商来说,这不仅提供了成本优势,还允许他们根据自己的需要定制操作系统行为。本演示的目的是展示BMS在运营商级环境中的适用性。为此,在BMS上实现了一个代表性的用例,其中包括通过从冗余上行链路中自动选择数据包丢失最少的流来修复RTP数据包丢失。这个用例展示了BMS的灵活性,甚至可以适应网络中的这种特定需求。
{"title":"RTP packet loss healing on a bare-metal switch","authors":"Leonhard Nobach, Jeremias Blendin, H. Kolbe, Georg Schyguda, D. Hausheer","doi":"10.1109/NOMS.2018.8406114","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406114","url":null,"abstract":"Bare-metal switches (BMS) are switches sold without an operating system (OS), i.e. including only the switch hardware. For network operators this may not only provide a cost advantage, it also allows them to customize the OS behavior to their own needs. The aim of this demonstration is to show the applicability of BMS in a carrier-grade environment. To this end, a representative use case has been implemented on a BMS, which includes the healing of RTP packet loss by automatically selecting a stream with the least packet loss from redundant uplinks. This use case demonstrates the flexibility of BMS to be adaptable to even such specific needs in a network.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"1 1","pages":"1-2"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89394638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cognitive radio : A method to achieve spectrum sharing in LTE-R system 认知无线电:LTE-R系统中实现频谱共享的一种方法
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406208
Hongyu Deng, Yiming Wang, Cheng Wu
In order to solve the problem of spectrum waste in the LTE-Railway (LTE-R) system, the paper uses Cognitive Radio (CR) to improve the ability of spectrum sharing on Vehicle-to- Ground communication. By constructing a novel Cognitive Radio Network (CRN) in LTE-R system, the Cognitive LTE-R eNodeB (C-eNodeB) can work with Vehicle Gateway (VG) and allocate idle and wasted spectrum resources to the passengers communicating devices to improve spectrum utilization of LTE-R, without impacting train-ground communication. Aiming at the novel CRN architecture, a C-eNodeB Queue Management Strategy (QMS) based on Type of Service (ToS) value priority is proposed to reduce the Real-Time (RT) service delay of Secondary Users (SU) caused by FIFO QMS. The simulation results show that the proposed CRN effectively improves the spectrum utilization of LTE-R system and the C-eNodeB QMS based on the ToS value priority significantly reduce the delay of RT business of passengers.
为了解决LTE-Railway (LTE-R)系统频谱浪费问题,本文采用认知无线电(CR)技术提高车地通信频谱共享能力。通过在LTE-R系统中构建一种新型的认知无线网络(CRN),认知LTE-R eNodeB (C-eNodeB)可以与车辆网关(VG)协同工作,将空闲和浪费的频谱资源分配给乘客通信设备,在不影响列车-地面通信的情况下提高LTE-R的频谱利用率。针对新型CRN体系结构,提出了一种基于服务类型(ToS)值优先级的C-eNodeB队列管理策略(QMS),以减少FIFO队列管理导致的二次用户实时(RT)业务延迟。仿真结果表明,提出的CRN有效提高了LTE-R系统的频谱利用率,基于ToS值优先级的C-eNodeB QMS显著降低了乘客RT业务的延迟。
{"title":"Cognitive radio : A method to achieve spectrum sharing in LTE-R system","authors":"Hongyu Deng, Yiming Wang, Cheng Wu","doi":"10.1109/NOMS.2018.8406208","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406208","url":null,"abstract":"In order to solve the problem of spectrum waste in the LTE-Railway (LTE-R) system, the paper uses Cognitive Radio (CR) to improve the ability of spectrum sharing on Vehicle-to- Ground communication. By constructing a novel Cognitive Radio Network (CRN) in LTE-R system, the Cognitive LTE-R eNodeB (C-eNodeB) can work with Vehicle Gateway (VG) and allocate idle and wasted spectrum resources to the passengers communicating devices to improve spectrum utilization of LTE-R, without impacting train-ground communication. Aiming at the novel CRN architecture, a C-eNodeB Queue Management Strategy (QMS) based on Type of Service (ToS) value priority is proposed to reduce the Real-Time (RT) service delay of Secondary Users (SU) caused by FIFO QMS. The simulation results show that the proposed CRN effectively improves the spectrum utilization of LTE-R system and the C-eNodeB QMS based on the ToS value priority significantly reduce the delay of RT business of passengers.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"36 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78185826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Generation of SDN policies for protecting android environments based on automata learning 基于自动学习的保护android环境的SDN策略生成
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406153
Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz
Software-defined networking offers new opportu-nities for protecting end users and their applications. In that context, dedicated chains can be built to combine different security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. To configure these security chains, it is important to have an adequate model of the patterns that end user applications exhibit when accessing the network. We propose an automated strategy for learning the networking behavior of end applications using algorithms for generating finite state models. These models can be exploited for inferring SDN policies ensuring that applications respect the observed behavior: such policies can be formally verified and deployed on SDN infrastructures in a dynamic and flexible manner. Our solution is prototypically implemented as a collection of Python scripts that extend our Synaptic verification package. The performance of our strategy is evaluated through extensive experimentations and is compared to the Synoptic and Invarimint automata learning algorithms.
软件定义的网络为保护最终用户及其应用程序提供了新的机会。在这种情况下,可以构建专用链来结合不同的安全功能,例如防火墙、入侵检测系统和防止数据泄漏的服务。要配置这些安全链,必须有一个最终用户应用程序在访问网络时显示的模式的适当模型。我们提出了一种使用生成有限状态模型的算法来学习终端应用程序的网络行为的自动化策略。这些模型可以用于推断SDN策略,确保应用程序尊重观察到的行为:这些策略可以以动态和灵活的方式正式验证并部署在SDN基础设施上。我们的解决方案通常是作为扩展Synaptic验证包的Python脚本集合来实现的。我们的策略的性能通过广泛的实验进行了评估,并与Synoptic和Invarimint自动机学习算法进行了比较。
{"title":"Generation of SDN policies for protecting android environments based on automata learning","authors":"Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz","doi":"10.1109/NOMS.2018.8406153","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406153","url":null,"abstract":"Software-defined networking offers new opportu-nities for protecting end users and their applications. In that context, dedicated chains can be built to combine different security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. To configure these security chains, it is important to have an adequate model of the patterns that end user applications exhibit when accessing the network. We propose an automated strategy for learning the networking behavior of end applications using algorithms for generating finite state models. These models can be exploited for inferring SDN policies ensuring that applications respect the observed behavior: such policies can be formally verified and deployed on SDN infrastructures in a dynamic and flexible manner. Our solution is prototypically implemented as a collection of Python scripts that extend our Synaptic verification package. The performance of our strategy is evaluated through extensive experimentations and is compared to the Synoptic and Invarimint automata learning algorithms.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"89 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73052432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Equal-volume quantization of mobile network data using bounding spheres and boxes 使用边界球和框的移动网络数据的等体积量化
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406263
Márton Kajó, B. Schultz, Janne Ali-Tolppa, G. Carle
Mobile network management systems often utilize quantization algorithms for abstraction and simplification of information, to be later processed by human operators or automated functions. In use cases such as visualization of high dimensional data or processing of anomalous observations, the off- the-shelf algorithms might produce misleading results, without the user realizing that the problem lies in the choice of the applied method. In this paper, we provide a quantization algorithm called Bounding Sphere Quantization (BSQ) that performs better than standard approaches when applied to these use cases, by minimizing the maximum error in the quantization. Since the proposed algorithm is computationally expensive, we also explore an alternative approach, which approximates the results achieved by BSQ while greatly reducing computational complexity. Our evaluation shows that BSQ provides more intuitive results that work better for the selected use cases when compared to the well-known k-Means algorithm.
移动网络管理系统通常利用量化算法对信息进行抽象和简化,然后由人工操作员或自动化功能进行处理。在高维数据的可视化或异常观测的处理等用例中,现成的算法可能会产生误导性的结果,而用户却没有意识到问题在于应用方法的选择。在本文中,我们提供了一种称为边界球量化(BSQ)的量化算法,该算法通过最小化量化中的最大误差,在应用于这些用例时比标准方法表现得更好。由于所提出的算法计算成本高,我们还探索了一种替代方法,该方法近似于BSQ获得的结果,同时大大降低了计算复杂度。我们的评估表明,与众所周知的k-Means算法相比,BSQ提供了更直观的结果,更适合所选的用例。
{"title":"Equal-volume quantization of mobile network data using bounding spheres and boxes","authors":"Márton Kajó, B. Schultz, Janne Ali-Tolppa, G. Carle","doi":"10.1109/NOMS.2018.8406263","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406263","url":null,"abstract":"Mobile network management systems often utilize quantization algorithms for abstraction and simplification of information, to be later processed by human operators or automated functions. In use cases such as visualization of high dimensional data or processing of anomalous observations, the off- the-shelf algorithms might produce misleading results, without the user realizing that the problem lies in the choice of the applied method. In this paper, we provide a quantization algorithm called Bounding Sphere Quantization (BSQ) that performs better than standard approaches when applied to these use cases, by minimizing the maximum error in the quantization. Since the proposed algorithm is computationally expensive, we also explore an alternative approach, which approximates the results achieved by BSQ while greatly reducing computational complexity. Our evaluation shows that BSQ provides more intuitive results that work better for the selected use cases when compared to the well-known k-Means algorithm.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"124 1","pages":"1-9"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74896627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Effective resource provisioning for QoS-aware virtual networks in SDN SDN中qos感知虚拟网络的有效资源发放
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406241
Prashanth Podili, Kotaro Kataoka
The emergence of the IoT, 5G and different modes of computing has introduced a new demand to tailor-made networks to support a wide spectrum of applications. Even though virtualizing networks and applying QoS to these networks are crucial, it is always challenging to achieve QoS, high accep­tance ratio, and cost effectiveness on provisioning virtual networks given the constrained resource of the underlying network. This paper introduces Delay Constraint Optimum Bandwidth Tree (DCOBT), which effectively satisfies the QoS requirement of virtual networks in terms of both end-to-end delay and bandwidth. We propose the QoS-aware Resource Provisioning (QRP) algorithm to determine DCOBT with less bandwidth consumption and superior load balancing. Using SDN as a key platform to implement QoS-aware virtual networks, this paper further proposes flow rule reduction using Destination Label Forwarding (DLF) to provision more virtual networks with less Ternary Content-Addressable Memory (TCAM) consumption. The evaluation results proved significant contribution on different aspects of resource provisioning for QoS-aware virtual networks with improved availability, scalability, and cost effectiveness.
物联网、5G和不同计算模式的出现,对定制网络提出了新的需求,以支持广泛的应用。尽管虚拟化网络和对这些网络应用QoS至关重要,但在底层网络资源受限的情况下,在提供虚拟网络时实现QoS、高接受率和成本效益总是具有挑战性的。本文介绍了延迟约束最优带宽树(DCOBT),它能有效地满足虚拟网络在端到端时延和带宽方面的QoS要求。我们提出了qos感知资源分配(QRP)算法,以确定具有更少带宽消耗和更好负载均衡的DCOBT。本文以SDN作为实现qos感知虚拟网络的关键平台,进一步提出了使用目的地标签转发(DLF)减少流规则,以提供更多的虚拟网络和更少的三元内容可寻址内存(TCAM)消耗。评估结果证明了对qos感知虚拟网络资源配置的不同方面的重大贡献,提高了可用性、可伸缩性和成本效益。
{"title":"Effective resource provisioning for QoS-aware virtual networks in SDN","authors":"Prashanth Podili, Kotaro Kataoka","doi":"10.1109/NOMS.2018.8406241","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406241","url":null,"abstract":"The emergence of the IoT, 5G and different modes of computing has introduced a new demand to tailor-made networks to support a wide spectrum of applications. Even though virtualizing networks and applying QoS to these networks are crucial, it is always challenging to achieve QoS, high accep­tance ratio, and cost effectiveness on provisioning virtual networks given the constrained resource of the underlying network. This paper introduces Delay Constraint Optimum Bandwidth Tree (DCOBT), which effectively satisfies the QoS requirement of virtual networks in terms of both end-to-end delay and bandwidth. We propose the QoS-aware Resource Provisioning (QRP) algorithm to determine DCOBT with less bandwidth consumption and superior load balancing. Using SDN as a key platform to implement QoS-aware virtual networks, this paper further proposes flow rule reduction using Destination Label Forwarding (DLF) to provision more virtual networks with less Ternary Content-Addressable Memory (TCAM) consumption. The evaluation results proved significant contribution on different aspects of resource provisioning for QoS-aware virtual networks with improved availability, scalability, and cost effectiveness.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"6 1","pages":"1-9"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79401860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A truthful online auction mechanism for deadline-aware cloud resource allocation 基于截止日期感知的云资源分配的真实在线拍卖机制
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406240
Tianrong Zhang, Yufeng Xin
Auction-based resource allocation and pricing mechanisms have attracted substantial research interests to enhance the utility gain and fairness of cloud platforms. A fundamental problem in cloud resource auction design that has not been fully addressed is how to ensure the timely execution of applications while allocation decisions have to be made online. Adding to the complexity of designing a truthful and efficient mechanism is that application requests are normally heterogeneous in resource demand and execution requirement. In this paper, we present a novel online combinatorial auction mechanism for deadline- aware multi-resource allocation for cloud platforms, which achieves both strategy-proofness and approximate efficiency on social welfare.
基于拍卖的资源分配和定价机制吸引了大量研究兴趣,以提高云平台的效用收益和公平性。云资源拍卖设计中尚未完全解决的一个基本问题是,当必须在线做出分配决策时,如何确保应用程序的及时执行。由于应用程序请求在资源需求和执行需求方面通常是异构的,因此增加了设计真实有效机制的复杂性。在本文中,我们提出了一种新的基于截止日期感知的云平台多资源分配的在线组合拍卖机制,该机制既实现了策略验证性,又实现了近似的社会福利效率。
{"title":"A truthful online auction mechanism for deadline-aware cloud resource allocation","authors":"Tianrong Zhang, Yufeng Xin","doi":"10.1109/NOMS.2018.8406240","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406240","url":null,"abstract":"Auction-based resource allocation and pricing mechanisms have attracted substantial research interests to enhance the utility gain and fairness of cloud platforms. A fundamental problem in cloud resource auction design that has not been fully addressed is how to ensure the timely execution of applications while allocation decisions have to be made online. Adding to the complexity of designing a truthful and efficient mechanism is that application requests are normally heterogeneous in resource demand and execution requirement. In this paper, we present a novel online combinatorial auction mechanism for deadline- aware multi-resource allocation for cloud platforms, which achieves both strategy-proofness and approximate efficiency on social welfare.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"215 1","pages":"1-9"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79600182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
From raw data packets to ingress egress traffic matrix: The distributed MapReduce-based solution 从原始数据包到出入口流量矩阵:基于分布式mapreduce的解决方案
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406288
Marco Polverini, A. Cianfrani, A. Baiocchi, M. Listanti, Valentina Salvatore
In this work we define a framework for the assessment of the Traffic Matrix (TM) of an Internet Service Provider (ISP) network. The solution, referred to as mrT, i) is completely distributed among network nodes, ii) is based on different Map-Reduce building blocks, iii) and is able to extract the Ingress-Egress nodes traffic relationships starting from raw traces captured on node interfaces. Each network node is able to compute a row of the TM having as input the local trace and low size files sent by other network nodes. mrT can be used for the TM computation of any packet switched network where the source and destination identifiers are unique and global, and computational resources are available in proximity of network nodes. The performance evaluation, carried out with synthetic and real traffic traces, highlight that mrT is a suitable solution for the assessment of the TM in real ISP networks with high traffic volumes. Moreover, the use of the Map-Reduce paradigm allows a reduction of more than the 50% of the execution times, with respect to an SQL-based approach.
在这项工作中,我们定义了一个评估互联网服务提供商(ISP)网络的流量矩阵(TM)的框架。该解决方案被称为mrT,它i)完全分布在网络节点之间,ii)基于不同的Map-Reduce构建块,iii)并且能够从节点接口上捕获的原始轨迹开始提取入口-出口节点流量关系。每个网络节点都能够计算具有本地跟踪和其他网络节点发送的低大小文件作为输入的TM的一行。mrT可用于任何数据包交换网络的TM计算,其中源和目的标识符是唯一的和全局的,并且计算资源在网络节点附近可用。利用合成和真实的流量轨迹进行的性能评估表明,mrT是在具有高流量的真实ISP网络中评估TM的合适解决方案。此外,与基于sql的方法相比,使用Map-Reduce范式可以减少50%以上的执行时间。
{"title":"From raw data packets to ingress egress traffic matrix: The distributed MapReduce-based solution","authors":"Marco Polverini, A. Cianfrani, A. Baiocchi, M. Listanti, Valentina Salvatore","doi":"10.1109/NOMS.2018.8406288","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406288","url":null,"abstract":"In this work we define a framework for the assessment of the Traffic Matrix (TM) of an Internet Service Provider (ISP) network. The solution, referred to as mrT, i) is completely distributed among network nodes, ii) is based on different Map-Reduce building blocks, iii) and is able to extract the Ingress-Egress nodes traffic relationships starting from raw traces captured on node interfaces. Each network node is able to compute a row of the TM having as input the local trace and low size files sent by other network nodes. mrT can be used for the TM computation of any packet switched network where the source and destination identifiers are unique and global, and computational resources are available in proximity of network nodes. The performance evaluation, carried out with synthetic and real traffic traces, highlight that mrT is a suitable solution for the assessment of the TM in real ISP networks with high traffic volumes. Moreover, the use of the Map-Reduce paradigm allows a reduction of more than the 50% of the execution times, with respect to an SQL-based approach.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"45 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79606434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Securing configuration management and migration of virtual network functions using blockchain 使用区块链保护虚拟网络功能的配置管理和迁移
Pub Date : 2018-04-23 DOI: 10.1109/NOMS.2018.8406249
I. D. Alvarenga, G. Rebello, O. Duarte
The integration of network function visualization (NFV) and service function chaining (SFC) adds intelligence to the core of the network. The programmability of the network core, however, raises new vulnerabilities and increases the number of victims, since a simple modification in the core can affect multiple network users. Thus, the provision of secure virtual network service functions (VNFs) is mandatory to guarantee a correct chaining of network functions. This paper proposes a blockchain-based architecture for secure management, configuration and migration of VNFs, which ensures: (i) immutability, non-repudiation, and auditability of the configuration update history; (ii) integrity and consistency of stored information; and (iii) the anonymity of VNFs, tenants, and configuration information. Furthermore, the proposed architecture guarantees the secure update and migration of configurations at the core of the network. A prototype of the proposed architecture using the Open Platform for NFV (OPNFV) indicates parameter trade-offs and performance bottlenecks.
网络功能可视化(NFV)和业务功能链(SFC)的融合为网络的核心增添了智能。然而,网络核心的可编程性引发了新的漏洞并增加了受害者的数量,因为对核心的简单修改可以影响多个网络用户。因此,必须提供安全的虚拟网络服务功能,以保证网络功能的正确链接。本文提出了一种基于区块链的VNFs安全管理、配置和迁移架构,可确保:(i)配置更新历史的不变性、不可否认性和可审计性;(ii)存储信息的完整性和一致性;(iii) VNFs、租户和配置信息的匿名性。此外,该架构保证了网络核心配置的安全更新和迁移。使用NFV开放平台(OPNFV)的拟议架构原型表明了参数权衡和性能瓶颈。
{"title":"Securing configuration management and migration of virtual network functions using blockchain","authors":"I. D. Alvarenga, G. Rebello, O. Duarte","doi":"10.1109/NOMS.2018.8406249","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406249","url":null,"abstract":"The integration of network function visualization (NFV) and service function chaining (SFC) adds intelligence to the core of the network. The programmability of the network core, however, raises new vulnerabilities and increases the number of victims, since a simple modification in the core can affect multiple network users. Thus, the provision of secure virtual network service functions (VNFs) is mandatory to guarantee a correct chaining of network functions. This paper proposes a blockchain-based architecture for secure management, configuration and migration of VNFs, which ensures: (i) immutability, non-repudiation, and auditability of the configuration update history; (ii) integrity and consistency of stored information; and (iii) the anonymity of VNFs, tenants, and configuration information. Furthermore, the proposed architecture guarantees the secure update and migration of configurations at the core of the network. A prototype of the proposed architecture using the Open Platform for NFV (OPNFV) indicates parameter trade-offs and performance bottlenecks.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"33 1","pages":"1-9"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75804218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 50
Community based platform for vulnerability categorization 基于社区的漏洞分类平台
Pub Date : 2018-04-23 DOI: 10.1109/noms.2018.8406125
Jana Komárková, Lukás Sadlek, Martin Laštovička
Many approaches, such as attack graphs, require knowledge of vulnerability's properties such as impact, prereq- uisities, and exploitability. Currently, those properties are either categorized manually or too roughly. We present a program for granular, automated categorization of vulnerability. Further, we present a platform supporting researchers by gathering and sharing raw data about vulnerabilities and community labeled datasets. The source code of our categorization program is available on GitHub.
许多方法,如攻击图,需要了解漏洞的属性,如影响、先决条件和可利用性。目前,这些属性要么是手动分类,要么过于粗略。我们提出了一个对漏洞进行细粒度、自动分类的程序。此外,我们还提供了一个平台,通过收集和共享有关漏洞和社区标记数据集的原始数据来支持研究人员。我们的分类程序的源代码可以在GitHub上找到。
{"title":"Community based platform for vulnerability categorization","authors":"Jana Komárková, Lukás Sadlek, Martin Laštovička","doi":"10.1109/noms.2018.8406125","DOIUrl":"https://doi.org/10.1109/noms.2018.8406125","url":null,"abstract":"Many approaches, such as attack graphs, require knowledge of vulnerability's properties such as impact, prereq- uisities, and exploitability. Currently, those properties are either categorized manually or too roughly. We present a program for granular, automated categorization of vulnerability. Further, we present a platform supporting researchers by gathering and sharing raw data about vulnerabilities and community labeled datasets. The source code of our categorization program is available on GitHub.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"36 1","pages":"1-2"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74924132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
期刊
NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1