Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406207
Woo-Jae Kim, J. W. Hong, Young-Joo Suh
In order to manage data center networks, distributed SDN controllers such as ONOS controller have been researched and used. In this paper, we propose simple live distributed controller migration scheme and design the or- chestrator for this scheme. This scheme basically transfers an distributed SDN controller from the overloaded physical machine to the under-loaded physical machine. According to experimental results, a data center network is broken without our scheme when computing load increases. On the other hands, our proposed scheme reduces an average delay as well as avoids a breakdown of the data center network.
{"title":"Live distributed controller migration for software-defined data center networks","authors":"Woo-Jae Kim, J. W. Hong, Young-Joo Suh","doi":"10.1109/NOMS.2018.8406207","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406207","url":null,"abstract":"In order to manage data center networks, distributed SDN controllers such as ONOS controller have been researched and used. In this paper, we propose simple live distributed controller migration scheme and design the or- chestrator for this scheme. This scheme basically transfers an distributed SDN controller from the overloaded physical machine to the under-loaded physical machine. According to experimental results, a data center network is broken without our scheme when computing load increases. On the other hands, our proposed scheme reduces an average delay as well as avoids a breakdown of the data center network.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"64 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80328282","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406217
Stefano Petrangeli, Dries Pauwels, Jeroen van der Hooft, Jürgen Slowack, T. Wauters, F. Turck
Remote teaching applications are common nowa-days. Very often, these applications resemble video-on-demand streaming platforms rather than real virtual classrooms, where a group of students (the receivers) can remotely attend a live lecture held by a lecturer (the sender). To better support this live scenario, Real-Time Communication (RTC) solutions can be used. WebRTC is an open-source project for real-time browser- based conferencing, developed with a peer-to-peer architecture in mind. To use WebRTC, each receiver requires a dedicated encoder at sender-side. Using such approach is expensive in terms of encoders, and does not scale well for a large number of users. To overcome this issue, a WebRTC-compliant framework is proposed, where only a limited number of encoders are used. A centralized node, the conference controller, dynamically forwards the most suitable stream to the receivers, based on their bandwidth conditions. Moreover, the controller dynamically recomputes the encoding bitrates of the sender. This approach allows to closely follow the long-term bandwidth variations of the receivers, even with a limited number of encoders at sender-side. To evaluate the performance of the proposed framework in a realistic environment, a testbed has been implemented using the Chrome browser and the open-source Jitsi-Videobridge. In a scenario with 10 receivers and 3 encoders, and under realistic network conditions, the proposed framework improves the received video bitrate up to 11%, compared to a static solution where the encoding bitrates do not change over time.
{"title":"Dynamic video bitrate adaptation for WebRTC-based remote teaching applications","authors":"Stefano Petrangeli, Dries Pauwels, Jeroen van der Hooft, Jürgen Slowack, T. Wauters, F. Turck","doi":"10.1109/NOMS.2018.8406217","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406217","url":null,"abstract":"Remote teaching applications are common nowa-days. Very often, these applications resemble video-on-demand streaming platforms rather than real virtual classrooms, where a group of students (the receivers) can remotely attend a live lecture held by a lecturer (the sender). To better support this live scenario, Real-Time Communication (RTC) solutions can be used. WebRTC is an open-source project for real-time browser- based conferencing, developed with a peer-to-peer architecture in mind. To use WebRTC, each receiver requires a dedicated encoder at sender-side. Using such approach is expensive in terms of encoders, and does not scale well for a large number of users. To overcome this issue, a WebRTC-compliant framework is proposed, where only a limited number of encoders are used. A centralized node, the conference controller, dynamically forwards the most suitable stream to the receivers, based on their bandwidth conditions. Moreover, the controller dynamically recomputes the encoding bitrates of the sender. This approach allows to closely follow the long-term bandwidth variations of the receivers, even with a limited number of encoders at sender-side. To evaluate the performance of the proposed framework in a realistic environment, a testbed has been implemented using the Chrome browser and the open-source Jitsi-Videobridge. In a scenario with 10 receivers and 3 encoders, and under realistic network conditions, the proposed framework improves the received video bitrate up to 11%, compared to a static solution where the encoding bitrates do not change over time.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"68 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74114604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406121
P. Velan, M. Husák, Daniel Tovarnák
Detection of network attacks is the first step to network security. Many different methods for attack detection were proposed in the past. However, descriptions of these methods are often not complete and it is difficult to verify that the actual implementation matches the description. In this demo paper, we propose to use Complex Event Processing (CEP) for developing detection methods based on network flows. By writing the detection methods in an Event Processing Language (EPL), we can address the above-mentioned problems. The SQL-like syntax of most EPLs is easily readable so the detection method is self-documented. Moreover, it is directly executable in the CEP system, which eliminates inconsistencies between documentation and implementation. The demo will show a running example of a multi-stage HTTP brute force attack detection using Esper and its EPL.
{"title":"Rapid prototyping of flow-based detection methods using complex event processing","authors":"P. Velan, M. Husák, Daniel Tovarnák","doi":"10.1109/NOMS.2018.8406121","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406121","url":null,"abstract":"Detection of network attacks is the first step to network security. Many different methods for attack detection were proposed in the past. However, descriptions of these methods are often not complete and it is difficult to verify that the actual implementation matches the description. In this demo paper, we propose to use Complex Event Processing (CEP) for developing detection methods based on network flows. By writing the detection methods in an Event Processing Language (EPL), we can address the above-mentioned problems. The SQL-like syntax of most EPLs is easily readable so the detection method is self-documented. Moreover, it is directly executable in the CEP system, which eliminates inconsistencies between documentation and implementation. The demo will show a running example of a multi-stage HTTP brute force attack detection using Esper and its EPL.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"131 5 1","pages":"1-3"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81148145","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406160
T. Miyamura, A. Misawa, J. Kani
In this paper, we consider the design of an optical aggregation network with network edge functions virtualization in order to reduce network cost. Here, an optical aggregation network connects a server accommodating virtual network functions (VNFs) with optical line terminals (OLTs) via a time-division-multiplexing (TDM)-based point-to- multipoint (P2MP) wavelength path to aggregate traffic from access networks. Each VNF must be placed on an adequate server in consideration of the efficiency of wavelength paths to reduce network cost. However, existing VNF placement algorithms determines VNF placement without considering the efficiency of P2MP wavelength paths, which deteriorates network performance and increases network cost. To solve the problem, VNF placement must be carried out so that a P2MP wavelength path can be efficiently shared by multiple OLTs for reducing network cost. For this purpose, we propose a VNF placement algorithm, called decomposition-based VNF placement algorithm (DVA), in a TDM wavelength-division-multiplexing (WDM)-based optical aggregation network. The DVA can find approximate solutions of sufficient quality with practical computation time.
{"title":"Decomposition-based VNF placement algorithm in TDM-WDM-based optical aggregation network","authors":"T. Miyamura, A. Misawa, J. Kani","doi":"10.1109/NOMS.2018.8406160","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406160","url":null,"abstract":"In this paper, we consider the design of an optical aggregation network with network edge functions virtualization in order to reduce network cost. Here, an optical aggregation network connects a server accommodating virtual network functions (VNFs) with optical line terminals (OLTs) via a time-division-multiplexing (TDM)-based point-to- multipoint (P2MP) wavelength path to aggregate traffic from access networks. Each VNF must be placed on an adequate server in consideration of the efficiency of wavelength paths to reduce network cost. However, existing VNF placement algorithms determines VNF placement without considering the efficiency of P2MP wavelength paths, which deteriorates network performance and increases network cost. To solve the problem, VNF placement must be carried out so that a P2MP wavelength path can be efficiently shared by multiple OLTs for reducing network cost. For this purpose, we propose a VNF placement algorithm, called decomposition-based VNF placement algorithm (DVA), in a TDM wavelength-division-multiplexing (WDM)-based optical aggregation network. The DVA can find approximate solutions of sufficient quality with practical computation time.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"29 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84571332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406321
Cecil Wöbker, A. Seitz, Harald Mueller, B. Brügge
Devices used in fog and edge computing are heterogeneous and distributed. These computing environments are unpredictable and their applications are becoming more complex. This leads to challenges regarding deployment and management of fog and edge applications. It is important to ensure that quality of service, availability, reliability and real-time characteristics are guaranteed during deployment to take advantage of fog computing. In this paper, we present Fogernetes, a fog computing platform that enables management and deployment of fog applications with specific requirements on heterogeneous devices with different capabilities. Fogernetes allows matching the requirements of application components with device capabilities by using a labeling system. Based on a case study, we evaluate and test Fogernetes and examine its practical applicability for the deployment and management of fog computing applications. Fodeo serves as an example application. Fodeo analyzes video streams from multiple cameras and optimizes the video delivery. Fogernetes enables the deployment of Fodeo components on appropriate devices by matching requirements and capabilities.
{"title":"Fogernetes: Deployment and management of fog computing applications","authors":"Cecil Wöbker, A. Seitz, Harald Mueller, B. Brügge","doi":"10.1109/NOMS.2018.8406321","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406321","url":null,"abstract":"Devices used in fog and edge computing are heterogeneous and distributed. These computing environments are unpredictable and their applications are becoming more complex. This leads to challenges regarding deployment and management of fog and edge applications. It is important to ensure that quality of service, availability, reliability and real-time characteristics are guaranteed during deployment to take advantage of fog computing. In this paper, we present Fogernetes, a fog computing platform that enables management and deployment of fog applications with specific requirements on heterogeneous devices with different capabilities. Fogernetes allows matching the requirements of application components with device capabilities by using a labeling system. Based on a case study, we evaluate and test Fogernetes and examine its practical applicability for the deployment and management of fog computing applications. Fodeo serves as an example application. Fodeo analyzes video streams from multiple cameras and optimizes the video delivery. Fogernetes enables the deployment of Fodeo components on appropriate devices by matching requirements and capabilities.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"24 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89038427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406191
Heewon Kim, Yoonhee Kim
Data of scientific workflow applications are tend to be distributed over many data centers to be effectively stored, retrieved, and transferred among them. The result of an experiment with those data shows diverse execution performance depending on the placement of input and intermediate data which are generated during application execution. However, initial data placement strategy would not be the best plan for long running experiments because of the dynamic change of resource condition time to time. We propose an adaptive data placement strategy considering dynamic resource change for efficient data-intensive applications. The strategy consists of two stages that group the datasets in data centers during the build- time stage and dynamically clusters every time newly generated datasets repeatedly to the most appropriate data centers during runtime stage, which is based on task dependency, intense degree of data usage, and just-in-time resource availability. Just-in-time data placement coming with task execution is more efficient than the one with initialization stage of experiments in the aspect of resource utilization. Experiments show that data movement can be effectively reduced while the workflow is running
{"title":"An adaptive data placement strategy in scientific workflows over cloud computing environments","authors":"Heewon Kim, Yoonhee Kim","doi":"10.1109/NOMS.2018.8406191","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406191","url":null,"abstract":"Data of scientific workflow applications are tend to be distributed over many data centers to be effectively stored, retrieved, and transferred among them. The result of an experiment with those data shows diverse execution performance depending on the placement of input and intermediate data which are generated during application execution. However, initial data placement strategy would not be the best plan for long running experiments because of the dynamic change of resource condition time to time. We propose an adaptive data placement strategy considering dynamic resource change for efficient data-intensive applications. The strategy consists of two stages that group the datasets in data centers during the build- time stage and dynamically clusters every time newly generated datasets repeatedly to the most appropriate data centers during runtime stage, which is based on task dependency, intense degree of data usage, and just-in-time resource availability. Just-in-time data placement coming with task execution is more efficient than the one with initialization stage of experiments in the aspect of resource utilization. Experiments show that data movement can be effectively reduced while the workflow is running","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"35 2","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91469487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406232
Seyeon Jeong, Doyoung Lee, Jian Li, J. W. Hong
Currently, server (host) virtualization technology that brings effective use of server resources to a data center is promising as cloud services are being prevalent with increasing traffic volumes and requirements for higher service quality. Proposed network TAP, named vTAP (Virtual Test Access Port), overcomes the problem that existing hardware TAP devices cannot be utilized for virtual network links to monitor traffic among virtual machines (VMs) at a packet level. vTAP can be implemented by a virtual switch that gives network connectivity to VMs by switching packets over the virtual network links. The port mirroring feature of a virtual switch can be a naive solution to provide packet level monitoring among VMs. However, using the feature in an environment that needs to treat large volume of network traffic with low delay such as NFV (Network Function Virtualization) incurs performance degradation in packet switching capability of the switch and error-prone manual configurations. This paper provides design and implementation approaches to vTAP using Open vSwitch with DPDK (Data Plane Development Kit) and an OpenFlow SDN (Software-Defined Networking) controller to overcome the problems. DPDK can accelerate overall packet processing operations needed in vTAP, and OpenFlow controller can provide a centralized and flexible way to apply and manage TAP policies in an SDN network. This paper also provides performance comparisons of the proposed vTAP and the naive method, port mirroring.
目前,随着云服务的普及,流量不断增加,对服务质量的要求也越来越高,能够有效利用服务器资源的服务器(主机)虚拟化技术非常有前景。提出的网络TAP,称为vTAP (Virtual Test Access Port,虚拟测试访问端口),克服了现有硬件TAP设备不能用于虚拟网络链路的问题,无法在数据包级别上对虚拟机之间的流量进行监控。vTAP可以通过虚拟交换机实现,虚拟交换机通过在虚拟网络链路上交换数据包,为虚拟机提供网络连接。虚拟交换机的端口镜像特性可以作为一种简单的解决方案,在虚拟机之间提供数据包级别的监控。但是,在需要以低延迟处理大量网络流量的环境(如NFV (network Function Virtualization))中使用该特性会导致交换机的分组交换能力性能下降,并且容易出现手动配置错误。本文提供了使用Open vSwitch与DPDK(数据平面开发工具包)和OpenFlow SDN(软件定义网络)控制器来克服这些问题的vTAP的设计和实现方法。DPDK可以加速vTAP所需的整体数据包处理操作,OpenFlow控制器可以在SDN网络中提供集中灵活的TAP策略应用和管理方式。本文还对所提出的vTAP和原始的端口镜像方法进行了性能比较。
{"title":"OpenFlow-based virtual TAP using open vSwitch and DPDK","authors":"Seyeon Jeong, Doyoung Lee, Jian Li, J. W. Hong","doi":"10.1109/NOMS.2018.8406232","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406232","url":null,"abstract":"Currently, server (host) virtualization technology that brings effective use of server resources to a data center is promising as cloud services are being prevalent with increasing traffic volumes and requirements for higher service quality. Proposed network TAP, named vTAP (Virtual Test Access Port), overcomes the problem that existing hardware TAP devices cannot be utilized for virtual network links to monitor traffic among virtual machines (VMs) at a packet level. vTAP can be implemented by a virtual switch that gives network connectivity to VMs by switching packets over the virtual network links. The port mirroring feature of a virtual switch can be a naive solution to provide packet level monitoring among VMs. However, using the feature in an environment that needs to treat large volume of network traffic with low delay such as NFV (Network Function Virtualization) incurs performance degradation in packet switching capability of the switch and error-prone manual configurations. This paper provides design and implementation approaches to vTAP using Open vSwitch with DPDK (Data Plane Development Kit) and an OpenFlow SDN (Software-Defined Networking) controller to overcome the problems. DPDK can accelerate overall packet processing operations needed in vTAP, and OpenFlow controller can provide a centralized and flexible way to apply and manage TAP policies in an SDN network. This paper also provides performance comparisons of the proposed vTAP and the naive method, port mirroring.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"51 5 1","pages":"1-9"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91015858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406210
Sheyda Kiani Mehr, Parikshit Juluri, M. Maddumala, D. Medhi
The push from online video content providers to replace traditional broadcast television comes with the added expectation of comparable Quality of Experience (QoE) of video streaming. In-network caching, combined with prefetching, can be useful to improve DASH video delivery latency. In this paper, we propose an Adaptation Aware Hybrid Client-Cache (AAHCC) framework, a cache pre-fetching scheme that prefetch bitrate using an adaptation algorithm based on throughput measurements from the client and the forecasted throughput at the cache. For evaluation, we ran the experiments in a network with and without background traffic on GENI distributed testbed. Our results show that AAHCC by predicting the correct bitrate for the next segment reduces the number of unused pre-fetches and improve the byte-hit rate compare to a basic client-driven pre-fetch scheme.
{"title":"An adaptation aware hybrid client-cache approach for video delivery with dynamic adaptive streaming over HTTP","authors":"Sheyda Kiani Mehr, Parikshit Juluri, M. Maddumala, D. Medhi","doi":"10.1109/NOMS.2018.8406210","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406210","url":null,"abstract":"The push from online video content providers to replace traditional broadcast television comes with the added expectation of comparable Quality of Experience (QoE) of video streaming. In-network caching, combined with prefetching, can be useful to improve DASH video delivery latency. In this paper, we propose an Adaptation Aware Hybrid Client-Cache (AAHCC) framework, a cache pre-fetching scheme that prefetch bitrate using an adaptation algorithm based on throughput measurements from the client and the forecasted throughput at the cache. For evaluation, we ran the experiments in a network with and without background traffic on GENI distributed testbed. Our results show that AAHCC by predicting the correct bitrate for the next segment reduces the number of unused pre-fetches and improve the byte-hit rate compare to a basic client-driven pre-fetch scheme.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"5 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77749699","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406214
Menghan Zhou, Lanlan Rui, Xue-song Qiu, Zhen Xia, Biyao Li
To make an accurate evaluation of node importance in the power grid communication network, we propose an algorithm based on the communication topology layer and the power grid layer to evaluate the importance of the nodes. On the basis of the node contraction algorithm [7], the cut point is assigned a higher weight to reflect the difference between the key nodes and the non-key nodes. Simultaneously, combined with the characteristics of the power grid, the power factor, power service and node failure probability are added to evaluate node importance of power grid communication network objectively. Compared with the node contraction algorithm, the results show that the algorithm in this paper can better distinguish the importance of nodes, and has great reference value for the evaluation of node importance in the power grid communication network. Finally, the algorithm is applied to node risk analysis. By optimizing power service routing, average node risk of entire network can reduce significantly. Therefore, the reliability of network is improved.
{"title":"Evaluation of the node importance in power grid communication network and analysis of node risk","authors":"Menghan Zhou, Lanlan Rui, Xue-song Qiu, Zhen Xia, Biyao Li","doi":"10.1109/NOMS.2018.8406214","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406214","url":null,"abstract":"To make an accurate evaluation of node importance in the power grid communication network, we propose an algorithm based on the communication topology layer and the power grid layer to evaluate the importance of the nodes. On the basis of the node contraction algorithm [7], the cut point is assigned a higher weight to reflect the difference between the key nodes and the non-key nodes. Simultaneously, combined with the characteristics of the power grid, the power factor, power service and node failure probability are added to evaluate node importance of power grid communication network objectively. Compared with the node contraction algorithm, the results show that the algorithm in this paper can better distinguish the importance of nodes, and has great reference value for the evaluation of node importance in the power grid communication network. Finally, the algorithm is applied to node risk analysis. By optimizing power service routing, average node risk of entire network can reduce significantly. Therefore, the reliability of network is improved.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"66 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77952930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406293
Sara Khanchi, A. N. Zincir-Heywood, M. Heywood
Non-stationary network traffic, together with stealth occurrences of malicious behaviors, make analyzing network traffic challenging. In this research, a machine learning framework is used to incrementally learn the network behavior and adapt to the changes in the traffic. This framework works under two main constraints: 1) label budget, 2) class imbalance; which makes it suitable for real-world network scenarios. Evaluations are performed on a public dataset with multiple Botnet scenarios under 0.5% and 5% label budgets; only around 2.2% of traffic is Botnet. Our results demonstrate the significance of the proposed Stream Genetic Programming solution and a general robustness to factors such as long latencies between instances of the same Botnet.
{"title":"Streaming Botnet traffic analysis using bio-inspired active learning","authors":"Sara Khanchi, A. N. Zincir-Heywood, M. Heywood","doi":"10.1109/NOMS.2018.8406293","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406293","url":null,"abstract":"Non-stationary network traffic, together with stealth occurrences of malicious behaviors, make analyzing network traffic challenging. In this research, a machine learning framework is used to incrementally learn the network behavior and adapt to the changes in the traffic. This framework works under two main constraints: 1) label budget, 2) class imbalance; which makes it suitable for real-world network scenarios. Evaluations are performed on a public dataset with multiple Botnet scenarios under 0.5% and 5% label budgets; only around 2.2% of traffic is Botnet. Our results demonstrate the significance of the proposed Stream Genetic Programming solution and a general robustness to factors such as long latencies between instances of the same Botnet.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":"22 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83618410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}