Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175480
Kaan Aykurt, W. Kellerer
Sixth-generation (6G) networks propose integrating multiple networks and domains while improving network performance. Hence, today’s networks are becoming increasingly larger and more complex. Traditional methods to manage networks are facing significant challenges as the topology sizes, traffic patterns, and network domains are changing.This paper presents the state-of-the-art in literature for network management and proposes a research plan for an autonomous network management framework fueled by the Digital Twin (DT) paradigm. Unlike the existing methods such as Queuing Theory (QT) or network simulation studies, the proposed framework relies on state-of-the-art Graph Neural Networks (GNNs) for network performance analysis. We argue that seamless integration of networks while improving performance guarantees can be achieved via autonomous management of networks and present a research plan in this paper.
{"title":"Autonomous Network Management in Multi-Domain 6G Networks based on Graph Neural Networks","authors":"Kaan Aykurt, W. Kellerer","doi":"10.1109/NetSoft57336.2023.10175480","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175480","url":null,"abstract":"Sixth-generation (6G) networks propose integrating multiple networks and domains while improving network performance. Hence, today’s networks are becoming increasingly larger and more complex. Traditional methods to manage networks are facing significant challenges as the topology sizes, traffic patterns, and network domains are changing.This paper presents the state-of-the-art in literature for network management and proposes a research plan for an autonomous network management framework fueled by the Digital Twin (DT) paradigm. Unlike the existing methods such as Queuing Theory (QT) or network simulation studies, the proposed framework relies on state-of-the-art Graph Neural Networks (GNNs) for network performance analysis. We argue that seamless integration of networks while improving performance guarantees can be achieved via autonomous management of networks and present a research plan in this paper.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"140 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114096908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175405
Benjamin Steinert, Marco Häberle, Jan-Oliver Nick, D. Farinacci, M. Menth
The networking paradigm locator/identifier split decouples locating and identifying functionality of addresses. Thereby it improves multi-homing, fail-over, mobility, traffic engineering over the Internet, and routing scalability.The Locator/Identifier Separation Protocol (LISP) is a prominent incarnation of that paradigm which recently became an Internet standard. However, existing LISP implementations are either proprietary or have limited performance, which makes their deployment difficult in high-speed networks. Programming Protocol-independent Packet Processors (P4) is a programming language that facilitates the implementation of custom data plane processing on high-performance switches with line rates of up to 400 Gbit/s.In this work, we present P4-LISP, an open-source P4-based proof of concept implementation of a high-performance LISP router. It supports all relevant features such as ITR, ETR, RTR, P-ITR, P-ETR, NAT-traversal, LISP-NAT, and mobile nodes. As control plane, the open-source implementation lispers.net has been integrated on the switch. Security features are added to protect the control plane from being overloaded by the high-performance data plane. The paper describes the architecture of P4-LISP in detail and extensively evaluates performance, functionality, controller performance, and overload protection.
{"title":"P4-LISP: A P4-Based High-Performance Router for the Locator/Identifier Separation Protocol","authors":"Benjamin Steinert, Marco Häberle, Jan-Oliver Nick, D. Farinacci, M. Menth","doi":"10.1109/NetSoft57336.2023.10175405","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175405","url":null,"abstract":"The networking paradigm locator/identifier split decouples locating and identifying functionality of addresses. Thereby it improves multi-homing, fail-over, mobility, traffic engineering over the Internet, and routing scalability.The Locator/Identifier Separation Protocol (LISP) is a prominent incarnation of that paradigm which recently became an Internet standard. However, existing LISP implementations are either proprietary or have limited performance, which makes their deployment difficult in high-speed networks. Programming Protocol-independent Packet Processors (P4) is a programming language that facilitates the implementation of custom data plane processing on high-performance switches with line rates of up to 400 Gbit/s.In this work, we present P4-LISP, an open-source P4-based proof of concept implementation of a high-performance LISP router. It supports all relevant features such as ITR, ETR, RTR, P-ITR, P-ETR, NAT-traversal, LISP-NAT, and mobile nodes. As control plane, the open-source implementation lispers.net has been integrated on the switch. Security features are added to protect the control plane from being overloaded by the high-performance data plane. The paper describes the architecture of P4-LISP in detail and extensively evaluates performance, functionality, controller performance, and overload protection.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129551018","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175495
Emre Karakis, S. Clayman, Mustafa Tuker, Elif Bozkaya, M. Sayıt
The emergence of a number of network communication facilities such as Network Function Virtualization (NFV), Software Defined Networking (SDN), the Internet of Things (IoT), Unmanned Aerial Vehicles (UAV), and in-network packet processing, holds a potential to meet the low latency, high precision requirements of various future multimedia applications. However, this raises the corresponding issues of how all of these elements can be used together in future networking environments, including newly developed protocols and techniques. This paper describes the architecture of an end-to-end video streaming platform for video surveillance, consisting of a UAV network domain, an edge server implementing in-network packet trimming operations with the use of Big Packet Protocol (BPP), utilization of Scalable Video Coding (SVC) and multiple video clients which connect to a network managed by an SDN controller. A Virtualized Edge Function at the drone edge utilizes SVC and in communication with the Drone Control Unit to manage the transmitted video quality. Experimental results show the potential that future multimedia applications can achieve the required high precision with the use of future network components and the consideration of their interactions.
{"title":"Towards High Precision End-to-End Video Streaming from Drones using Packet Trimming","authors":"Emre Karakis, S. Clayman, Mustafa Tuker, Elif Bozkaya, M. Sayıt","doi":"10.1109/NetSoft57336.2023.10175495","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175495","url":null,"abstract":"The emergence of a number of network communication facilities such as Network Function Virtualization (NFV), Software Defined Networking (SDN), the Internet of Things (IoT), Unmanned Aerial Vehicles (UAV), and in-network packet processing, holds a potential to meet the low latency, high precision requirements of various future multimedia applications. However, this raises the corresponding issues of how all of these elements can be used together in future networking environments, including newly developed protocols and techniques. This paper describes the architecture of an end-to-end video streaming platform for video surveillance, consisting of a UAV network domain, an edge server implementing in-network packet trimming operations with the use of Big Packet Protocol (BPP), utilization of Scalable Video Coding (SVC) and multiple video clients which connect to a network managed by an SDN controller. A Virtualized Edge Function at the drone edge utilizes SVC and in communication with the Drone Control Unit to manage the transmitted video quality. Experimental results show the potential that future multimedia applications can achieve the required high precision with the use of future network components and the consideration of their interactions.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"35 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133071668","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175431
C. Centofanti, Walter Tiberti, A. Marotta, F. Graziosi, D. Cassioli
Network and computing infrastructures are nowadays challenged to meet the increasingly stringent requirements of novel applications. One of the most critical aspect is optimizing the latency perceived by the end-user accessing the services. New network architectures offer a natural framework for the efficient orchestration of microservices. However, how to incorporate accurate latency metrics into orchestration decisions still represents an open challenge.In this work we propose a novel architectural approach to perform scheduling operations in Kubernetes environment. Existing approaches proposed the collection of network metrics, e.g. latency between nodes in the cluster, via purposely-built external measurement services deployed in the cluster. Compared to other approaches the proposed one: (i) collects performance metrics at the application layer instead of network layer; (ii) relies on latency measurements performed inside the service of interest instead of utilizing external measurement services; (iii) takes scheduling decisions based on effective end-user perceived latency instead of considering the latency between cluster nodes.We show the effectiveness of our approach by adopting an iterative discovery strategy able to dynamically determine which node operates with the lowest latency for the Kubernetes pod placement.
{"title":"Latency-Aware Kubernetes Scheduling for Microservices Orchestration at the Edge","authors":"C. Centofanti, Walter Tiberti, A. Marotta, F. Graziosi, D. Cassioli","doi":"10.1109/NetSoft57336.2023.10175431","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175431","url":null,"abstract":"Network and computing infrastructures are nowadays challenged to meet the increasingly stringent requirements of novel applications. One of the most critical aspect is optimizing the latency perceived by the end-user accessing the services. New network architectures offer a natural framework for the efficient orchestration of microservices. However, how to incorporate accurate latency metrics into orchestration decisions still represents an open challenge.In this work we propose a novel architectural approach to perform scheduling operations in Kubernetes environment. Existing approaches proposed the collection of network metrics, e.g. latency between nodes in the cluster, via purposely-built external measurement services deployed in the cluster. Compared to other approaches the proposed one: (i) collects performance metrics at the application layer instead of network layer; (ii) relies on latency measurements performed inside the service of interest instead of utilizing external measurement services; (iii) takes scheduling decisions based on effective end-user perceived latency instead of considering the latency between cluster nodes.We show the effectiveness of our approach by adopting an iterative discovery strategy able to dynamically determine which node operates with the lowest latency for the Kubernetes pod placement.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114568794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175466
Daniele Bringhenti, R. Sisto, Fulvio Valenza
Network virtualization has revolutionized the traditional approaches for security configuration. If in the past error-prone and unoptimized manual operations were performed by human beings, nowadays automated methodologies are employed for establishing the configuration of virtual security functions that can enforce the requested security properties. However, these techniques can only perform the automatic configuration of a single function type at a time. This restriction may be excessively limiting, because the configuration of some functions may directly impact others, and they cannot be configured in sequence. In light of these considerations, the paper investigates the stated problem for the two most commonly used security functions, packet filtering firewalls and channel protection systems. It also proposes a preliminary approach to automatically perform their joint intent-based configuration, by defining the problem through a Maximum Satisfiability Modulo Theories formulation.
{"title":"Automating the configuration of firewalls and channel protection systems in virtual networks","authors":"Daniele Bringhenti, R. Sisto, Fulvio Valenza","doi":"10.1109/NetSoft57336.2023.10175466","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175466","url":null,"abstract":"Network virtualization has revolutionized the traditional approaches for security configuration. If in the past error-prone and unoptimized manual operations were performed by human beings, nowadays automated methodologies are employed for establishing the configuration of virtual security functions that can enforce the requested security properties. However, these techniques can only perform the automatic configuration of a single function type at a time. This restriction may be excessively limiting, because the configuration of some functions may directly impact others, and they cannot be configured in sequence. In light of these considerations, the paper investigates the stated problem for the two most commonly used security functions, packet filtering firewalls and channel protection systems. It also proposes a preliminary approach to automatically perform their joint intent-based configuration, by defining the problem through a Maximum Satisfiability Modulo Theories formulation.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115546831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175428
Shixiong Qi, Han-Sing Tsai, Yu-Sheng Liu, K. Ramakrishnan, Jyh-cheng Chen
Cloud-native microservice applications use different communication paradigms to network microservices, including both synchronous and asynchronous I/O for exchanging data. Existing solutions depend on kernel-based networking, incurring significant overheads. The interdependence between microservices for these applications involves considerable communication, including contention between multiple concurrent flows or user sessions. In this paper, we design X-IO, a high-performance unified I/O interface that is built on top of shared memory processing with lock-free producer/consumer rings, eliminating kernel networking overheads and contention. X-IO offers a feature-rich interface. X-IO’s zero-copy interface supports building provides truly zero-copy data transfers between microservices, achieving high performance. X-IO also provides a POSIX-like socket interface using HTTP/REST API to achieve seamless porting of microservices to X-IO, without any change to the application code. X-IO supports concurrent connections for microservices that require distinct user sessions operating in parallel. Our preliminary experimental results show that X-IO’s zero-copy interfaces achieve 2.8x-4.1x performance improvement compared to kernel-based interfaces. Its socket interfaces outperform kernel TCP sockets and achieve performance close to UNIX-domain sockets. The HTTP/REST APIs in X-IO perform 1.4 x-2.3 x better than kernel-based alternatives with concurrent connections.
{"title":"X-IO: A High-performance Unified I/O Interface using Lock-free Shared Memory Processing","authors":"Shixiong Qi, Han-Sing Tsai, Yu-Sheng Liu, K. Ramakrishnan, Jyh-cheng Chen","doi":"10.1109/NetSoft57336.2023.10175428","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175428","url":null,"abstract":"Cloud-native microservice applications use different communication paradigms to network microservices, including both synchronous and asynchronous I/O for exchanging data. Existing solutions depend on kernel-based networking, incurring significant overheads. The interdependence between microservices for these applications involves considerable communication, including contention between multiple concurrent flows or user sessions. In this paper, we design X-IO, a high-performance unified I/O interface that is built on top of shared memory processing with lock-free producer/consumer rings, eliminating kernel networking overheads and contention. X-IO offers a feature-rich interface. X-IO’s zero-copy interface supports building provides truly zero-copy data transfers between microservices, achieving high performance. X-IO also provides a POSIX-like socket interface using HTTP/REST API to achieve seamless porting of microservices to X-IO, without any change to the application code. X-IO supports concurrent connections for microservices that require distinct user sessions operating in parallel. Our preliminary experimental results show that X-IO’s zero-copy interfaces achieve 2.8x-4.1x performance improvement compared to kernel-based interfaces. Its socket interfaces outperform kernel TCP sockets and achieve performance close to UNIX-domain sockets. The HTTP/REST APIs in X-IO perform 1.4 x-2.3 x better than kernel-based alternatives with concurrent connections.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"199 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115812669","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175451
Venkateswarlu Gudepu, Venkatarami Reddy Chintapalli, P. Castoldi, L. Valcarenghi, T. B. Reddy, K. Kondepu
Beyond fifth-generation (B5G) networks (namely 6G) aim to support high data rates, low-latency applications, and massive machine communications. Integrating Artificial Intelligence (AI) and Machine Learning (ML) models are essential for addressing the network’s increasing complexity and dynamic nature. However, dynamic service demands of B5G cause the AI/ML models performance degradation, resulting in violations of Service Level Agreements (SLA), over-or under-provisioning of resources, etc. To address the performance degradation of the AI/ML models, retraining is essential. Existing threshold and periodic retraining approaches have potential disadvantages such as SLA violations and inefficient resource utilization for setting a threshold parameter in a dynamic environment. This paper presents a novel algorithm that predicts when to retrain AI/ML models using an unsupervised classifier. The proposed predictive approach is evaluated for a Quality of Service (QoS) prediction use case on the Open RAN Software Community (OSC) platform and compared to the threshold approach. The results show that the proposed predictive approach outperforms the threshold approach.
{"title":"Adaptive Retraining of AI/ML Model for Beyond 5G Networks: A Predictive Approach","authors":"Venkateswarlu Gudepu, Venkatarami Reddy Chintapalli, P. Castoldi, L. Valcarenghi, T. B. Reddy, K. Kondepu","doi":"10.1109/NetSoft57336.2023.10175451","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175451","url":null,"abstract":"Beyond fifth-generation (B5G) networks (namely 6G) aim to support high data rates, low-latency applications, and massive machine communications. Integrating Artificial Intelligence (AI) and Machine Learning (ML) models are essential for addressing the network’s increasing complexity and dynamic nature. However, dynamic service demands of B5G cause the AI/ML models performance degradation, resulting in violations of Service Level Agreements (SLA), over-or under-provisioning of resources, etc. To address the performance degradation of the AI/ML models, retraining is essential. Existing threshold and periodic retraining approaches have potential disadvantages such as SLA violations and inefficient resource utilization for setting a threshold parameter in a dynamic environment. This paper presents a novel algorithm that predicts when to retrain AI/ML models using an unsupervised classifier. The proposed predictive approach is evaluated for a Quality of Service (QoS) prediction use case on the Open RAN Software Community (OSC) platform and compared to the threshold approach. The results show that the proposed predictive approach outperforms the threshold approach.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122831396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/netsoft57336.2023.10175503
Lucas Torrealba Aravena, P. Casas, Javier Bustos-Jiménez, Germán Capdehourat, M. Findrik
We introduce PHISHWEB, a novel approach to website phishing detection, which detects and categorizes malicious websites through a progressive, multi-layered analysis. PHISHWEB’s detection includes forged domains such as homoglyph and typosquatting, as well as automatically generated domains through DGA technology. The focus of PHISHWEB is on lexicographic-based analysis of the domain name itself, improving applicability and scalability of the approach. Preliminary results on the application of PHISHWEB to multiple open domain-name datasets show precision and recall results above 90%. We additionally extend PHISHWEB’s detection of DGA domains through Machine Learning (ML), using a small set of highly specialized lexicographic domain features. Results on the detection of DGA domains show that, for a false alarm rate below 1%, the ML-extension of PHISHWEB improves non-ML PHISHWEB DGA detector as well as state-of-the-art by at least 60%, realizing precision and recall values of 93.1% and 84.8%, respectively. Finally, we also present preliminary results on the application of PHISHWEB to real, in the wild DNS requests collected at large mobile and fixed-line operational networks, discussing some of the findings.
{"title":"Phish Me If You Can – Lexicographic Analysis and Machine Learning for Phishing Websites Detection with PHISHWEB","authors":"Lucas Torrealba Aravena, P. Casas, Javier Bustos-Jiménez, Germán Capdehourat, M. Findrik","doi":"10.1109/netsoft57336.2023.10175503","DOIUrl":"https://doi.org/10.1109/netsoft57336.2023.10175503","url":null,"abstract":"We introduce PHISHWEB, a novel approach to website phishing detection, which detects and categorizes malicious websites through a progressive, multi-layered analysis. PHISHWEB’s detection includes forged domains such as homoglyph and typosquatting, as well as automatically generated domains through DGA technology. The focus of PHISHWEB is on lexicographic-based analysis of the domain name itself, improving applicability and scalability of the approach. Preliminary results on the application of PHISHWEB to multiple open domain-name datasets show precision and recall results above 90%. We additionally extend PHISHWEB’s detection of DGA domains through Machine Learning (ML), using a small set of highly specialized lexicographic domain features. Results on the detection of DGA domains show that, for a false alarm rate below 1%, the ML-extension of PHISHWEB improves non-ML PHISHWEB DGA detector as well as state-of-the-art by at least 60%, realizing precision and recall values of 93.1% and 84.8%, respectively. Finally, we also present preliminary results on the application of PHISHWEB to real, in the wild DNS requests collected at large mobile and fixed-line operational networks, discussing some of the findings.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122092463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-19DOI: 10.1109/NetSoft57336.2023.10175501
Sousan Tarahomi, Ralph Holz, A. Sperotto
Businesses increasingly outsource their ICT services to cloud environments, mostly driven by considerations about costs, processes and security. However concerns around cloud exposure against cyber-security attacks are also growing. This bring about the question if the cloud really makes us more secure, or if it merely changes the type of threats we are exposed to. This PhD project aims at addressing this question by focusing on cloud infrastructure security. Using Internet measurements, we will take a data-driven approach to identify vulnerabilities and single points of failure in cloud infrastructure. Based on our analysis, we will propose solutions to mitigate these vulnerabilities and enhance the overall security of cloud environments.
{"title":"Quantifying Security Risks in Cloud Infrastructures: A Data-driven Approach","authors":"Sousan Tarahomi, Ralph Holz, A. Sperotto","doi":"10.1109/NetSoft57336.2023.10175501","DOIUrl":"https://doi.org/10.1109/NetSoft57336.2023.10175501","url":null,"abstract":"Businesses increasingly outsource their ICT services to cloud environments, mostly driven by considerations about costs, processes and security. However concerns around cloud exposure against cyber-security attacks are also growing. This bring about the question if the cloud really makes us more secure, or if it merely changes the type of threats we are exposed to. This PhD project aims at addressing this question by focusing on cloud infrastructure security. Using Internet measurements, we will take a data-driven approach to identify vulnerabilities and single points of failure in cloud infrastructure. Based on our analysis, we will propose solutions to mitigate these vulnerabilities and enhance the overall security of cloud environments.","PeriodicalId":223208,"journal":{"name":"2023 IEEE 9th International Conference on Network Softwarization (NetSoft)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131594831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: