Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964625
Nour-El-Houda Yellas, B. Addis, R. Riggio, Stefano Secci
Edge intelligence combined with federated learning is considered as a way to distributed learning and inference tasks in a scalable way, by analyzing data close to where it is generated, unlike traditional cloud computing where data is offloaded to remote servers. In this paper, we address the placement of Artificial Intelligence Functions (AIF) making use of federated learning and hardware acceleration. We model the behavior of federated learning and related inference point to guide the placement decision, taking into consideration the specific constraint and the empirical behavior of a virtualized infrastructure anomaly detection use-case. Besides hardware acceleration, we consider the specific training time trend when distributing training over a network, by using empirical piece-wise linear distributions. We model the placement problem as a MILP and we propose a variant of the problem. Simulation results show the impact that hardware acceleration can have in the decision of the number of AIF to enable, while dividing by a relevant factor the distributed training time. We also show how our approach exacerbates the importance of monitoring an end-to-end learning system delay budget composed of link propagation delay and distributed training time in the location of AIFs.
{"title":"Function Placement and Acceleration for In-Network Federated Learning Services","authors":"Nour-El-Houda Yellas, B. Addis, R. Riggio, Stefano Secci","doi":"10.23919/CNSM55787.2022.9964625","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964625","url":null,"abstract":"Edge intelligence combined with federated learning is considered as a way to distributed learning and inference tasks in a scalable way, by analyzing data close to where it is generated, unlike traditional cloud computing where data is offloaded to remote servers. In this paper, we address the placement of Artificial Intelligence Functions (AIF) making use of federated learning and hardware acceleration. We model the behavior of federated learning and related inference point to guide the placement decision, taking into consideration the specific constraint and the empirical behavior of a virtualized infrastructure anomaly detection use-case. Besides hardware acceleration, we consider the specific training time trend when distributing training over a network, by using empirical piece-wise linear distributions. We model the placement problem as a MILP and we propose a variant of the problem. Simulation results show the impact that hardware acceleration can have in the decision of the number of AIF to enable, while dividing by a relevant factor the distributed training time. We also show how our approach exacerbates the importance of monitoring an end-to-end learning system delay budget composed of link propagation delay and distributed training time in the location of AIFs.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"124 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128498016","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9965091
T. Dreibholz, Somnath Mazumdar
In today’s communication-centric world, users generate and exchange a massive amount of data. The Internet helps user data to travel from one part of the world to another, via a complex set of network systems. These systems are intelligent, heterogeneous, and non-transparent to users. This paper presents an extensive, trace-driven study of user data traffic covering five years of observations, six large ISPs, 22 different autonomous systems, and a total of 12 countries. This work aims to make users aware of how their data travels in the Internet, as the interests of ISPs majorly influence the data traffic path. Although data traffic should prefer to travel through countries that share land borders, we found that the shortest land distance between the two countries does not impact data path selection.1
{"title":"Find Out: How Do Your Data Packets Travel?","authors":"T. Dreibholz, Somnath Mazumdar","doi":"10.23919/CNSM55787.2022.9965091","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9965091","url":null,"abstract":"In today’s communication-centric world, users generate and exchange a massive amount of data. The Internet helps user data to travel from one part of the world to another, via a complex set of network systems. These systems are intelligent, heterogeneous, and non-transparent to users. This paper presents an extensive, trace-driven study of user data traffic covering five years of observations, six large ISPs, 22 different autonomous systems, and a total of 12 countries. This work aims to make users aware of how their data travels in the Internet, as the interests of ISPs majorly influence the data traffic path. Although data traffic should prefer to travel through countries that share land borders, we found that the shortest land distance between the two countries does not impact data path selection.1","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130364116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964529
Alexander Rabitsch, Themis Anagnostopoulos, Karl-Johan Grinnemo, Joseph McNamara, A. Bosneag, M. Kourtis, G. Xilouris, Özgü Alay, A. Brunström
5G mobile networks introduce the concept of network slicing, the functionality of creating virtual networks on top of shared physical infrastructure. Such slices can be tailored to various vertical services. A single User Equipment (UE) may be served by multiple network slice instances simultaneously, which opens up the possibility of dynamically steering traffic in response to the specific needs of individual applications – and as a reaction to events inside the network, e.g., network failures.This paper presents the PoLicy-based Architecture for Network Slicing (PLANS). In this policy framework, the network slice management entity in the 5G core and the UE can cooperatively optimize the usage of the available network slices via policy systems installed both inside the network and on the UE. The PLANS architecture has been implemented and evaluated in a 5G testbed. For two different case studies, we show how such a system can be leveraged to provide optimized services and increased robustness against network failures. First, we consider a drone autopilot scenario, and demonstrate how PLANS can reduce network-slice recovery time by more than 90%. Second, we illustrate for a 360°video streaming scenario how PLANS can help prevent video quality degradation when a network slice becomes unavailable.
{"title":"Integrated Network and End-host Policy Management for Network Slicing","authors":"Alexander Rabitsch, Themis Anagnostopoulos, Karl-Johan Grinnemo, Joseph McNamara, A. Bosneag, M. Kourtis, G. Xilouris, Özgü Alay, A. Brunström","doi":"10.23919/CNSM55787.2022.9964529","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964529","url":null,"abstract":"5G mobile networks introduce the concept of network slicing, the functionality of creating virtual networks on top of shared physical infrastructure. Such slices can be tailored to various vertical services. A single User Equipment (UE) may be served by multiple network slice instances simultaneously, which opens up the possibility of dynamically steering traffic in response to the specific needs of individual applications – and as a reaction to events inside the network, e.g., network failures.This paper presents the PoLicy-based Architecture for Network Slicing (PLANS). In this policy framework, the network slice management entity in the 5G core and the UE can cooperatively optimize the usage of the available network slices via policy systems installed both inside the network and on the UE. The PLANS architecture has been implemented and evaluated in a 5G testbed. For two different case studies, we show how such a system can be leveraged to provide optimized services and increased robustness against network failures. First, we consider a drone autopilot scenario, and demonstrate how PLANS can reduce network-slice recovery time by more than 90%. Second, we illustrate for a 360°video streaming scenario how PLANS can help prevent video quality degradation when a network slice becomes unavailable.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124729149","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964715
Takahiro Hirayama, M. Jibiki, T. Miyazawa, Ved P. Kafle
Service function chaining (SFC) provides the plat-form for flexible resource management by dynamically allocating resources to virtual and/or container network functions (VNFs/CNFs). To meet the quality of service (QoS) requirements while facing increasing resource demands, the sys-tem will require the migration of the VNFs/CNFs from the current server to the others that offer sufficient resources. In this study, we formulate an integer linear programming (ILP) based optimization model to solve the function migration scheduling problem so that it meets QoS requirements of each service function (SF) chain. The remarkable points of this work are the following two points. The one is that we consider latency between VNFs/CNFs belonging to an SF chain, avoiding overhead due to their unnecessary migration and resource shortage. And the other is that we consider the case in which each VNF/CNF must be to be deployed strictly to a designated virtual machine (or container). To reduce complexity, we apply an encoder-decoder recurrent neural network (ED-RNN) as a machine learning model to the function migration scheduling problem. Performance evaluations show that the ED-RNN based approach achieves a similar performance as the ILP, while adding the benefits of very low complexity.
SFC (Service function chains)通过将资源动态分配给虚拟和/或容器网络功能(VNFs/ cnf),为灵活的资源管理提供了平台。为了满足服务质量(QoS)要求,同时面对日益增长的资源需求,系统将需要将VNFs/CNFs从当前服务器迁移到提供足够资源的其他服务器。在本研究中,我们建立了一个基于整数线性规划(ILP)的优化模型来解决功能迁移调度问题,使其满足每个业务功能链(SF)的QoS要求。这项工作的突出之处在于以下两点。一个是我们考虑了属于一个SF链的VNFs/CNFs之间的延迟,避免了由于不必要的迁移和资源短缺而造成的开销。另一种是我们考虑每个VNF/CNF必须严格部署到指定的虚拟机(或容器)的情况。为了降低复杂性,我们将编码器-解码器递归神经网络(ED-RNN)作为机器学习模型应用于函数迁移调度问题。性能评估表明,基于ED-RNN的方法实现了与ILP相似的性能,同时增加了非常低的复杂性的好处。
{"title":"QoS-aware SFC Migration Scheduling Based on Encoder-Decoder RNN for Cloud-Native Platform","authors":"Takahiro Hirayama, M. Jibiki, T. Miyazawa, Ved P. Kafle","doi":"10.23919/CNSM55787.2022.9964715","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964715","url":null,"abstract":"Service function chaining (SFC) provides the plat-form for flexible resource management by dynamically allocating resources to virtual and/or container network functions (VNFs/CNFs). To meet the quality of service (QoS) requirements while facing increasing resource demands, the sys-tem will require the migration of the VNFs/CNFs from the current server to the others that offer sufficient resources. In this study, we formulate an integer linear programming (ILP) based optimization model to solve the function migration scheduling problem so that it meets QoS requirements of each service function (SF) chain. The remarkable points of this work are the following two points. The one is that we consider latency between VNFs/CNFs belonging to an SF chain, avoiding overhead due to their unnecessary migration and resource shortage. And the other is that we consider the case in which each VNF/CNF must be to be deployed strictly to a designated virtual machine (or container). To reduce complexity, we apply an encoder-decoder recurrent neural network (ED-RNN) as a machine learning model to the function migration scheduling problem. Performance evaluations show that the ED-RNN based approach achieves a similar performance as the ILP, while adding the benefits of very low complexity.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"21 5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122062626","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964970
Gaetano Francesco Pittalà, G. Davoli, D. Borsatti, W. Cerroni, C. Raffaelli
With the establishment of the Everything-as-a-Service (XaaS) paradigm for service provisioning, coupled with the increasingly-demanding requirements imposed by modern network services, the need for a XaaS-aware orchestration system able to cope with a heterogeneous infrastructure, such as the one of Fog Computing environments, is evident. In this work, we describe the working principles and implementation aspects that allow the orchestration of services offered according to the Function-as-a-Service (FaaS) model. The live demonstration will showcase the ability of the system to deploy this kind of services on a suitable test bed, with comments on the procedure and the performance.
{"title":"Function-as-a-Service Orchestration in Fog Computing Environments","authors":"Gaetano Francesco Pittalà, G. Davoli, D. Borsatti, W. Cerroni, C. Raffaelli","doi":"10.23919/CNSM55787.2022.9964970","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964970","url":null,"abstract":"With the establishment of the Everything-as-a-Service (XaaS) paradigm for service provisioning, coupled with the increasingly-demanding requirements imposed by modern network services, the need for a XaaS-aware orchestration system able to cope with a heterogeneous infrastructure, such as the one of Fog Computing environments, is evident. In this work, we describe the working principles and implementation aspects that allow the orchestration of services offered according to the Function-as-a-Service (FaaS) model. The live demonstration will showcase the ability of the system to deploy this kind of services on a suitable test bed, with comments on the procedure and the performance.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114174040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964949
L. Almeida, Guilherme Matos, R. Pasquini, C. Papagianni, F. Verdi
Video services account for the largest share of all Internet traffic, demanding a network capable of supporting the requirements of delay-sensitive traffic. Fluctuations in network load can cause high delays in the queues of network routers, which tend to degrade the Quality of Service (QoS) for adaptive video streaming, such as Dynamic Adaptive Streaming over HTTP (DASH). This work is positioned in the scope of active management queues (AQM) to improve the QoS of a DASH service by means of dropping packets. One traditional AQM that adopts a packet drop policy is Random Early Detection (RED), developed to drain the flow in times of congestion and thus reduce queueing delay. We revisited and implemented a P4-based implementation of RED, named iRED (ingress RED), an algorithm capable of dropping packets at the ingress pipeline, an innovation compared to other AQM strategies based on dropping at the egress. iRED was evaluated in two scenarios. First, we compare iRED against state-of-art AQM algorithms employing egress packet dropping in terms of Round-Trip Time (RTT), throughput and their impact on resources usage. Our findings indicate that iRED outperforms existing P4-based approaches by approximately up to 2.5x in RTT and 0.75x in throughput for the given buffer sizes. Next, we compare iRED versus Tail Drop (TD) approach in an emulated programmable Content Delivery Network (CDN) employing DASH. Experiments indicate that the iRED improve the QoS by approximately 0.85x in terms of cached video available in the client’s buffer and 0.9x in Frames Per Second (FPS) played.
{"title":"iRED: Improving the DASH QoS by dropping packets in programmable data planes","authors":"L. Almeida, Guilherme Matos, R. Pasquini, C. Papagianni, F. Verdi","doi":"10.23919/CNSM55787.2022.9964949","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964949","url":null,"abstract":"Video services account for the largest share of all Internet traffic, demanding a network capable of supporting the requirements of delay-sensitive traffic. Fluctuations in network load can cause high delays in the queues of network routers, which tend to degrade the Quality of Service (QoS) for adaptive video streaming, such as Dynamic Adaptive Streaming over HTTP (DASH). This work is positioned in the scope of active management queues (AQM) to improve the QoS of a DASH service by means of dropping packets. One traditional AQM that adopts a packet drop policy is Random Early Detection (RED), developed to drain the flow in times of congestion and thus reduce queueing delay. We revisited and implemented a P4-based implementation of RED, named iRED (ingress RED), an algorithm capable of dropping packets at the ingress pipeline, an innovation compared to other AQM strategies based on dropping at the egress. iRED was evaluated in two scenarios. First, we compare iRED against state-of-art AQM algorithms employing egress packet dropping in terms of Round-Trip Time (RTT), throughput and their impact on resources usage. Our findings indicate that iRED outperforms existing P4-based approaches by approximately up to 2.5x in RTT and 0.75x in throughput for the given buffer sizes. Next, we compare iRED versus Tail Drop (TD) approach in an emulated programmable Content Delivery Network (CDN) employing DASH. Experiments indicate that the iRED improve the QoS by approximately 0.85x in terms of cached video available in the client’s buffer and 0.9x in Frames Per Second (FPS) played.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131483813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964553
Sourav Sarkar, Shwetha Vittal, Antony Franklin A
The presence of a Load Balancer (LB)s is much significant to keep up the High Availability (HA) and resilience of the scalable 5G Core (5GC). The whole system may collapse just because of inefficient LB at any NF, resulting in total disruption to the High Availability (HA) service. In this paper, we present the LOCOMOTIVE 5GC which outperforms the traditional hot standby in both HA and resilience during various dynamic conditions. LOCOMOTIVE serves 16% (at least) more user requests compared to hot standby in the control plane while handling unexpected overloaded conditions (without the failure of LB). During the failures of LB, it drops 22% lesser user requests than hot standby. With this outstanding resilience, LOCOMOTIVE even achieves 4% better availability than the hot standby in an active-active cluster configuration. To prove the feasibility of LOCOMOTIVE and to encourage further research works in the world of LBs, we developed its entire framework in a 3GPP compliant 5G test-bed system along with eXpress Data Path (XDP) and extended Berkeley Packet Filter (eBPF) framework.
{"title":"LOCOMOTIVE 5G Core for 6G ready Resilient and Highly Available Network Slices and SFCs","authors":"Sourav Sarkar, Shwetha Vittal, Antony Franklin A","doi":"10.23919/CNSM55787.2022.9964553","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964553","url":null,"abstract":"The presence of a Load Balancer (LB)s is much significant to keep up the High Availability (HA) and resilience of the scalable 5G Core (5GC). The whole system may collapse just because of inefficient LB at any NF, resulting in total disruption to the High Availability (HA) service. In this paper, we present the LOCOMOTIVE 5GC which outperforms the traditional hot standby in both HA and resilience during various dynamic conditions. LOCOMOTIVE serves 16% (at least) more user requests compared to hot standby in the control plane while handling unexpected overloaded conditions (without the failure of LB). During the failures of LB, it drops 22% lesser user requests than hot standby. With this outstanding resilience, LOCOMOTIVE even achieves 4% better availability than the hot standby in an active-active cluster configuration. To prove the feasibility of LOCOMOTIVE and to encourage further research works in the world of LBs, we developed its entire framework in a 3GPP compliant 5G test-bed system along with eXpress Data Path (XDP) and extended Berkeley Packet Filter (eBPF) framework.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"481 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131579741","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964741
Christoph Hardegen
Flow monitoring allows to obtain an aggregated network traffic view that can be leveraged for subsequent analysis. Since network management tasks like flow-based traffic classification or prediction benefit from broader data views, the flow tracking scope used to export required traffic metadata can be enlarged: First, coherent packet streams can not only be monitored in a unidirectional but also bidirectional context that combines interrelated forward and backward direction views. Second, time-based subflow management for both contexts separates observed packet streams into consecutive windows covering a particular fraction to gain higher data granularity. To support these diversified traffic views in combination with variable feature sets for demand-driven data export serving different traffic analysis tasks, flow tracking and export strategies are required to operate in a dynamic manner. This paper proposes a flow monitoring approach enabling to track the four aforementioned scopes while adapting timeout-based data export operating on programmable switches. A multi-level system architecture and an adaptive protocol ensure flexible sharing and analysis of data records. Evaluations show that exported data can be used to improve analysis outcomes, whereby the considered data scope affects achieved accuracy but also the monitoring overhead.
{"title":"Scope-based Flow Monitoring to Improve Traffic Analysis in Programmable Networks","authors":"Christoph Hardegen","doi":"10.23919/CNSM55787.2022.9964741","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964741","url":null,"abstract":"Flow monitoring allows to obtain an aggregated network traffic view that can be leveraged for subsequent analysis. Since network management tasks like flow-based traffic classification or prediction benefit from broader data views, the flow tracking scope used to export required traffic metadata can be enlarged: First, coherent packet streams can not only be monitored in a unidirectional but also bidirectional context that combines interrelated forward and backward direction views. Second, time-based subflow management for both contexts separates observed packet streams into consecutive windows covering a particular fraction to gain higher data granularity. To support these diversified traffic views in combination with variable feature sets for demand-driven data export serving different traffic analysis tasks, flow tracking and export strategies are required to operate in a dynamic manner. This paper proposes a flow monitoring approach enabling to track the four aforementioned scopes while adapting timeout-based data export operating on programmable switches. A multi-level system architecture and an adaptive protocol ensure flexible sharing and analysis of data records. Evaluations show that exported data can be used to improve analysis outcomes, whereby the considered data scope affects achieved accuracy but also the monitoring overhead.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124754333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964935
Shaohan Huang, Yi Liu, Carol J. Fung, Hailong Yang, Zhongzhi Luan
Anomaly detection is the key to Quality of Service (QoS) in many modern systems. Logs, which record the runtime information of system, are widely used for anomaly detection. The security of the log-based anomaly detection has not been well investigated. In this paper, we conduct an empirical study on black-box attacks on log-based anomaly detection. We investigate eight different methods on log attacking and compare their performance on various log parsing methods and log anomaly detection models. We propose a method to evaluate the imperceptibility of log attacking methods. In our experiments, we evaluate the performance on the attack methods on two real log datasets. The results of our experiments show that LogBug outperforms the others in almost all situations. We also compare the imperceptibility of various attack methods and find a trade-off between performance and imperceptibility, where better attack performance means worse imperceptibility. To the best of our knowledge, this is the first work to investigate and compare the attack models on log-based anomaly detection.
{"title":"Black-box Attacks to Log-based Anomaly Detection","authors":"Shaohan Huang, Yi Liu, Carol J. Fung, Hailong Yang, Zhongzhi Luan","doi":"10.23919/CNSM55787.2022.9964935","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964935","url":null,"abstract":"Anomaly detection is the key to Quality of Service (QoS) in many modern systems. Logs, which record the runtime information of system, are widely used for anomaly detection. The security of the log-based anomaly detection has not been well investigated. In this paper, we conduct an empirical study on black-box attacks on log-based anomaly detection. We investigate eight different methods on log attacking and compare their performance on various log parsing methods and log anomaly detection models. We propose a method to evaluate the imperceptibility of log attacking methods. In our experiments, we evaluate the performance on the attack methods on two real log datasets. The results of our experiments show that LogBug outperforms the others in almost all situations. We also compare the imperceptibility of various attack methods and find a trade-off between performance and imperceptibility, where better attack performance means worse imperceptibility. To the best of our knowledge, this is the first work to investigate and compare the attack models on log-based anomaly detection.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122359950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-10-31DOI: 10.23919/CNSM55787.2022.9964962
Madhav Tummula, Manish Kausik H, S. Saha
IoT-technology is gaining a wide popularity over a large range of applications including not only monitoring of structures but also management and control of smart-systems. An IoT-system, in general, is composed of a number of IoT-devices which form a wireless decentralized setting as they get installed over a specific area to serve a particular purpose. The structure of the underlying wireless network depends on the structure of the target where the system gets deployed and hence, widely varies based on the exact application. Such structural variations often have an impact on the performance of the underlying IoT-protocols. Unfortunately most of the network protocols do not take care of such issues explicitly. For instance, although there have been quite significant development in the data-sharing protocols, especially with the advent of Synchronous-Transmission (ST), most of them are designed without considering the variation in the structural formation of the base networks. These protocols are tested over either in small scale simulated networks or in testbed settings bearing fixed/homogeneous structures. In this work, we demonstrate that the property of self-adaptability in an IoT-system can enable it not only to run faster but also save substantial energy which is an extremely important issue in the context of low-power system, in general. In particular, we design and implement a flexible and structure-adaptive many-to-many data-sharing protocol FlexiCast. Through extensive experiments under emulation-settings and IoT-testbeds we demonstrate that FlexiCast performs upto 49% faster and consumes upto 53% lesser energy compared to the case when it does not adapt to the network structure.
{"title":"FlexiCast: A Structure-Adaptive Protocol for Efficient Data-Sharing in IoT","authors":"Madhav Tummula, Manish Kausik H, S. Saha","doi":"10.23919/CNSM55787.2022.9964962","DOIUrl":"https://doi.org/10.23919/CNSM55787.2022.9964962","url":null,"abstract":"IoT-technology is gaining a wide popularity over a large range of applications including not only monitoring of structures but also management and control of smart-systems. An IoT-system, in general, is composed of a number of IoT-devices which form a wireless decentralized setting as they get installed over a specific area to serve a particular purpose. The structure of the underlying wireless network depends on the structure of the target where the system gets deployed and hence, widely varies based on the exact application. Such structural variations often have an impact on the performance of the underlying IoT-protocols. Unfortunately most of the network protocols do not take care of such issues explicitly. For instance, although there have been quite significant development in the data-sharing protocols, especially with the advent of Synchronous-Transmission (ST), most of them are designed without considering the variation in the structural formation of the base networks. These protocols are tested over either in small scale simulated networks or in testbed settings bearing fixed/homogeneous structures. In this work, we demonstrate that the property of self-adaptability in an IoT-system can enable it not only to run faster but also save substantial energy which is an extremely important issue in the context of low-power system, in general. In particular, we design and implement a flexible and structure-adaptive many-to-many data-sharing protocol FlexiCast. Through extensive experiments under emulation-settings and IoT-testbeds we demonstrate that FlexiCast performs upto 49% faster and consumes upto 53% lesser energy compared to the case when it does not adapt to the network structure.","PeriodicalId":232521,"journal":{"name":"2022 18th International Conference on Network and Service Management (CNSM)","volume":"115 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128928247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: