Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119790
E. Maini, N. Mazzocca
Recent advances offered by Software Defined Networking and virtualization techniques are creating the favourable conditions to design and develop Future Networks where network functions and services can be virtualized, dynamically instantiated and moved across networks. The ability to dynamically allocate virtual nodes across distributed physical hosts and even more the live migration of the Virtual Machines which perform such virtual network functions are driving current network infrastructures towards “programmable” networks. To be adopted as a deployable feature on a Carrier's Network, live migration performance need to be analysed and tested. Therefore a compositional modelling approach could provide early measures by evaluating the impact of these new technologies on the performance of Future Network systems. The main contribution of the paper is the definition of a general modelling framework to integrate simple models representing the main components and features of a Future Network architecture. Starting from this model composed by atomic sub-models, we conduct the performance analysis of the live migration of a single Virtual Machine between two hosts located in different networks. The Möbius tool has been used for developing the model as well as for studying its behaviour and performance. Finally, some simulative results are provided in order to show the feasibility of this approach.
{"title":"A compositional modelling approach for live migration in Software Defined Networks","authors":"E. Maini, N. Mazzocca","doi":"10.1109/NOF.2014.7119790","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119790","url":null,"abstract":"Recent advances offered by Software Defined Networking and virtualization techniques are creating the favourable conditions to design and develop Future Networks where network functions and services can be virtualized, dynamically instantiated and moved across networks. The ability to dynamically allocate virtual nodes across distributed physical hosts and even more the live migration of the Virtual Machines which perform such virtual network functions are driving current network infrastructures towards “programmable” networks. To be adopted as a deployable feature on a Carrier's Network, live migration performance need to be analysed and tested. Therefore a compositional modelling approach could provide early measures by evaluating the impact of these new technologies on the performance of Future Network systems. The main contribution of the paper is the definition of a general modelling framework to integrate simple models representing the main components and features of a Future Network architecture. Starting from this model composed by atomic sub-models, we conduct the performance analysis of the live migration of a single Virtual Machine between two hosts located in different networks. The Möbius tool has been used for developing the model as well as for studying its behaviour and performance. Finally, some simulative results are provided in order to show the feasibility of this approach.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124362683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119769
Z. Khalfallah, Ilhem Fajjari, N. Aitsaadi, R. Langar, G. Pujolle
Several techniques of wireless communication can be employed within underwater environment. In this context, acoustic communication is the most widespread technology that has demonstrated its effectiveness. Nevertheless, inspite of its multiple advantages, acoustic communication is prone to throughput limitation. Hence, other carriers are needed in order to deal with acoustic communication drawbacks. In a such complex environment, radio and optical communications are promising techniques since they may reach higher throughput. In this paper, we propose a deep study of the most prominent wireless communication methods for underwater environment namely acoustic, radio and optical carriers. Besides, a comparison between the aforementioned carriers is put forward. Based on the carried out study, we design a water monitoring system for pollution detection in river. The aim consists in selecting the most suitable underwater carrier that can possibly enhance the point-to-point communication among underwater sensor nodes.
{"title":"Overview: Communication carriers for underwater sensor networks","authors":"Z. Khalfallah, Ilhem Fajjari, N. Aitsaadi, R. Langar, G. Pujolle","doi":"10.1109/NOF.2014.7119769","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119769","url":null,"abstract":"Several techniques of wireless communication can be employed within underwater environment. In this context, acoustic communication is the most widespread technology that has demonstrated its effectiveness. Nevertheless, inspite of its multiple advantages, acoustic communication is prone to throughput limitation. Hence, other carriers are needed in order to deal with acoustic communication drawbacks. In a such complex environment, radio and optical communications are promising techniques since they may reach higher throughput. In this paper, we propose a deep study of the most prominent wireless communication methods for underwater environment namely acoustic, radio and optical carriers. Besides, a comparison between the aforementioned carriers is put forward. Based on the carried out study, we design a water monitoring system for pollution detection in river. The aim consists in selecting the most suitable underwater carrier that can possibly enhance the point-to-point communication among underwater sensor nodes.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121999976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119798
Paul Zanna, B. O'Neill, M. S. U. Hoque
One of the great attractions of Software Defined Networking (SDN) has been the promise of transforming the network by providing a degree of flexibility and automation that until now has never been available. Of interest however is that all of these exciting solutions are usually discussed in isolation and rarely do proponents allude to the fact that numerous applications can be deployed simultaneously. Unfortunately most SDN Controllers are incapable of managing multiple applications that require access to the same events notifications. In this paper, we introduce the concept of an Event Arbitration Manager (EAM), a modified event handler that provides mediation between applications on a single SDN controller. We show that the introduction of an event mediation layer between SDN applications would reduce conflicts between multiple applications on the same SDN controller and allows them to respond to controller events messages equally.
{"title":"SDN application segregation, concurrency and order of execution","authors":"Paul Zanna, B. O'Neill, M. S. U. Hoque","doi":"10.1109/NOF.2014.7119798","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119798","url":null,"abstract":"One of the great attractions of Software Defined Networking (SDN) has been the promise of transforming the network by providing a degree of flexibility and automation that until now has never been available. Of interest however is that all of these exciting solutions are usually discussed in isolation and rarely do proponents allude to the fact that numerous applications can be deployed simultaneously. Unfortunately most SDN Controllers are incapable of managing multiple applications that require access to the same events notifications. In this paper, we introduce the concept of an Event Arbitration Manager (EAM), a modified event handler that provides mediation between applications on a single SDN controller. We show that the introduction of an event mediation layer between SDN applications would reduce conflicts between multiple applications on the same SDN controller and allows them to respond to controller events messages equally.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115225845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119796
D. Bernstein, D. Vij
Intercloud refers to a transparent and voluntary federation of Computing Clouds analogous to the way the Global Internet or Global PSTN/Mobile Telephony works. Individual Service Providers join into a predefined Common Channel Signaling network (Backbone IP Routing protocols in the case of the Internet, the SS7/IN network in the case of the PSTN/Mobile Telephony Network) and exchange infrastructure. Once federation relationships are identified through protocols which transit the Signaling network, a Bearer network relationship is established where the user data is transited. This paper describes the workings of the Intercloud system in terms of the details of the Intercloud Federation API, which transits the signaling network, and how this API is used to dynamically provision a Software Defined Network (SDN) based Virtual Private Cloud (VPC) using Virtual Private networks (VPN), creating the federating bearer network for the transparent federation. The Intercloud Federation API is based on a semantic definition of resources, Service Level Agreements (SLA), and Bearer Network Provisioning Metadata.
Intercloud 指的是一种透明、自愿的计算云联盟,类似于全球互联网或全球 PSTN/移动电话的工作方式。各个服务提供商加入预定义的共同信道信令网络(互联网为骨干 IP 路由协议,PSTN/移动电话网络为 SS7/IN 网络)和交换基础设施。一旦通过转接信令网络的协议确定了联盟关系,就会在转接用户数据的地方建立承载网络关系。本文从转接信令网络的 Intercloud Federation API 的细节方面介绍了 Intercloud 系统的工作原理,以及如何利用该 API 使用虚拟专用网络 (VPN) 动态配置基于软件定义网络 (SDN) 的虚拟专用云 (VPC),为透明联盟创建联盟承载网络。云间联盟 API 基于资源、服务级别协议 (SLA) 和承载网络供应元数据的语义定义。
{"title":"Intercloud federation using via semantic resource federation API and dynamic SDN provisioning","authors":"D. Bernstein, D. Vij","doi":"10.1109/NOF.2014.7119796","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119796","url":null,"abstract":"Intercloud refers to a transparent and voluntary federation of Computing Clouds analogous to the way the Global Internet or Global PSTN/Mobile Telephony works. Individual Service Providers join into a predefined Common Channel Signaling network (Backbone IP Routing protocols in the case of the Internet, the SS7/IN network in the case of the PSTN/Mobile Telephony Network) and exchange infrastructure. Once federation relationships are identified through protocols which transit the Signaling network, a Bearer network relationship is established where the user data is transited. This paper describes the workings of the Intercloud system in terms of the details of the Intercloud Federation API, which transits the signaling network, and how this API is used to dynamically provision a Software Defined Network (SDN) based Virtual Private Cloud (VPC) using Virtual Private networks (VPN), creating the federating bearer network for the transparent federation. The Intercloud Federation API is based on a semantic definition of resources, Service Level Agreements (SLA), and Bearer Network Provisioning Metadata.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129855492","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119797
S. Natarajan, T. Wolf
Cloud infrastructure providers allow multiple services to be hosted on a shared physical infrastructure. In a typical virtualized and multi-tenant environment, the cloud infrastructure and the hosted cloud services are managed by different administrative entities that may not trust each other. In such a scenario, the cloud service providers might hesitate to disclose operational information to the infrastructure providers. In this paper, we present Encrypted IP (EncrIP), a network-level design consideration for encrypting IP addresses that hides information about which end-systems are communicating in a cloud service, while still allowing packet forwarding with longest-prefix match in commodity routers. Using probabilistic encryption, EncrIP can avoid that an observer can identify what traffic belongs to the same source-destination pairs. Our evaluation results show that EncrIP requires only a few MB of memory on the gateways where traffic enters and leaves the cloud network infrastructure. In our prototype implementation of EncrIP on GENI, which uses standard IP headers, the success probability of a statistical inference attack to identify packets belonging to the same session is less than 0.001%. Therefore, we believe EncrIP presents a practical solution for protecting privacy in multi-tenant, cloud network infrastructure.
{"title":"Network-level privacy for hosted cloud services","authors":"S. Natarajan, T. Wolf","doi":"10.1109/NOF.2014.7119797","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119797","url":null,"abstract":"Cloud infrastructure providers allow multiple services to be hosted on a shared physical infrastructure. In a typical virtualized and multi-tenant environment, the cloud infrastructure and the hosted cloud services are managed by different administrative entities that may not trust each other. In such a scenario, the cloud service providers might hesitate to disclose operational information to the infrastructure providers. In this paper, we present Encrypted IP (EncrIP), a network-level design consideration for encrypting IP addresses that hides information about which end-systems are communicating in a cloud service, while still allowing packet forwarding with longest-prefix match in commodity routers. Using probabilistic encryption, EncrIP can avoid that an observer can identify what traffic belongs to the same source-destination pairs. Our evaluation results show that EncrIP requires only a few MB of memory on the gateways where traffic enters and leaves the cloud network infrastructure. In our prototype implementation of EncrIP on GENI, which uses standard IP headers, the success probability of a statistical inference attack to identify packets belonging to the same session is less than 0.001%. Therefore, we believe EncrIP presents a practical solution for protecting privacy in multi-tenant, cloud network infrastructure.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116162123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119766
M. Amadeo, C. Campolo, A. Molinaro
Named Data Networking (NDN) is a promising information-centric future Internet architecture. Its innovative concepts, like named content, name-based routing and in-network caching, particularly suit the requirements of the Internet of Things (IoT), interconnecting billions of heterogeneous constrained objects. NDN supports receiver-driven communications and can easily enable IoT pull-based applications, e.g., to monitor sensors and to control actuators. However, NDN cannot natively allow devices to transmit unsolicited data, like alarms or status changes, unless to properly modify the semantics of exchanged packets and the forwarding strategy. In this paper we discuss how NDN can support reliable push-based IoT traffic, through the definition of three schemes conceived to be as much compliant as possible with the NDN tenets, while targeting efficiency in the usage of network and devices resources. A simple analytical framework provides preliminary quantitative insights into the proposed solutions and guidelines for future design.
{"title":"Internet of Things via Named Data Networking: The support of push traffic","authors":"M. Amadeo, C. Campolo, A. Molinaro","doi":"10.1109/NOF.2014.7119766","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119766","url":null,"abstract":"Named Data Networking (NDN) is a promising information-centric future Internet architecture. Its innovative concepts, like named content, name-based routing and in-network caching, particularly suit the requirements of the Internet of Things (IoT), interconnecting billions of heterogeneous constrained objects. NDN supports receiver-driven communications and can easily enable IoT pull-based applications, e.g., to monitor sensors and to control actuators. However, NDN cannot natively allow devices to transmit unsolicited data, like alarms or status changes, unless to properly modify the semantics of exchanged packets and the forwarding strategy. In this paper we discuss how NDN can support reliable push-based IoT traffic, through the definition of three schemes conceived to be as much compliant as possible with the NDN tenets, while targeting efficiency in the usage of network and devices resources. A simple analytical framework provides preliminary quantitative insights into the proposed solutions and guidelines for future design.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"122 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116500261","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119791
Hatem Hocini, M. Bourguiba, N. Badache
In virtualized data centers, the last hop of the network is no longer handled by a physical network switch, but rather is performed in software inside the server to switch among virtual machines hosted by that server. However, the current I/O network virtualization based on the driver domain is an attractive model since it offers high flexibility and cost-effectiveness. However, it exhibits poor networking performance due to multiple memory transactions between the driver domain and the VM. This paper addresses this challenge by introducing the concept and design of a new I/O subsystem called Next Hop Bridge which identifies the packets belonging to the same flow and processes only the first one of a given flow within the virtual machine. NHB uses a flow table to store the needed information about the packets. Such a switching mechanism allows to considerably avoid unnecessary I/O transactions during the communication between the driver domain and the VM and hence make the VM throughput scale up to line rates.
在虚拟化数据中心中,网络的最后一跳不再由物理网络交换机处理,而是在服务器内部的软件中执行,以便在该服务器托管的虚拟机之间进行切换。然而,当前基于驱动程序域的I/O网络虚拟化是一个有吸引力的模型,因为它提供了高度的灵活性和成本效益。然而,由于驱动程序域和虚拟机之间存在多个内存事务,它表现出较差的网络性能。本文通过引入一个名为Next Hop Bridge的新I/O子系统的概念和设计来解决这一挑战,该子系统识别属于同一流的数据包,并仅处理虚拟机中给定流的第一个数据包。NHB使用流表来存储有关数据包的所需信息。这种切换机制允许在驱动域和VM之间的通信期间大大避免不必要的I/O事务,从而使VM吞吐量扩展到线路速率。
{"title":"Accelerating packets reception and forwarding in virtualized datacenters","authors":"Hatem Hocini, M. Bourguiba, N. Badache","doi":"10.1109/NOF.2014.7119791","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119791","url":null,"abstract":"In virtualized data centers, the last hop of the network is no longer handled by a physical network switch, but rather is performed in software inside the server to switch among virtual machines hosted by that server. However, the current I/O network virtualization based on the driver domain is an attractive model since it offers high flexibility and cost-effectiveness. However, it exhibits poor networking performance due to multiple memory transactions between the driver domain and the VM. This paper addresses this challenge by introducing the concept and design of a new I/O subsystem called Next Hop Bridge which identifies the packets belonging to the same flow and processes only the first one of a given flow within the virtual machine. NHB uses a flow table to store the needed information about the packets. Such a switching mechanism allows to considerably avoid unnecessary I/O transactions during the communication between the driver domain and the VM and hence make the VM throughput scale up to line rates.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133231032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119762
H. Wippel
Application-tailored networks are customized networks optimized for application requirements. They use custom protocol stacks and network virtualization to provide flexible and efficient communication. End user nodes run a framework called NENA to connect to such networks at runtime. The current NENA implementation runs on top of the operating system's network stack and uses the Socket API. It allows to show the flexibility of application-tailored networks but limits NENA's performance. Packet I/O frameworks like Intel's Data Plane Development Kit (DPDK) offer direct access to network interfaces and high performance. So, such a packet I/O framework provides an opportunity to enhance NENA and investigate its performance. In this paper, we present a new implementation of NENA with Intel's Data Plane Development Kit and evaluate its performance. Experiments show that our approach can achieve more than 9 times higher packet rates than a Socket-based implementation and is able to saturate a 10 Gbit/s link using two CPU cores.
{"title":"DPDK-based implementation of application-tailored networks on end user nodes","authors":"H. Wippel","doi":"10.1109/NOF.2014.7119762","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119762","url":null,"abstract":"Application-tailored networks are customized networks optimized for application requirements. They use custom protocol stacks and network virtualization to provide flexible and efficient communication. End user nodes run a framework called NENA to connect to such networks at runtime. The current NENA implementation runs on top of the operating system's network stack and uses the Socket API. It allows to show the flexibility of application-tailored networks but limits NENA's performance. Packet I/O frameworks like Intel's Data Plane Development Kit (DPDK) offer direct access to network interfaces and high performance. So, such a packet I/O framework provides an opportunity to enhance NENA and investigate its performance. In this paper, we present a new implementation of NENA with Intel's Data Plane Development Kit and evaluate its performance. Experiments show that our approach can achieve more than 9 times higher packet rates than a Socket-based implementation and is able to saturate a 10 Gbit/s link using two CPU cores.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"51 11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115040547","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119792
Paul Zanna, B. O'Neill, P. Radcliffe, S. Hosseini, M. S. U. Hoque
For many years network operators have struggled to maintain fragile, statically configured and extremely complex networks. The constant threat of viruses, malware, intruders and misconfigured devices has made the task even more difficult. The use of an Intrusion Detection System (IDS) has become a standard defense model in many networks, however they are expensive and difficult to maintain and further complicate a network. This paper introduces a novel approach that integrates a distributed Intrusion Detection System into a Software Defined Network (SDN) and in doing so provides a more scalable security and threat management solution. The core mechanisms that enable SDN to provide an IDS function have been implemented and their performance evaluated. The viability of this approach was evaluated and found to be an effective alternative to the current IDS deployment model.
{"title":"Adaptive threat management through the integration of IDS into Software Defined Networks","authors":"Paul Zanna, B. O'Neill, P. Radcliffe, S. Hosseini, M. S. U. Hoque","doi":"10.1109/NOF.2014.7119792","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119792","url":null,"abstract":"For many years network operators have struggled to maintain fragile, statically configured and extremely complex networks. The constant threat of viruses, malware, intruders and misconfigured devices has made the task even more difficult. The use of an Intrusion Detection System (IDS) has become a standard defense model in many networks, however they are expensive and difficult to maintain and further complicate a network. This paper introduces a novel approach that integrates a distributed Intrusion Detection System into a Software Defined Network (SDN) and in doing so provides a more scalable security and threat management solution. The core mechanisms that enable SDN to provide an IDS function have been implemented and their performance evaluated. The viability of this approach was evaluated and found to be an effective alternative to the current IDS deployment model.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125086494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/NOF.2014.7119768
F. Bruno, M. Cesana, M. Gerla, Giulia Mauri, G. Verticale
Information Centric Networking (ICN) is a networking framework for content distribution. The communication is based on a request/response model where the attention is centered on the content. The user sends interest messages naming the content it desires and the network chooses the best node from which delivers the content. This way for retrieving contents naturally fits a context where users continuously change their location. One of the main problems of user mobility is the intermittent connectivity that causes loss of packets. This work shows how in a Vehicle-to-Infrastructure scenario, the network can exploit the ICN architecture with content pre-distribution to maximize the probability that the user retrieves the desired content. We give an ILP formulation of the problem of optimally distributing the contents in the network nodes and discuss how the system assumptions impact the success probability. Moreover, we validate our model by means of simulations with ndnSIM.
{"title":"Optimal content placement in ICN vehicular networks","authors":"F. Bruno, M. Cesana, M. Gerla, Giulia Mauri, G. Verticale","doi":"10.1109/NOF.2014.7119768","DOIUrl":"https://doi.org/10.1109/NOF.2014.7119768","url":null,"abstract":"Information Centric Networking (ICN) is a networking framework for content distribution. The communication is based on a request/response model where the attention is centered on the content. The user sends interest messages naming the content it desires and the network chooses the best node from which delivers the content. This way for retrieving contents naturally fits a context where users continuously change their location. One of the main problems of user mobility is the intermittent connectivity that causes loss of packets. This work shows how in a Vehicle-to-Infrastructure scenario, the network can exploit the ICN architecture with content pre-distribution to maximize the probability that the user retrieves the desired content. We give an ILP formulation of the problem of optimally distributing the contents in the network nodes and discuss how the system assumptions impact the success probability. Moreover, we validate our model by means of simulations with ndnSIM.","PeriodicalId":435905,"journal":{"name":"2014 International Conference and Workshop on the Network of the Future (NOF)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114208979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: