Computer Networks最新文献

Utilizing in-network caching is essential for the current communication network. In the last decade, ICN (Information-Centric Networking) has been under the spotlight as a network that mainly focuses on transmitted and received data rather than on hosts that transmit and receive data. In ICNs, to appropriately forward request packets, a router maintains a routing table called FIB (Forwarding Information Base). However, it is unsuitable for us to assume that FIB can store entries of all contents within a network. This is mainly because the FIB memory is not large enough to store the prefix of all contents. Thus, for realizing global-scale ICNs, it is crucial to develop an effective technique to reduce the size of FIB. In this paper, to tackle the reduction in the FIB size with the aggregation, we propose a routing strategy called constrained shortest-path tree (CSPT) routing. The fundamental idea of our CSPT routing is to combine shortest-paths on the network and that on a shortest-path tree of the network, which is intended to enhance the effect of FIB aggregation. Furthermore, we extensively investigate the relationship, i.e., trade-off, between the FIB aggregation and the communication performance of ICN using CSPT routing. Consequently, we reveal that our CSPT routing can dramatically reduce the number of FIB entries while suppressing the increase in the number of hops required to deliver request packets.

Traceback has been very attractive against DDoS attacks with IP spoofing instead of traditional mitigation methods because attacks require removal near attackers, resulting in affecting legitimate traffic as little as possible. There have been some approaches dedicated to achieving effective traceback. However, existing approaches often modify protocols to apply to multi-domain scenarios, and the implemented mitigation usually lags behind traceback. Therefore, this paper proposes the Software-Defined Multi-Domain Network Tracer and Mitigator (SD-MDN-TM) to traceback and mitigate DDoS attacks with IP spoofing in multi-domain SDN scenarios. We apply systematic sampling and flow feature extraction based on the Count-Min Sketch data structure for the lightweight statistics collection of massive DDoS attack traffic. We also design the TracebackTree data structure to construct the traceback paths of attackers of distributed attack sources. The Border Switch Trigger Mechanism is proposed to overcome the drawbacks of the commonly-used packet marking in cross-domain traceback information transfer, achieving no modification of existing network protocols and independent traceback among multiple domains. Mitigation is integrated with traceback for faster removal of attacks from the network. The proposed scheme can traceback DDoS attack sources both inside and outside domains accurately and effectively by constructing traceback path. It can be implemented without modifying the existing protocols, therefore achieving direct application to the existing network architecture. Furthermore, the traceback of attack sources outside domains can maintain independence in multi-domain scenarios. Mitigation integrated with traceback can achieve less impact on legitimate traffic and faster removal of attacks from the network.

Thanks to the applications such as Quantum Key Distribution and Distributed Quantum Computing, the deployment of quantum networks is gaining great momentum. A major component in quantum networks is repeaters, which are essential for reducing the error rate of qubit transmission for long-distance links. However, repeaters are expensive devices, so minimizing the number of repeaters placed in a quantum network while satisfying performance requirements becomes an important problem. Existing solutions typically solve this problem optimally by formulating an Integer Linear Program (ILP). However, the number of variables in their ILPs is $O\left(n^2\right)$, where $n$ is the number of nodes in a network. This incurs infeasible running time when the network scale is large. To overcome this drawback, this paper proposes to solve the repeater placement problem by two steps, with each step using a linear program of a much smaller scale with $O\left(n\right)$ variables. Although this solution is not optimal, it dramatically reduces the time complexity, making it practical for large-scale networks. Moreover, it constructs networks that have higher node connectivity than those by existing solutions, since it deploys slightly more number of repeaters into networks. Our extensive experiments on both synthetic and real-world network topologies verified our claims.

Network traffic prediction is critical in wireless network management by allowing a good estimate of the traffic trend, which is also an important approach for detecting traffic anomalies in order to enhance network security. Deep-learning-based method has been widely adopted to predict network traffic matrix (TM) though with the main drawbacks in high complexity and low efficiency. In this paper, we propose a traffic prediction model based on Particle Swarm Optimization (PSO) and LightGBM (PSO-LightGBM-TM), which optimizes the LightGBM parameters for each network flow by PSO so that LightGBM can adapt to each of the network traffic flow. Compared with existing commonly used deep learning models, our model has a more straightforward structure and yet outperforms existing deep learning models. Sufficient comparison tests on three real network traffic datasets, Abilene, GÉANT, and CERNET have been conducted, and the results show that our model provides more accurate results and higher prediction efficiency.

Nowadays, smart environmental monitoring devices are widely used in various fields, and one of the most representative tools is the wireless sensor network (WSN). WSNs are easy to deploy and provide real-time information feedback, which is very suitable for environmental monitoring. As we all know, the environmental monitoring network because of the special nature of its work requirements, the need for uninterrupted and real-time transmission of monitoring data, which leads to energy consumption is extremely large, and this cannot meet the needs of its long-term work. Existing traditional routing has problems such as unscientific cluster head election and high redundancy in data transmission, which usually lead to a large amount of energy consumption, which is not conducive to the long-term stable operation of sensor networks. In this paper, we improve the traditional routing protocol and design a cluster head election method based on the genetic algorithm, which proposes a new fitness function in terms of energy, distance, and the number of nodes in the cluster, and performs the selection of cluster head nodes based on this method. In addition, we propose a new grey prediction model, which can realize the real-time update of data queues, and optimize the data transmission process of traditional WSNs based on this prediction model to reduce the amount of intra-cluster data transmission. Combining these improvements, a grey cluster prediction (GCP) model is proposed, and the performance of the model is tested based on real mine and soil data sets. The simulation results show that the model significantly reduces energy loss and extends the network life cycle while ensuring the integrity of data transmission. It can also meet the requirements of long-term stable operation of environmental monitoring equipment.

Intelligent vehicles, equipped with powerful computing and sensing resources, serve as versatile mobile computing platforms, offering many resources to users. This study focuses on resource provisioning and elastic service to address the paramount issue of resource provisioning for in-vehicle computing. It introduces an elastic sensing service, enabling users to declare multiple requested areas to obtain sensing data. It allows various vehicles to collaborate in providing services to a single user when individual vehicles cannot complete the task alone. The approach formulated as a double auction-based setting involves a market with multiple self-interested users and vehicles. The main objective is to design a mechanism that maximizes social welfare. First, a greedy mechanism provides different task allocation strategies while ensuring truthfulness. The proposed mechanism is truthful and equilibrium-driven, achieving individual rationality, consumer sovereignty, and budget balance. It demonstrates the approximation ratio. Simulation results indicate that the proposed mechanism can increase social welfare and the number of served users by at least 29% and 9%, respectively, compared with baseline methods. This research paves the way for more efficient resource provisioning in intelligent vehicles, ultimately enhancing these mobile computing platforms’ overall user experience and capabilities.

The research delves into the intricate domain of security offloading within the context of non-orthogonal multiple access (NOMA) heterogeneous mobile edge computing (het-MEC) networks operating over Rayleigh fading channels. The investigation centers on a system model comprising a single antenna-equipped edge user, denoted as $U$, which strategically offloads computational tasks to two distinct heterogeneous wireless access points (APs): the far AP ($A{P}_1$) and the near one ($A{P}_2$), employing NOMA techniques. Notably, the research accounts for a passive eavesdropper ($E$) intending to intercept the $U-A{P}_2$ transmission. A four-phase protocol is proposed to ensure the security offloading process, namely SAPS, which leverages wireless access point selection (APS) and physical layer security (PLS) techniques. The focus extends to derive a closed-form expression for a novel critical system performance metric: the secrecy successful computation probability (SSCP). Furthermore, an algorithm based on Ant Colony Optimization (ACO) within the continuous domain is introduced, which aims to enhance the SSCP by intelligently determining system parameters. The impact of critical factors such as transmit power, power allocation coefficient, bandwidth, CPU frequency, and task division ratio under the SAPS scheme is explored and compared to the conventional approach using pure NOMA. Remarkably, the algorithm in the proposed scheme demonstrates up to a 3% performance improvement. The validity and accuracy of the study findings are verified through Monte-Carlo simulations. The work contributes significantly to advancing secure offloading strategies in NOMA-based MEC networks, offering valuable insights for practical deployment and optimization.

Vehicle movement poses significant challenges in vehicular networks, often resulting in uneven traffic distribution. Fog computing (FC) addresses this by operating at the network edge, handling specific tasks locally instead of relying solely on cloud computing (CC) facilities. There are instances where FC may need additional resources and must delegate tasks to CC, leading to increased delay and response time. This work conducts a thorough examination of previous load balancing (LB) strategies, with a specific focus on software-defined networking (SDN) and machine learning (ML) based LB within the internet of vehicles (IoV). The insights derived from this research expedite the development of SDN controller-based LB solutions in the IoV network. The authors proposes the integration of a local SDN controller (LSDNC) within the FC tier to enable localized LB, addressing delay concerns. However, the information will be available to the main SDN controller (MSDNC) too. The authors explore the concept mathematically and simulates the formulated model and subjecting it to a comprehensive performance analysis. The simulation results demonstrate a significant reduction in delay, with a 125 ms difference when 200 onboard units (OBUs) are used, compared to conventional software-defined vehicular networks (SDVN). This improvement continues to increase as the number of OBUs grows. Our model achieves the same maximum throughput as the previous model but delivers faster response times, as decisions are made locally without the need to wait for the main controller.

The metaverse, envisioned as a vast, distributed virtual world, relies on edge computing for low-latency data processing. However, ensuring fault tolerance – the system’s ability to handle failures – is critical for a seamless user experience. This paper analyzes existing research on fault tolerance in edge computing over the past six years, specifically focusing on its applicability to the metaverse. We identify common fault types like node failures, communication disruptions, and security issues. The analysis then explores various fault management techniques including proactive monitoring, resource optimization, task scheduling, workload migration, redundancy for service continuity, machine learning for predictive maintenance, and consensus algorithms to guarantee data integrity. While these techniques hold promise, adaptations are necessary to address the metaverse’s real-time interaction requirements and low-latency constraints. This paper analyzes existing research and identifies key areas for improvement, providing valuable research guidelines and insights to pave the way for the development of fault management techniques specifically tailored to the metaverse, ultimately contributing to a robust and secure virtual world.

Domain Name System (DNS) is the backbone of the Internet infrastructure, converting human-friendly domain names into machine-processable IP addresses. However, DNS remains vulnerable to various security threats, such as cache poisoning attacks, where malicious attackers inject false information into DNS resolvers’ caches. Although efforts have been made to enhance DNS against such vulnerabilities, existing countermeasures often fall short in one or more areas: they may offer limited resistance to the collusion attack, introduce significant overhead, or require complex implementation that hinders widespread adoption. To address these challenges, this paper introduces TI-DNS+, a trusted and incentivized blockchain-based DNS resolution architecture for cache poisoning defense. TI-DNS+ introduces a Verification Cache exploiting blockchain ledger’s immutable nature to detect and correct forged DNS responses. The architecture also incorporates a multi-resolver Query Vote mechanism, enhancing the ledger’s credibility by validating each record modification through a stake-weighted algorithm. This algorithm selects resolvers as validators based on their stake proportion. To promote well-behaved participation, TI-DNS+ also implements a novel stake-based incentive mechanism that optimizes the generation and distribution of stake rewards. This ensures that incentives align with participants’ contributions, achieving incentive compatibility, fairness, and efficiency. Moreover, TI-DNS+ possesses high practicability as it requires only resolver-side modifications to current DNS. Finally, through comprehensive prototyping and experimental evaluations, the results demonstrate that our solution effectively mitigates DNS cache poisoning. Compared to competitors, our solution improves attack resistance by 1-3 orders of magnitude, while also reducing resolution latency by 5% to 68%.