The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
This papers describes a proof-of-concept implementation of the Service Function Chaining Control Plane, exploiting the IETF Network Service Header approach. The proposed implementation combines the OpenFlow protocol to control and configure the network nodes and the NSH method to adapt the service requirements to the transport technology. The manuscript shows that the result of this combination is...
Recently, mobile broadband networks are focused on bringing additional capabilities to the network edge. For instance, Mobile Edge Computing (MEC) brings storage and processing capabilities closer to the mobile user i.e., at the radio access network, in order to deploy services with minimum delay. In this paper, we propose a resource constrained cloud-enabled small cell that includes a MEC server...
Residential networks are home to increasingly diverse devices, including embedded devices that are part of the Internet of Things phenomenon, leading to new management and security challenges. However, current residential solutions that rely on customer premises equipment (CPE), which often remains deployed in homes for years without updates or maintenance, are not evolving to keep up with these emerging...
Flexibility and extendibility of Software Defined Networks allows development of diverse network management and flow monitoring techniques. Yet, there are inherent tradeoffs between the quality of flow monitoring and the required network resources. In particular, collecting flow statistics, at the level of specific source-destination addresses (and, moreover, specific protocols and ports), requires...
Network Function Virtualization (NFV) shed new light for the design, deployment, and management of cloud networks. Many network functions such as firewalls, load balancers, and intrusion detection systems can be virtualized by servers. However, network operators often have to sacrifice programmability to achieve high throughput, especially at networks' edge where complex network functions are required...
In this paper, we propose two simple and practically feasible countermeasures to address the Route Spoofing and Resource Exhaustion attacks in Software Defined Networking (SDN) scenarios. For Route Spoofing attack, we introduce a new technique called “selective blocking” which blocks an adversary node to use a genuine user's active routes, and for Resource Exhaustion attack, we propose a “periodic...
This paper proposes a distributed controller placement problem that finds out the pareto optimal solutions minimizing the switch-to-controller delay, controller-to-controller delay, and controller load imbalance for wide area software defined networks. We introduce a general model that not only considers the controller placements but also the switch assignments, so that this model can further be used...
The combination of Software Defined Networking (SDN) and Network Function Virtualization (NFV) promises to provide highly flexible and configurable network infrastructures. This relies, however, on an efficient assignment of the respective Service Function Chain (SFC). This is related to Virtual Network Embedding (VNE), where algorithms are devised to provide such an assignment. To evaluate and compare...
We explore in this paper the design of a Cloud-RAN architecture. We study the problem of determining the required computing capacity for hosting software-based Base Band Units (BBUs) of various eNodeBs in a data center. A worst-case analysis in terms of execution time of BBU functions is then performed. We specifically investigate how to reduce their runtime and thus to increase the concentration...
Current Network Function Virtualization (NFV) with Virtualized Network Functions (VNFs) running as virtual machines on commodity servers enables flexibility to Service Function Chaining (SFC). Specific applications may require Quality of Service (QoS) on end-to-end latency. However, the processing delay and the queuing delay of VNFs varies with virtual resource configurations (vCPU and vMemory), as...
Servers in a network are typically assigned a static identity. Static assignment of identities is a cornerstone for adversaries in finding targets. Moving Target Defense (MTD) mutates the environment to increase unpredictability for an attacker. On another side, Software Defined Networks (SDN) facilitate a global view of a network through a central control point. The potential of SDN can not only...
Benchmarking and profiling virtual network functions (VNFs) generates input knowledge for resource management decisions taken by management and orchestration systems. Such VNFs are usually not executed in isolation but are often deployed as part of a service function chain (SFC) that connects single functions into complex structures. To manage such chains, isolated performance profiles of single functions...
Multipath TCP (MPTCP) has gained great attention by the researchers and network application developers due to its features providing better bandwidth utilization and higher reliability recently. Utilizing MPTCP in the datacenters provides performance gain to the applications. If the underlying network has Software Defined Networking (SDN) architecture, the routing of the MPTCP subflows can be specialized...
The emerging trend of network devices with configurable data planes is pushing software switches as convenient playgrounds for experimenting novel programming paradigms and abstractions. OfSoftSwitch is a popular tool for carrying on such experimentation, as it provides a straightforward implementation of a pipeline of match-action tables. Unfortunately, OfSoftSwitch is not performance oriented and...
Video streaming over the internet for new 3D immersive media such as Virtual Reality and 360-degree videos has drawn great attention from both consumers and researchers in recent years. One of the biggest challenges in streaming such 3D media is the high bandwidth demands. While traditional 2D video streaming is still dominating network peak traffic, new inventions are accelerating the adoption of...
The bursty many-to-one communication pattern, typical for data acquisition systems, but also present in datacenter networks, is particularly demanding for commodity TCP/IP and Ethernet technologies. We expand our study of building incast-resistant networks based on software switches running on commercial-off-the-shelf servers. In this paper we provide the estimates for costs and physical area required...
Traditional network infrastructure is facing significant challenges to support the growing bandwidth, coverage, and latency requirements of users, and to support new 4G and 5G use-cases. As a solution, telecom operators are looking to implement Network Function Virtualization (NFV) in future networks. The placement of Virtual Network Functions (VNFs) plays a critical role in reducing latency to serve...
Due to the abstraction of physical resources and heavy use of virtualization in the context of Service Function Chaining (SFC), verification of the processing and that forwarding of traffic is handled correctly is very challenging. Such verification requires explicit support from the physical cloud infrastructure and — more important — relies on correct configuration and operation of the Cloud Management...
The Ethernet VPN (EVPN) technology has emerged as a key solution for the interconnection of geo-distributed Data Centers (DCs) over provider-managed MPLS networks. Such interconnections need to satisfy service-level agreements, which can be achieved by enforcing Traffic Engineering (TE) policies. However, deploying an effective TE policy is challenging and complex. This stems from the fact that network...
Industrial Control Systems (ICS) and their networking infrastructure have been the target of an increasing number of cyber-attacks over the past years. In 2015, researchers proposed to employ SDN techniques to improve the security of ICS networks. To avoid that all packets are forwarded along the same path in such a network, their multipath routing strategy alternates between several paths from a...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.