scispace - formally typeset
Search or ask a question
Author

Balázs Peter Gerö

Bio: Balázs Peter Gerö is an academic researcher from Ericsson. The author has contributed to research in topics: Node (networking) & Network packet. The author has an hindex of 13, co-authored 50 publications receiving 959 citations.

Papers
More filters
Journal ArticleDOI
TL;DR: This survey explains the main techniques and problems known in the field of IP traffic analysis and focuses on application detection, separating traffic analysis into packet-based and flow-based categories and details the advantages and problems for each approach.
Abstract: The area of Internet traffic measurement has advanced enormously over the last couple of years. This was mostly due to the increase in network access speeds, due to the appearance of bandwidth-hungry applications, due to the ISPs' increased interest in precise user traffic profile information and also a response to the enormous growth in the number of connected users. These changes greatly affected the work of Internet service providers and network administrators, which have to deal with increasing resource demands and abrupt traffic changes brought by new applications. This survey explains the main techniques and problems known in the field of IP traffic analysis and focuses on application detection. First, it separates traffic analysis into packet-based and flow-based categories and details the advantages and problems for each approach. Second, this work cites the techniques for traffic analysis accessible in the literature, along with the analysis performed by the authors. Relevant techniques include signature-matching, sampling and inference. Third, this work shows the trends in application classification analysis and presents important and recent references in the subject. Lastly, this survey draws the readers' interest to open research topics in the area of traffic analysis and application detection and makes some final remarks.

385 citations

Patent
13 Jul 2011
TL;DR: In this article, a technique for determining an interconnect node for establishment of a forwarding path for transmitting service based data within a network system comprising a first network and a second network is provided.
Abstract: A technique for determining an interconnect node for establishment of a forwarding path for transmitting service based data within a network system comprising a first network and a second network is provided. The first network comprises: a plurality of network interconnect nodes connectable to a plurality of external links towards the second network, and one or more internal links connecting the network interconnect nodes with each other. A method implementation of the technique comprises assigning, for a given service, interconnect node status information to the network interconnect nodes, wherein a network interconnect node to which a passive status is assigned is only allowed to transmit service based data between an external link and another interconnect node of the network, or between two other interconnect nodes of the network, and wherein only a network interconnect node to which an active status is assigned is allowed to send or receive service based data to or from the network. The method further comprises determining, for a given service, an interconnect node having an active status for establishment of a forwarding path including the interconnect node having the active status and an external link, wherein the determination is based on the respective status information assigned to the network interconnect nodes for the service.

142 citations

Journal ArticleDOI
TL;DR: The recursive formulas and the continuous approximation together provide a powerful tool for the performance analysis of this quite general system in the sense that they allow the calculation of the blocking probabilities and the mean throughputs in medium and large systems as well.

83 citations

Patent
29 Aug 2012
TL;DR: In this article, a virtual node in a LAG that includes a first virtual node and a second virtual node is described, and a split brain condition may be determined to exist in the LAG.
Abstract: Methods and apparatus for operating a virtual node in a LAG that includes a first virtual node and a second virtual node are disclosed. The first virtual node includes at least a first fellow node and a second fellow node. In one exemplary method, the first fellow node receives, from the second virtual node, first control information comprising a system ID and first configuration information associated with the LAG. The first control information is compared with reference configuration information representing previously established expected configuration information associated with the LAG. Based on that comparison, and at least one additional criterion, a split brain condition may be determined to exist in the LAG. In a complementary fashion, a fellow node of the second virtual node may be configured to alter its transmitted configuration information depending on whether it is able to communicate with its fellow node in the second virtual node.

46 citations

Journal ArticleDOI
01 Sep 2016
TL;DR: The goals and work being done within the 5GEx (5G Exchange) project in realising a Europe‐wide multi‐domain platform aimed at enabling cross‐domain orchestration of services over multiple administrations or over multi‐ domain single administrations in the context of emerging 5G networking.
Abstract: Market fragmentation has resulted in a multitude of network and cloud/data center operators, each focused on different countries, regions and technologies. This makes it difficult and costly to create infrastructure services spanning multiple domains, such as virtual connectivity or compute resources. In this article, we discuss the goals and work being done within the 5GEx 5G Exchange project in realising a Europe-wide multi-domain platform. This platform aims at enabling cross-domain orchestration of services over multiple administrations or over multi-domain single administrations in the context of emerging 5G networking. The 5GEx vision is based on introducing a unification via network function virtualisation/software-defined networking compatible multi-domain orchestration for networks, clouds and services. We describe the motivation and 5GEx vision, the adopted architecture and the next steps in terms of implementation and experimentation. Copyright © 2016 John Wiley & Sons, Ltd.

38 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: This paper provides a structured and comprehensive overview of various facets of network anomaly detection so that a researcher can become quickly familiar with every aspect of network anomalies detection.
Abstract: Network anomaly detection is an important and dynamic research area. Many network intrusion detection methods and systems (NIDS) have been proposed in the literature. In this paper, we provide a structured and comprehensive overview of various facets of network anomaly detection so that a researcher can become quickly familiar with every aspect of network anomaly detection. We present attacks normally encountered by network intrusion detection systems. We categorize existing network anomaly detection methods and systems based on the underlying computational techniques used. Within this framework, we briefly describe and compare a large number of network anomaly detection methods and systems. In addition, we also discuss tools that can be used by network defenders and datasets that researchers in network anomaly detection can use. We also highlight research directions in network anomaly detection.

971 citations

Journal ArticleDOI
TL;DR: The diverse use cases and network requirements of network slicing, the pre-slicing era, considering RAN sharing as well as the end-to-end orchestration and management, encompassing the radio access, transport network and the core network are outlined.
Abstract: Network slicing has been identified as the backbone of the rapidly evolving 5G technology. However, as its consolidation and standardization progress, there are no literatures that comprehensively discuss its key principles, enablers, and research challenges. This paper elaborates network slicing from an end-to-end perspective detailing its historical heritage, principal concepts, enabling technologies and solutions as well as the current standardization efforts. In particular, it overviews the diverse use cases and network requirements of network slicing, the pre-slicing era, considering RAN sharing as well as the end-to-end orchestration and management, encompassing the radio access, transport network and the core network. This paper also provides details of specific slicing solutions for each part of the 5G system. Finally, this paper identifies a number of open research challenges and provides recommendations toward potential solutions.

766 citations

Proceedings ArticleDOI
19 Feb 2016
TL;DR: This paper studies the effectiveness of flow-based time-related features to detect VPN traffic and to characterize encrypted traffic into different categories, according to the type of traffic e.g., browsing, streaming, etc.
Abstract: Traffic characterization is one of the major challenges in today’s security industry. The continuous evolution and generation of new applications and services, together with the expansion of encrypted communications makes it a difficult task. Virtual Private Networks (VPNs) are an example of encrypted communication service that is becoming popular, as method for bypassing censorship as well as accessing services that are geographically locked. In this paper, we study the effectiveness of flow-based time-related features to detect VPN traffic and to characterize encrypted traffic into different categories, according to the type of traffic e.g., browsing, streaming, etc. We use two different well-known machine learning techniques (C4.5 and KNN) to test the accuracy of our features. Our results show high accuracy and performance, confirming that time-related features are good classifiers for encrypted traffic characterization.

562 citations

Journal ArticleDOI
TL;DR: The persistently unsolved challenges in the field over the last decade are outlined, and several strategies for tackling these challenges are suggested to promote progress in the science of Internet traffic classification.
Abstract: Traffic classification technology has increased in relevance this decade, as it is now used in the definition and implementation of mechanisms for service differentiation, network design and engineering, security, accounting, advertising, and research. Over the past 10 years the research community and the networking industry have investigated, proposed and developed several classification approaches. While traffic classification techniques are improving in accuracy and efficiency, the continued proliferation of different Internet application behaviors, in addition to growing incentives to disguise some applications to avoid filtering or blocking, are among the reasons that traffic classification remains one of many open problems in Internet research. In this article we review recent achievements and discuss future directions in traffic classification, along with their trade-offs in applicability, reliability, and privacy. We outline the persistently unsolved challenges in the field over the last decade, and suggest several strategies for tackling these challenges to promote progress in the science of Internet traffic classification.

546 citations

Journal ArticleDOI
TL;DR: A comprehensive review and updated solutions related to 5G network slicing using SDN and NFV, and a discussion on various open source orchestrators and proof of concepts representing industrial contribution are provided.

458 citations