Showing papers on "Network management published in 2019"

Ultra-Low Latency (ULL) Networks: The IEEE TSN and IETF DetNet Standards and Related 5G ULL Research

Abstract: Many network applications, eg, industrial control, demand ultra-low latency (ULL) However, traditional packet networks can only reduce the end-to-end latencies to the order of tens of milliseconds The IEEE 8021 time sensitive networking (TSN) standard and related research studies have sought to provide link layer support for ULL networking, while the emerging IETF deterministic networking (DetNet) standards seek to provide the complementary network layer ULL support This paper provides an up-to-date comprehensive survey of the IEEE TSN and IETF DetNet standards and the related research studies The survey of these standards and research studies is organized according to the main categories of flow concept, flow synchronization, flow management, flow control, and flow integrity ULL networking mechanisms play a critical role in the emerging fifth generation (5G) network access chain from wireless devices via access, backhaul, and core networks We survey the studies that specifically target the support of ULL in 5G networks, with the main categories of fronthaul, backhaul, and network management Throughout, we identify the pitfalls and limitations of the existing standards and research studies This survey can thus serve as a basis for the development of standards enhancements and future ULL research studies that address the identified pitfalls and limitations

Software Defined Networks-Based Smart Grid Communication: A Comprehensive Survey

Abstract: The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid also known as, smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication (SGC) system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SGC system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. By separating the control plane from the data plane, SDN helps the network operators to manage the network flexibly. Since SG heavily relies on communication networks, therefore, SDN has also paved its way into the SG. By applying SDN in SG systems, efficiency and resiliency can potentially be improved. SDN, with its programmability, protocol independence, and granularity features, can help the SG to integrate different SG standards and protocols, to cope with diverse communication systems, and to help SG to perform traffic flow orchestration and to meet specific SG quality of service requirements. This paper serves as a comprehensive survey on SDN-based SGC. In this paper, we first discuss taxonomy of advantages of SDN-based SGC. We then discuss SDN-based SGC architectures, along with case studies. This paper provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.

Toward adaptive and scalable openflow-SDN flow control: A survey

Abstract: Software-defined networking (SDN) is an emerging network architecture that promises to simplify network management, improve network resource utilization, and boost evolution and innovation in traditional networks. The SDN allows the abstraction and centralized management of the lower-level network functionalities by decoupling the network logic from the data forwarding devices into the logically centralized distributed controllers. However, this separation introduces new scalability and performance challenges in large-scale networks of dynamic traffic and topology conditions. Many research studies have represented that centralization and maintaining the global network visibility over the distributed SDN controller introduce scalability concern. This paper surveys the state-of-the-art proposed techniques toward minimizing the control to data planes communication overhead and controllers' consistency traffic to enhance the OpenFlow-SDN scalability in the context of logically centralized distributed SDN control plane architecture. The survey mainly focuses on four issues, including logically centralized visibility, link-state discovery, flow rules placement, and controllers' load balancing. In addition, this paper discusses each issue and presents an updated and detailed study of existing solutions and limitations in enhancing the OpenFlow-SDN scalability and performance. Moreover, it outlines the potential challenges that need to be addressed further in obtaining adaptive and scalable OpenFlow-SDN flow control.

SDN-Based Secure and Privacy-Preserving Scheme for Vehicular Networks: A 5G Perspective

Abstract: The ever-increasing demands of vehicular networks pose significant challenges such as availability, computation complexity, security, trust, authentication, etc. This becomes even more complicated for high-speed moving vehicles. As a result, increasing the capacity of these networks has been attracting considerable awareness. In this regard, the next generation of cellular networks, 5G, is expected to be a promising solution enabling high data rates, capacity, and quality of service as well as low latency communications. However, 5G networks still face challenges in providing ubiquitous and reliable connections among high-speed vehicles. Thus, to overcome the gaps in the existing solutions, we propose a software defined network (SDN)-based consolidated framework providing end-to-end security and privacy in 5G enabled vehicular networks. The framework simplifies network management through SDN, while achieving optimized network communications. It operates in two phases: first, an elliptic curve cryptographic based authentication protocol is proposed to mutually authenticate the cluster heads and certificate authority in SDN-based vehicular setups, and, second, an intrusion detection module supported by tensor based dimensionality reduction is designed to reduce the computational complexity and identify the potential intrusions in the network. In order to assess the performance of the proposed framework, an extensive evaluation is performed on three simulators; NS3, SUMO, and SPAN. To harness the potential benefits of the proposed model, the first module, is evaluated on the basis of security features, whereas the second module is evaluated, and compared with the existing state-of-the-art models, on the basis of detection rate, false positive rate, accuracy, detection time, and communication overhead. The simulation results indicate the superiority of the proposed framework as compared to the existing models.

Low-Latency Scheduling in MPTCP

Abstract: The demand for mobile communication is continuously increasing, and mobile devices are now the communication device of choice for many people. To guarantee connectivity and performance, mobile devices are typically equipped with multiple interfaces. To this end, exploiting multiple available interfaces is also a crucial aspect of the upcoming 5G standard for reducing costs, easing network management, and providing a good user experience. Multi-path protocols, such as multi-path TCP (MPTCP), can be used to provide performance optimization through load-balancing and resilience to coverage drops and link failures, however, they do not automatically guarantee better performance. For instance, low-latency communication has been proven hard to achieve when a device has network interfaces with asymmetric capacity and delay (e.g., LTE and WLAN). For multi-path communication, the data scheduler is vital to provide low latency, since it decides over which network interface to send individual data segments. In this paper, we focus on the MPTCP scheduler with the goal of providing a good user experience for latency-sensitive applications when interface quality is asymmetric. After an initial assessment of existing scheduling algorithms, we present two novel scheduling techniques: the block estimation (BLEST) scheduler and the shortest transmission time first (STTF) scheduler. BLEST and STTF are compared with existing schedulers in both emulated and real-world environments and are shown to reduce web object transmission times with up to 51% and provide 45% faster communication for interactive applications, compared with MPTCP’s default scheduler.

IoT Inspector: Crowdsourcing Labeled Network Traffic from Smart Home Devices at Scale

Abstract: The proliferation of smart home devices has created new opportunities for empirical research in ubiquitous computing, ranging from security and privacy to personal health. Yet, data from smart home deployments are hard to come by, and existing empirical studies of smart home devices typically involve only a small number of devices in lab settings. To contribute to data-driven smart home research, we crowdsource the largest known dataset of labeled network traffic from smart home devices from within real-world home networks. To do so, we developed and released IoT Inspector, an open-source tool that allows users to observe the traffic from smart home devices on their own home networks. Since April 2019, 4,322 users have installed IoT Inspector, allowing us to collect labeled network traffic from 44,956 smart home devices across 13 categories and 53 vendors. We demonstrate how this data enables new research into smart homes through two case studies focused on security and privacy. First, we find that many device vendors use outdated TLS versions and advertise weak ciphers. Second, we discover about 350 distinct third-party advertiser and tracking domains on smart TVs. We also highlight other research areas, such as network management and healthcare, that can take advantage of IoT Inspector's dataset. To facilitate future reproducible research in smart homes, we will release the IoT Inspector data to the public.

Identification of Encrypted Traffic Through Attention Mechanism Based Long Short Term Memory

Abstract: Network traffic classification has become an important part of network management, which is beneficial for achieving intelligent network operation and maintenance, enhancing the network quality of service (QoS), and for network security. Given the rapid development of various applications and protocols, more and more encrypted traffic has emerged in networks. Traditional traffic classification methods exhibited the unsatisfied performance since the encrypted traffic is no longer in plain text. In this work, we modeled the time-series network traffic by the recurrent neural network (RNN). Moreover, the attention mechanism was introduced for assisting network traffic classification in the form of the following two models, the attention aided long short term memory (LSTM) as well as the hierarchical attention network (HAN). Finally, relying on the ISCX VPN-NonVPN dataset, extensive experiments were conducted, showing that the proposed methods achieved 91.2% in accuracy while the highest accuracy of other methods was 89.8% relying on the same dataset.

Network Traffic Prediction based on Diffusion Convolutional Recurrent Neural Networks

Abstract: By predicting the traffic load on network links, a network operator can effectively pre-dispose resource-allocation strategies to early address, e.g., an incoming congestion event. Traffic loads on different links of a telecom is know to be subject to strong correlation, and this correlation, if properly represented, can be exploited to refine the prediction of future congestion events. Machine Learning (ML) represents nowadays the state-of-the-art methodology for discovering complex relations among data. However, ML has been traditionally applied to data represented in the Euclidean space (e.g., to images) and it may not be straightforward to effectively employ it to model graph-stuctured data (e.g., as the events that take place in telecom networks). Recently, several ML algorithms specifically designed to learn models of graph-structured data have appeared in the literature. The main novelty of these techniques relies on their ability to learn a representation of each node of the graph considering both its properties (e.g., features) and the structure of the network (e.g., the topology). In this paper, we employ a recently-proposed graph-based ML algorithm, the Diffusion Convolutional Recurrent Neural Network (DCRNN), to forecast traffic load on the links of a real backbone network. We evaluate DRCNN's ability to forecast the volume of expected traffic and to predict events of congestion, and we compare this approach to other existing approaches (as LSTM, and Fully-Connected Neural Networks). Results show that DCRN outperforms the other methods both in terms of its forecasting ability (e.g., MAPE is reduced from 210% to 43%) and in terms of the prediction of congestion events, and represent promising starting point for the application of DRCNN to other network management problems.

Packet-based Network Traffic Classification Using Deep Learning

Abstract: Recently, the advent of many network applications has led to a tremendous amount of network traffic. A network operator must provide quality of service for each application on the network. To accomplish this goal, various studies have focused on accurately classifying application network traffic. Network management requires technology to classify network traffic without the intervention of the network operator. In this study, we generate packet-based datasets through our own network traffic pre-processing. We train five deep learning models using the convolutional neural network (CNN) and residual network (ResNet) to perform network traffic classification. Finally, we analyze the network traffic classification performance of packet-based datasets using the f1 score of the CNN and ResNet deep learning models, and demonstrate their effectiveness.

SGS: Safe-Guard Scheme for Protecting Control Plane Against DDoS Attacks in Software-Defined Networking

Abstract: Software-defined networking (SDN) achieves flexible and efficient network management by decoupling control plane from the data plane, where the controller with a global network view is responsible for planning routing for packets. However, the centralized design makes the controller become a potential bottleneck, and adversaries can exploit this vulnerability to launch distributed denial-of-service (DDoS) attacks to the controller. Existing solutions are fundamentally based forged traffic analysis, increasing computational cost and being prone to produce false positives. This paper proposes a safe-guard scheme (SGS) for protecting control plane against DDoS attacks, and the main characteristic of SGS is deploying multi-controller in control plane through the controller’s clustering. SGS procedures are organized in two modules: anomaly traffic detection and controller dynamic defense. Anomaly traffic detection focuses on switches in data plane to distinguish forged flows from legitimate ones by innovatively adopting four-tuple feature vector. Controller dynamic defense mitigates DDoS attacks’ effects on control plane by remapping controller and sending the access control message to switches. The simulation results demonstrate the efficiency of our proposed SGS with real-time DDoS attack defense and high detection accuracy, as well as high-efficiency network resource utilization.

Cyberpulse: A Machine Learning Based Link Flooding Attack Mitigation System for Software Defined Networks

Abstract: Software-defined networking (SDN) offers a novel paradigm for effective network management by decoupling the control plane from the data plane thereby allowing a high level of manageability and programmability. However, the notion of a centralized controller becomes a bottleneck by opening up a host of vulnerabilities to various types of attacks. One of the most harmful, stealthy, and easy to launch attacks against networked systems is the link flooding attack (LFA). In this paper, we demonstrate the vulnerability of the SDN control layer to LFA and how the attack strategy differs when targeting traditional networks which primarily involves attacking the links directly. In LFA, the attacker employs bots to surreptitiously send low rate legitimate traffic on the control channel which ultimately results in disconnecting control plane from the data plane. Mitigating LFA on the control channel remains a challenge in the network security paradigm with the use of network traffic filtering only. To address this challenge, we propose CyberPulse, a novel effective countermeasure, underpinning a machine learning-based classifier to alleviate LFA in SDN. CyberPulse performs network surveillance by classifying network traffic using deep learning techniques and is implemented as an extension module in the Floodlight controller. CyberPulse was evaluated for its accuracy, false positive rate, and effectiveness as compared to competing approaches on realistic networks generated using Mininet. The results show that CyberPulse can classify malicious flows with high accuracy and mitigate them effectively.

Artificial Intelligence Enabled Software Defined Networking: A Comprehensive Overview

Abstract: Software-defined networking (SDN) represents a promising networking architecture that combines central management and network programmability. SDN separates the control plane from the data plane and moves the network management to a central point, called the controller that can be programmed and used as the brain of the network. Recently, the research community has shown an increased tendency to benefit from the recent advancements in the artificial intelligence (AI) field to provide learning abilities and better decision making in SDN. In this study, the authors provide a detailed overview of the recent efforts to include AI in SDN. The study showed that the research efforts focused on three main sub-fields of AI namely: machine learning, meta-heuristics and fuzzy inference systems. Accordingly, in this work, the authors investigate their different application areas and potential use, as well as the improvements achieved by including AI-based techniques in the SDN paradigm.

Fault Management in Software-Defined Networking: A Survey

Abstract: Software-defined networking (SDN) has emerged as a new network paradigm that promises control/data plane separation and centralized network control While these features simplify network management and enable innovative networking, they give rise to persistent concerns about reliability The new paradigm suffers from the disadvantage that various network faults may consistently undermine the reliability of such a network, and such faults are often new and difficult to resolve with existing solutions To ensure SDN reliability, fault management , which is concerned with detecting, localizing, correcting and preventing faults, has become a key component in SDN networks Although many SDN fault management solutions have been proposed, we find that they often resolve SDN faults from an incomplete perspective which may result in side effects More critically, as the SDN paradigm evolves, additional fault types are being exposed Therefore, comprehensive reviews and constant improvements are required to remain on the leading edge of SDN fault management In this paper, we present the first comprehensive and systematic survey of SDN faults and related management solutions identified through advancements in both the research community and industry We apply a systematic classification of SDN faults, compare and analyze existing SDN fault management solutions in the literature, and conduct a gap analysis between solutions developed in an academic research context and practical deployments The current challenges and emerging trends are also noted as potential future research directions This paper aims to provide academic researchers and industrial engineers with a comprehensive survey with the hope of advancing SDN and inspiring new solutions

Learning QoE of Mobile Video Transmission With Deep Neural Network: A Data-Driven Approach

Abstract: Quality of experience (QoE) serves as a direct evaluation of users’ experiences in mobile video transmission and thus essential for network management, such as network optimization. In this paper, we propose a deep learning-based QoE prediction approach with a large-scale QoE dataset for mobile video transmission. Specifically, we develop a mobile phone application for collecting user QoE data when viewing videos transmitted over the mobile internet in a practical environment. Then, we construct a large-scale dataset by collecting over 80000 piece of data with four kinds of subjective scores and 89 network parameters. Each QoE metric is related to only some of the 89 network parameters. Therefore, we apply the feature selection method to find the feature parameters related to user scores. Additionally, the boxplot method is used to clean the raw data by removing outliers. Finally, a deep neural network (DNN) is developed to learn the relationships between the network parameters and the subjective QoE scores. The proposed DNN can also be seen as a data-driven objective QoE prediction approach for mobile video transmission, which can be used to predict the user QoE scores. The experimental results show that the proposed approach can effectively remove most features irrelevant to QoE prediction. Moreover, the performance of QoE prediction by the proposed model outperforms other state-of-the-art approaches.

Toward secure software-defined networks against distributed denial of service attack

Abstract: The newly emerged software-defined networking (SDN) paradigm provides a flexible network management by decoupling the network control logic from the data plane, which could effectively resolve many security issues of legacy networks. One of such security issues is distributed denial of service (DDoS) attack, which is a rapidly growing network threat. This is usually performed on a target system to make an online service unavailable to the users. SDN can easily detect the DDoS attack due to the centralized control provisioning and network visibility. At the same time, the changes of fundamental architecture and the developments of various design entities pose a severe DDoS threat to the SDN platform. This paper presents a concise up-to-date review of security concerns of SDN, possible DDoS attack in individual layers of SDN and ongoing research efforts on SDN-enabled DDoS detection solutions. Based on the findings, an information distance-based flow discriminator framework has been discussed, which can discriminate the DDoS traffic during flash events, a similar looking legitimate traffic, in SDN environment. The information distance metric is used to describe the variations of traffic behavior of such events. The simulation results show that the information distance metric can effectively identify the DDoS traffic in comparison with other metrics with a higher detection rate. The proposed solution can detect the traffic at the edge switch so that the attack alert can be raised at the earliest.

Monitoring and Data Analytics for Optical Networking: Benefits, Architectures, and Use Cases

Abstract: Operators' network management continuously measures network health by collecting data from the deployed network devices; data is used mainly for performance reporting and diagnosing network problems after failures, as well as by human capacity planners to predict future traffic growth. Typically, these network management tools are generally reactive and require significant human effort and skills to operate effectively. As optical networks evolve to fulfil highly flexible connectivity and dynamicity requirements, and supporting ultra-low latency services, they must also provide reliable connectivity and increased network resource efficiency. Therefore, reactive human-based network measurement and management will be a limiting factor in the size and scale of these new networks. Future optical networks must support fully automated management, providing dynamic resource re-optimization to rapidly adapt network resources based on predicted conditions and events; identify service degradation conditions that will eventually impact connectivity and highlight critical devices and links for further inspection; and augment rapid protection schemes if a failure is predicted or detected, and facilitate resource optimization after restoration events. Applying automation techniques to network management requires both the collection of data from a variety of sources at various time frequencies, but it must also support the capability to extract knowledge and derive insight for performance monitoring, troubleshooting, and maintain network service continuity. Innovative analytics algorithms must be developed to derive meaningful input to the entities that orchestrate and control network resources; these control elements must also be capable of proactively programming the underlying optical infrastructure. In this article, we review the emerging requirements for optical network management automation, the capabilities of current optical systems, and the development and standardization status of data models and protocols to facilitate automated network monitoring. Finally, we propose an architecture to provide Monitoring and Data Analytics (MDA) capabilities, we present illustrative control loops for advanced network monitoring use cases, and the findings that validate the usefulness of MDA to provide automated optical network management.

QoE Management of Multimedia Streaming Services in Future Networks: A Tutorial and Survey.

Abstract: We provide in this paper a tutorial and a comprehensive survey of QoE management solutions in current and future networks. We start with a high level description of QoE management for multimedia services, which integrates QoE modelling, monitoring, and optimization. This followed by a discussion of HTTP Adaptive Streaming (HAS) solutions as the dominant technique for streaming videos over the best-effort Internet. We then summarize the key elements in SDN/NFV along with an overview of ongoing research projects, standardization activities and use cases related to SDN, NFV, and other emerging applications. We provide a survey of the state-of-the-art of QoE management techniques categorized into three different groups: a) QoE-aware/driven strategies using SDN and/or NFV; b) QoE-aware/driven approaches for adaptive streaming over emerging architectures such as multi-access edge computing, cloud/fog computing, and information-centric networking; and c) extended QoE management approaches in new domains such as immersive augmented and virtual reality, mulsemedia and video gaming applications. Based on the review, we present a list of identified future QoE management challenges regarding emerging multimedia applications, network management and orchestration, network slicing and collaborative service management in softwarized networks. Finally, we provide a discussion on future research directions with a focus on emerging research areas in QoE management, such as QoE-oriented business models, QoE-based big data strategies, and scalability issues in QoE optimization.

On using eXtreme Gradient Boosting (XGBoost) Machine Learning algorithm for Home Network Traffic Classification

Abstract: Traffic classification (TC) is a fundamental task of network management and monitoring operations. Previous works relying on selected packet header fields (e.g. port numbers) or application layer protocol decoding techniques are becoming increasingly difficult and inefficient when facing encrypted traffic and peer-to-peer flows. In this paper, we address the problem of flow based TC using machine learning (ML) algorithms. Our work considers a supervised approach, namely eXtreme Gradient Boosting (XGBoost) algorithm, which has never been investigated for TC. Performance evaluation results show that we obtain 99.5% accuracy on a dataset containing real flows. Additionally, compared to other ML algorithms, XGBoost is the most accurate one.

Autonomic Handover Management for Heterogeneous Networks in a Future Internet Context: A Survey

Abstract: Future Internet (FI) scenarios envisage ubiquitous broadband coverage and seamless mobility, enabling the availability of personalized network connectivity at all places and with a high quality of service (QoS). In such a heterogeneous and complex environment, vertical handover (VHO) management is key for achieving the connectivity objectives, but also presents several challenges. In surveying this topic, this paper takes a direction that extends the state-of-the-art: By incorporating concepts of autonomic network management (ANM), in particular the self-management and cognitive functionalities therein, to VHO management, this paper sheds new light to VHO operations from an ANM point of view, encompassing FI environments and the emerging fifth generation networks. In doing so, the survey identifies the main concepts and provides a taxonomy of relevant architectural components. Based on this taxonomy, a number of important autonomic features are identified, each one promoting the system’s self-optimization along a certain direction toward the overall enhancement of the VHO operations. Another contribution of this paper is the consideration of robustness in VHO decision making (i.e., achieving stable decisions under uncertainty) and a discussion of the relation between robustness factors and the autonomic features previously introduced. The general concepts developed in this paper are applied to representative state-of-the-art handover management solutions with autonomic characteristics. These specific solutions are presented, analyzed, and correlated according to the proposed taxonomy and criteria, culminating to conclusions that provide useful insights toward future, further enhanced solutions.

Network-Aware Coordination of Residential Distributed Energy Resources

Abstract: Rooftop solar and batteries, along with other distributed energy resources (DERs), add a new demand-side flexibility, which, when harnessed, will enable distribution operators to more efficiently manage their constrained networks. This paper presents network-aware coordination (NAC), an approach for coordinating DER within unbalanced distribution network constraints, which utilizes the alternating direction method of multipliers (ADMMs) to solve a distributed receding-horizon OPF. As far as we are aware, this paper is the first to report on the practical implementation and performance of an ADMM-based technique solving a significant network problem in live operations. We present real-world trial results of NAC coordinating 31 residential batteries on a constrained feeder within Tasmania’s 11-kV distribution network. The batteries are coordinated to manage the network’s constraints during periods of high feeder demand, decreasing the need for expensive conventional network management, in this case a diesel generator. We achieve a 34% reduction in diesel over seven peaks with 31 batteries capable of meeting 10% of peak demand. Supplementary simulations indicate the potential for a 74% diesel reduction if battery numbers were increased to 100. We find that compared to uncoordinated battery response, the NAC achieves 13% lower total costs over the trial period.

KaaS: Key as a Service over Quantum Key Distribution Integrated Optical Networks

Abstract: In the Internet Age, optical networks are vulnerable to numerous cyberattacks, and conventional key distribution methods suffer from the increased computational power. QKD can distribute information-theoretically secure secret keys between two parties based on the principles of quantum mechanics. Integrating QKD into optical networks can leverage existing fiber infrastructures with wavelength division multiplexing for the practical deployment of secret keys, and accordingly employ the secret keys for optical-layer security enhancement. Then, how to efficiently deploy and employ secret keys over QKD-integrated optical networks are emerging as two challenges. This article proposes a framework of key as a service (KaaS, i.e., providing secret keys as a service in a timely and accurate manner to satisfy the security requirements) to jointly overcome these two challenges. To enable the typical functions (i.e., secret-key deployment and employment) in KaaS, two secret-key virtualization steps, that is, key pool (KP) assembly and virtual key pool (VKP) assembly, are introduced. Also, we illustrate a new QKD-integrated optical network architecture from a holistic view, where the control layer is implemented by software defined networking for efficient network management. A time-shared KP assembly strategy and an on-demand VKP assembly strategy are presented for KaaS implementation. The success probabilities of KP assembly and VKP assembly are defined to evaluate the benefits of KaaS for efficiently deploying and employing secret keys as well as for security enhancement over QKD-integrated optical networks.

5G and Beyond: Smart Devices as Part of the Network Fabric

Abstract: 5G networks mainly rely on infrastructure-centric cellular solutions to address data traffic and service demands. Continuously scaling infrastructure- centric cellular networks is not exempt from challenges, and beyond 5G networks should consider the active coexistence and coordination of infrastructure-centric and device-centric wireless networks. Device-centric wireless networks will build from D2D and MCNs. Device-centric wireless networks can push the limits of edge computing and networking to smart devices (including smartphones, vehicles, machines and robots), and exploit their mobile computing, storage and connectivity capabilities. These capabilities can be more efficiently utilized using demand-driven opportunistic networking that establishes the connections between devices and nodes not just based on their presence, but also on their capacity to support the requested demand and services. This article presents results from experimental field tests that demonstrate the cellular spectral efficiency gains that can be achieved from the combined use of device-centric wireless communications and demand-driven opportunistic networking. The field trials demonstrate that these technologies can improve the cellular spectral efficiency of conventional cellular communications by up to a factor of 4.7 and 12 in outdoor pedestrian and vehicular scenarios, respectively, under the evaluated scenarios and conditions. These gains have been obtained using 4G and IEEE 802.11 technologies. However, the potential of device-centric wireless networks is not constrained to any particular radio interface. The results presented in this article provide empirical evidences that further motivate progressing toward a new paradigm where edge networking capabilities are moved to smart mobile devices that become part of the network fabric, and can opportunistically and locally integrate network management functions to ensure that sufficient resources are placed where the demand arises.

On the Security of SDN: A Completed Secure and Scalable Framework Using the Software-Defined Perimeter

Abstract: The widespread adoption and evolution of Software Defined Networking (SDN) have enabled the service providers to successfully simplify network management. Along with the traffic explosion, there is decreasing CAPEX and OPEX as well as an increase in the average revenue per user. However, this wide adoption of SDNs is posing real challenges and concerns in terms of security aspects. The main challenges are how to provide proper authentication, access control, data privacy, and data integrity among others for the API-driven orchestration of network routing. Herein, the Software Defined Perimeter (SDP) is proposed as a framework to provide an orchestration of connections. The expectation is a framework that restricts network access and connections between objects on the SDN-enabled network infrastructures. There are several potential benefits as a result of the integration between SDP systems and SDNs. In particular, it provides a completely scalable and managed security solution. Consequently, it leads to flexible deployment that can be tailored to fit the need of any generic network security perimeter. The proposed Integrated frameworks are examined through virtualized network testbeds. The testing results demonstrate that the proposed framework is malleable to both port scanning (PS) attack and Denial of Service (DoS) bandwidth attack. In addition, it clarifies some interesting potential integration points between the SDP systems and SDNs to further research in this area.

MIRAGE: Mobile-app Traffic Capture and Ground-truth Creation

Abstract: Network traffic analysis, i.e., the umbrella of procedures for distilling information from network traffic, represents the enabler for highly-valuable profiling information, other than being the workhorse for several key network management tasks. While it is currently being revolutionized in its nature by the rising share of traffic generated by mobile and hand-held devices, existing design solutions are mainly evaluated on private traffic traces, and only a few public datasets are available, thus clearly limiting repeatability and further advances on the topic. To this end, this paper introduces and describes MIRAGE, a reproducible architecture for mobile-app traffic capture and ground-truth creation. The outcome of this system is MIRAGE-2019, a human-generated dataset for mobile traffic analysis (with associated ground-truth) having the goal of advancing the state-of-the-art in mobile app traffic analysis. A first statistical characterization of the mobile-app traffic in the dataset is provided in this paper. Still, MIRAGE is expected to be capitalized by the networking community for different tasks related to mobile traffic analysis.

6TiSCH: Industrial Performance for IPv6 Internet-of-Things Networks

Abstract: The convergence of operational and information technologies in the industry requires a new generation of IP-compliant communication protocols that can meet the industrial performance requirements while facilitating the integration with novel web-based supervisory control and data acquisition (SCADA) systems. For more than a decade, the industry has relied on time-slotted channel hopping (TSCH) communication technology to meet these performance requirements through standards such as WirelessHART and ISA100.11a. TSCH-based networks have proven to yield over 99.999% end-to-end reliability, supporting flow isolation and QoS management while ensuring over a decade of battery lifetime. However, these technologies were designed to address the factory use cases of a decade ago, not considering IP compliance or standardized network management and resource orchestration as a must. The Internet Engineering Task Force (IETF) and the 6TiSCH working group (WG) have been actively working on this challenge by designing protocols to bridge the performance of industrial solutions with IP-compliant networks. The effort has resulted in 6TiSCH, a set of specifications that define the IPv6 control plane to manage and orchestrate a TSCH network. 6TiSCH provides the missing elements for zero-configuration TSCH network bootstrap, efficient network access authentication, and distributed and modular scheduling mechanisms. As a cross-layer effort, 6TiSCH leverages and integrates other IETF specifications and the WG has also driven the definition of novel specifications in other IETF WGs. An ultimate goal of this effort is the definition of a fully functional architecture where a combination of IETF protocols enables the envisioned convergence on top of the IEEE industrial standard. This paper introduces the work done by the 6TiSCH WG at IETF, evaluates the performance of the reference implementation, and discusses the 6TiSCH software ecosystem.

Predictive Control of Flexible Resources for Demand Response in Active Distribution Networks

Abstract: In this paper, a model-based predictive control method is proposed for utilization of flexible resources such as battery energy storage systems and heating systems effectively to provide demand response in low-voltage distribution networks with solar photovoltaic. The contributions of this paper are twofold. First, a linear power flow method based on relaxation of branch power losses applicable to radial distribution networks is proposed and formulated. Second, a flexible resources controller that solves a multi-objective linear optimization problem in receding-horizon fashion is formulated taking into account system states, forecasts of generation, and loads. Using the proposed control algorithm, flexibility from network resources can be utilized for low-voltage network management with assurance of quality of service to the customers. Simulations are conducted for summer and winter cases on a simplified Danish low-voltage network using Matlab/Simulink to study the performance of the proposed control method. Compared to the methods in state of the art, the proposed linear power flow method is proven to be accurate for the calculation of network power flows. Simulation results also show that proposed flexible resources controller can meet the network control objectives while satisfying the network constraints and operation limits of the flexible resources.