Flow Allocation for Maximum Throughput and Bounded Delay on Multiple Disjoint Paths for Random Access Wireless Multihop Networks

In this paper, we consider random access, wireless, multi-hop networks, with multi-packet reception capabilities, where multiple flows are forwarded to the gateways through node disjoint paths. We explore the issue of allocating flow on multiple paths, exhibiting both intra- and inter-path interference, in order to maximize average aggregate flow throughput (AAT) and also provide bounded packet delay. A distributed flow allocation scheme is proposed where allocation of flow on paths is formulated as an optimization problem. Through an illustrative topology it is shown that the corresponding problem is non-convex. Furthermore, a simple, but accurate model is employed for the average aggregate throughput achieved by all flows, that captures both intra- and inter-path interference through the SINR model. The proposed scheme is evaluated through Ns2 simulations of several random wireless scenarios. Simulation results reveal that, the model employed, accurately captures the AAT observed in the simulated scenarios, even when the assumption of saturated queues is removed. Simulation results also show that the proposed scheme achieves significantly higher AAT, for the vast majority of the wireless scenarios explored, than the following flow allocation schemes: one that assigns flows on paths on a round-robin fashion, one that optimally utilizes the best path only, and another one that assigns the maximum possible flow on each path. Finally, a variant of the proposed scheme is explored, where interference for each link is approximated by considering its dominant interfering nodes only.Comment: IEEE Transactions on Vehicular Technolog

Cross-layer aided energy-efficient routing design for ad hoc networks

In this treatise, we first review some basic routing protocols conceived for ad hoc networks, followed by some design examples of cross-layer operation aided routing protocols. Specifically, cross-layer operation across the PHYsical layer (PHY), the Data Link layer (DL) and even the NETwork layer (NET) is exemplified for improving the energy efficiency of the entire system. Moreover, the philosophy of Opportunistic Routing (OR) is reviewed for the sake of further reducing the system's energy dissipation with the aid of optimized Power Allocation (PA). The system's end-to-end throughput is also considered in the context of a design example

Optimized and Automated Machine Learning Techniques Towards IoT Data Analytics and Cybersecurity

The Internet-of-Things (IoT) systems have emerged as a prevalent technology in our daily lives. With the wide spread of sensors and smart devices in recent years, the data generation volume and speed of IoT systems have increased dramatically. In most IoT systems, massive volumes of data must be processed, transformed, and analyzed on a frequent basis to enable various IoT services and functionalities. Machine Learning (ML) approaches have shown their capacity for IoT data analytics. However, applying ML models to IoT data analytics tasks still faces many difficulties and challenges. The first challenge is to process large amounts of dynamic IoT data to make accurate and informed decisions. The second challenge is to automate and optimize the data analytics process. The third challenge is to protect IoT devices and systems against various cyber threats and attacks. To address the IoT data analytics challenges, this thesis proposes various ML-based frameworks and data analytics approaches in several applications. Specifically, the first part of the thesis provides a comprehensive review of applying Automated Machine Learning (AutoML) techniques to IoT data analytics tasks. It discusses all procedures of the general ML pipeline. The second part of the thesis proposes several supervised ML-based novel Intrusion Detection Systems (IDSs) to improve the security of the Internet of Vehicles (IoV) systems and connected vehicles. Optimization techniques are used to obtain optimized ML models with high attack detection accuracy. The third part of the thesis developed unsupervised ML algorithms to identify network anomalies and malicious network entities (e.g., attacker IPs, compromised machines, and polluted files/content) to protect Content Delivery Networks (CDNs) from service targeting attacks, including distributed denial of service and cache pollution attacks. The proposed framework is evaluated on real-world CDN access log data to illustrate its effectiveness. The fourth part of the thesis proposes adaptive online learning algorithms for addressing concept drift issues (i.e., data distribution changes) and effectively handling dynamic IoT data streams in order to provide reliable IoT services. The development of drift adaptive learning methods can effectively adapt to data distribution changes and avoid data analytics model performance degradation

Orchestrating datacenters and networks to facilitate the telecom cloud

In the Internet of services, information technology (IT) infrastructure providers play a critical role in making the services accessible to end-users. IT infrastructure providers host platforms and services in their datacenters (DCs). The cloud initiative has been accompanied by the introduction of new computing paradigms, such as Infrastructure as a Service (IaaS) and Software as a Service (SaaS), which have dramatically reduced the time and costs required to develop and deploy a service. However, transport networks become crucial to make services accessible to the user and to operate DCs. Transport networks are currently configured with big static fat pipes based on capacity over-provisioning aiming at guaranteeing traffic demand and other parameters committed in Service Level Agreement (SLA) contracts. Notwithstanding, such over-dimensioning adds high operational costs for DC operators and service providers. Therefore, new mechanisms to provide reconfiguration and adaptability of the transport network to reduce the amount of over-provisioned bandwidth are required. Although cloud-ready transport network architecture was introduced to handle the dynamic cloud and network interaction and Elastic Optical Networks (EONs) can facilitate elastic network operations, orchestration between the cloud and the interconnection network is eventually required to coordinate resources in both strata in a coherent manner. In addition, the explosion of Internet Protocol (IP)-based services requiring not only dynamic cloud and network interaction, but also additional service-specific SLA parameters and the expected benefits of Network Functions Virtualization (NFV), open the opportunity to telecom operators to exploit that cloud-ready transport network and their current infrastructure, to efficiently satisfy network requirements from the services. In the telecom cloud, a pay-per-use model can be offered to support services requiring resources from the transport network and its infrastructure. In this thesis, we study connectivity requirements from representative cloud-based services and explore connectivity models, architectures and orchestration schemes to satisfy them aiming at facilitating the telecom cloud. The main objective of this thesis is demonstrating, by means of analytical models and simulation, the viability of orchestrating DCs and networks to facilitate the telecom cloud. To achieve the main goal we first study the connectivity requirements for DC interconnection and services on a number of scenarios that require connectivity from the transport network. Specifically, we focus on studying DC federations, live-TV distribution, and 5G mobile networks. Next, we study different connectivity schemes, algorithms, and architectures aiming at satisfying those connectivity requirements. In particular, we study polling-based models for dynamic inter-DC connectivity and propose a novel notification-based connectivity scheme where inter-DC connectivity can be delegated to the network operator. Additionally, we explore virtual network topology provisioning models to support services that require service-specific SLA parameters on the telecom cloud. Finally, we focus on studying DC and network orchestration to fulfill simultaneously SLA contracts for a set of customers requiring connectivity from the transport network.En la Internet de los servicios, los proveedores de recursos relacionados con tecnologías de la información juegan un papel crítico haciéndolos accesibles a los usuarios como servicios. Dichos proveedores, hospedan plataformas y servicios en centros de datos. La oferta plataformas y servicios en la nube ha introducido nuevos paradigmas de computación tales como ofrecer la infraestructura como servicio, conocido como IaaS de sus siglas en inglés, y el software como servicio, SaaS. La disponibilidad de recursos en la nube, ha contribuido a la reducción de tiempos y costes para desarrollar y desplegar un servicio. Sin embargo, para permitir el acceso de los usuarios a los servicios así como para operar los centros de datos, las redes de transporte resultan imprescindibles. Actualmente, las redes de transporte están configuradas con conexiones estáticas y su capacidad sobredimensionada para garantizar la demanda de tráfico así como los distintos parámetros relacionados con el nivel de servicio acordado. No obstante, debido a que el exceso de capacidad en las conexiones se traduce en un elevado coste tanto para los operadores de los centros de datos como para los proveedores de servicios, son necesarios nuevos mecanismos que permitan adaptar y reconfigurar la red de forma eficiente de acuerdo a las nuevas necesidades de los servicios a los que dan soporte. A pesar de la introducción de arquitecturas que permiten la gestión de redes de transporte y su interacción con los servicios en la nube de forma dinámica, y de la irrupción de las redes ópticas elásticas, la orquestación entre la nube y la red es necesaria para coordinar de forma coherente los recursos en los distintos estratos. Además, la explosión de servicios basados el Protocolo de Internet, IP, que requieren tanto interacción dinámica con la red como parámetros particulares en los niveles de servicio además de los habituales, así como los beneficios que se esperan de la virtualización de funciones de red, representan una oportunidad para los operadores de red para explotar sus recursos y su infraestructura. La nube de operador permite ofrecer recursos del operador de red a los servicios, de forma similar a un sistema basado en pago por uso. En esta Tesis, se estudian requisitos de conectividad de servicios basados en la nube y se exploran modelos de conectividad, arquitecturas y modelos de orquestación que contribuyan a la realización de la nube de operador. El objetivo principal de esta Tesis es demostrar la viabilidad de la orquestación de centros de datos y redes para facilitar la nube de operador, mediante modelos analíticos y simulaciones. Con el fin de cumplir dicho objetivo, primero estudiamos los requisitos de conectividad para la interconexión de centros de datos y servicios en distintos escenarios que requieren conectividad en la red de transporte. En particular, nos centramos en el estudio de escenarios basados en federaciones de centros de datos, distribución de televisión en directo y la evolución de las redes móviles hacia 5G. A continuación, estudiamos distintos modelos de conectividad, algoritmos y arquitecturas para satisfacer los requisitos de conectividad. Estudiamos modelos de conectividad basados en sondeos para la interconexión de centros de datos y proponemos un modelo basado en notificaciones donde la gestión de la conectividad entre centros de datos se delega al operador de red. Estudiamos la provisión de redes virtuales para soportar en la nube de operador servicios que requieren parámetros específicos en los acuerdos de nivel de servicio además de los habituales. Finalmente, nos centramos en el estudio de la orquestación de centros de datos y redes con el objetivo de satisfacer de forma simultánea requisitos para distintos servicios.Postprint (published version

Contributions to network planning and operation of Flex-Grid/SDM optical core networks

Premi Extraordinari de Doctorat, promoció 2018-2019. Àmbit de les TICThe ever demanding bandwidth requirements for supporting emerging telecom services such as ultra-high-definition video streaming, cloud computing, connected car, virtual/augmented reality, etc., bring to the fore the necessity to upgrade continuously the technology behind transport networks in order to keep pace with this exponential traffic growth. Thus, everything seems to indicate that fixed-grid Wavelength-Division Multiplexed (WDM) networks will be upgraded by adopting a flexible-grid, thus providing finer bandwidth allocation granularities, and therefore, increasing the Grade-of-Service by packing more information in the same spectral band of standard Single-Mode Fibers (SMFs). Nevertheless, unfortunately, the fundamental Shannon’s limit of SMFs is rapidly approaching, and, then, the research efforts to increase the SMFs' capacity will be useless. One solution to overcome this capacity crunch effect is to enable one extra dimension in addition to the frequency one, namely, the spatial dimension, thus deploying S parallel paths in order to multiply, in the best case, by S the capacity of SMF-based networks. However, additionally, it is necessary to decrease the cost and energy per bit in order to provide economically attractive solutions. For this purpose, a smooth upgrade path has to be carried out as new integrated devices and system components are developed for Space Division Multiplexing (SDM). This thesis is concentrated on the planning and operation of the combined flexible WDM and SDM networks (i.e., Flex-Grid/SDM networks) proposing several strategies aimed at optimizing network resources usage with hardware complexity analysis. For this purpose, firstly, network problems are carefully studied and stated, and then, mathematical and/or heuristic algorithms are designed and implemented in an optical network simulator. Specifically, after an introduction to the thesis, chapter 2 presents the background and related work. Next, chapter 3 concentrates on the study of spatially fixed Flex-Grid/SDM networks, i.e., when a rigid number of spatial channels are reserved per allocated traffic demand. In its turn, chapter 4 studies the case of Spectrally-Spatially Flexible Optical Networks (SS-FONs), as the ones providing the upper-bound network capacity. Costs and hardware requirements implied on providing this flexibility are analyzed. Network nodes aimed at reducing the cost of SS-FONs are presented and evaluated in chapter 5. Finally, this thesis ends with the presentation of the main contributions and future research work in chapter 6.La demanda de ancho de banda cada vez más exigente para soportar servicios de telecomunicación emergentes tales como la transmisión de video de alta calidad, computación en la nube, vehículo conectado, realidad virtual/aumentada, etc.…, ha puesto de manifiesto la necesidad de actualizar constantemente la tecnología detrás de las redes de transporte óptico con la finalidad de ir a la par de este incremento exponencial del tráfico. De esta manera, todo parece indicar que las redes basadas en la multiplexación por division de longitud de onda (Wavelength Division Multiplexing, WDM) de ancho espectral fijo serán actualizadas adoptando un ancho de banda espectral flexible, que ofrece asignaciones de ancho de banda con granularidad más fina acorde a las demandas de tráfico; y por lo tanto, incremanta el Grado de Servicio de la red, ya que se permite acomodar mayor información en la misma banda espectral de las fibras monomodo (Single Mode Fibers, SMFs). Sin embargo, desafortunadamente, el límite de Shannon de las fibras monomodo se está aproximando cada vez más, y cuando esto ocurra las investigaciones para incrementar la capacidad de las fibras monomodo serán infructuosas. Una posible solución para superar este colapso de las fibras monomodo es habilitar la dimensión espacial a más de la frecuencial, desplegando � caminos paralelos con la finalidad de multiplicar por � (en el mejor de los casos) la capacidad de las fibras monomodo. No obstante, es necesario disminuir el costo y la energía por bit con la finalidad de proveer soluciones comerciales atractivas. Para tal propósito debe llevarse a cabo una actualización moderada conforme nuevos dispositivos y componentes integrados son desarrollados para la implementación de la tecnología basada en la multiplexación por división de espacio (Space Division Multiplexing, SDM). Esta tesis se concentra en la planificación y operación de la combinación de las redes WDM flexibles y SDM (es decir, de las redes Flex-Grid/SDM) proponiendo varias estrategias dirigidas a optimizar el uso de los recursos de red junto con el análisis de la complejidad del hardware que viene acompañada. Para este fin, primeramente, los problemas de red son cuidadosamente estudiados y descritos. A continuación, se han diseñado e implementado algoritmos basados en programación lineal entera o heurísticas en un simulador de redes ópticas. Después de una introducción inicial, el capítulo 2 de esta tesis presenta el marco teórico sobre los conceptos tratados y los trabajos publicados anteriormente. A continuación, el capítulo 3 se concentra en el estudio de las redes Flex-Grid/SDM con la dimensión espacial rígida; es decir, cuando un número fijo de canales espaciales son reservados por cada demanda de tráfico establecida. Por su parte, el capítulo 4 estudia las redes Flex-Grid/SDM considerando flexibilidad tanto en el dominio espacial como espectral (Spectrally and Spatially Flexible Optical Networks, SS-FONs), las cuales proveerían la capacidad máxima de las redes SDM. Adicionalmente, los costos y requerimientos de hardware implicados en la provisión de esta flexibilidad son analizados. El capítulo 5 presenta la evaluación de nodos orientados a reducir los costos de las SS-FONs. Finalmente, el capítulo 6 expone las principales contribuciones y las posibles líneas de trabajo futuroEls requisits incessants d’ample de banda per al suport de nous serveis de telecomunicació, com poden ser la difusió en directe de vídeo de molt alta definició, la informàtica en el núvol, els cotxes intel·ligents connectats a la xarxa, la realitat virtual/augmentada, etc…, han exigit una millora contínua de les tecnologíes de les actuals xarxes de transport de dades. Tot sembla indicar que les xarxes de transport òptiques actuals, basades en la tecnologia de multiplexació per divisió de longitud d’ona (Wavelength Division Multiplexing, WDM) sobre un grid espectral rígid, hauran de ser reemplaçades per tecnologies òptiques més flexibles, amb una granularitat més fina a l’hora de suportar noves connexions, incrementat el grau de servei de les xarxes gràcies a aprofitament major de l’ample de banda espectral proporcionat per les fibres òptiques monomode (Single Mode Fibers, SMFs). Tanmateix, estem exhaurint ja la capacitat màxima de les fibres òptiques SMF segons ens indica el límit fonamental de Shannon. Per tant, qualsevol esforç enfocat a millorar la capacitat d’aquestes xarxes basades en SMFs pot acabar sent infructuós. Una possible solució per superar aquestes limitacions de capacitat és explorar la dimensió espacial, a més de l’espectral, desplegant camins en paral·lel per tal de multiplicar per , en el millor cas, la capacitat de les SMFs. Tot i això, és necessari reduir el cost i el consum energètic per bit transmès, per tal de proporcionar solucions econòmicament viables. Amb aquest propòsit, pot ser necessària una migració progressiva, a mesura que es desenvolupen nous dispositius i components per aquesta nova tecnologia de multiplexació per divisió espacial (Spatial Division Multiplexing, SDM). La present tesi es centra en la planificació i operació de xarxes òptiques de nova generació que combinin tecnologies de xarxa WDM flexible i SDM (és a dir, xarxes Flex-Grid/SDM), proposant estratègies per a l’optimització de l’ús dels recursos de xarxa i, en definitiva, el seu cost (CapEx). Amb aquest propòsit, s’analitzen en primer moment els problemes adreçats. Tot seguit, es dissenyen algorismes per tal de solucionar-los, basats en tècniques de programació matemàtica i heurístiques, els quals s’implementen i es proven en un simulador de xarxa òptica. Després d’una introducció inicial, el capítol 2 d’aquesta tesi presenta tots els conceptes tractats i treballs relacionats publicats amb anterioritat. Tot seguit, el capítol 3 es centra en l’estudi de les xarxes Flex-Grid/SDM fixes en el domini espai, és a dir, on sempre es reserva un nombre rígid de canals espacials per qualsevol demanda suportada. El capítol 4 estudia les xarxes flexibles en els dominis espectrals i espacials (Spectrally-Spatially Flexible Optical Nextworks, SS-FONs), com aquelles que poden proporcionar una capacitat de xarxa màxima. En aquest context, s’analitzen els requeriments en termes de cost i hardware per tal de proporcionar aquesta flexibilitat. Llavors, en el capítol 6 es presenten opcions de node de xarxa capaces de reduir els costos de les xarxes SS-FONs. Finalment, en el capítol 7 es repassen totes les contribucions de la tesi, així com posibles línies de treball futurAward-winningPostprint (published version

Security and Privacy in the Internet of Things

The Internet of Things (IoT) is an emerging paradigm that seamlessly integrates electronic devices with sensing and computing capability into the Internet to achieve intelligent processing and optimized controlling. In a connected world built through IoT, where interconnected devices are extending to every facet of our lives, including our homes, offices, utility infrastructures and even our bodies, we are able to do things in a way that we never before imagined. However, as IoT redefines the possibilities in environment, society and economy, creating tremendous benefits, significant security and privacy concerns arise such as personal information confidentiality, and secure communication and computation. Theoretically, when everything is connected, everything is at risk. The ubiquity of connected things gives adversaries more attack vectors and more possibilities, and thus more catastrophic consequences by cybercrimes. Therefore, it is very critical to move fast to address these rising security and privacy concerns in IoT systems before severe disasters happen. In this dissertation, we mainly address the challenges in two domains: (1) how to protect IoT devices against cyberattacks; (2) how to protect sensitive data during storage, dissemination and utilization for IoT applications. In the first part, we present how to leverage anonymous communication techniques, particularly Tor, to protect the security of IoT devices. We first propose two schemes to enhance the security of smart home by integrating Tor hidden services into IoT gateway for users with performance preference. Then, we propose a multipath-routing based architecture for Tor hidden services to enhance its resistance against traffic analysis attacks, and thus improving the protection for smart home users who desire very strong security but care less about performance. In the second part of this dissertation, we explore the solutions to protect the data for IoT applications. First, we present a reliable, searchable and privacy-preserving e-healthcare system, which takes advantage of emerging cloud storage and IoT infrastructure and enables healthcare service providers (HSPs) to realize remote patient monitoring in a secure and regulatory compliant manner. Then, we turn our attention to the data analysis in IoT applications, which is one of the core components of IoT applications. We propose a cloud-assisted, privacy-preserving machine learning classification scheme over encrypted data for IoT devices. Our scheme is based on a three-party model coupled with a two-stage decryption Paillier-based cryptosystem, which allows a cloud server to interact with machine learning service providers (MLSPs) and conduct computation intensive classification on behalf of the resourced-constrained IoT devices in a privacy-preserving manner. Finally, we explore the problem of privacy-preserving targeted broadcast in IoT, and propose two multi-cloud-based outsourced-ABE (attribute-based encryption) schemes. They enable the receivers to partially outsource the computationally expensive decryption operations to the clouds, while preventing attributes from being disclosed