5,369 research outputs found
HoPP: Robust and Resilient Publish-Subscribe for an Information-Centric Internet of Things
This paper revisits NDN deployment in the IoT with a special focus on the
interaction of sensors and actuators. Such scenarios require high
responsiveness and limited control state at the constrained nodes. We argue
that the NDN request-response pattern which prevents data push is vital for IoT
networks. We contribute HoP-and-Pull (HoPP), a robust publish-subscribe scheme
for typical IoT scenarios that targets IoT networks consisting of hundreds of
resource constrained devices at intermittent connectivity. Our approach limits
the FIB tables to a minimum and naturally supports mobility, temporary network
partitioning, data aggregation and near real-time reactivity. We experimentally
evaluate the protocol in a real-world deployment using the IoT-Lab testbed with
varying numbers of constrained devices, each wirelessly interconnected via IEEE
802.15.4 LowPANs. Implementations are built on CCN-lite with RIOT and support
experiments using various single- and multi-hop scenarios
The Road Ahead for Networking: A Survey on ICN-IP Coexistence Solutions
In recent years, the current Internet has experienced an unexpected paradigm
shift in the usage model, which has pushed researchers towards the design of
the Information-Centric Networking (ICN) paradigm as a possible replacement of
the existing architecture. Even though both Academia and Industry have
investigated the feasibility and effectiveness of ICN, achieving the complete
replacement of the Internet Protocol (IP) is a challenging task.
Some research groups have already addressed the coexistence by designing
their own architectures, but none of those is the final solution to move
towards the future Internet considering the unaltered state of the networking.
To design such architecture, the research community needs now a comprehensive
overview of the existing solutions that have so far addressed the coexistence.
The purpose of this paper is to reach this goal by providing the first
comprehensive survey and classification of the coexistence architectures
according to their features (i.e., deployment approach, deployment scenarios,
addressed coexistence requirements and architecture or technology used) and
evaluation parameters (i.e., challenges emerging during the deployment and the
runtime behaviour of an architecture). We believe that this paper will finally
fill the gap required for moving towards the design of the final coexistence
architecture.Comment: 23 pages, 16 figures, 3 table
Proactive detection of DDOS attacks in Publish-Subscribe networks
Information centric networking (ICN) using architectures such as Publish-Subscribe Internet Routing Paradigm (PSIRP) or Publish-Subscribe Internet Technology (PURSUIT) has been proposed as an important candidate for the Internet of the future. ICN is an emerging research area that proposes a transformation of the current host centric Internet architecture into an architecture where information items are of primary importance. This change allows network functions such as routing and locating to be optimized based on the information items themselves. The Bloom filter based content delivery is a source routing scheme that is used in the PSIRP/PURSUIT architectures. Although this mechanism solves many issues of today’s Internet such as the growth of the routing table and the scalability problems, it is vulnerable to distributed denial-of-service (DDoS) attacks. In this paper, we present a new content delivery scheme that has the advantages of Bloom filter based approach while at the same time being able to prevent DDoS attacks on the forwarding mechanism. Our security analysis suggests that with the proposed approach, the forwarding plane is able to resist attacks such as DDoS with very high probabilit
DISCO: Distributed Multi-domain SDN Controllers
Modern multi-domain networks now span over datacenter networks, enterprise
networks, customer sites and mobile entities. Such networks are critical and,
thus, must be resilient, scalable and easily extensible. The emergence of
Software-Defined Networking (SDN) protocols, which enables to decouple the data
plane from the control plane and dynamically program the network, opens up new
ways to architect such networks. In this paper, we propose DISCO, an open and
extensible DIstributed SDN COntrol plane able to cope with the distributed and
heterogeneous nature of modern overlay networks and wide area networks. DISCO
controllers manage their own network domain and communicate with each others to
provide end-to-end network services. This communication is based on a unique
lightweight and highly manageable control channel used by agents to
self-adaptively share aggregated network-wide information. We implemented DISCO
on top of the Floodlight OpenFlow controller and the AMQP protocol. We
demonstrated how DISCO's control plane dynamically adapts to heterogeneous
network topologies while being resilient enough to survive to disruptions and
attacks and providing classic functionalities such as end-point migration and
network-wide traffic engineering. The experimentation results we present are
organized around three use cases: inter-domain topology disruption, end-to-end
priority service request and virtual machine migration
Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking
Information-centric networking proposals attract much attention in the
ongoing search for a future communication paradigm of the Internet. Replacing
the host-to-host connectivity by a data-oriented publish/subscribe service
eases content distribution and authentication by concept, while eliminating
threats from unwanted traffic at an end host as are common in today's Internet.
However, current approaches to content routing heavily rely on data-driven
protocol events and thereby introduce a strong coupling of the control to the
data plane in the underlying routing infrastructure. In this paper, threats to
the stability and security of the content distribution system are analyzed in
theory and practical experiments. We derive relations between state resources
and the performance of routers and demonstrate how this coupling can be misused
in practice. We discuss new attack vectors present in its current state of
development, as well as possibilities and limitations to mitigate them.Comment: 15 page
Internames: a name-to-name principle for the future Internet
We propose Internames, an architectural framework in which names are used to
identify all entities involved in communication: contents, users, devices,
logical as well as physical points involved in the communication, and services.
By not having a static binding between the name of a communication entity and
its current location, we allow entities to be mobile, enable them to be reached
by any of a number of basic communication primitives, enable communication to
span networks with different technologies and allow for disconnected operation.
Furthermore, with the ability to communicate between names, the communication
path can be dynamically bound to any of a number of end-points, and the
end-points themselves could change as needed. A key benefit of our architecture
is its ability to accommodate gradual migration from the current IP
infrastructure to a future that may be a ubiquitous Information Centric
Network. Basic building blocks of Internames are: i) a name-based Application
Programming Interface; ii) a separation of identifiers (names) and locators;
iii) a powerful Name Resolution Service (NRS) that dynamically maps names to
locators, as a function of time/location/context/service; iv) a built-in
capacity of evolution, allowing a transparent migration from current networks
and the ability to include as particular cases current specific architectures.
To achieve this vision, shared by many other researchers, we exploit and expand
on Information Centric Networking principles, extending ICN functionality
beyond content retrieval, easing send-to-name and push services, and allowing
to use names also to route data in the return path. A key role in this
architecture is played by the NRS, which allows for the co-existence of
multiple network "realms", including current IP and non-IP networks, glued
together by a name-to-name overarching communication primitive.Comment: 6 page
Middleware architectures for the smart grid: A survey on the state-of-the-art, taxonomy and main open issues
The integration of small-scale renewable energy sources in the smart grid depends on several challenges that must be overcome. One of them is the presence of devices with very different characteristics present in the grid or how they can interact among them in terms of interoperability and data sharing. While this issue is usually solved by implementing a middleware layer among the available pieces of equipment in order to hide any hardware heterogeneity and offer the application layer a collection of homogenous resources to access lower levels, the variety and differences among them make the definition of what is needed in each particular case challenging. This paper offers a description of the most prominent middleware architectures for the smart grid and assesses the functionalities they have, considering the performance and features expected from them in the context of this application domain
Why We Shouldn't Forget Multicast in Name-oriented Publish/Subscribe
Name-oriented networks introduce the vision of an information-centric,
secure, globally available publish-subscribe infrastructure. Current approaches
concentrate on unicast-based pull mechanisms and thereby fall short in
automatically updating content at receivers. In this paper, we argue that an
inclusion of multicast will grant additional benefits to the network layer,
namely efficient distribution of real-time data, a many-to-many communication
model, and simplified rendezvous processes. These aspects are comprehensively
reflected by a group-oriented naming concept that integrates the various
available group schemes and introduces new use cases. A first draft of this
name-oriented multicast access has been implemented in the HAMcast middleware
- …