QIBMRMN: Design of a Q-Learning based Iterative sleep-scheduling & hybrid Bioinspired Multipath Routing model for Multimedia Networks

Multimedia networks utilize low-power scalar nodes to modify wakeup cycles of high-performance multimedia nodes, which assists in optimizing the power-to-performance ratios. A wide variety of machine learning models are proposed by researchers to perform this task, and most of them are either highly complex, or showcase low-levels of efficiency when applied to large-scale networks. To overcome these issues, this text proposes design of a Q-learning based iterative sleep-scheduling and fuses these schedules with an efficient hybrid bioinspired multipath routing model for large-scale multimedia network sets. The proposed model initially uses an iterative Q-Learning technique that analyzes energy consumption patterns of nodes, and incrementally modifies their sleep schedules. These sleep schedules are used by scalar nodes to efficiently wakeup multimedia nodes during adhoc communication requests. These communication requests are processed by a combination of Grey Wolf Optimizer (GWO) & Genetic Algorithm (GA) models, which assist in the identification of optimal paths. These paths are estimated via combined analysis of temporal throughput & packet delivery performance, with node-to-node distance & residual energy metrics. The GWO Model uses instantaneous node & network parameters, while the GA Model analyzes temporal metrics in order to identify optimal routing paths. Both these path sets are fused together via the Q-Learning mechanism, which assists in Iterative Adhoc Path Correction (IAPC), thereby improving the energy efficiency, while reducing communication delay via multipath analysis. Due to a fusion of these models, the proposed Q-Learning based Iterative sleep-scheduling & hybrid Bioinspired Multipath Routing model for Multimedia Networks (QIBMRMN) is able to reduce communication delay by 2.6%, reduce energy consumed during these communications by 14.0%, while improving throughput by 19.6% & packet delivery performance by 8.3% when compared with standard multimedia routing techniques

Scheduling & routing time-triggered traffic in time-sensitive networks

The application of recent advances in computing, cognitive and networking technologies in manufacturing has triggered the so-called fourth industrial revolution, also referred to as Industry 4.0. Smart and flexible manufacturing systems are being conceived as a part of the Industry 4.0 initiative to meet the challenging requirements of the modern day manufacturers, e.g., production batch sizes of one. The information and communication technologies (ICT) infrastructure in such smart factories is expected to host heterogeneous applications ranging from the time-sensitive cyber-physical systems regulating physical processes in the manufacturing shopfloor to the soft real-time analytics applications predicting anomalies in the assembly line. Given the diverse demands of the applications, a single converged network providing different levels of communication guarantees to the applications based on their requirements is desired. Ethernet, on account of its ubiquity and its steadily growing performance along with shrinking costs, has emerged as a popular choice as a converged network. However, Ethernet networks, primarily designed for best-effort communication services, cannot provide strict guarantees like bounded end-to-end latency and jitter for real-time traffic without additional enhancements. Two major standardization bodies, viz., the IEEE Time-sensitive Networking (TSN) Task Group (TG) and the IETF Deterministic Networking (DetNets) Working Group are striving towards equipping Ethernet networks with mechanisms that would enable it to support different classes of real-time traffic. In this thesis, we focus on handling the time-triggered traffic (primarily periodic in nature) stemming from the hard real-time cyber-physical systems embedded in the manufacturing shopfloor over Ethernet networks. The basic approach for this is to schedule the transmissions of the time-triggered data streams appropriately through the network and ensure that the allocated schedules are adhered with. This approach leverages the possibility to precisely synchronize the clocks of the network participants, i.e., end systems and switches, using time synchronization protocols like the IEEE 1588 Precision Time Protocol (PTP). Based on the capabilities of the network participants, the responsibility of enforcing these schedules can be distributed. An important point to note is that the network utilization with respect to the time-triggered data streams depends on the computed schedules. Furthermore, the routing of the time-triggered data streams also influences the computed transmission schedules, and thus, affects the network utilization. The question however remains as to how to compute transmission schedules for time-triggered data streams along with their routes so that an optimal network utilization can be achieved. We explore, in this thesis, the scheduling and routing problems with respect to the time-triggered data streams in Ethernet networks. The recently published IEEE 802.1Qbv standard from the TSN-TG provides programmable gating mechanisms for the switches enabling them to schedule transmissions. Meanwhile, the extensions specified in the IEEE 802.1Qca standard or the primitives provided by OpenFlow, the popular southbound software-defined networking (SDN) protocol, can be used for gaining an explicit control over the routing of the data streams. Using these mechanisms, the responsibility of enforcing transmission schedules can be taken over by the end systems as well as the switches in the network. Alternatively, the scheduling can be enforced only by the end systems or only by the switches. Furthermore, routing alone can also be used to isolate time-triggered data streams, and thus, bound the latency and jitter experienced by the data streams in absence of synchronized clocks in the network. For each of the aforementioned cases, we formulate the scheduling and routing problem using Integer Linear Programming (ILP) for static as well as dynamic scenarios. The static scenario deals with the computation of schedules and routes for time-triggered data streams with a priori knowledge of their specifications. Here, we focus on computing schedules and routes that are optimal with respect to the network utilization. Given that the scheduling problems in the static setting have a high time-complexity, we also present efficient heuristics to approximate the optimal solution. With the dynamic scheduling problem, we address the modifications to the computed transmission schedules for adding further or removing already scheduled time-triggered data streams. Here, the focus lies on reducing the runtime of the scheduling and routing algorithms, and thus, have lower set-up times for adding new data streams into the network

Lying Your Way to Better Traffic Engineering

To optimize the flow of traffic in IP networks, operators do traffic engineering (TE), i.e., tune routing-protocol parameters in response to traffic demands. TE in IP networks typically involves configuring static link weights and splitting traffic between the resulting shortest-paths via the Equal-Cost-MultiPath (ECMP) mechanism. Unfortunately, ECMP is a notoriously cumbersome and indirect means for optimizing traffic flow, often leading to poor network performance. Also, obtaining accurate knowledge of traffic demands as the input to TE is elusive, and traffic conditions can be highly variable, further complicating TE. We leverage recently proposed schemes for increasing ECMP's expressiveness via carefully disseminated bogus information ("lies") to design COYOTE, a readily deployable TE scheme for robust and efficient network utilization. COYOTE leverages new algorithmic ideas to configure (static) traffic splitting ratios that are optimized with respect to all (even adversarially chosen) traffic scenarios within the operator's "uncertainty bounds". Our experimental analyses show that COYOTE significantly outperforms today's prevalent TE schemes in a manner that is robust to traffic uncertainty and variation. We discuss experiments with a prototype implementation of COYOTE

A monitoring and threat detection system using stream processing as a virtual function for big data

The late detection of security threats causes a significant increase in the risk of irreparable damages, disabling any defense attempt. As a consequence, fast realtime threat detection is mandatory for security guarantees. In addition, Network Function Virtualization (NFV) provides new opportunities for efficient and low-cost security solutions. We propose a fast and efficient threat detection system based on stream processing and machine learning algorithms. The main contributions of this work are i) a novel monitoring threat detection system based on stream processing; ii) two datasets, first a dataset of synthetic security data containing both legitimate and malicious traffic, and the second, a week of real traffic of a telecommunications operator in Rio de Janeiro, Brazil; iii) a data pre-processing algorithm, a normalizing algorithm and an algorithm for fast feature selection based on the correlation between variables; iv) a virtualized network function in an open-source platform for providing a real-time threat detection service; v) near-optimal placement of sensors through a proposed heuristic for strategically positioning sensors in the network infrastructure, with a minimum number of sensors; and, finally, vi) a greedy algorithm that allocates on demand a sequence of virtual network functions.A detecção tardia de ameaças de segurança causa um significante aumento no risco de danos irreparáveis, impossibilitando qualquer tentativa de defesa. Como consequência, a detecção rápida de ameaças em tempo real é essencial para a administração de segurança. Além disso, A tecnologia de virtualização de funções de rede (Network Function Virtualization - NFV) oferece novas oportunidades para soluções de segurança eficazes e de baixo custo. Propomos um sistema de detecção de ameaças rápido e eficiente, baseado em algoritmos de processamento de fluxo e de aprendizado de máquina. As principais contribuições deste trabalho são: i) um novo sistema de monitoramento e detecção de ameaças baseado no processamento de fluxo; ii) dois conjuntos de dados, o primeiro ´e um conjunto de dados sintético de segurança contendo tráfego suspeito e malicioso, e o segundo corresponde a uma semana de tráfego real de um operador de telecomunicações no Rio de Janeiro, Brasil; iii) um algoritmo de pré-processamento de dados composto por um algoritmo de normalização e um algoritmo para seleção rápida de características com base na correlação entre variáveis; iv) uma função de rede virtualizada em uma plataforma de código aberto para fornecer um serviço de detecção de ameaças em tempo real; v) posicionamento quase perfeito de sensores através de uma heurística proposta para posicionamento estratégico de sensores na infraestrutura de rede, com um número mínimo de sensores; e, finalmente, vi) um algoritmo guloso que aloca sob demanda uma sequencia de funções de rede virtual

Host and Network Optimizations for Performance Enhancement and Energy Efficiency in Data Center Networks

Modern data centers host hundreds of thousands of servers to achieve economies of scale. Such a huge number of servers create challenges for the data center network (DCN) to provide proportionally large bandwidth. In addition, the deployment of virtual machines (VMs) in data centers raises the requirements for efficient resource allocation and find-grained resource sharing. Further, the large number of servers and switches in the data center consume significant amounts of energy. Even though servers become more energy efficient with various energy saving techniques, DCN still accounts for 20% to 50% of the energy consumed by the entire data center. The objective of this dissertation is to enhance DCN performance as well as its energy efficiency by conducting optimizations on both host and network sides. First, as the DCN demands huge bisection bandwidth to interconnect all the servers, we propose a parallel packet switch (PPS) architecture that directly processes variable length packets without segmentation-and-reassembly (SAR). The proposed PPS achieves large bandwidth by combining switching capacities of multiple fabrics, and it further improves the switch throughput by avoiding padding bits in SAR. Second, since certain resource demands of the VM are bursty and demonstrate stochastic nature, to satisfy both deterministic and stochastic demands in VM placement, we propose the Max-Min Multidimensional Stochastic Bin Packing (M3SBP) algorithm. M3SBP calculates an equivalent deterministic value for the stochastic demands, and maximizes the minimum resource utilization ratio of each server. Third, to provide necessary traffic isolation for VMs that share the same physical network adapter, we propose the Flow-level Bandwidth Provisioning (FBP) algorithm. By reducing the flow scheduling problem to multiple stages of packet queuing problems, FBP guarantees the provisioned bandwidth and delay performance for each flow. Finally, while DCNs are typically provisioned with full bisection bandwidth, DCN traffic demonstrates fluctuating patterns, we propose a joint host-network optimization scheme to enhance the energy efficiency of DCNs during off-peak traffic hours. The proposed scheme utilizes a unified representation method that converts the VM placement problem to a routing problem and employs depth-first and best-fit search to find efficient paths for flows

A Cognitive Routing framework for Self-Organised Knowledge Defined Networks

This study investigates the applicability of machine learning methods to the routing protocols for achieving rapid convergence in self-organized knowledge-defined networks. The research explores the constituents of the Self-Organized Networking (SON) paradigm for 5G and beyond, aiming to design a routing protocol that complies with the SON requirements. Further, it also exploits a contemporary discipline called Knowledge-Defined Networking (KDN) to extend the routing capability by calculating the “Most Reliable” path than the shortest one. The research identifies the potential key areas and possible techniques to meet the objectives by surveying the state-of-the-art of the relevant fields, such as QoS aware routing, Hybrid SDN architectures, intelligent routing models, and service migration techniques. The design phase focuses primarily on the mathematical modelling of the routing problem and approaches the solution by optimizing at the structural level. The work contributes Stochastic Temporal Edge Normalization (STEN) technique which fuses link and node utilization for cost calculation; MRoute, a hybrid routing algorithm for SDN that leverages STEN to provide constant-time convergence; Most Reliable Route First (MRRF) that uses a Recurrent Neural Network (RNN) to approximate route-reliability as the metric of MRRF. Additionally, the research outcomes include a cross-platform SDN Integration framework (SDN-SIM) and a secure migration technique for containerized services in a Multi-access Edge Computing environment using Distributed Ledger Technology. The research work now eyes the development of 6G standards and its compliance with Industry-5.0 for enhancing the abilities of the present outcomes in the light of Deep Reinforcement Learning and Quantum Computing

Segurança em redes definidas por software :autenticação, controle de acesso e consistência com plano de controle eficientemente distribuído

The control distribution in Software-Defined Networks improves the security, performance and scalability of the network. However, distributed control introduces consistency challenges into the network global view. In this work, we present the main security threats to the software-defined networks, we propose a host authentication and access control mechanism based on host credentials, we propose an efficient controller-distribution architecture, and we also propose consistent schemes for the policy updates on centralized or on distributed control networks. An authenticationmechanism prototype was implemented over POX, an OpenFlow controller. The results of the authentication prototype show that the proposal blocks access to unauthorized hosts, even in the scenario where a host has its access permission revoked. The distributed controller prototype was implemented and the placement heuristic was analyzed in several real topologies. The results of the controller placement evaluation show that network connectivity is maintained in scenarios where there is a high rate of network node failure. It is also proven that placement optimization reduces the average latency between controllers. A simulator for Software-Defined Networking has been developed and validated. The simulations of security policy enforcement in real network topologies show that the overhead generated by the proposed schemes is very low. Through formal verification, it is shown that the proposed consistency protocol guarantees a global order for all policy updates and that correctly composes all policies installed on the network.A distribuição do controle em Redes Definidas por Software melhora a segurança, o desempenho e a escalabilidade da rede. O controle distribuído introduz desafios de consistência na visão global da rede. Este trabalho apresenta as principais ameaças de segurança às redes definidas por software, propõe um mecanismo de autenticação e controle de acesso de estações finais baseado na credencial da estação, propõe uma eficiente arquitetura de distribuição de controle com otimização da localização de controladores na rede e, também, propõe esquemas consistentes para o processo de atualização de políticas em redes com controle centralizado ou distribuído. Um protótipo do mecanismo de autenticação foi implementado, sobre o controlador POX, e os resultados da avaliação mostram que a proposta bloqueia o acesso de estações não autorizadas, mesmo no cenário em que uma estação autenticada tem a sua permissão de acesso revogada. O protótipo de controlador distribuído foi implementado e a otimização da resiliência foi analisada em diversas topologias reais. Os resultados da avaliação da localização de controladores mostram que a conectividade é mantida, mesmo em cenários em que há alta taxa de falhas em nós da rede. Comprova-se ainda que a otimização da localização reduz a latência média entre controladores. Um simulador de Redes Definidas por Software foi desenvolvido e validado. A simulação de um cenário de uma aplicação de políticas de segurança, em uma topologia real de rede, mostra que a sobrecarga gerada pelos esquemas propostos é muito baixa. Através de verificação formal, mostra-se que o protocolo de consistência proposto garante uma ordem global para todas as atualizações de políticas e que compõe corretamente todas as políticas instaladas na rede

Reports to the President

A compilation of annual reports for the 1985-1986 academic year, including a report from the President of the Massachusetts Institute of Technology, as well as reports from the academic and administrative units of the Institute. The reports outline the year's goals, accomplishments, honors and awards, and future plans

The Fifth Workshop on HPC Best Practices: File Systems and Archives

The workshop on High Performance Computing (HPC) Best Practices on File Systems and Archives was the fifth in a series sponsored jointly by the Department Of Energy (DOE) Office of Science and DOE National Nuclear Security Administration. The workshop gathered technical and management experts for operations of HPC file systems and archives from around the world. Attendees identified and discussed best practices in use at their facilities, and documented findings for the DOE and HPC community in this report