Segment Routing: a Comprehensive Survey of Research Activities, Standardization Efforts and Implementation Results

Fixed and mobile telecom operators, enterprise network operators and cloud providers strive to face the challenging demands coming from the evolution of IP networks (e.g. huge bandwidth requirements, integration of billions of devices and millions of services in the cloud). Proposed in the early 2010s, Segment Routing (SR) architecture helps face these challenging demands, and it is currently being adopted and deployed. SR architecture is based on the concept of source routing and has interesting scalability properties, as it dramatically reduces the amount of state information to be configured in the core nodes to support complex services. SR architecture was first implemented with the MPLS dataplane and then, quite recently, with the IPv6 dataplane (SRv6). IPv6 SR architecture (SRv6) has been extended from the simple steering of packets across nodes to a general network programming approach, making it very suitable for use cases such as Service Function Chaining and Network Function Virtualization. In this paper we present a tutorial and a comprehensive survey on SR technology, analyzing standardization efforts, patents, research activities and implementation results. We start with an introduction on the motivations for Segment Routing and an overview of its evolution and standardization. Then, we provide a tutorial on Segment Routing technology, with a focus on the novel SRv6 solution. We discuss the standardization efforts and the patents providing details on the most important documents and mentioning other ongoing activities. We then thoroughly analyze research activities according to a taxonomy. We have identified 8 main categories during our analysis of the current state of play: Monitoring, Traffic Engineering, Failure Recovery, Centrally Controlled Architectures, Path Encoding, Network Programming, Performance Evaluation and Miscellaneous...Comment: SUBMITTED TO IEEE COMMUNICATIONS SURVEYS & TUTORIAL

An Extended Survey on Vehicle Security

The advanced electronic units with wireless capabilities inside modern vehicles have, enhanced the driving experience, but also introduced a myriad of security problems due to the inherent limitations of the internal communication protocol. In the last two decades, a number of security threats have been identified and accordingly, security measures have been proposed. In this paper, we provide a comprehensive review of security threats and countermeasures for the ubiquitous CAN bus communication protocol. Our review of the existing literature leads us to a observation of an overlooked simple, cost-effective, and incrementally deployable solution. Essentially, a reverse firewall, referred to in this paper as an icewall, can be an effective defense against a major class of packet-injection attacks and many denial of service attacks. We cover the fundamentals of the icewall in this paper. Further, by introducing the notion of human-in-the-loop, we discuss the subtle implications to its security when a human driver is accounted for

Spatial-temporal reasoning applications of computational intelligence in the game of Go and computer networks

Spatial-temporal reasoning is the ability to reason with spatial images or information about space over time. In this dissertation, computational intelligence techniques are applied to computer Go and computer network applications. Among four experiments, the first three are related to the game of Go, and the last one concerns the routing problem in computer networks. The first experiment represents the first training of a modified cellular simultaneous recurrent network (CSRN) trained with cellular particle swarm optimization (PSO). Another contribution is the development of a comprehensive theoretical study of a 2x2 Go research platform with a certified 5 dan Go expert. The proposed architecture successfully trains a 2x2 game tree. The contribution of the second experiment is the development of a computational intelligence algorithm calledcollective cooperative learning (CCL). CCL learns the group size of Go stones on a Go board with zero knowledge by communicating only with the immediate neighbors. An analysis determines the lower bound of a design parameter that guarantees a solution. The contribution of the third experiment is the proposal of a unified system architecture for a Go robot. A prototype Go robot is implemented for the first time in the literature. The last experiment tackles a disruption-tolerant routing problem for a network suffering from link disruption. This experiment represents the first time that the disruption-tolerant routing problem has been formulated with a Markov Decision Process. In addition, the packet delivery rate has been improved under a range of link disruption levels via a reinforcement learning approach --Abstract, page iv

Computer architecture for efficient algorithmic executions in real-time systems: New technology for avionics systems and advanced space vehicles

Improvements and advances in the development of computer architecture now provide innovative technology for the recasting of traditional sequential solutions into high-performance, low-cost, parallel system to increase system performance. Research conducted in development of specialized computer architecture for the algorithmic execution of an avionics system, guidance and control problem in real time is described. A comprehensive treatment of both the hardware and software structures of a customized computer which performs real-time computation of guidance commands with updated estimates of target motion and time-to-go is presented. An optimal, real-time allocation algorithm was developed which maps the algorithmic tasks onto the processing elements. This allocation is based on the critical path analysis. The final stage is the design and development of the hardware structures suitable for the efficient execution of the allocated task graph. The processing element is designed for rapid execution of the allocated tasks. Fault tolerance is a key feature of the overall architecture. Parallel numerical integration techniques, tasks definitions, and allocation algorithms are discussed. The parallel implementation is analytically verified and the experimental results are presented. The design of the data-driven computer architecture, customized for the execution of the particular algorithm, is discussed

SPECTRAL GRAPH-BASED CYBER DETECTION AND CLASSIFICATION SYSTEM WITH PHANTOM COMPONENTS

With cyber attacks on the rise, cyber defenders require new, innovative solutions to provide network protection. We propose a spectral graph-based cyber detection and classification (SGCDC) system using phantom components, the strong node concept, and the dual-degree matrix to detect, classify, and respond to worm and distributed denial-of-service (DDoS) attacks. The system is analyzed using absorbing Markov chains and a novel Levy-impulse model that characterizes network SYN traffic to determine the theoretical false-alarm rates of the system. The detection mechanism is analyzed in the face of network noise and congestion using Weyl’s theorem, the Davis-Kahan theorem, and a novel application of the n-dimensional Euclidean metric. The SGCDC system is validated using real-world and synthetic datasets, including the WannaCry and Blaster worms and a SYN flood attack. The system accurately detected and classified the attacks in all but one case studied. The known attacking nodes were identified in less than 0.27 sec for the DDoS attack, and the worm-infected nodes were identified in less than one second after the second infected node began the target search and discovery process for the WannaCry and Blaster worm attacks. The system also produced a false-alarm rate of less than 0.005 under a scenario. These results improve upon other non-spectral graph systems that have detection rates of less than 0.97 sec and false alarm rates as high as 0.095 sec for worm and DDoS attacks.Lieutenant Commander, United States NavyApproved for public release. distribution is unlimite

Optimizing a Centralized Control Topology of an IoT Network Based on Hilbert Space

An Internet of Things network (IoTN) is composed of many small devices or nodes located in homes and/or offices, to be operated through the Internet from anywhere, making these devices smarter and more efficient. For improving the efficiency of an IoTN, in this chapter an optimized fractal algorithm (OFA) was proposed for designing a centralized control topology of an IoTN, whose nodes are distributed according to the Hilbert space-filling fractal. We developed the OFA to find the best nodes where a smart home device can find the highly reliable link between its neighbors by a software-defined network (SDN) with a target coverage since OFA only considers reliable links among devices. Finally, through laboratory tests and computer simulations, we demonstrated the effectiveness of this proposal by using a large amount of IoT devices making them more efficient operating systems. The quality of service (QoS) is a challenge that guaranteed the level of service delivery to an IoTN, so that OFA takes less time to reach its destination after it is generated by its source, increasing the probability that the target node can recover the original packet before the lifetime expires

A Tutorial on Clique Problems in Communications and Signal Processing

Since its first use by Euler on the problem of the seven bridges of K\"onigsberg, graph theory has shown excellent abilities in solving and unveiling the properties of multiple discrete optimization problems. The study of the structure of some integer programs reveals equivalence with graph theory problems making a large body of the literature readily available for solving and characterizing the complexity of these problems. This tutorial presents a framework for utilizing a particular graph theory problem, known as the clique problem, for solving communications and signal processing problems. In particular, the paper aims to illustrate the structural properties of integer programs that can be formulated as clique problems through multiple examples in communications and signal processing. To that end, the first part of the tutorial provides various optimal and heuristic solutions for the maximum clique, maximum weight clique, and $k$-clique problems. The tutorial, further, illustrates the use of the clique formulation through numerous contemporary examples in communications and signal processing, mainly in maximum access for non-orthogonal multiple access networks, throughput maximization using index and instantly decodable network coding, collision-free radio frequency identification networks, and resource allocation in cloud-radio access networks. Finally, the tutorial sheds light on the recent advances of such applications, and provides technical insights on ways of dealing with mixed discrete-continuous optimization problems

Cooperative control of autonomous connected vehicles from a Networked Control perspective: Theory and experimental validation

Formation control of autonomous connected vehicles is one of the typical problems addressed in the general context of networked control systems. By leveraging this paradigm, a platoon composed by multiple connected and automated vehicles is represented as one-dimensional network of dynamical agents, in which each agent only uses its neighboring information to locally control its motion, while it aims to achieve certain global coordination with all other agents. Within this theoretical framework, control algorithms are traditionally designed based on an implicit assumption of unlimited bandwidth and perfect communication environments. However, in practice, wireless communication networks, enabling the cooperative driving applications, introduce unavoidable communication impairments such as transmission delay and packet losses that strongly affect the performances of cooperative driving. Moreover, in addition to this problem, wireless communication networks can suffer different security threats. The challenge in the control field is hence to design cooperative control algorithms that are robust to communication impairments and resilient to cyber attacks. The work aim is to tackle and solve these challenges by proposing different properly designed control strategies. They are validated both in analytical, numerical and experimental ways. Obtained results confirm the effectiveness of the strategies in coping with communication impairments and security vulnerabilities

A Cognitive Routing Framework for Reliable Communication in IoT for Industry 5.0

Industry 5.0 requires intelligent self-organized, self- managed and self-monitoring applications with ability to analyze and predict both the human as well as machine behaviors across interconnected devices. Tackling dynamic network behavior is a unique challenge for IoT applications in industry 5.0. Knowledge- Defined Networks (KDN) bridges this gap by extending SDN architecture with Knowledge Plane (KP) which learns the net- work dynamics to avoid sub-optimal decisions. Cognitive Routing leverages the Sixth-Generation (6G) Self-Organised-Networks with self-learning feature. This paper presents a self-organized cognitive routing frame- work for a KDN which uses link-reliability as a routing metric. It reduces end-to-end latency by choosing the most-reliable path with minimal probability of route-flapping. The proposed framework pre-calculates all possible paths between every pair of nodes and ensures self-healing with a constant-time convergence. An experimental test-bed has been developed to benchmark the proposed framework against the industry stranded Link- state and distance-vector routing algorithms SPF and DUAL respectively