Freezing time emulating new and faster devices with virtual machines

Recent proposals of emerging data storage devices make it necessary to reevaluate all levels of the storage hierarchy to optimize the software stack performance. However, these new devices are not always widely available and therefore early experiments may be impossible. Emulators aim at mimicking as close as possible the behavior of a component, nonetheless, emulating new and fast storage devices is a challenging task due to time perception. In this work, we propose an approach to emulate storage devices using virtual machines (VMs) allowing the evaluation of a new device within a real system. We use a technique called freezing time, which pauses a VM to manipulate its clock and hide the real I/O completion time. Our approach is implemented at the hypervisor level and it is transparent to the guest operating system or application. We evaluate the technique under a real system using regular magnetic disks to emulate faster storage devices. Our method presented a latency error of 6.5% compared to a real device. Moreover, decoupled experiment between two laboratories, at the Barcelona Super Computing Center (BSC) in Spain, and the Center of Computer Science and Free Software (C3SL) in Brazil, demonstrated that our approach is reproducible and promising to allow the virtual evaluation of next-gen storage devices.This work was partially supported by the Spanish Ministry of Science and Innovation under the TIN2015-65316 Grant, the Generalitat de Catalunya under contract 2014-SGR-1051, the Serrapilheira Institute (Grant number Serra-1709-16621), as well as the European Union’s Horizon 2020 Research and Innovation Programme, under Grant Agreement no. 671951 (NEXTGenIO) for the extensions added after the MASCOTS paper.Peer ReviewedPostprint (author's final draft

On the Role of 5G and Beyond Sidelink Communication in Multi-Hop Tactical Networks

This work investigates the potential of 5G and beyond sidelink (SL) communication to support multi-hop tactical networks. We first provide a technical and historical overview of 3GPP SL standardization activities, and then consider applications to current problems of interest in tactical networking. We consider a number of multi-hop routing techniques which are expected to be of interest for SL-enabled multi-hop tactical networking and examine open-source tools useful for network emulation. Finally, we discuss relevant research directions which may be of interest for 5G SL-enabled tactical communications, namely the integration of RF sensing and positioning, as well as emerging machine learning tools such as federated and decentralized learning, which may be of great interest for resource allocation and routing problems that arise in tactical applications. We conclude by summarizing recent developments in the 5G SL literature and provide guidelines for future research.Comment: 6 pages, 4 figures. To be presented at 2023 IEEE MILCOM Workshops, Boston, M

Performance evaluation of the TFD-capable dynamic QoS assurance of HD video streaming in well-dimensioned network

The Traffic Flow Description (TFD) option of the IP protocol is an experimental option, designed by the Authors and described by the IETF’s Internet Draft. This option was intended for signalling for QoS purposes. Knowledge about forthcoming traffic (such as the amount of data that will be transferred in a given period of time) is conveyed in the fields of the option between end-systems. TFD-capable routers on a path (or a multicast tree) between the sender and receiver(s) are able to read this information, process it and use it for bandwidth allocation. If the time horizons are short enough, bandwidth allocation will be performed dynamically. In the paper a performance evaluation of an HD video transmission QoS assured with the use of the TFD option is presented. The analysis was made for a variable number of video streams and a variable number of TCP flows that compete with the videos for the bandwidth of the shared link. Results show that the dynamic bandwidth allocation using the TFD option better assures the QoS of HD video than the classic solution, based on the RSVP protocol

Using machine learning to guide automated intrusion response

Traditionally Intrusion Response Systems (IRSs) have had a strong reliance on net-work administrators to perform various responses for a network. Though this is expected, particularly with networks containing sensitive data, it is not completely practical, considering the ever-growing demand for speed, scalability, and automation in computer networks. This work presents a proof of concept automated IRS that provides both for networks containing sensitive data and high-speed networks, by using basic responses for complex attacks, and by using reinforcement learning for direct attacks. Responses for the latter are done by creating a response system that is able to learn from the effectiveness of its own responses. This work is evaluated in its effectiveness against the deactivation issue, which is concerned with the problem of automatically deactivating network responses after they've been activated by an IRS. All tests are conducted using an emulated network, that was de-signed to replicate real network behaviour. Simulated attacks were used to train the IRS. Results of training were evaluated at intervals of 100, 500, 1000 and 2000 at-tacks. The findings of this work indicate that while applying reinforcement learning to IRSs is feasible, adjustments may still be required to improve its performance

KYPO Cyber Range: Design and Use Cases

The physical and cyber worlds are increasingly intertwined and exposed to cyber attacks. The KYPO cyber range provides complex cyber systems and networks in a virtualized, fully controlled and monitored environment. Time-efficient and cost-effective deployment is feasible using cloud resources instead of a dedicated hardware infrastructure. This paper describes the design decisions made during it’s development. We prepared a set of use cases to evaluate the proposed design decisions and to demonstrate the key features of the KYPO cyber range. It was especially cyber training sessions and exercises with hundreds of participants which provided invaluable feedback for KYPO platform development

Handoff management for infotainment services over vehicular networks

Intelligent Transportation Systems (ITS) has impulsed the vehicular communications at the present time. The vehicular communications field is a hot research topic and is attracting a great interest in the automotive industry and telecommunications. There are essentially two main lines of work: (1) communication services related to road safety and traffic information; and (2) information and entertainment services, also named infotainment services. These latter services include both transmitting multimedia (voice over IP, streaming, on-line gaming, etc.) and classic data services (e-mail, access to private networks, web browsing, file sharing, etc.). In this thesis we will focus on these infotainment services because further research in this immature research field is necessary and, until nowadays, the main effort of the research community regarding vehicular communication has been focused on road safety and traffic information. Vehicular nodes need to be reached from the Internet and vice versa to be able to access to infotainment services. While vehicles move along the road infrastructure, they change their wireless point of attachment to the network. During this process, connectivity breaks down until the vehicle is connected again to a new road side unit in its area. This disconnection causes a disruption in the communications. Fast handoffs are a crucial requirement for vehicular networks to avoid long disruption times, since the high speed of vehicular nodes involves suffering a lot of handoffs during an Internet connection. This thesis is focused on Vehicular-to-Infrastructure (V2I) real-time infotainment services. The main contributions of this thesis are: i) a new testing framework for V2I communications to be able to test infotainment services in an easy way; ii) the analysis of the deployability of infotainment video services in vehicular networks using mobility protocols; and iii) the development of a new TCP architecture that will provide a better performance for all TCP-based infotainment services in a vehicular scenario with handoffs. In this thesis, firstly, we propose a new testing framework for vehicular infotainment applications. This framework is a vehicular emulation platform that allows testing real applications installed on Linux virtual machines. Using emulation, we are able to evaluate the performance of real applications with real-time requirements, so we can test multimedia applications used to offer infotainment services in vehicular scenarios in a straightforward way. Secondly, using the testing framework implemented in the first part of the thesis, we have done a performance evaluation of an infotainment service. Among these services, we think that video on demand services on highways will be interesting for users, and generate revenue to network operators. So we evaluated how network-layer handoffs can limit the deployment of a video streaming service. According to the results obtained, driving at high speeds will be an issue for a correct playback of video content, even using fast handoffs techniques. Finally, we developed a new TCP architecture to enhance performance during handoffs. Most of the non-safety services on ITS rely on the Transport Control Protocol (TCP), one of the core protocols of the Internet Protocol Suite. However there exists several issues related to TCP and mobility that can affect to TCP performance, and these issues are particularly important in vehicular networks due to its high mobility. Using new IEEE 802.21 MIH services, we propose a new TCP architecture that is able to anticipate handoffs, permitting to resume the communication after a handoff, avoiding long delays caused by TCP issues and adapting the TCP parameters to the new characteristics of the network. Using the architecture proposed, the performance of TCP is enhanced, getting a higher overall throughput and avoiding TCP fairness issues between users.Els Sistemes de Transport Intel·ligents (ITS) han impulsat les comunicacions vehiculars en l'actualitat. Les comunicacions vehiculars és un camp d'investigació de moda, i està atraient un gran interès en la indústria automobilística i de les telecomunicacions. En el camp de les comunicacions vehiculars, hi ha principalment dues línies de treball: (1) serveis de comunicacions relacionats amb la seguretat viària i la informació del trànsit; i (2) serveis d'informació i entreteniment, també anomenats serveis d'infotainment. Aquests últims inclouen tant serveis multimèdia (veu sobre IP, streaming, jocs on-line, etc.), com serveis clàssics de dades (correu electrònic, accés a xarxes privades, navegació web, compartir arxius, etc.). En aquesta tesi ens centrarem en aquests serveis d'infotainment ja que és necessari aprofundir en la investigació per aquests tipus de serveis, ja que, fins avui, els esforços de la comunitat científica en el camp de les comunicacions vehiculars s'ha centrat en els serveis relacionats amb la seguretat viària i la informació del trànsit. Els nodes vehiculars necessiten tenir connexió a Internet per a poder tenir accés als serveis d'infotainment. Mentre els vehicles estan en moviment a través de la xarxa viària, els vehicles han d'anar canviant el punt de connexió sense fils amb la xarxa. Durant aquest procés de canvi de punt de connexió, anomenat handoff, es perd la connectivitat fins que el vehicle es reconnecta a un altre punt de connexió viària prop de la seva àrea. Aquesta desconnexió causa interrupcions en les comunicacions. Uns handoffs ràpids són bàsics a les xarxes vehiculars per a evitar llargs períodes d'interrupció durant les comunicacions, ja que la gran velocitat a la que es mouen els nodes vehiculars significa un gran nombre de handoffs durant una connexió a Internet. Aquesta tesi es centra en serveis d'infotaiment en temps real per a comunicacions Vehicle-a-Infraestructura (V2I). Les principals contribucions d'aquesta tesi son: i) un nou marc de proves per a les comunicacions (V2I) per a poder provar serveis d'infotainment d'una manera fàcil; ii) l'anàlisi de la viabilitat del desplegament de serveis d'infotainment de vídeo en xarxes vehiculars utilitzant protocols de mobilitat IP; i iii) el desenvolupament d'una nova arquitectura TCP que proporciona un millor funcionament per a tots aquells serveis d'infotainment basats en el protocol TCP en un escenari vehicular amb handoffs. En aquesta tesi, primer proposem un nou marc de proves per a aplicacions vehiculars d'infotainment. Aquest marc és una plataforma d'emulació vehicular que permet provar aplicacions reals instal·lades en màquines virtuals Linux. Utilitzant l'emulació, som capaços d'avaluar el rendiment d'aplicacions reals amb característiques de temps real. D'aquesta manera es poden avaluar aplicacions multimèdia utilitzades per oferir serveis d'infotainment d'una forma senzilla en escenaris vehiculars. Segon, utilitzant el marc de prova implementat en la primera part de la tesi, hem avaluat el rendiment d'un servei d'infotainment. Entre aquest tipus de servei, creem que els serveis de vídeo sota demanda en autopistes/autovies serà interessant pels usuaris i generarà beneficis per als operadors de la xarxa. Per tant, hem avaluat com els handoffs a nivell de la capa de xarxa poden limitar el desplegament d'un servei de streaming de vídeo sota demanda. D'acord amb els resultats obtinguts, conduir a grans velocitats podria ser un problema per a poder reproduir un vídeo correctament, tot i utilitzar tècniques de handoffs ràpids. Finalment, hem desenvolupat una nova arquitectura TCP per a millorar el rendiment del protocol durant els handoffs. La majoria dels serveis d'infotainment utilitzen el Protocol de Control de Transport (TCP), un dels principals protocols de la pila de protocols d'Internet. Però existeixen forces problemes relacionats amb l'ús de TCP i la mobilitat que n'afecta el rendiment, i aquests problemes són particular