Flow-oriented anomaly-based detection of denial of service attacks with flow-control-assisted mitigation

Flooding-based distributed denial-of-service (DDoS) attacks present a serious and major threat to the targeted enterprises and hosts. Current protection technologies are still largely inadequate in mitigating such attacks, especially if they are large-scale. In this doctoral dissertation, the Computer Network Management and Control System (CNMCS) is proposed and investigated; it consists of the Flow-based Network Intrusion Detection System (FNIDS), the Flow-based Congestion Control (FCC) System, and the Server Bandwidth Management System (SBMS). These components form a composite defense system intended to protect against DDoS flooding attacks. The system as a whole adopts a flow-oriented and anomaly-based approach to the detection of these attacks, as well as a control-theoretic approach to adjust the flow rate of every link to sustain the high priority flow-rates at their desired level. The results showed that the misclassification rates of FNIDS are low, less than 0.1%, for the investigated DDOS attacks, while the fine-grained service differentiation and resource isolation provided within the FCC comprise a novel and powerful built-in protection mechanism that helps mitigate DDoS attacks

Distributed control architecture for multiservice networks

The research focuses in devising decentralised and distributed control system architecture for the management of internetworking systems to provide improved service delivery and network control. The theoretical basis, results of simulation and implementation in a real-network are presented. It is demonstrated that better performance, utilisation and fairness can be achieved for network customers as well as network/service operators with a value based control system. A decentralised control system framework for analysing networked and shared resources is developed and demonstrated. This fits in with the fundamental principles of the Internet. It is demonstrated that distributed, multiple control loops can be run on shared resources and achieve proportional fairness in their allocation, without a central control. Some of the specific characteristic behaviours of the service and network layers are identified. The network and service layers are isolated such that each layer can evolve independently to fulfil their functions better. A common architecture pattern is devised to serve the different layers independently. The decision processes require no co-ordination between peers and hence improves scalability of the solution. The proposed architecture can readily fit into a clearinghouse mechanism for integration with business logic. This architecture can provide improved QoS and better revenue from both reservation-less and reservation-based networks. The limits on resource usage for different types of flows are analysed. A method that can sense and modify user utilities and support dynamic price offers is devised. An optimal control system (within the given conditions), automated provisioning, a packet scheduler to enforce the control and a measurement system etc are developed. The model can be extended to enhance the autonomicity of the computer communication networks in both client-server and P2P networks and can be introduced on the Internet in an incremental fashion. The ideas presented in the model built with the model-view-controller and electronic enterprise architecture frameworks are now independently developed elsewhere into common service delivery platforms for converged networks. Four US/EU patents were granted based on the work carried out for this thesis, for the cross-layer architecture, multi-layer scheme, measurement system and scheduler. Four conference papers were published and presented

Service Level Agreement-based adaptation management for Internet Service Provider (ISP) using Fuzzy Q-learning

Internet access is the vital catalyst for online users, and the number of mobile subscribers is predicted to grow from dramatically in the next few years. This huge demand is the main issue facing the Internet Service Providers (ISPs) who need to handle users’ expectations along with their current resources. An adaptive mechanism within the ISPs architecture is a promising solution to handle such situation. A Service Level Agreement (SLA)is the legal catalyst to monitor any contract violation between end users and ISPs and is embedded within a Quality of Service (QoS) framework. It strengthens and advances the quality of control over the user’s application and network resources and can be further stretched to fulfill the QoS terms through negotiation and re-negotiation. Moreover, the present literature does not focus on the combination of rule-based approaches and adaptation together to update the established learning repository. Therefore, this mainstream of this research in the context of SLAs is to fill in this gap by addressing the combination of rule-base uncertainties and iteration of the learning ability. The key to the proposed architecture is the utilization of self - * capabilities designed to have self-management over uncertainties and the provision of self-adaptive interactions. Thus, the Monitor, Analyse, Plan, Execute and Knowledge Base (MAPE-K) approach is able to deal with this problem together with the integration of Fuzzy and Q-Learning algorithms. The proposed architecture is in the context of autonomic computing. An adaptation manager is the main proposed component to update admission control on the ISP current resources and the ability to manage SLAs. A general methodology type-2 fuzzy logic is applied to ensure the uncertainties and precise decision-making are well addressed in this research. The proposed solution, demonstrating Q-Learning works adaptive with QoS parameters, e.g. Latency, Availability and Packet Loss. With the combination of fuzzy and Q-Learning, we demonstrate that the proposed adaptation manager is able to handle the uncertainties and learning abilities. Q-Learning is able to identify the initial state from various ISPs iterations and update them with appropriate actions, reflecting the reward configurations. The higher the iterations process the higher is the increase the learning ability,rewards and exploration probability. The research outcomes benefit the SLA framework by incorporating the information for SLA policies and Service Level Objectives (SLOs). Lastly, an important contribution is the ability to demonstrate that the MAPE-K approach is a contender for ISP SLA-based frameworks for QoS provision

Intelligent based Packet Scheduling Scheme using Internet Protocol/Multi-Protocol Label Switching (IP/MPLS) Technology for 5G. Design and Investigation of Bandwidth Management Technique for Service-Aware Traffic Engineering using Internet Protocol/Multi-Protocol Label Switching (IP/MPLS) for 5G

Multi-Protocol Label Switching (MPLS) makes use of traffic engineering (TE) techniques and a variety of protocols to establish pre-determined highly efficient routes in Wide Area Network (WAN). Unlike IP networks in which routing decision has to be made through header analysis on a hop-by-hop basis, MPLS makes use of a short bit sequence that indicates the forwarding equivalence class (FEC) of a packet and utilises a predefined routing table to handle packets of a specific FEC type. Thus header analysis of packets is not required, resulting in lower latency. In addition, packets of similar characteristics can be routed in a consistent manner. For example, packets carrying real-time information can be routed to low latency paths across the networks. Thus the key success to MPLS is to efficiently control and distribute the bandwidth available between applications across the networks. A lot of research effort on bandwidth management in MPLS networks has already been devoted in the past. However, with the imminent roll out of 5G, MPLS is seen as a key technology for mobile backhaul. To cope with the 5G demands of rich, context aware and multimedia-based user applications, more efficient bandwidth management solutions need to be derived. This thesis focuses on the design of bandwidth management algorithms, more specifically QoS scheduling, in MPLS network for 5G mobile backhaul. The aim is to ensure the reliability and the speed of packet transfer across the network. As 5G is expected to greatly improve the user experience with innovative and high quality services, users’ perceived quality of service (QoS) needs to be taken into account when deriving such bandwidth management solutions. QoS expectation from users are often subjective and vague. Thus this thesis proposes the use of fuzzy logic based solution to provide service aware and user-centric bandwidth management in order to satisfy requirements imposed by the network and users. Unfortunately, the disadvantage of fuzzy logic is scalability since dependable fuzzy rules and membership functions increase when the complexity of being modelled increases. To resolve this issue, this thesis proposes the use of neuro-fuzzy to solicit interpretable IF-THEN rules.The algorithms are implemented and tested through NS2 and Matlab simulations. The performance of the algorithms are evaluated and compared with other conventional algorithms in terms of average throughput, delay, reliability, cost, packet loss ratio, and utilization rate. Simulation results show that the neuro-fuzzy based algorithm perform better than fuzzy and other conventional packet scheduling algorithms using IP and IP over MPLS technologies.Tertiary Education Trust Fund (TETFUND

Quality of service differentiation for multimedia delivery in wireless LANs

Delivering multimedia content to heterogeneous devices over a variable networking environment while maintaining high quality levels involves many technical challenges. The research reported in this thesis presents a solution for Quality of Service (QoS)-based service differentiation when delivering multimedia content over the wireless LANs. This thesis has three major contributions outlined below: 1. A Model-based Bandwidth Estimation algorithm (MBE), which estimates the available bandwidth based on novel TCP and UDP throughput models over IEEE 802.11 WLANs. MBE has been modelled, implemented, and tested through simulations and real life testing. In comparison with other bandwidth estimation techniques, MBE shows better performance in terms of error rate, overhead, and loss. 2. An intelligent Prioritized Adaptive Scheme (iPAS), which provides QoS service differentiation for multimedia delivery in wireless networks. iPAS assigns dynamic priorities to various streams and determines their bandwidth share by employing a probabilistic approach-which makes use of stereotypes. The total bandwidth to be allocated is estimated using MBE. The priority level of individual stream is variable and dependent on stream-related characteristics and delivery QoS parameters. iPAS can be deployed seamlessly over the original IEEE 802.11 protocols and can be included in the IEEE 802.21 framework in order to optimize the control signal communication. iPAS has been modelled, implemented, and evaluated via simulations. The results demonstrate that iPAS achieves better performance than the equal channel access mechanism over IEEE 802.11 DCF and a service differentiation scheme on top of IEEE 802.11e EDCA, in terms of fairness, throughput, delay, loss, and estimated PSNR. Additionally, both objective and subjective video quality assessment have been performed using a prototype system. 3. A QoS-based Downlink/Uplink Fairness Scheme, which uses the stereotypes-based structure to balance the QoS parameters (i.e. throughput, delay, and loss) between downlink and uplink VoIP traffic. The proposed scheme has been modelled and tested through simulations. The results show that, in comparison with other downlink/uplink fairness-oriented solutions, the proposed scheme performs better in terms of VoIP capacity and fairness level between downlink and uplink traffic

Telecommunications Networks

This book guides readers through the basics of rapidly emerging networks to more advanced concepts and future expectations of Telecommunications Networks. It identifies and examines the most pressing research issues in Telecommunications and it contains chapters written by leading researchers, academics and industry professionals. Telecommunications Networks - Current Status and Future Trends covers surveys of recent publications that investigate key areas of interest such as: IMS, eTOM, 3G/4G, optimization problems, modeling, simulation, quality of service, etc. This book, that is suitable for both PhD and master students, is organized into six sections: New Generation Networks, Quality of Services, Sensor Networks, Telecommunications, Traffic Engineering and Routing

Software defined networking based resource management and quality of service support in wireless sensor network applications

To achieve greater performance in computing networks, a setup of critical computing aspects that ensures efficient network operation, needs to be implemented. One of these computing aspects is, Quality of Service (QoS). Its main functionality is to manage traffic queues by means of prioritizing sensitive network traffic. QoS capable networking allows efficient control of traffic especially for network critical data. However, to achieve this in Wireless Sensor Networks (WSN) is a serious challenge, since these technologies have a lot of computing limitations. It is even difficult to manage networking resources with ease in these types of technologies, due to their communication, processing and memory limitations. Even though this is the case with WSNs, they have been largely used in monitoring/detection systems, and by this proving their application importance. Realizing efficient network control requires intelligent methods of network management, especially for sensitive network data. Different network types implement diverse methods to control and administer network traffic as well as effectively manage network resources. As with WSNs, communication traffic and network resource control are mostly performed depending on independently employed mechanisms to deal with networking events occurring on different levels. It is therefore challenging to realize efficient network performance with guaranteed QoS in WSNs, given their computing limitations. Software defined networking (SDN) is advocated as a potential paradigm to improve and evolve WSNs in terms of capacity and application. A means to apply SDN strategies to these compute-limited WSNs, formulates software defined wireless sensor networks (SDWSN). In this work, a resource-aware OpenFlow-based Active Network Management (OF-ANM) QoS scheme that uses SDN strategies is proposed and implemented to apply QoS requirements for managing traffic congestion in WSNs. This scheme uses SDN programmability strategies to apply network QoS requirements and perform traffic load balancing to ensure congestion control in SDWSN. Our experimental results show that the developed scheme is able to provide congestion avoidance within the network. It also allows opportunities to implement flexible QoS requirements based on the system’s traffic state. Moreover, a QoS Path Selection and Resource-associating (Q-PSR) scheme for adaptive load balancing and intelligent resource control for optimal network performance is proposed and implemented. Our experimental results indicate better performance in terms of computation with load balancing and efficient resource alignment for different networking tasks when compared with other competing schemes.Thesis (PhD)--University of Pretoria, 2018.National Research FoundationUniversity of PretoriaElectrical, Electronic and Computer EngineeringPhDUnrestricte

Resource allocation and congestion control strategies for networked unmanned systems

It is generally agreed that communication is a critical technological factor in designing networked unmanned systems (NUS) that consist of a large number of heterogeneous assets/nodes that may be configured in ad-hoc fashion and that incorporate intricate architectures. In order to successfully carry out the NUS missions, communication among assets need to be accomplished efficiently. In contrast with conventional networks, NUSs have specific features that may render communication more complex. The main distinct characteristics of NUS are as follows: (a) heterogeneity of assets in terms of resources, (b) multiple topologies that can be fully-connected, (c) real-time requirements imposed by delivery timeliness of messages under evolving and uncertain environments, (d) unknown and random time-delays that may degrade the closed-loop dynamics performance, (e) bandwidth constraints reflecting differences in assets behavior and dynamics, and (f) protocol limitations for complying with the wireless features of these networks. The NUS system consists of clusters each having three nodes, namely, a sensor, a decision-maker, and an actuator. Inspired by networked control systems (NCS), we introduced a generic framework for NUSs. Using the fluid flow model (FFM), the overall dynamical model of our network cluster is derived as a time-delay dependent system. The following three main issues are investigated in this thesis, bandwidth allocation, an integrated bandwidth allocation and flow rate control, and congestion control. To demonstrate the difficulty of addressing the bandwidth allocation control problem, a standard PID is implemented for our network cluster. It is shown that in presence of feedback loops and time-delays in the network, this controller induces flow oscillations and consequently, in the worst-case scenario, network instability. To address this problem, nonlinear control strategies are proposed instead. These strategies are evaluated subject to presence of unknown delays and measurable/estimated input traffic. For different network configurations, the error dynamics of the entire controlled cluster is derived and sufficient stability conditions are obtained. In addition, our proposed bandwidth allocation control strategy is evaluated when the NUS assets are assumed to be mobile. The bandwidth allocation problem is often studied in an integrated fashion with the flow rate control and the connection admission control (CAC). In fact, due to importance of interaction of various components, design of the entire control system is often more promising than optimization of individual components. In this thesis, several robust integrated bandwidth allocation and flow rate control strategies are proposed. The third issue that is investigated in this thesis is the congestion control for differentiated-services (DiffServ) networks. In our proposed congestion control strategies, the buffer queue length is used as a feedback information to control locally the queue length of each buffer by acting on the bandwidth and simultaneously a feedback signaling notifies the ordinary sources regarding the allowed maximum rate. Using sliding mode generalized variable structure control techniques (SM-GVSC), two congestion control approaches are proposed, namely, the non degenerate and degenerate GVS control approaches. By adopting decentralized end-to-end, semi-decentralized end-to-end, and distributed hop-by-hop control approaches, our proposed congestion control strategies are investigated for a DiffServ loopless mesh network (Internet) and a DiffServ fully-connected NUS. Contrary to the semi-decentralized end-to-end congestion control strategy, in the distributed hop-by-hop congestion control strategy, each output port controller communicates the maximum allowed flow rate only to its immediate upstream node(s) and/or source(s). This approach reduces the required amount of information in the flow control when Compared to other approaches in which the allowed flow rate is sent to all the upstream sources communicating through an output port

Multimedia computer networks quality of service techniques evaluation and development.

The growth in the transmission of time-sensitive applications over computer networks means that Quality of Service (QoS) needs to be managed in an efficient manner. Network QoS management in this thesis refers to evaluation and improvement of QoS provided by integrated wired and wireless computer networks. Evaluation of QoS aims to analyse and quantify network performance with respect of meeting multimedia applications' transmission requirements. QoS improvement involves the ability to take actions to change network performance toward improved operation. Therefore, the main aims of this thesis are: (i) to develop techniques for evaluation QoS in multimedia computer networks, (ii) to develop techniques that uses the information from (i) to manage and improve network performance. Multimedia traffic generates a large amount of data. Collecting this information poses a challenge as it needs to be sufficiently fast and accurate. A contribution of this thesis is that adaptive statistical sampling techniques to sample multimedia traffic were developed and their effectiveness was evaluated. Three different adjustment mechanisms were incorporated into statistical sampling techniques to adjust the traffic sampling rate: simple linear adjustment, quarter adjustment, and Fuzzy Inference System (FIS). The findings indicated that the developed methods outperformed the conventional non-adaptive sampling methods of systematic, stratified and random. The data collected included important QoS parameters, i.e. delay, jitter, throughput, and packet loss that indicated network performance in delivering real-time applications. An issue is that QoS needs evaluation in an informative manner. Therefore, the second contribution of this thesis is that statistical and Artificial Intelligent (AI) techniques were developed to evaluate QoS for multimedia applications. The application's QoS parameters were initially analysed either by Fuzzy C-Means (FCM) clustering algorithm or by Kohonen neural network. The analysed QoS parameters were then used as inputs to a regression model or Multi-Layer Perceptron (MLP) neural network in order to quantify the overall QoS. The proposed QoS evaluation system differentiated the network's QoS into a number of levels (Poor to Good QoS) and based on this information, the overall network's QoS was successfully quantified. In order to facilitate QoS assessment, a portable hand-held device for assessing the QoS in multimedia networks was designed, regression model was implemented on the microcontroller board and its performance was successfully demonstrated.Multimedia applications transmitted over computer networks require a large bandwidth that is a critical issue especially in wireless networks. The challenge is to enable end-to-end QoS by providing different treatments for different classes of traffic and efficient use of network resources. In this thesis, a new QoS enhancement scheme for wireless-wired networks is developed. This scheme consisted of an adaptive traffic allocation algorithm that is incorporated into the network's wireless side to improve the performance of IEEE 802.11e Enhanced Distributed Channel Access (EDCA) protocol, and a Weighted Round Robin (WRR) queuing scheduling mechanism that was incorporated into the wired side. The proposed scheme improved the QoS for Multimedia applications. The average QoS for voice, and video applications were increased from their original values by 72.5%, and 70.3% respectively