Advanced SDN-Based QoS and Security Solutions for Heterogeneous Networks

This thesis tries to study how SDN can be employed in order to support Quality of Service and how the support of this functionality is fundamental for today networks. Considering, not only the present networks, but also the next generation ones, the importance of the SDN paradigm become manifest as the use of satellite networks, which can be useful considering their broadcasting capabilities. For these reasons, this research focuses its attention on satellite - terrestrial networks and in particular on the use of SDN inside this environment. An important fact to be taken into account is that the growing of the information technologies has pave the way for new possible threats. This research study tries to cover also this problem considering how SDN can be employed for the detection of past and future malware inside networks

Models, Algorithms, and Architectures for Scalable Packet Classification

The growth and diversification of the Internet imposes increasing demands on the performance and functionality of network infrastructure. Routers, the devices responsible for the switch-ing and directing of traffic in the Internet, are being called upon to not only handle increased volumes of traffic at higher speeds, but also impose tighter security policies and provide support for a richer set of network services. This dissertation addresses the searching tasks performed by Internet routers in order to forward packets and apply network services to packets belonging to defined traffic flows. As these searching tasks must be performed for each packet traversing the router, the speed and scalability of the solutions to the route lookup and packet classification problems largely determine the realizable performance of the router, and hence the Internet as a whole. Despite the energetic attention of the academic and corporate research communities, there remains a need for search engines that scale to support faster communication links, larger route tables and filter sets and increasingly complex filters. The major contributions of this work include the design and analysis of a scalable hardware implementation of a Longest Prefix Matching (LPM) search engine for route lookup, a survey and taxonomy of packet classification techniques, a thorough analysis of packet classification filter sets, the design and analysis of a suite of performance evaluation tools for packet classification algorithms and devices, and a new packet classification algorithm that scales to support high-speed links and large filter sets classifying on additional packet fields

Multi-provider network service embedding

[no abstract

Doctor of Philosophy

dissertationOver the last decade, cyber-physical systems (CPSs) have seen significant applications in many safety-critical areas, such as autonomous automotive systems, automatic pilot avionics, wireless sensor networks, etc. A Cps uses networked embedded computers to monitor and control physical processes. The motivating example for this dissertation is the use of fault- tolerant routing protocol for a Network-on-Chip (NoC) architecture that connects electronic control units (Ecus) to regulate sensors and actuators in a vehicle. With a network allowing Ecus to communicate with each other, it is possible for them to share processing power to improve performance. In addition, networked Ecus enable flexible mapping to physical processes (e.g., sensors, actuators), which increases resilience to Ecu failures by reassigning physical processes to spare Ecus. For the on-chip routing protocol, the ability to tolerate network faults is important for hardware reconfiguration to maintain the normal operation of a system. Adding a fault-tolerance feature in a routing protocol, however, increases its design complexity, making it prone to many functional problems. Formal verification techniques are therefore needed to verify its correctness. This dissertation proposes a link-fault-tolerant, multiflit wormhole routing algorithm, and its formal modeling and verification using two different methodologies. An improvement upon the previously published fault-tolerant routing algorithm, a link-fault routing algorithm is proposed to relax the unrealistic node-fault assumptions of these algorithms, while avoiding deadlock conservatively by appropriately dropping network packets. This routing algorithm, together with its routing architecture, is then modeled in a process-algebra language LNT, and compositional verification techniques are used to verify its key functional properties. As a comparison, it is modeled using channel-level VHDL which is compiled to labeled Petri-nets (LPNs). Algorithms for a partial order reduction method on LPNs are given. An optimal result is obtained from heuristics that trace back on LPNs to find causally related enabled predecessor transitions. Key observations are made from the comparison between these two verification methodologies

Optimisation de l'intégration des requêtes de réseaux virtuels dans un environnement multiCloud

De nos jours, l’Infrastructure-service ou Infrastructure as a Service (IaaS) est devenue le modèle de service du Cloud Computing le plus largement adopté. Dans ce modèle d’affaires, un fournisseur de service ou Service Provider (SP) peut louer, à partir d’un ou de plusieurs fournisseurs d’infrastructure ou Cloud Providers (CPs), des ressources physiques proposées en tant que services (calcul, stockage, accès réseau, routage, etc.). Ces derniers sont encapsulés dans des machines virtuelles ou Virtual Machines (VMs), interconnectées et assemblées sous forme de requête de réseau virtuel ou Virual Network Request (VNR), dans le but de créer des réseaux virtuels hétérogènes offrant des applications et des services personnalisés à des utilisateurs finaux. Malgré son adoption largement réussie, le modèle IaaS reste toujours confronté à un défi fondamental en matière de gestion de ressources, qui consiste en l’optimisation de l’intégration efficace et dynamique des VNRs dans les infrastructures sous-jacentes distribuées et partagées. En effet, des ressources hétérogènes doivent être efficacement allouées afin de pouvoir héberger les VMs dans des centres de données ou data centers (DCs) spécifiques, et de faire router les liaisons virtuelles ou Virtual Links (VLs), représentant le trafic échangé entre les VMs interconnectées, sur des chemins appropriés entre les DCs. Cette allocation de ressources et de services vise généralement à satisfaire des contraintes de performance, de Qualité de Service (QdS), de sécurité et de localisation géographique, imposées par le SP. Dans le contexte de la virtualisation de réseau, ce problème est connu NP-difficile, sous le nom d’intégration de réseau virtuel ou Virtual Network Embedding (VNE), qui n’a été abordé que récemment dans la littérature dans le cadre d’un réseau multiCloud, où les infrastructures Cloud sous-jacents appartiennent à différents CPs indépendants. Le VNE dans un environnement multiCloud ajoute plus de complexité et des défis d’évolutivitité au problème, car l’ensemble du processus nécessite une approche de résolution hiérarchique, dans laquelle deux phases principales d’opération sont réalisées, chacune ayant des objectifs différents selon les acteurs : la phase de partitionnement des VNRs à travers le réseau multiCloud, suivie de la phase d’intégration des segments de VNRs dans les infrastructures intraCloud sélectionnées. Dans la première phase réalisée indirectement par le SP, ce dernier mandate généralement un fournisseur de réseau virtuel ou Virtual Network Provider (VNP). Le VNP agit en tant que service de courtage virtuel pour le compte du SP, afin de sélectionner adéquatement des CPs capables de répondre efficacement aux objectifs et exigences du SP, puis partitionne les VNRs en plusieurs segments. Dans la deuxième phase, qui correspond notamment au problème bien connu du VNE dans le cadre d’un seul CP et qui a été largement abordé dans des travaux de recherche antérieurs, chaque CP sélectionné utilise une approche d’hébergement adéquate pour intégrer les segments de VNRs qui lui sont attribués dans son réseau intraCloud.----------ABSTRACT: Nowadays, the Infrastructure as a Service (IaaS) has become the most widely adopted cloud service model. In this business paradigm, a Service Provider (SP) can lease, from one or more Cloud Providers (CPs), infrastructure layer resources (processing, storage, network access, routing services, etc.) packaged into interconnected virtual machines (VMs) and assembled as a virtual network request (VNR), in order to build heterogeneous virtual networks that will offer customized services and applications to its end users. Despite its successful adoption, the IaaS model faces a fundamental resource management challenge lying in the efficient and dynamic embedding of VNRs onto distributed and shared substrate infrastructures. Heterogenous resources need to be efficiently allocated to host VMs in specific substrate data centers (DCs) and to route virtual links (VLs), representing the exchanged traffic between interconnected VMs, onto suitable substrate paths between the hosting DCs, in order to satisfy performance, Quality of Service (QoS), security and geographical location constraints imposed by the SP. In the context of network virtualization, this issue is usually referred to as the NP-hard Virtual Network Embedding (VNE) problem, which has been only recently addressed in the literature within a multicloud network, where the substrate infrastructures are owned by different and independent CPs. Such a context adds more complexity and scalability issues, since the whole VNE process requires a hierarchical resolution approach, where two major phases of operation are performed, each of them having different purposes according to the acting player: the multicloud VNRs splitting phase, followed by the intra-cloud VNR segments mapping phase. In the first phase played indirectly by the SP, the latter generally mandates a Virtual Network Provider (VNP), which acts as a virtual brokerage service on behalf of the SP, in order to select eligible CPs based on the SP’s goals and requirements, and split the VNRs into segments. In the second phase, which corresponds to the well known VNE within a single CP largely addressed in past research works, each selected CP uses a mapping approach to embed the assigned VNR segments into its intra-cloud network

Java, Java, Java: Object-Oriented Problem Solving

Open Access Textbook from Open Textbook Library: Java, Java, Java, 3e was previously published by Pearson Education, Inc. The first edition (2000) and the second edition (2003) were published by Prentice-Hall. In 2010 Pearson Education, Inc. reassigned the copyright to the authors, and we are happy now to be able to make the book available under an open source license. This PDF edition of the book is available under a Creative Commons Attribution 4.0 International License, which allows the book to be used, modified, and shared with attribution: (https://creativecommons.org/licenses/by/4.0/). – Ralph Morelli and Ralph Walde – Hartford, CT – December 30, 201

A complete design path for the layout of flexible macros

XIV+172hlm.;24c