26 research outputs found
FS-OpenSecurity : A taxonomic modeling of security threats in SDN for future sustainable computing
Peer reviewedPublisher PD
ReactiFi: Reactive Programming of Wi-Fi Firmware on Mobile Devices
Network programmability will be required to handle future increased network
traffic and constantly changing application needs. However, there is currently
no way of using a high-level, easy to use programming language to program Wi-Fi
firmware. This impedes rapid prototyping and deployment of novel network
services/applications and hinders continuous performance optimization in Wi-Fi
networks, since expert knowledge is required for both the used hardware
platforms and the Wi-Fi domain. In this paper, we present ReactiFi, a
high-level reactive programming language to program Wi-Fi chips on mobile
consumer devices. ReactiFi enables programmers to implement extensions of PHY,
MAC, and IP layer mechanisms without requiring expert knowledge of Wi-Fi chips,
allowing for novel applications and network protocols. ReactiFi programs are
executed directly on the Wi-Fi chip, improving performance and power
consumption compared to execution on the main CPU. ReactiFi is conceptually
similar to functional reactive languages, but is dedicated to the
domain-specific needs of Wi-Fi firmware. First, it handles low-level
platform-specific details without interfering with the core functionality of
Wi-Fi chips. Second, it supports static reasoning about memory usage of
applications, which is important for typically memory-constrained Wi-Fi chips.
Third, it limits dynamic changes of dependencies between computations to
dynamic branching, in order to enable static reasoning about the order of
computations. We evaluate ReactiFi empirically in two real-world case studies.
Our results show that throughput, latency, and power consumption are
significantly improved when executing applications on the Wi-Fi chip rather
than in the operating system kernel or in user space. Moreover, we show that
the high-level programming abstractions of ReactiFi have no performance
overhead compared to manually written C code
OpenDaylight vs. Floodlight: Comparative Analysis of a Load Balancing Algorithm for Software Defined Networking
This paper presents the proposal of a load balancing algorithm implemented in two of the most popular controllers for Software Defined Networks (SDN): OpenDaylight and Floodlight. A comparative study in terms of the available bandwidth and delay time of the packet forwarding was performed by means of simulation modeling in a base network in which a shortest path algorithm was implemented as well. The results show that the proposed load balancing algorithm improves significantly the performance of a SDN in terms of the offered QoS of a OpenDaylight based controller. The effect of the proposed load balancing algorithm in the Floodlight controller shows a smaller impact mainly on the bandwidth allocation due to its in-build modules that by default perform specific routing and forwarding operations efficiently according to the traffic demand
Software-Defined Networking: A Comprehensive Survey
peer reviewedThe Internet has led to the creation of a digital society, where (almost) everything is connected and is accessible from anywhere. However, despite their widespread adoption, traditional IP networks are complex and very hard to manage. It is both difficult to configure the network according to predefined policies, and to reconfigure it to respond to faults, load, and changes. To make matters even more difficult, current networks are also vertically integrated: the control and data planes are bundled together. Software-defined networking (SDN) is an emerging paradigm that promises to change this state of affairs, by breaking vertical integration, separating the network's control logic from the underlying routers and switches, promoting (logical) centralization of network control, and introducing the ability to program the network. The separation of concerns, introduced between the definition of network policies, their implementation in switching hardware, and the forwarding of traffic, is key to the desired flexibility: by breaking the network control problem into tractable pieces, SDN makes it easier to create and introduce new abstractions in networking, simplifying network management and facilitating network evolution. In this paper, we present a comprehensive survey on SDN. We start by introducing the motivation for SDN, explain its main concepts and how it differs from traditional networking, its roots, and the standardization activities regarding this novel paradigm. Next, we present the key building blocks of an SDN infrastructure using a bottom-up, layered approach. We provide an in-depth analysis of the hardware infrastructure, southbound and northbound application programming interfaces (APIs), network virtualization layers, network operating systems (SDN controllers), network programming languages, and network applications. We also look at cross-layer problems such as debugging and troubleshooting. In an effort to anticipate the future evolution of this - ew paradigm, we discuss the main ongoing research efforts and challenges of SDN. In particular, we address the design of switches and control platforms—with a focus on aspects such as resiliency, scalability, performance, security, and dependability—as well as new opportunities for carrier transport networks and cloud providers. Last but not least, we analyze the position of SDN as a key enabler of a software-defined environment
Network Mobility Management Challenges, Directions, and Solutions: An Architectural Perspective
Efficient mobility management solutions are essential to provide users with seamless connectivity and session continuity during movement. However, user mobility was not envisaged as one of the early Internet's use cases due to the early adoption of destination based routing and the assumption that end-nodes are static. This has become a critical hinder for providing efficient mobility support. This paper presents the challenges, drivers, and solutions that aim to overcome the drawbacks of current mobility management approaches. Furthermore, it introduces a promising solution that builds on emerging path-based forwarding architectures that identify network links rather than end nodes. Delivery path information is stored inside the packet while forwarding is achieved by performing a simple set membership test rather than the current destination-based routing approach. Mobility management in these architectures simply requires partial recomputation of the delivery path allowing for efficient mobility support over an optimal path. Evaluation results show significant cost savings in terms of delivery paths and end-to-end packet delay when using a path forwarding architecture
Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey
Internet usage has changed from its first design. Hence, the current Internet
must cope with some limitations, including performance degradation,
availability of IP addresses, and multiple security and privacy issues.
Nevertheless, to unsettle the current Internet's network layer i.e., Internet
Protocol with ICN is a challenging, expensive task. It also requires worldwide
coordination among Internet Service Providers , backbone, and Autonomous
Services. Additionally, history showed that technology changes e.g., from 3G to
4G, from IPv4 to IPv6 are not immediate, and usually, the replacement includes
a long coexistence period between the old and new technology. Similarly, we
believe that the process of replacement of the current Internet will surely
transition through the coexistence of IP and ICN. Although the tremendous
amount of security and privacy issues of the current Internet taught us the
importance of securely designing the architectures, only a few of the proposed
architectures place the security-by-design. Therefore, this article aims to
provide the first comprehensive Security and Privacy analysis of the
state-of-the-art coexistence architectures. Additionally, it yields a
horizontal comparison of security and privacy among three deployment approaches
of IP and ICN protocol i.e., overlay, underlay, and hybrid and a vertical
comparison among ten considered security and privacy features. As a result of
our analysis, emerges that most of the architectures utterly fail to provide
several SP features including data and traffic flow confidentiality,
availability and communication anonymity. We believe this article draws a
picture of the secure combination of current and future protocol stacks during
the coexistence phase that the Internet will definitely walk across
Network Mobility Management Challenges, Directions, and Solutions: An Architectural Perspective
Efficient mobility management solutions are essential to provide users with seamless connectivity and session continuity during movement. However, user mobility was not envisaged as one of the early Internet’s use cases due to the early adoption of destination based routing and the assumption that end-nodes are static. This has become a critical hinder for providing efficient mobility support. This paper presents the challenges, drivers, and solutions that aim to overcome the drawbacks of current mobility management approaches. Furthermore, it introduces a promising solution that builds on emerging path-based forwarding architectures that identify network links rather than end nodes. Delivery path information is stored inside the packet while forwarding is achieved by performing a simple set membership test rather than the current destination-based routing approach. Mobility management in these architectures simply requires partial recomputation of the delivery path allowing for efficient mobility support over an optimal path. Evaluation results show significant cost savings in terms of delivery paths and end-to-end packet delay when using a path forwarding architecture
Network Mobility Management Challenges, Directions, and Solutions: An Architectural Perspective
Efficient mobility management solutions are essential to provide users with seamless connectivity and session continuity during movement. However, user mobility was not envisaged as one of the early Internet’s use cases due to the early adoption of destination based routing and the assumption that end-nodes are static. This has become a critical hinder for providing efficient mobility support. This paper presents the challenges, drivers, and solutions that aim to overcome the drawbacks of current mobility management approaches. Furthermore, it introduces a promising solution that builds on emerging path-based forwarding architectures that identify network links rather than end nodes. Delivery path information is stored inside the packet while forwarding is achieved by performing a simple set membership test rather than the current destination-based routing approach. Mobility management in these architectures simply requires partial recomputation of the delivery path allowing for efficient mobility support over an optimal path. Evaluation results show significant cost savings in terms of delivery paths and end-to-end packet delay when using a path forwarding architecture
High performance network function virtualization for user-oriented services
The Network Function Virtualization (NFV) paradigm proposes to transform those network functions today running on dedicated and often closed appliances (e.g., firewall, wan accelerator) into pure software images, called Virtual Network Functions (VNFs), which can be consolidated and executed on high-volume standard servers. In this context, this dissertation focuses on the possibility of enabling each single end user (and not only network operators) to set up network services by means of NFV, allowing him to custoimize the set of services that are active on his Internet connection. This goal mainly requires to address flexibility and performance issues. Regarding to the former, it is important: (i) to support services including both network (e.g., firewall) and cloud (e.g., storage server) applications; (ii) to allow the user to define the service with an intuitive and high-level abstraction, hiding infrastructure-layer details. Instead, with respect to performance, multiple software-based services operating on the user's traffic should not introduce penalties in the user’s Internet experience. This dissertation solves the above issues by proposing a number of improvements in the context of Network Function Virtualization, both in terms of high level models and architectures to define and instantiate network services, and in terms of mechanisms to efficiently interconnect VNFs. Experimental results demonstrate that the goal of allowing end users to deploy services operating on their own traffic is feasible without impacting the Internet experience
Software defined neighborhood area network for smart grid applications
Information gathered from the Smart Grid (SG) devices located in end user premises provides a valuable resource that can be used to modify the behavior of SG applications. Decentralized and distributed deployment of neighborhood area network (NAN) devices makes it a challenge to manage SG efficiently. The NAN communication network architecture should be designed to aggregate and disseminate information among different SG domains. In this paper, we present a communication framework for NAN based on wireless sensor networks using the software defined networking paradigm. The data plane devices, such as smart meters, intelligent electronic devices, sensors, and switches are controlled via an optimized controller hierarchy deployed using a separate control plane. An analytical model is developed to determine the number of switches and controllers required for the NAN and the results of several test scenarios are presented. A Castalia based simulation model was used to analyze the performance of modified NAN performance