An Approach for Fast Fault Detection in Virtual Network

The diversity of applications in cloud computing and the dynamic nature of environment deployment makes virtual machines, containers, and distributed software systems to often have various software failures, which make it impossible to provide external services normally. Whether it is cloud management or distributed application itself, it takes a few seconds to find the fault of protocol class detection methods on the management or control surfaces of distributed applications, hundreds of milliseconds to find the fault of protocol class detection methods based on user interfaces, and the main time from the failure to recovery of distributed software systems is spent in detecting the fault. Therefore, timely discovery of faults (virtual machines, containers, software) is the key to subsequent fault diagnosis, isolation and recovery. Considering the network connection of virtual machines/containers in cloud infrastructure, more and more intelligent virtual network cards are used to connect virtual network elements (Virtual Router or Virtual Switch). This paper studies a fault detection mechanism of virtual machines, containers and distributed software based on the message driven mode of virtual network elements. Taking advantage of the VIRTIO message queue memory sharing feature between the front-end and back-end in the virtual network card of the virtualization network element and the virtual machine or container it detects in the same server in the cloud network, when the virtualization network element sends packets to the virtual machine or container, quickly check whether the message on the queue header of the previously sent VIRTIO message has been received and processed. If it has not been received and processed beyond a certain time threshold, it indicates that the virtual machine, the container and distributed software have failed. The method in this paper can significantly improve the fault detection performance of virtual machine/container/distributed application (from the second pole to the millisecond level) for a large number of business message scenarios, and provide faster fault detection for the rapid convergence of virtual network traffic, migration of computing nodes, and high availability of distributed applications

Machine learning based intrusion detection system for software defined networks

Software-Defined Networks (SDN) is an emerging area that promises to change the way we design, build, and operate network architecture. It tends to shift from traditional network architecture of proprietary based to open and programmable network architecture. However, this new innovative and improved technology also brings another security burden into the network architecture, with existing and emerging security threats. The network vulnerability has become more open to intruders: the focus is now shifted to a single point of failure where the central controller is a prime target. Therefore, integration of intrusion detection system (IDS) into the SDN architecture is essential to provide a network with attack countermeasure. The work designed and developed a virtual testbed that simulates the processes of the real network environment, where a star topology is created with hosts and servers connected to the OpenFlow OVS-switch. Signature-based Snort IDS is deployed for traffic monitoring and attack detection, by mirroring the traffic destine to the servers. The vulnerability assessment shows possible attacks threat exist in the network architecture and effectively contain by Snort IDS except for the few which the suggestion is made for possible mitigation. In order to provide scalable threat detection in the architecture, a flow-based IDS model is developed. A flow-based anomaly detection is implemented with machine learning to overcome the limitation of signature-based IDS. The results show positive improvement for detection of almost all the possible attacks in SDN environment with our pattern recognition of neural network for machine learning using our trained model with over 97% accuracy

Computing in the RAIN: a reliable array of independent nodes

The RAIN project is a research collaboration between Caltech and NASA-JPL on distributed computing and data-storage systems for future spaceborne missions. The goal of the project is to identify and develop key building blocks for reliable distributed systems built with inexpensive off-the-shelf components. The RAIN platform consists of a heterogeneous cluster of computing and/or storage nodes connected via multiple interfaces to networks configured in fault-tolerant topologies. The RAIN software components run in conjunction with operating system services and standard network protocols. Through software-implemented fault tolerance, the system tolerates multiple node, link, and switch failures, with no single point of failure. The RAIN-technology has been transferred to Rainfinity, a start-up company focusing on creating clustered solutions for improving the performance and availability of Internet data centers. In this paper, we describe the following contributions: 1) fault-tolerant interconnect topologies and communication protocols providing consistent error reporting of link failures, 2) fault management techniques based on group membership, and 3) data storage schemes based on computationally efficient error-control codes. We present several proof-of-concept applications: a highly-available video server, a highly-available Web server, and a distributed checkpointing system. Also, we describe a commercial product, Rainwall, built with the RAIN technology

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte

The Raincore Distributed Session Service for Networking Elements

Motivated by the explosive growth of the Internet, we study efficient and fault-tolerant distributed session layer protocols for networking elements. These protocols are designed to enable a network cluster to share the state information necessary for balancing network traffic and computation load among a group of networking elements. In addition, in the presence of failures, they allow network traffic to fail-over from failed networking elements to healthy ones. To maximize the overall network throughput of the networking cluster, we assume a unicast communication medium for these protocols. The Raincore Distributed Session Service is based on a fault-tolerant token protocol, and provides group membership, reliable multicast and mutual exclusion services in a networking environment. We show that this service provides atomic reliable multicast with consistent ordering. We also show that Raincore token protocol consumes less overhead than a broadcast-based protocol in this environment in terms of CPU task-switching. The Raincore technology was transferred to Rainfinity, a startup company that is focusing on software for Internet reliability and performance. Rainwall, Rainfinity’s first product, was developed using the Raincore Distributed Session Service. We present initial performance results of the Rainwall product that validates our design assumptions and goals

An Overview on Application of Machine Learning Techniques in Optical Networks

Today's telecommunication networks have become sources of enormous amounts of widely heterogeneous data. This information can be retrieved from network traffic traces, network alarms, signal quality indicators, users' behavioral data, etc. Advanced mathematical tools are required to extract meaningful information from these data and take decisions pertaining to the proper functioning of the networks from the network-generated data. Among these mathematical tools, Machine Learning (ML) is regarded as one of the most promising methodological approaches to perform network-data analysis and enable automated network self-configuration and fault management. The adoption of ML techniques in the field of optical communication networks is motivated by the unprecedented growth of network complexity faced by optical networks in the last few years. Such complexity increase is due to the introduction of a huge number of adjustable and interdependent system parameters (e.g., routing configurations, modulation format, symbol rate, coding schemes, etc.) that are enabled by the usage of coherent transmission/reception technologies, advanced digital signal processing and compensation of nonlinear effects in optical fiber propagation. In this paper we provide an overview of the application of ML to optical communications and networking. We classify and survey relevant literature dealing with the topic, and we also provide an introductory tutorial on ML for researchers and practitioners interested in this field. Although a good number of research papers have recently appeared, the application of ML to optical networks is still in its infancy: to stimulate further work in this area, we conclude the paper proposing new possible research directions