Fatias de rede fim-a-fim : da extração de perfis de funções de rede a SLAs granulares

Orientador: Christian Rodolfo Esteve RothenbergTese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de ComputaçãoResumo: Nos últimos dez anos, processos de softwarização de redes vêm sendo continuamente diversi- ficados e gradativamente incorporados em produção, principalmente através dos paradigmas de Redes Definidas por Software (ex.: regras de fluxos de rede programáveis) e Virtualização de Funções de Rede (ex.: orquestração de funções virtualizadas de rede). Embasado neste processo o conceito de network slice surge como forma de definição de caminhos de rede fim- a-fim programáveis, possivelmente sobre infrastruturas compartilhadas, contendo requisitos estritos de desempenho e dedicado a um modelo particular de negócios. Esta tese investiga a hipótese de que a desagregação de métricas de desempenho de funções virtualizadas de rede impactam e compõe critérios de alocação de network slices (i.e., diversas opções de utiliza- ção de recursos), os quais quando realizados devem ter seu gerenciamento de ciclo de vida implementado de forma transparente em correspondência ao seu caso de negócios de comu- nicação fim-a-fim. A verificação de tal assertiva se dá em três aspectos: entender os graus de liberdade nos quais métricas de desempenho de funções virtualizadas de rede podem ser expressas; métodos de racionalização da alocação de recursos por network slices e seus re- spectivos critérios; e formas transparentes de rastrear e gerenciar recursos de rede fim-a-fim entre múltiplos domínios administrativos. Para atingir estes objetivos, diversas contribuições são realizadas por esta tese, dentre elas: a construção de uma plataforma para automatização de metodologias de testes de desempenho de funções virtualizadas de redes; a elaboração de uma metodologia para análises de alocações de recursos de network slices baseada em um algoritmo classificador de aprendizado de máquinas e outro algoritmo de análise multi- critério; e a construção de um protótipo utilizando blockchain para a realização de contratos inteligentes envolvendo acordos de serviços entre domínios administrativos de rede. Por meio de experimentos e análises sugerimos que: métricas de desempenho de funções virtualizadas de rede dependem da alocação de recursos, configurações internas e estímulo de tráfego de testes; network slices podem ter suas alocações de recursos coerentemente classificadas por diferentes critérios; e acordos entre domínios administrativos podem ser realizados de forma transparente e em variadas formas de granularidade por meio de contratos inteligentes uti- lizando blockchain. Ao final deste trabalho, com base em uma ampla discussão as perguntas de pesquisa associadas à hipótese são respondidas, de forma que a avaliação da hipótese proposta seja realizada perante uma ampla visão das contribuições e trabalhos futuros desta teseAbstract: In the last ten years, network softwarisation processes have been continuously diversified and gradually incorporated into production, mainly through the paradigms of Software Defined Networks (e.g., programmable network flow rules) and Network Functions Virtualization (e.g., orchestration of virtualized network functions). Based on this process, the concept of network slice emerges as a way of defining end-to-end network programmable paths, possibly over shared network infrastructures, requiring strict performance metrics associated to a par- ticular business case. This thesis investigate the hypothesis that the disaggregation of network function performance metrics impacts and composes a network slice footprint incurring in di- verse slicing feature options, which when realized should have their Service Level Agreement (SLA) life cycle management transparently implemented in correspondence to their fulfilling end-to-end communication business case. The validation of such assertive takes place in three aspects: the degrees of freedom by which performance of virtualized network functions can be expressed; the methods of rationalizing the footprint of network slices; and transparent ways to track and manage network assets among multiple administrative domains. In order to achieve such goals, a series of contributions were achieved by this thesis, among them: the construction of a platform for automating methodologies for performance testing of virtual- ized network functions; an elaboration of a methodology for the analysis of footprint features of network slices based on a machine learning classifier algorithm and a multi-criteria analysis algorithm; and the construction of a prototype using blockchain to carry out smart contracts involving service level agreements between administrative systems. Through experiments and analysis we suggest that: performance metrics of virtualized network functions depend on the allocation of resources, internal configurations and test traffic stimulus; network slices can have their resource allocations consistently analyzed/classified by different criteria; and agree- ments between administrative domains can be performed transparently and in various forms of granularity through blockchain smart contracts. At the end of his thesis, through a wide discussion we answer all the research questions associated to the investigated hypothesis in such way its evaluation is performed in face of wide view of the contributions and future work of this thesisDoutoradoEngenharia de ComputaçãoDoutor em Engenharia ElétricaFUNCAM

An Overview on Application of Machine Learning Techniques in Optical Networks

Today's telecommunication networks have become sources of enormous amounts of widely heterogeneous data. This information can be retrieved from network traffic traces, network alarms, signal quality indicators, users' behavioral data, etc. Advanced mathematical tools are required to extract meaningful information from these data and take decisions pertaining to the proper functioning of the networks from the network-generated data. Among these mathematical tools, Machine Learning (ML) is regarded as one of the most promising methodological approaches to perform network-data analysis and enable automated network self-configuration and fault management. The adoption of ML techniques in the field of optical communication networks is motivated by the unprecedented growth of network complexity faced by optical networks in the last few years. Such complexity increase is due to the introduction of a huge number of adjustable and interdependent system parameters (e.g., routing configurations, modulation format, symbol rate, coding schemes, etc.) that are enabled by the usage of coherent transmission/reception technologies, advanced digital signal processing and compensation of nonlinear effects in optical fiber propagation. In this paper we provide an overview of the application of ML to optical communications and networking. We classify and survey relevant literature dealing with the topic, and we also provide an introductory tutorial on ML for researchers and practitioners interested in this field. Although a good number of research papers have recently appeared, the application of ML to optical networks is still in its infancy: to stimulate further work in this area, we conclude the paper proposing new possible research directions

Challenges in Cybersecurity and Privacy - the European Research Landscape

Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes are continuously evolving, causing important damages and privacy problems for European citizens in both virtual and physical scenarios. In this context, new holistic approaches, methodologies, techniques and tools are needed to cope with those issues, and mitigate cyberattacks, by employing novel cyber-situational awareness frameworks, risk analysis and modeling, threat intelligent systems, cyber-threat information sharing methods, advanced big-data analysis techniques as well as exploiting the benefits from latest technologies such as SDN/NFV and Cloud systems. In addition, novel privacy-preserving techniques, and crypto-privacy mechanisms, identity and eID management systems, trust services, and recommendations are needed to protect citizens’ privacy while keeping usability levels. The European Commission is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This book introduces several cybersecurity and privacy research challenges and how they are being addressed in the scope of 15 European research projects. Each chapter is dedicated to a different funded European Research project, which aims to cope with digital security and privacy aspects, risks, threats and cybersecurity issues from a different perspective. Each chapter includes the project’s overviews and objectives, the particular challenges they are covering, research achievements on security and privacy, as well as the techniques, outcomes, and evaluations accomplished in the scope of the EU project. The book is the result of a collaborative effort among relative ongoing European Research projects in the field of privacy and security as well as related cybersecurity fields, and it is intended to explain how these projects meet the main cybersecurity and privacy challenges faced in Europe. Namely, the EU projects analyzed in the book are: ANASTACIA, SAINT, YAKSHA, FORTIKA, CYBECO, SISSDEN, CIPSEC, CS-AWARE. RED-Alert, Truessec.eu. ARIES, LIGHTest, CREDENTIAL, FutureTrust, LEPS. Challenges in Cybersecurity and Privacy - the European Research Landscape is ideal for personnel in computer/communication industries as well as academic staff and master/research students in computer science and communications networks interested in learning about cyber-security and privacy aspects

Connectivity Management for HetNets based on the Principles of Autonomicity and Context-Awareness

Στο περιβάλλον του Διαδικτύου του Μέλλοντος, η Πέμπτη γενιά (5G) δικτύων έχει ήδη αρχίσει να καθιερώνεται. Τα δίκτυα 5G αξιοποιούν υψηλότερες συχνότητες παρέχοντας μεγαλύτερο εύρος ζώνης, ενώ υποστηρίζουν εξαιρετικά μεγάλη πυκνότητα σε σταθμούς βάσης και κινητές συσκευές, σχηματίζοντας ένα περιβάλλον ετερογενών δικτύων, το οποίο στοχεύει στο να καλυφθούν οι απαιτήσεις της απόδοσης ως προς την μικρότερη δυνατή συνολική χρονοκαθυστέρηση και κατανάλωση ενέργειας. Η αποδοτική διαχείριση της συνδεσιμότητας σε ένα τόσο ετερογενές δικτυακό περιβάλλον αποτελεί ανοιχτό πρόβλημα, με σκοπό να υποστηρίζεται η κινητικότητα των χρηστών σε δίκτυα διαφορετικών τεχνολογιών και βαθμίδων, αντιμετωπίζοντας θέματα πολυπλοκότητας και διαλειτουργικότητας, υποστηρίζοντας τις απαιτήσεις των τρεχουσών εφαρμογών και των προτιμήσεων των χρηστών και διαχειρίζοντας ταυτόχρονα πολλαπλές δικτυακές διεπαφές. Η συλλογή, η μοντελοποίηση, η διεξαγωγή συμπερασμάτων και η κατανομή πληροφορίας περιεχομένου σε σχέση με δεδομένα αισθητήρων θα παίξουν κρίσιμο ρόλο σε αυτήν την πρόκληση. Με βάση τα παραπάνω, κρίνεται σκόπιμη η αξιοποίηση των αρχών της επίγνωσης περιεχομένου και της αυτονομικότητας, καθώς επιτρέπουν στις δικτυακές οντότητες να είναι ενήμερες του εαυτού τους και του περιβάλλοντός τους, καθώς και να αυτοδιαχειρίζονται τις λειτουργίες τους ώστε να πετυχαίνουν συγκεκριμένους στόχους. Επιπλέον, χρειάζεται ακριβής ποσοτική αξιολόγηση της απόδοσης λύσεων διαχείρισης της συνδεσιμότητας για ετερογενή δίκτυα, οι οποίες παρουσιάζουν διαφορετικές στρατηγικές επίγνωσης περιβάλλοντος, απαιτώντας μια μεθοδολογία που να είναι περιεκτική και γενικά εφαρμόσιμη ώστε να καλύπτει διαφορετικές προσεγγίσεις, καθώς οι υπάρχουσες μεθοδολογίες στην βιβλιογραφία είναι σχετικά περιορισμένες. Tο σύνολο της μελέτης επικεντρώνεται σε δύο θεματικούς άξονες. Στο πρώτο θεματικό μέρος της διατριβής, αναλύεται ο ρόλος της επίγνωσης περιβάλλοντος και της αυτονομικότητας, σε σχέση με την διαχείριση της συνδεσιμότητας, αναπτύσσοντας ένα πλαίσιο ταξινόμησης και κατηγοριοποίησης, επεκτείνοντας την τρέχουσα βιβλιογραφία. Με βάση το προαναφερθέν πλαίσιο, ταξινομήθηκαν και αξιολογήθηκαν λύσεις για την υποστήριξη της κινητικότητας σε ετερογενή δίκτυα, οι οποίες δύνανται να θεωρηθούν ότι παρουσιάζουν επίγνωση περιβάλλοντος και αυτο-διαχειριστικά χαρακτηριστικά. Επιπλέον, μελετήθηκε κατά πόσον οι αποφάσεις που λαμβάνονται ως προς την επιλογή του κατάλληλου δικτύου, σύμφωνα με την κάθε λύση, είναι αποτελεσματικές και προτάθηκαν τρόποι βελτιστοποίησης των υπαρχουσών αρχιτεκτονικών, καθώς και προτάσεων προς περαιτέρω ανάπτυξη σχετικών μελλοντικών λύσεων. Στο δεύτερο θεματικό μέρος της διατριβής, αναπτύχθηκε μια ευέλικτη αναλυτική μεθοδολογία, περιλαμβάνοντας όλους τους παράγοντες που μπορούν να συνεισφέρουν στην συνολική χρονοκαθυστέρηση, λαμβάνοντας υπόψιν την σηματοδοσία, την επεξεργαστική επιβάρυνση και την συμφόρηση (μελέτη ουράς), επεκτείνοντας την τρέχουσα βιβλιογραφία. Η μεθοδολογία είναι περιεκτική, ενώ ταυτόχρονα προσφέρει κλειστού τύπου λύσεις και έχει την δυνατότητα να προσαρμόζεται σε διαφορετικές προσεγγίσεις. Προς απόδειξη αυτού, εφαρμόσαμε την μεθοδολογία σε δύο λύσεις με διαφορετική στρατηγική επίγνωσης περιβάλλοντος (μια μεταδραστική και μια προδραστική). Και για τις δύο προσεγγίσεις, τα αναλυτικά αποτελέσματα επιβεβαιώθηκαν από προσομοιώσεις, επιβεβαιώνοντας την αποτελεσματικότητα και την ακρίβεια της αναλυτικής μεθοδολογίας. Επιπλέον, αποδείχθηκε ότι η προδραστική προσέγγιση εμφανίζει καλύτερη απόδοση ως προς την συνολική χρονοκαθυστέρηση, ενώ χρειάζεται σημαντικά λιγότερους επεξεργαστικούς πόρους, παρουσιάζοντας πιθανά οφέλη και στην συνολική ενεργειακή κατανάλωση και στα λειτουργικά και κεφαλαιουχικά κόστη (OPEX και CAPEX)

Service Level Agreements for Communication Networks: A Survey

Abstract. Information and Communication Technology (ICT) is being provided to the variety of endusers demands, thereby providing a better and improved management of services is crucial. Therefore, Service Level Agreements (SLAs) are essential and play a key role to manage the provided services among the network entities. This survey identifies the state of the art covering concepts, approaches and open problems of the SLAs establishment, deployment and management. This paper is organised in a way that the reader can access a variety of proposed SLA methods and models addressed and provides an overview of the SLA actors and elements. It also describes SLAs’ characteristics and objectives. SLAs’ existing methodologies are explained and categorised followed by the Service Quality Categories (SQD) and Quality-Based Service Descriptions (QSD). SLA modelling and architectures are discussed, and open research problems and future research directions are introduced. The establishment of a reliable, safe and QoE-aware computer networking needs a group of services that goes beyond pure networking services. Therefore, within the paper this broader set of services are taken into consideration and for each Service Level Objective (SLO) the related services domains will be indicated. The purpose of this survey is to identify existing research gaps in utilising SLA elements to develop a generic methodology, considering all quality parameters beyond the Quality of Service (QoS) and what must or can be taken into account to define, establish and deploy an SLA. This study is still an active research on how to specify and develop an SLA to achieve the win-win agreements among all actors.Peer ReviewedPostprint (published version

A Cognitive Routing framework for Self-Organised Knowledge Defined Networks

This study investigates the applicability of machine learning methods to the routing protocols for achieving rapid convergence in self-organized knowledge-defined networks. The research explores the constituents of the Self-Organized Networking (SON) paradigm for 5G and beyond, aiming to design a routing protocol that complies with the SON requirements. Further, it also exploits a contemporary discipline called Knowledge-Defined Networking (KDN) to extend the routing capability by calculating the “Most Reliable” path than the shortest one. The research identifies the potential key areas and possible techniques to meet the objectives by surveying the state-of-the-art of the relevant fields, such as QoS aware routing, Hybrid SDN architectures, intelligent routing models, and service migration techniques. The design phase focuses primarily on the mathematical modelling of the routing problem and approaches the solution by optimizing at the structural level. The work contributes Stochastic Temporal Edge Normalization (STEN) technique which fuses link and node utilization for cost calculation; MRoute, a hybrid routing algorithm for SDN that leverages STEN to provide constant-time convergence; Most Reliable Route First (MRRF) that uses a Recurrent Neural Network (RNN) to approximate route-reliability as the metric of MRRF. Additionally, the research outcomes include a cross-platform SDN Integration framework (SDN-SIM) and a secure migration technique for containerized services in a Multi-access Edge Computing environment using Distributed Ledger Technology. The research work now eyes the development of 6G standards and its compliance with Industry-5.0 for enhancing the abilities of the present outcomes in the light of Deep Reinforcement Learning and Quantum Computing

An adaptive 5G multiservice and multitenant radio access network architecture

This article provides an overview on objectives and first results of the Horizon 2020 project 5G NOvel Radio Multiservice adaptive network Architecture (5GNORMA). With 5G NORMA, leading players in the mobile ecosystem aim to underpin Europe's leadership position in 5G. The key objective of 5G NORMA is to develop a conceptually novel, adaptive and future-proof 5G mobile network architecture. This architecture will allow for adapting the network to a wide range of service specific requirements, resulting in novel service-aware and context-aware end-to-end function chaining. The technical approach is based on an innovative concept of adaptive (de)composition and allocation of mobile network functions based on end-user requirements and infrastructure capabilities. At the same time, cost savings and faster time to market are to be expected by joint deployment of logically separated multiservice and multitenant networks on common hardware and other physical resources making use of traffic multiplexing gains. In this context architectural enablers such as network function virtualization and software-defined mobile networking will play a key role for introducing the needed flexible resource assignment to logical networks and specific virtual network functions.This work has been performed in the framework of the H2020-ICT-2014-2 project 5G NORMA

Challenges in Cybersecurity and Privacy - the European Research Landscape

Cybersecurity and Privacy issues are becoming an important barrier for a trusted and dependable global digital society development. Cyber-criminals are continuously shifting their cyber-attacks specially against cyber-physical systems and IoT, since they present additional vulnerabilities due to their constrained capabilities, their unattended nature and the usage of potential untrustworthiness components. Likewise, identity-theft, fraud, personal data leakages, and other related cyber-crimes are continuously evolving, causing important damages and privacy problems for European citizens in both virtual and physical scenarios. In this context, new holistic approaches, methodologies, techniques and tools are needed to cope with those issues, and mitigate cyberattacks, by employing novel cyber-situational awareness frameworks, risk analysis and modeling, threat intelligent systems, cyber-threat information sharing methods, advanced big-data analysis techniques as well as exploiting the benefits from latest technologies such as SDN/NFV and Cloud systems. In addition, novel privacy-preserving techniques, and crypto-privacy mechanisms, identity and eID management systems, trust services, and recommendations are needed to protect citizens’ privacy while keeping usability levels. The European Commission is addressing the challenge through different means, including the Horizon 2020 Research and Innovation program, thereby financing innovative projects that can cope with the increasing cyberthreat landscape. This book introduces several cybersecurity and privacy research challenges and how they are being addressed in the scope of 15 European research projects. Each chapter is dedicated to a different funded European Research project, which aims to cope with digital security and privacy aspects, risks, threats and cybersecurity issues from a different perspective. Each chapter includes the project’s overviews and objectives, the particular challenges they are covering, research achievements on security and privacy, as well as the techniques, outcomes, and evaluations accomplished in the scope of the EU project. The book is the result of a collaborative effort among relative ongoing European Research projects in the field of privacy and security as well as related cybersecurity fields, and it is intended to explain how these projects meet the main cybersecurity and privacy challenges faced in Europe. Namely, the EU projects analyzed in the book are: ANASTACIA, SAINT, YAKSHA, FORTIKA, CYBECO, SISSDEN, CIPSEC, CS-AWARE. RED-Alert, Truessec.eu. ARIES, LIGHTest, CREDENTIAL, FutureTrust, LEPS. Challenges in Cybersecurity and Privacy - the European Research Landscape is ideal for personnel in computer/communication industries as well as academic staff and master/research students in computer science and communications networks interested in learning about cyber-security and privacy aspects