Genetic Algorithm-based Mapper to Support Multiple Concurrent Users on Wireless Testbeds

Communication and networking research introduces new protocols and standards with an increasing number of researchers relying on real experiments rather than simulations to evaluate the performance of their new protocols. A number of testbeds are currently available for this purpose and a growing number of users are requesting access to those testbeds. This motivates the need for better utilization of the testbeds by allowing concurrent experimentations. In this work, we introduce a novel mapping algorithm that aims to maximize wireless testbed utilization using frequency slicing of the spectrum resources. The mapper employs genetic algorithm to find the best combination of requests that can be served concurrently, after getting all possible mappings of each request via an induced sub-graph isomorphism stage. The proposed mapper is tested on grid testbeds and randomly generated topologies. The solution of our mapper is compared to the optimal one, obtained through a brute-force search, and was able to serve the same number of requests in 82.96% of testing scenarios. Furthermore, we show the effect of the careful design of testbed topology on enhancing the testbed utilization by applying our mapper on a carefully positioned 8-nodes testbed. In addition, our proposed approach for testbed slicing and requests mapping has shown an improved performance in terms of total served requests, about five folds, compared to the simple allocation policy with no slicing.Comment: IEEE Wireless Communications and Networking Conference (WCNC) 201

Applying Formal Methods to Networking: Theory, Techniques and Applications

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet which began as a research experiment was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, especially for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification, and an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design---especially, the software defined networking (SDN) paradigm---offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial

How should I slice my network? A multi-service empirical evaluation of resource sharing efficiency

Proceeding of: MobiCom '18: The 24th Annual International Conference on Mobile Computing and Networking, New Delhi, India, October 29 - November 2, 2018By providing especially tailored instances of a virtual network,network slicing allows for a strong specialization of the offered services on the same shared infrastructure. Network slicing has profound implications on resource management, as it entails an inherent trade-off between: (i) the need for fully dedicated resources to support service customization, and (ii) the dynamic resource sharing among services to increase resource efficiency and cost-effectiveness of the system. In this paper, we provide a first investigation of this trade-off via an empirical study of resource management efficiency in network slicing. Building on substantial measurement data collected in an operational mobile network (i) we quantify the efficiency gap introduced by non-reconfigurable allocation strategies of different kinds of resources, from radio access to the core of the network, and (ii) we quantify the advantages of their dynamic orchestration at different timescales. Our results provide insights on the achievable efficiency of network slicing architectures, their dimensioning, and their interplay with resource management algorithms.We would like to thank the shepherd and reviewers for their valuable comments and feedback. The work of University Carlos III of Madrid was supported by the H2020 5G-MoNArch project (grant agreement no. 761445), and the work of NEC Europe Ltd. was supported by the H2020 5GTransformer project (grant agreement no. 761536)

Optimal and probabilistic resource and capability analysis for network slice as a service

Network Slice as a Service is one of the key concepts of the fifth generation of mobile networks (5G). 5G supports new use cases, like the Internet of Things (IoT), massive Machine Type Communication (mMTC) and Ultra-Reliable and Low Latency Communication (URLLC) as well as significant improvements of the conventional Mobile Broadband (MBB) use case. In addition, safety and security critical use cases move into focus. These use cases involve diverging requirements, e.g. network reliability, latency and throughput. Network virtualization and end-to-end mobile network slicing are seen as key enablers to handle those differing requirements and providing mobile network services for the various 5G use cases and between different tenants. Network slices are isolated, virtualized, end-to-end networks optimized for specific use cases. But still they share a common physical network infrastructure. Through logical separation of the network slices on a common end-to-end mobile network infrastructure, an efficient usage of the underlying physical network infrastructure provided by multiple Mobile Service Providers (MSPs) in enabled. Due to the dynamic lifecycle of network slices there is a strong demand for efficient algorithms for the so-called Network Slice Embedding (NSE) problem. Efficient and reliable resource provisioning for Network Slicing as a Service, requires resource allocation based on a mapping of virtual network slice elements on the serving physical mobile network infrastructure. In this thesis, first of all, a formal Network Slice Instance Admission (NSIA) process is presented, based on the 3GPP standardization. This process allows to give fast feedback to a network operator or tenant on the feasibility of embedding incoming Network Slice Instance Requests (NSI-Rs). In addition, corresponding services for NSIA and feasibility checking services are defined in the context of the ETSI ZSM Reference Architecture Framework. In the main part of this work, a mathematical model for solving the NSE Problem formalized as a standardized Linear Program (LP) is presented. The presented solution provides a nearly optimal embedding. This includes the optimal subset of Network Slice Instances (NSIs) to be selected for embedding, in terms of network slice revenue and costs, and the optimal allocation of associated network slice applications, functions, services and communication links on the 5G end-to-end mobile network infrastructure. It can be used to solve the online as well as the offline NSIA problem automatically in different variants. In particular, low latency network slices require deployment of their services and applications, including Network Functions (NFs) close to the user, i.e., at the edge of the mobile network. Since the users of those services might be widely distributed and mobile, multiple instances of the same application are required to be available on numerous distributed edge clouds. A holistic approach for tackling the problem of NSE with edge computing is provided by our so-called Multiple Application Instantiation (MAI) variant of the NSE LP solution. It is capable of determining the optimal number of application instances and their optimal deployment locations on the edge clouds, even for multiple User Equipment (UE) connectivity scenarios. In addition to that multi-path, also referred to as path-splitting, scenarios with a latency sensitive objective function, which guarantees the optimal network utilization as well as minimum latency in the network slice communication, is included. Resource uncertainty, as well as reuse and overbooking of resources guaranteed by Service Level Agreements (SLAs) are discussed in this work. There is a consensus that over-provisioning of mobile communication bands is economically infeasible and certain risk of network overload is accepted for the majority of the 5G use cases. A probabilistic variant of the NSE problem with an uncertainty-aware objective function and a resource availability confidence analysis are presented. The evaluation shows the advantages and the suitability of the different variants of the NSE formalization, as well as its scalability and computational limits in a practical implementation

Resource sharing efficiency in network slicing

The economic sustainability of future mobile networks will largely depend on the strong specialization of its offered services. Network operators will need to provide added value to their tenants, by moving from the traditional one-size-fits-all strategy to a set of virtual end-to-end instances of a common physical infrastructure, named network slices , which are especially tailored to the requirements of each application. Implementing network slicing has significant consequences in terms of resource management: service customization entails assigning to each slice fully dedicated resources, which may also be dynamically reassigned and overbooked in order to increase the cost-efficiency of the system. In this paper, we adopt a data-driven approach to quantify the efficiency of resource sharing in future sliced networks. Building on metropolitan-scale real-world traffic measurements, we carry out an extensive parametric analysis that highlights how diverse performance guarantees, technological settings, and slice configurations impact the resource utilization at different levels of the infrastructure in presence of network slicing. Our results provide insights on the achievable efficiency of network slicing architectures, their dimensioning, and their interplay with resource management algorithms at different locations and reconfiguration timescales.The work of University Carlos III of Madrid was supported by the H2020 5G-MoNArch project (Grant Agreement No. 761445) and the work of NEC Laboratories Europe by the 5GTransformer project (Grant Agreement No. 761536). The work of CNR-IEIIT was partially supported by the ANR CANCAN project (ANR-18-CE25-0011).Publicad

ATTACK2VEC: Leveraging Temporal Word Embeddings to Understand the Evolution of Cyberattacks

Despite the fact that cyberattacks are constantly growing in complexity, the research community still lacks effective tools to easily monitor and understand them. In particular, there is a need for techniques that are able to not only track how prominently certain malicious actions, such as the exploitation of specific vulnerabilities, are exploited in the wild, but also (and more importantly) how these malicious actions factor in as attack steps in more complex cyberattacks. In this paper we present ATTACK2VEC, a system that uses temporal word embeddings to model how attack steps are exploited in the wild, and track how they evolve. We test ATTACK2VEC on a dataset of billions of security events collected from the customers of a commercial Intrusion Prevention System over a period of two years, and show that our approach is effective in monitoring the emergence of new attack strategies in the wild and in flagging which attack steps are often used together by attackers (e.g., vulnerabilities that are frequently exploited together). ATTACK2VEC provides a useful tool for researchers and practitioners to better understand cyberattacks and their evolution, and use this knowledge to improve situational awareness and develop proactive defenses