6,692 research outputs found
LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes
While there are various methods to detect application layer attacks or
intrusion attempts on an individual end host, it is not efficient to provide
all end hosts in the network with heavy-duty defense systems or software
firewalls. In this work, we leverage a new concept of programmable data planes,
to directly react on alerts raised by a victim and prevent further attacks on
the whole network by blocking the attack at the network edge. We call our
design LAMP, Layer 7 Attack Mitigation with Programmable data planes. We
implemented LAMP using the P4 data plane programming language and evaluated its
effectiveness and efficiency in the Behavioral Model (bmv2) environment
Atomic-SDN: Is Synchronous Flooding the Solution to Software-Defined Networking in IoT?
The adoption of Software Defined Networking (SDN) within traditional networks
has provided operators the ability to manage diverse resources and easily
reconfigure networks as requirements change. Recent research has extended this
concept to IEEE 802.15.4 low-power wireless networks, which form a key
component of the Internet of Things (IoT). However, the multiple traffic
patterns necessary for SDN control makes it difficult to apply this approach to
these highly challenging environments. This paper presents Atomic-SDN, a highly
reliable and low-latency solution for SDN in low-power wireless. Atomic-SDN
introduces a novel Synchronous Flooding (SF) architecture capable of
dynamically configuring SF protocols to satisfy complex SDN control
requirements, and draws from the authors' previous experiences in the IEEE EWSN
Dependability Competition: where SF solutions have consistently outperformed
other entries. Using this approach, Atomic-SDN presents considerable
performance gains over other SDN implementations for low-power IoT networks. We
evaluate Atomic-SDN through simulation and experimentation, and show how
utilizing SF techniques provides latency and reliability guarantees to SDN
control operations as the local mesh scales. We compare Atomic-SDN against
other SDN implementations based on the IEEE 802.15.4 network stack, and
establish that Atomic-SDN improves SDN control by orders-of-magnitude across
latency, reliability, and energy-efficiency metrics
Coordinating heterogeneous IoT devices by means of the centralized vision of the SDN controller
The IoT (Internet of Things) has become a reality during recent years. The desire of having everything connected to the Internet results in clearly identified benefits that will impact on socio economic development. However, the exponential growth in the number of IoT devices and their heterogeneity open new challenges that must be carefully studied. Coordination among devices to adapt them to their users' context usually requires high volumes of data to be exchanged with the cloud. In order to reduce unnecessary communications and network overhead, this paper proposes a novel network architecture based on the Software-Defined Networking paradigm that allows IoT devices coordinate and adapt them within the scope of a particular context.Universidad de Málaga. Campus de Excelencia Internacional AndalucĂa Tech
Mobile Edge Computing Empowers Internet of Things
In this paper, we propose a Mobile Edge Internet of Things (MEIoT)
architecture by leveraging the fiber-wireless access technology, the cloudlet
concept, and the software defined networking framework. The MEIoT architecture
brings computing and storage resources close to Internet of Things (IoT)
devices in order to speed up IoT data sharing and analytics. Specifically, the
IoT devices (belonging to the same user) are associated to a specific proxy
Virtual Machine (VM) in the nearby cloudlet. The proxy VM stores and analyzes
the IoT data (generated by its IoT devices) in real-time. Moreover, we
introduce the semantic and social IoT technology in the context of MEIoT to
solve the interoperability and inefficient access control problem in the IoT
system. In addition, we propose two dynamic proxy VM migration methods to
minimize the end-to-end delay between proxy VMs and their IoT devices and to
minimize the total on-grid energy consumption of the cloudlets, respectively.
Performance of the proposed methods are validated via extensive simulations
Isolating SDN Control Traffic with Layer-2 Slicing in 6TiSCH Industrial IoT Networks
Recent standardization efforts in IEEE 802.15.4-2015 Time Scheduled Channel
Hopping (TSCH) and the IETF 6TiSCH Working Group (WG), aim to provide
deterministic communications and efficient allocation of resources across
constrained Internet of Things (IoT) networks, particularly in Industrial IoT
(IIoT) scenarios. Within 6TiSCH, Software Defined Networking (SDN) has been
identified as means of providing centralized control in a number of key
situations. However, implementing a centralized SDN architecture in a Low Power
and Lossy Network (LLN) faces considerable challenges: not only is controller
traffic subject to jitter due to unreliable links and network contention, but
the overhead generated by SDN can severely affect the performance of other
traffic. This paper proposes using 6TiSCH tracks, a Layer-2 slicing mechanism
for creating dedicated forwarding paths across TSCH networks, in order to
isolate the SDN control overhead. Not only does this prevent control traffic
from affecting the performance of other data flows, but the properties of
6TiSCH tracks allows deterministic, low-latency SDN controller communication.
Using our own lightweight SDN implementation for Contiki OS, we firstly
demonstrate the effect of SDN control traffic on application data flows across
a 6TiSCH network. We then show that by slicing the network through the
allocation of dedicated resources along a SDN control path, tracks provide an
effective means of mitigating the cost of SDN control overhead in IEEE
802.15.4-2015 TSCH networks
- …