Are Darknets All The Same? On Darknet Visibility for Security Monitoring

Darknets are sets of IP addresses that are advertised but do not host any client or server. By passively recording the incoming packets, they assist network monitoring activities. Since packets they receive are unsolicited by definition, darknets help to spot misconfigurations as well as important security events, such as the appearance and spread of botnets, DDoS attacks using spoofed IP address, etc. A number of organizations worldwide deploys darknets, ranging from a few dozens of IP addresses to large/8 networks. We here investigate how similar is the visibility of different darknets. By relying on traffic from three darknets deployed in different contintents, we evaluate their exposure in terms of observed events given their allocated IP addresses. The latter is particularly relevant considering the shortage of IPv4 addresses on the Internet. Our results suggest that some well-known facts about darknet visibility seem invariant across deployments, such as the most commonly contacted ports. However, size and location matter. We find significant differences in the observed traffic from darknets deployed in different IP ranges as well as according to the size of the IP range allocated for the monitoring

A Comprehensive Survey of In-Band Control in SDN: Challenges and Opportunities

Software-Defined Networking (SDN) is a thriving networking architecture that has gained popularity in recent years, particularly as an enabling technology to foster paradigms like edge computing. SDN separates the control and data planes, which are later on synchronised via a control protocol such as OpenFlow. In-band control is a type of SDN control plane deployment in which the control and data planes share the same physical network. It poses several challenges, such as security vulnerabilities, network congestion, or data loss. Nevertheless, despite these challenges, in-band control also presents significant opportunities, including improved network flexibility and programmability, reduced costs, and increased reliability. Benefiting from the previous advantages, diverse in-band control designs exist in the literature, with the objective of improving the operation of SDN networks. This paper surveys the different approaches that have been proposed so far towards the advance in in-band SDN control, based on four main categories: automatic routing, fast failure recovery, network bootstrapping, and distributed control. Across these categories, detailed summary tables and comparisons are presented, followed by a discussion on current trends a challenges in the field. Our conclusion is that the use of in-band control in SDN networks is expected to drive innovation and growth in the networking industry, but efforts for holistic and full-fledged proposals are still needed

NDN content store and caching policies: performance evaluation

Among various factors contributing to performance of named data networking (NDN), the organization of caching is a key factor and has benefited from intense studies by the networking research community. The performed studies aimed at (1) finding the best strategy to adopt for content caching; (2) specifying the best location, and number of content stores (CS) in the network; and (3) defining the best cache replacement policy. Accessing and comparing the performance of the proposed solutions is as essential as the development of the proposals themselves. The present work aims at evaluating and comparing the behavior of four caching policies (i.e., random, least recently used (LRU), least frequently used (LFU), and first in first out (FIFO)) applied to NDN. Several network scenarios are used for simulation (2 topologies, varying the percentage of nodes of the content stores (5–100), 1 and 10 producers, 32 and 41 consumers). Five metrics are considered for the performance evaluation: cache hit ratio (CHR), network traffic, retrieval delay, interest re-transmissions, and the number of upstream hops. The content request follows the Zipf–Mandelbrot distribution (with skewness factor α=1.1 and α=0.75). LFU presents better performance in all considered metrics, except on the NDN testbed, with 41 consumers, 1 producer and a content request rate of 100 packets/s. For the level of content store from 50% to 100%, LRU presents a notably higher performance. Although the network behavior is similar for both skewness factors, when α=0.75, the CHR is significantly reduced, as expected.This work has been supported by FCT – Fundação para a Ciência e Tecnologia within the R&D Units Project Scope: UIDB/00319/2020

Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey

Internet usage has changed from its first design. Hence, the current Internet must cope with some limitations, including performance degradation, availability of IP addresses, and multiple security and privacy issues. Nevertheless, to unsettle the current Internet's network layer i.e., Internet Protocol with ICN is a challenging, expensive task. It also requires worldwide coordination among Internet Service Providers , backbone, and Autonomous Services. Additionally, history showed that technology changes e.g., from 3G to 4G, from IPv4 to IPv6 are not immediate, and usually, the replacement includes a long coexistence period between the old and new technology. Similarly, we believe that the process of replacement of the current Internet will surely transition through the coexistence of IP and ICN. Although the tremendous amount of security and privacy issues of the current Internet taught us the importance of securely designing the architectures, only a few of the proposed architectures place the security-by-design. Therefore, this article aims to provide the first comprehensive Security and Privacy analysis of the state-of-the-art coexistence architectures. Additionally, it yields a horizontal comparison of security and privacy among three deployment approaches of IP and ICN protocol i.e., overlay, underlay, and hybrid and a vertical comparison among ten considered security and privacy features. As a result of our analysis, emerges that most of the architectures utterly fail to provide several SP features including data and traffic flow confidentiality, availability and communication anonymity. We believe this article draws a picture of the secure combination of current and future protocol stacks during the coexistence phase that the Internet will definitely walk across

The Four-C Framework for High Capacity Ultra-Low Latency in 5G Networks: A Review

Network latency will be a critical performance metric for the Fifth Generation (5G) networks expected to be fully rolled out in 2020 through the IMT-2020 project. The multi-user multiple-input multiple-output (MU-MIMO) technology is a key enabler for the 5G massive connectivity criterion, especially from the massive densification perspective. Naturally, it appears that 5G MU-MIMO will face a daunting task to achieve an end-to-end 1 ms ultra-low latency budget if traditional network set-ups criteria are strictly adhered to. Moreover, 5G latency will have added dimensions of scalability and flexibility compared to prior existing deployed technologies. The scalability dimension caters for meeting rapid demand as new applications evolve. While flexibility complements the scalability dimension by investigating novel non-stacked protocol architecture. The goal of this review paper is to deploy ultra-low latency reduction framework for 5G communications considering flexibility and scalability. The Four (4) C framework consisting of cost, complexity, cross-layer and computing is hereby analyzed and discussed. The Four (4) C framework discusses several emerging new technologies of software defined network (SDN), network function virtualization (NFV) and fog networking. This review paper will contribute significantly towards the future implementation of flexible and high capacity ultra-low latency 5G communications

情報指向ネットワークにおけるトラヒック制御方式に関する研究

関西大

Prioritization-based adaptive emergency traffic medium access control protocol for wireless body area networks

Wireless Body Area Networks (WBANs) provide continuous monitoring of a patient by using heterogeneous Bio-Medical Sensor Nodes (BMSNs). WBANs pose unique constraints due to contention-based prioritized channel access, sporadic emergency traffic handling and emergency-based traffic adaptivity. In the existing medium access control protocols, the available contention-based prioritized channel access is incomplete due to the repetitions in backoff period ranges. The emergency traffic is considered based on traffic generation rate as well as sporadic emergency traffic that is not handled at multiple BMSNs during contention. In an emergency situation, non-emergency traffic is ignored, traffic is not adjusted dynamically with balanced throughput and energy consumption, and the energy of non-emergency traffic BMSNs is not preserved. In this research, prioritization-based adaptive emergency traffic Medium Access Control (MAC) protocol was designed to consider contention-based prioritized channel access for heterogenous BMSNs along with sporadic emergency traffic handling and dynamic adjustment of traffic in sporadic emergency situation. Firstly, a Traffic Class Prioritization based slotted-CSMA/CA (TCP-CSMA/CA) scheme was developed to provide contention-based prioritized channel access by removing repetitions in backoff period ranges. Secondly, an emergency Traffic Class Provisioning based slotted-CSMA/CA (ETCP-CSMA/CA) scheme was presented to deliver the sporadic emergency traffic instantaneously that occurs either at a single BMSN or multiple BMSNs, with minimum delay and packet loss without ignoring non-emergency traffic. Finally, an emergency-based Traffic Adaptive slotted-CSMA/CA (ETA-CSMA/CA) scheme provided dynamic adjustment of traffic to accommodate the variations in heterogeneous traffic rates along with energy preservation of non-emergency traffic BMSNs, creating a balance between throughput and energy in the sporadic emergency situation. Performance comparison was conducted by simulation using NS-2 and the results revealed that the proposed schemes were better than ATLAS, PLA-MAC, eMC-MAC and PG-MAC protocols. The least improved performances were in terms of packet delivery delay 10%, throughput 14%, packet delivery ratio 21%, packet loss ratio 28% and energy consumption 37%. In conclusion, the prioritization-based adaptive emergency traffic MAC protocol outperformed the existing protocols

A Study on Efficient Service Function Chain Placement in Network Function Virtualization Environment

電気通信大学202