CentFlow: Centrality-Based Flow Balancing and Traffic Distribution for Higher Network Utilization

Next-generation networks (NGNs) are embracing two key principles of software defined networking (SDN) paradigm functional segregation of control and forwarding plane, and logical centralization of the control plane. A centralized control enhances the network management significantly by regulating the traffic distribution dynamically and effectively. An eagle-eye view of the entire topology opens up the opportunity for an SDN controller to refine the routing. Optimizing the network utilization in terms of throughput is majorly dependent on the routing decisions. Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS) are well-known traditional link state routing protocols proven with operation over operator networks for a long time. However, these classical protocols deployed distributively fall short of expectation in addressing the current routing issues due to the lack of a holistic view of the network topology and situation, whereas handling enormous traffic and user quality of experience (QoE) requirements are getting critical. IP routing in NGN is widely expected to be supported by SDN to enhance the network utilization in terms of throughput. We propose a novel routing algorithm-CentFlow, for an SDN domain to boost up the network utilization. The proposed weight functions in CentFlow achieve smart traffic distribution by detecting highly utilized nodes depending on the centrality measures and the temporal node degree that changes based on node utilization. Furthermore, the frequently selected edges are penalized thereby augmenting the flow balancing and dispersion. CentFlow reaps greater benefits on an SDN controller than the classical OSPF due to its comprehensive view of the network. Experimental results show that CentFlow enhances the utilization of up to 62% of nodes and 49% of links, respectively, compared to an existing Dijkstra algorithm-based routing scheme in SDN. Furthermore, nearly 6.5% more flows are processed networ- wide

Efficient performance monitoring for ubiquitous virtual networks based on matrix completion

Inspired by the concept of software-defined network and network function virtualization, vast virtual networks are generated to isolate and share wireless resources for different network operators. To achieve fine-grained resource control and scheduling among virtual networks (VNs), network performance monitoring is essential. However, due to limitation of hardware, real-time performance monitoring is impossible for a complete virtual network. In this paper, taking advantage of the low-rank characteristic of 90 virtual access points (VAPs) measurement data, we propose an intelligent measurement scheme, namely, adaptive and sequential sampling based on matrix completion (MC), which exploits from the MC to construct the complete data of VN performance from a partial direct monitoring data. First, to construct the initial measurement matrix, we propose a sampling correction model based on dispersion and coverage. Second, a stopping condition for the sequential sampling is introduced, based on the stopping condition, the sampling process for a period can stop without waiting for the matrix reconstruction to reach certain of accuracy level. Finally, the sampled VAPs are determined by referring the back-forth completed matrixes\u27 normalized mean absolute error. The experiments show that our approach can achieve a constant network perception and maintain a relatively low error rate with a small sampling rate

Security Threats in Software Defined Mobile Clouds (SDMC)

Future Internet comprises of emerging ICT mega-trends (e.g., mobile, social, cloud, and big data) commands new challenges like ubiquitous accessibility, high bandwidth, and dynamic management to meet the data tsunami requirements. In the recent years, the rapid growth of smartphone business is highly evidenced due to its versatile usage irrespective of location, personality or context. Despite of increased smartphone usage, exploiting its full potential becomes very difficult owing to its typical issues such as resource scarcity, mobility and more prominently the security. Software Defined Networking (SDN), an emerging wireless network paradigm can make use of rich mobile cloud functionalities such as traffic management, load balancing, routing, and firewall configuration over physical abstraction of control planes from data planes. Hence SDN leads to a clear roadmap to Software Security control in Mobile Clouds (SDMC). Further it can be extended to a level of Security prevention. To address in this direction, this paper surveys the relevant backgrounds of the existing state-of-art works to come up with all possible SDMC threats and its countermeasures

Flow monitoring in software-defined networks: finding the accuracy/performance tradeoffs

In OpenFlow-based Software-Defined Networks, obtaining flow-level measurements, similar to those provided by NetFlow/IPFIX, is challenging as it requires to install an entry per flow in the flow tables. This approach does not scale well as the number of entries in the flow tables is limited and small. Moreover, labeling the flows with the application that generates the traffic would greatly enrich these reports, as it would provide very valuable information for network performance and security among others. In this paper, we present a scalable flow monitoring solution fully compatible with current off-the-shelf OpenFlow switches. Measurements are maintained in the switches and are asynchronously sent to a SDN controller. Additionally, flows are classified using a combination of DPI and Machine Learning (ML) techniques with special focus on the identification of web and encrypted traffic. For the sake of scalability, we designed two different traffic sampling methods depending on the OpenFlow features available in the switches. We implemented our monitoring solution within OpenDaylight and evaluated it in a testbed with Open vSwitch, using also a number of DPI and ML tools to find the best tradeoff between accuracy and performance. Our experimental results using real-world traffic show that the measurement and classification systems are accurate and the cost to deploy them is significantly reduced.Peer ReviewedPostprint (author's final draft

Adaptive Robust Traffic Engineering in Software Defined Networks

One of the key advantages of Software-Defined Networks (SDN) is the opportunity to integrate traffic engineering modules able to optimize network configuration according to traffic. Ideally, network should be dynamically reconfigured as traffic evolves, so as to achieve remarkable gains in the efficient use of resources with respect to traditional static approaches. Unfortunately, reconfigurations cannot be too frequent due to a number of reasons related to route stability, forwarding rules instantiation, individual flows dynamics, traffic monitoring overhead, etc. In this paper, we focus on the fundamental problem of deciding whether, when and how to reconfigure the network during traffic evolution. We propose a new approach to cluster relevant points in the multi-dimensional traffic space taking into account similarities in optimal routing and not only in traffic values. Moreover, to provide more flexibility to the online decisions on when applying a reconfiguration, we allow some overlap between clusters that can guarantee a good-quality routing regardless of the transition instant. We compare our algorithm with state-of-the-art approaches in realistic network scenarios. Results show that our method significantly reduces the number of reconfigurations with a negligible deviation of the network performance with respect to the continuous update of the network configuration.Comment: 10 pages, 8 figures, submitted to IFIP Networking 201

Dynamic core VNT adaptability based on predictive metro-flow traffic models

© 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.MPLS-over-optical virtual network topologies (VNTs) can be adapted to near-future traffic matrices based on predictive models that are estimated by applying data analytics on monitored origin-destination (OD) traffic. However, the deployment of independent SDN controllers for core and metro segments can bring large inefficiencies to this core network reconfiguration based on traffic prediction when traffic flows from metro areas are rerouted to different ingress nodes in the core. In such cases, OD traffic patterns in the core might severely change, thus affecting the quality of the predictive OD models. New traffic model re-estimation usually takes a long time, during which no predictive capabilities are available for the network operator. To alleviate this problem, we propose to extend data analytics to metro networks to obtain predictive models for the metro flows; by knowing how these flows are aggregated into OD pairs in the core, we can also aggregate their predictive models, thus accurately predicting OD traffic and therefore enabling core VNT reconfiguration. To obtain quality metro-flow models, we propose an estimation algorithmthat processes monitored data and returns a predictive model. In addition, a flow controller is proposed for the control architecture to allow metro and core controllers to exchange metro-flow model information. The proposed model aggregation is evaluated through exhaustive simulation, and eventually experimentally assessed together with the flow controller in a testbed connecting premises in CNIT (Pisa, Italy) and UPC (Barcelona, Spain).Peer ReviewedPostprint (author's final draft

Enabling knowledge-defined networks : deep reinforcement learning, graph neural networks and network analytics

Significant breakthroughs in the last decade in the Machine Learning (ML) field have ushered in a new era of Artificial Intelligence (AI). Particularly, recent advances in Deep Learning (DL) have enabled to develop a new breed of modeling and optimization tools with a plethora of applications in different fields like natural language processing, or computer vision. In this context, the Knowledge-Defined Networking (KDN) paradigm highlights the lack of adoption of AI techniques in computer networks and – as a result – proposes a novel architecture that relies on Software-Defined Networking (SDN) and modern network analytics techniques to facilitate the deployment of ML-based solutions for efficient network operation. This dissertation aims to be a step forward in the realization of Knowledge-Defined Networks. In particular, we focus on the application of AI techniques to control and optimize networks more efficiently and automatically. To this end, we identify two components within the KDN context whose development may be crucial to achieve self-operating networks in the future: (i) the automatic control module, and (ii) the network analytics platform. The first part of this thesis is devoted to the construction of efficient automatic control modules. First, we explore the application of Deep Reinforcement Learning (DRL) algorithms to optimize the routing configuration in networks. DRL has recently demonstrated an outstanding capability to solve efficiently decision-making problems in other fields. However, first DRL-based attempts to optimize routing in networks have failed to achieve good results, often under-performing traditional heuristics. In contrast to previous DRL-based solutions, we propose a more elaborate network representation that facilitates DRL agents to learn efficient routing strategies. Our evaluation results show that DRL agents using the proposed representation achieve better performance and learn faster how to route traffic in an Optical Transport Network (OTN) use case. Second, we lay the foundations on the use of Graph Neural Networks (GNN) to build ML-based network optimization tools. GNNs are a newly proposed family of DL models specifically tailored to operate and generalize over graphs of variable size and structure. In this thesis, we posit that GNNs are well suited to model the relationships between different network elements inherently represented as graphs (e.g., topology, routing). Particularly, we use a custom GNN architecture to build a routing optimization solution that – unlike previous ML-based proposals – is able to generalize well to topologies, routing configurations, and traffic never seen during the training phase. The second part of this thesis investigates the design of practical and efficient network analytics solutions in the KDN context. Network analytics tools are crucial to provide the control plane with a rich and timely view of the network state. However this is not a trivial task considering that all this information turns typically into big data in real-world networks. In this context, we analyze the main aspects that should be considered when measuring and classifying traffic in SDN (e.g., scalability, accuracy, cost). As a result, we propose a practical solution that produces flow-level measurement reports similar to those of NetFlow/IPFIX in traditional networks. The proposed system relies only on native features of OpenFlow – currently among the most established standards in SDN – and incorporates mechanisms to maintain efficiently flow-level statistics in commodity switches and report them asynchronously to the control plane. Additionally, a system that combines ML and Deep Packet Inspection (DPI) identifies the applications that generate each traffic flow.La evolución del campo del Aprendizaje Maquina (ML) en la última década ha dado lugar a una nueva era de la Inteligencia Artificial (AI). En concreto, algunos avances en el campo del Aprendizaje Profundo (DL) han permitido desarrollar nuevas herramientas de modelado y optimización con múltiples aplicaciones en campos como el procesado de lenguaje natural, o la visión artificial. En este contexto, el paradigma de Redes Definidas por Conocimiento (KDN) destaca la falta de adopción de técnicas de AI en redes y, como resultado, propone una nueva arquitectura basada en Redes Definidas por Software (SDN) y en técnicas modernas de análisis de red para facilitar el despliegue de soluciones basadas en ML. Esta tesis pretende representar un avance en la realización de redes basadas en KDN. En particular, investiga la aplicación de técnicas de AI para operar las redes de forma más eficiente y automática. Para ello, identificamos dos componentes en el contexto de KDN cuyo desarrollo puede resultar esencial para conseguir redes operadas autónomamente en el futuro: (i) el módulo de control automático y (ii) la plataforma de análisis de red. La primera parte de esta tesis aborda la construcción del módulo de control automático. En primer lugar, se explora el uso de algoritmos de Aprendizaje Profundo por Refuerzo (DRL) para optimizar el encaminamiento de tráfico en redes. DRL ha demostrado una capacidad sobresaliente para resolver problemas de toma de decisiones en otros campos. Sin embargo, los primeros trabajos que han aplicado DRL a la optimización del encaminamiento en redes no han conseguido rendimientos satisfactorios. Frente a dichas soluciones previas, proponemos una representación más elaborada de la red que facilita a los agentes DRL aprender estrategias de encaminamiento eficientes. Nuestra evaluación muestra que cuando los agentes DRL utilizan la representación propuesta logran mayor rendimiento y aprenden más rápido cómo encaminar el tráfico en un caso práctico en Redes de Transporte Ópticas (OTN). En segundo lugar, se presentan las bases sobre la utilización de Redes Neuronales de Grafos (GNN) para construir herramientas de optimización de red. Las GNN constituyen una nueva familia de modelos de DL específicamente diseñados para operar y generalizar sobre grafos de tamaño y estructura variables. Esta tesis destaca la idoneidad de las GNN para modelar las relaciones entre diferentes elementos de red que se representan intrínsecamente como grafos (p. ej., topología, encaminamiento). En particular, utilizamos una arquitectura GNN específicamente diseñada para optimizar el encaminamiento de tráfico que, a diferencia de las propuestas anteriores basadas en ML, es capaz de generalizar correctamente sobre topologías, configuraciones de encaminamiento y tráfico nunca vistos durante el entrenamiento La segunda parte de esta tesis investiga el diseño de herramientas de análisis de red eficientes en el contexto de KDN. El análisis de red resulta esencial para proporcionar al plano de control una visión completa y actualizada del estado de la red. No obstante, esto no es una tarea trivial considerando que esta información representa una cantidad masiva de datos en despliegues de red reales. Esta parte de la tesis analiza los principales aspectos a considerar a la hora de medir y clasificar el tráfico en SDN (p. ej., escalabilidad, exactitud, coste). Como resultado, se propone una solución práctica que genera informes de medidas de tráfico a nivel de flujo similares a los de NetFlow/IPFIX en redes tradicionales. El sistema propuesto utiliza sólo funciones soportadas por OpenFlow, actualmente uno de los estándares más consolidados en SDN, y permite mantener de forma eficiente estadísticas de tráfico en conmutadores con características básicas y enviarlas de forma asíncrona hacia el plano de control. Asimismo, un sistema que combina ML e Inspección Profunda de Paquetes (DPI) identifica las aplicaciones que generan cada flujo de tráfico.Postprint (published version

تطبيق تقنية الشبكات المعرفة بالبرمجيات في تجميع البيانات في شبكات الحساسات اللاسلكية من أجل تحسين أدائها

نقدم في هذا المقال منهجية مقترحة من أجل تحسين أداء عمليات التجميع في  شبكات الحساسات اللاسلكية وذلك من خلال تطبيق  تقنية الشبكات المعرفة بالبرمجيات ،  وذلك حقق فصل مجالي التحكم والبيانات، تم تحديد شروط اختيار العقد المجمعة في المتحكم من خلال ضبط أوزان خوارزمية دايجكسترا، وبناء على المسارات المختارة عن طريق الخوارزمية  تم تحديد العقد المجمعة بناء على بارامتر المسارات التي تتضمن العقدة ، إضافة إلى أن المنصة المطبقة تعتمد على الحالة وتنفيذ ما يسمى آلة الحالة المنتهية ،مما ساعدنا في التخلص من قيود الطرق التقليدية في تطبيق تقنية الشبكات المعرفة بالبرمجيات في شبكات الحساسات اللاسلكية حيث تدعم قراءة حمولة الرزمة وليس فقط الترويسة ، إضافة إلى إمكانية التعامل مع رزمة بالاعتماد على رزمة أخرى ، والمرونة في  تعديل جداول التوجيه من أجل تحقيق القواعد المناسبة لخوارزمية التجميع المقترحة. ويتضح من خلال النتائج التقليل الكبير في الطاقة المستهلكة  بعد تطبيق الخوارزمية المقترحة