5,441 research outputs found
Distributed Network Anomaly Detection on an Event Processing Framework
Network Intrusion Detection Systems (NIDS) are an integral part of modern data centres to ensure high availability and compliance with Service Level Agreements (SLAs). Currently, NIDS are deployed on high-performance, high-cost middleboxes that are responsible for monitoring a limited section of the network. The fast increasing size and aggregate throughput of modern data centre networks have come to challenge the current approach to anomaly detection to satisfy the fast growing compute demand. In this paper, we propose a novel approach to distributed intrusion detection systems based on the architecture of recently proposed event processing frameworks. We have designed and implemented a prototype system using Apache Storm to show the benefits of the proposed approach as well as the architectural differences with traditional systems. Our system distributes modules across the available devices within the network fabric and uses a centralised controller for orchestration, management and correlation. Following the Software Defined Networking (SDN) paradigm, the controller maintains a complete view of the network but distributes the processing logic for quick event processing while performing complex event correlation centrally. We have evaluated the proposed system using publicly available data centre traces and demonstrated that the system can scale with the network topology while providing high performance and minimal impact on packet latency
An Approximately Optimal Algorithm for Scheduling Phasor Data Transmissions in Smart Grid Networks
In this paper, we devise a scheduling algorithm for ordering transmission of
synchrophasor data from the substation to the control center in as short a time
frame as possible, within the realtime hierarchical communications
infrastructure in the electric grid. The problem is cast in the framework of
the classic job scheduling with precedence constraints. The optimization setup
comprises the number of phasor measurement units (PMUs) to be installed on the
grid, a weight associated with each PMU, processing time at the control center
for the PMUs, and precedence constraints between the PMUs. The solution to the
PMU placement problem yields the optimum number of PMUs to be installed on the
grid, while the processing times are picked uniformly at random from a
predefined set. The weight associated with each PMU and the precedence
constraints are both assumed known. The scheduling problem is provably NP-hard,
so we resort to approximation algorithms which provide solutions that are
suboptimal yet possessing polynomial time complexity. A lower bound on the
optimal schedule is derived using branch and bound techniques, and its
performance evaluated using standard IEEE test bus systems. The scheduling
policy is power grid-centric, since it takes into account the electrical
properties of the network under consideration.Comment: 8 pages, published in IEEE Transactions on Smart Grid, October 201
Admission control methods in IMS networks
The article deals with solving the problem of ensuring Quality of Service (QoS) in IP Multimedia Subsystem (IMS) networks. Admission Control methods (AC) are used to prevent network congestion and the decrease of QoS. The main function of AC is to maximize utilization of network resources and to ensure the level of QoS. Four methods were chosen for comparison. These methods are described in the main part of the article. The last part deals with simulations of these methods in the software MATLAB
BPFabric: Data Plane Programmability for Software Defined Networks
In its current form, OpenFlow, the de facto implementation
of SDN, separates the network’s control and data
planes allowing a central controller to alter the matchaction
pipeline using a limited set of fields and actions.
To support new protocols, forwarding logic, telemetry,
monitoring or even middlebox-like functions the currently
available programmability in SDN is insufficient.
In this paper, we introduce BPFabric, a platform, protocol,
and language-independent architecture to centrally
program and monitor the data plane. BPFabric leverages
eBPF, a platform and protocol independent instruction
set to define the packet processing and forwarding functionality
of the data plane. We introduce a control plane
API that allows data plane functions to be deployed onthe-fly,
reporting events of interest and exposing network
internal state.
We present a raw socket and DPDK implementation
of the design, the former for large-scale experimentation
using environment such as Mininet and the latter for
high-performance low-latency deployments. We show
through examples that functions unrealisable in OpenFlow
can leverage this flexibility while achieving similar
or better performance to today’s static design
- …