A Demonstration Scenario for the NorNet Core Multi-Homed Network Testbed

There is extensive on-going research taking place with the goal of implementing transport layer protocols that are able to utilize multi-homing on machines (connection to multiple ISPs). Multi-homing has potential to improve resilience and increase total goodput compared to using a single connection. This would e.g. benefit the trend of more and more services being moved online and into the cloud. The NorNet Core multi-homed network testbed aims to facilitate this research by offering programmable virtual machines located at multiple different sites across the world, accessible for researchers. The aim of this project is the design and implementation of a demonstration platform for NorNet Core that enables the testbed to be illustratively demonstrated to potential new users. This is done by offering users interactive experiments, and geographical visualization of various communication scenarios between nodes in the NorNet Core network in real time. The demonstration platform puts emphasis on demonstrating the unique aspects of NorNet Core compared to other networking testbeds; namely the multi-homed nature and IPv6 support for all of the nodes. This thesis discusses the technical aspects of designing and implementing the platform, as well as demonstrating the finished result with various demonstration scenarios. The Qt programming framework was chosen as the primary development framework for this application

Measuring Performance of Web Content Delivery Over Mobile Networks

We explored the performance of the web content delivery over the Internet for two Norwegian MBB networks (Telenor and Netcom) using the NorNet Edge measurement infrastructure. The performance was evaluated by measuring the impact of several factors including the radio signal conditions, the ingresspoint placement and the networking topology in cellular networks when accessing the first byte of the web content of the top 50 Alexa websites. The time to get the first byte can be decreased by 80 percent, if the web content is placed close to the ingresspoint. The ingresspoint placement affects the network delay for domestic subscribers by only 10 milliseconds. There is no clear differences in time to get the first byte between 3G or 4G technologies. The time to connect to the web content (to query DNS and establish a TCP connection) is only 20 percent of the time spent to receive the first byte of the web content. The poor radio signal conditions can increase the time to get the first byte of the web content by 100 milliseconds

Endpoint-transparent Multipath Transport with Software-defined Networks

Multipath forwarding consists of using multiple paths simultaneously to transport data over the network. While most such techniques require endpoint modifications, we investigate how multipath forwarding can be done inside the network, transparently to endpoint hosts. With such a network-centric approach, packet reordering becomes a critical issue as it may cause critical performance degradation. We present a Software Defined Network architecture which automatically sets up multipath forwarding, including solutions for reordering and performance improvement, both at the sending side through multipath scheduling algorithms, and the receiver side, by resequencing out-of-order packets in a dedicated in-network buffer. We implemented a prototype with commonly available technology and evaluated it in both emulated and real networks. Our results show consistent throughput improvements, thanks to the use of aggregated path capacity. We give comparisons to Multipath TCP, where we show our approach can achieve a similar performance while offering the advantage of endpoint transparency

Revisiting the IETF multipath extensions on transport layer

Load sharing on the transport layer of the OSI reference model is an important topic in the IETF standardization. This approach is also supported by the industry to optimize the use of the resources in a network like the Internet. After many trials, two basic sets of mechanisms and functionalities on the transport layer have been proposed by the IETF to achieve load sharing. These basic sets extend the protocol mechanisms that were originally designed for the use in singlepath dominated networks and represent only a first step to introduce a real end-to-end multipath transfer on the Internet. These first basic sets must be investigated and improved for the next steps. The Transmission Control Protocol (TCP) and the Stream Control Transmission Protocol (SCTP) provide the basis for the two IETF end-to-end multipath extensions. Both singlepath transport protocols have a different historical background but similar goals. These can be characterized by a reliable, connection-oriented and ordered data transport. However, initial experiments with the IETF multipath extensions in real networks show unexpected and in some cases clearly inadequate results. It is becoming rather apparent that the singlepath transport protocol specifications with their singlepath goals have a significant impact on the effectiveness of the load sharing mechanism and, furthermore, that the severity of the influence depends on the topology. The new mechanisms for multipath transfer include, in particular, an extended “path management” and “scheduling” task. The mechanisms addressing the path management organize the new, alternative paths and the scheduling mechanisms sup- port their effective use. For both protocol extensions of TCP and SCTP, an interaction can be identified between the new load sharing mechanisms and the existing specifications for singlepath transfer. This thesis systematically identifies the impact factors of the singlepath specifications on the new load sharing mechanisms and demonstrates their effects. In addition to the focus on the optimal use, the fair distribution of resources across all connections must be taken into account in the IETF standardization process. This so-called “fairness” discus- sion is mandatory for a transport protocol in the IETF context and has a direct impact on the overall system performance. Furthermore, this thesis discusses the currently implemented load sharing extensions and analyzes their weaknesses. Moreover, in this work new design approaches are developed to decrease the impact

Classifying resilience approaches for protecting smart grids against cyber threats

Smart grids (SG) draw the attention of cyber attackers due to their vulnerabilities, which are caused by the usage of heterogeneous communication technologies and their distributed nature. While preventing or detecting cyber attacks is a well-studied field of research, making SG more resilient against such threats is a challenging task. This paper provides a classification of the proposed cyber resilience methods against cyber attacks for SG. This classification includes a set of studies that propose cyber-resilient approaches to protect SG and related cyber-physical systems against unforeseen anomalies or deliberate attacks. Each study is briefly analyzed and is associated with the proper cyber resilience technique which is given by the National Institute of Standards and Technology in the Special Publication 800-160. These techniques are also linked to the different states of the typical resilience curve. Consequently, this paper highlights the most critical challenges for achieving cyber resilience, reveals significant cyber resilience aspects that have not been sufficiently considered yet and, finally, proposes scientific areas that should be further researched in order to enhance the cyber resilience of SG.Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. Funding for open access charge: Universidad de Málaga / CBUA

Challenges in the Design and Implementation of IoT Testbeds in Smart-Cities : A Systematic Review

Advancements in wireless communication and the increased accessibility to low-cost sensing and data processing IoT technologies have increased the research and development of urban monitoring systems. Most smart city research projects rely on deploying proprietary IoT testbeds for indoor and outdoor data collection. Such testbeds typically rely on a three-tier architecture composed of the Endpoint, the Edge, and the Cloud. Managing the system's operation whilst considering the security and privacy challenges that emerge, such as data privacy controls, network security, and security updates on the devices, is challenging. This work presents a systematic study of the challenges of developing, deploying and managing urban monitoring testbeds, as experienced in a series of urban monitoring research projects, followed by an analysis of the relevant literature. By identifying the challenges in the various projects and organising them under the V-model development lifecycle levels, we provide a reference guide for future projects. Understanding the challenges early on will facilitate current and future smart-cities IoT research projects to reduce implementation time and deliver secure and resilient testbeds

Scalable and Efficient Multipath Routing: Complexity and Algorithms

A fundamental unsolved challenge in multipath routing is to provide disjoint end-to-end paths, each one satisfying certain operational goals (e.g., shortest possible), without overwhelming the data plane with prohibitive amount of forwarding state. In this paper, we study the problem of finding a pair of shortest disjoint paths that can be represented by only two forwarding table entries per destination. Building on prior work on minimum length redundant trees, we show that the underlying mathematical problem is NP-complete and we present heuristic algorithms that improve the known complexity bounds from cubic to the order of a single shortest path search. Finally, by extensive simulations we find that it is possible to very closely attain the absolute optimal path length with our algorithms (the gap is just 1–5%), eventually opening the door for wide-scale multipath routing deployments