Enabling knowledge-defined networks : deep reinforcement learning, graph neural networks and network analytics

Significant breakthroughs in the last decade in the Machine Learning (ML) field have ushered in a new era of Artificial Intelligence (AI). Particularly, recent advances in Deep Learning (DL) have enabled to develop a new breed of modeling and optimization tools with a plethora of applications in different fields like natural language processing, or computer vision. In this context, the Knowledge-Defined Networking (KDN) paradigm highlights the lack of adoption of AI techniques in computer networks and – as a result – proposes a novel architecture that relies on Software-Defined Networking (SDN) and modern network analytics techniques to facilitate the deployment of ML-based solutions for efficient network operation. This dissertation aims to be a step forward in the realization of Knowledge-Defined Networks. In particular, we focus on the application of AI techniques to control and optimize networks more efficiently and automatically. To this end, we identify two components within the KDN context whose development may be crucial to achieve self-operating networks in the future: (i) the automatic control module, and (ii) the network analytics platform. The first part of this thesis is devoted to the construction of efficient automatic control modules. First, we explore the application of Deep Reinforcement Learning (DRL) algorithms to optimize the routing configuration in networks. DRL has recently demonstrated an outstanding capability to solve efficiently decision-making problems in other fields. However, first DRL-based attempts to optimize routing in networks have failed to achieve good results, often under-performing traditional heuristics. In contrast to previous DRL-based solutions, we propose a more elaborate network representation that facilitates DRL agents to learn efficient routing strategies. Our evaluation results show that DRL agents using the proposed representation achieve better performance and learn faster how to route traffic in an Optical Transport Network (OTN) use case. Second, we lay the foundations on the use of Graph Neural Networks (GNN) to build ML-based network optimization tools. GNNs are a newly proposed family of DL models specifically tailored to operate and generalize over graphs of variable size and structure. In this thesis, we posit that GNNs are well suited to model the relationships between different network elements inherently represented as graphs (e.g., topology, routing). Particularly, we use a custom GNN architecture to build a routing optimization solution that – unlike previous ML-based proposals – is able to generalize well to topologies, routing configurations, and traffic never seen during the training phase. The second part of this thesis investigates the design of practical and efficient network analytics solutions in the KDN context. Network analytics tools are crucial to provide the control plane with a rich and timely view of the network state. However this is not a trivial task considering that all this information turns typically into big data in real-world networks. In this context, we analyze the main aspects that should be considered when measuring and classifying traffic in SDN (e.g., scalability, accuracy, cost). As a result, we propose a practical solution that produces flow-level measurement reports similar to those of NetFlow/IPFIX in traditional networks. The proposed system relies only on native features of OpenFlow – currently among the most established standards in SDN – and incorporates mechanisms to maintain efficiently flow-level statistics in commodity switches and report them asynchronously to the control plane. Additionally, a system that combines ML and Deep Packet Inspection (DPI) identifies the applications that generate each traffic flow.La evolución del campo del Aprendizaje Maquina (ML) en la última década ha dado lugar a una nueva era de la Inteligencia Artificial (AI). En concreto, algunos avances en el campo del Aprendizaje Profundo (DL) han permitido desarrollar nuevas herramientas de modelado y optimización con múltiples aplicaciones en campos como el procesado de lenguaje natural, o la visión artificial. En este contexto, el paradigma de Redes Definidas por Conocimiento (KDN) destaca la falta de adopción de técnicas de AI en redes y, como resultado, propone una nueva arquitectura basada en Redes Definidas por Software (SDN) y en técnicas modernas de análisis de red para facilitar el despliegue de soluciones basadas en ML. Esta tesis pretende representar un avance en la realización de redes basadas en KDN. En particular, investiga la aplicación de técnicas de AI para operar las redes de forma más eficiente y automática. Para ello, identificamos dos componentes en el contexto de KDN cuyo desarrollo puede resultar esencial para conseguir redes operadas autónomamente en el futuro: (i) el módulo de control automático y (ii) la plataforma de análisis de red. La primera parte de esta tesis aborda la construcción del módulo de control automático. En primer lugar, se explora el uso de algoritmos de Aprendizaje Profundo por Refuerzo (DRL) para optimizar el encaminamiento de tráfico en redes. DRL ha demostrado una capacidad sobresaliente para resolver problemas de toma de decisiones en otros campos. Sin embargo, los primeros trabajos que han aplicado DRL a la optimización del encaminamiento en redes no han conseguido rendimientos satisfactorios. Frente a dichas soluciones previas, proponemos una representación más elaborada de la red que facilita a los agentes DRL aprender estrategias de encaminamiento eficientes. Nuestra evaluación muestra que cuando los agentes DRL utilizan la representación propuesta logran mayor rendimiento y aprenden más rápido cómo encaminar el tráfico en un caso práctico en Redes de Transporte Ópticas (OTN). En segundo lugar, se presentan las bases sobre la utilización de Redes Neuronales de Grafos (GNN) para construir herramientas de optimización de red. Las GNN constituyen una nueva familia de modelos de DL específicamente diseñados para operar y generalizar sobre grafos de tamaño y estructura variables. Esta tesis destaca la idoneidad de las GNN para modelar las relaciones entre diferentes elementos de red que se representan intrínsecamente como grafos (p. ej., topología, encaminamiento). En particular, utilizamos una arquitectura GNN específicamente diseñada para optimizar el encaminamiento de tráfico que, a diferencia de las propuestas anteriores basadas en ML, es capaz de generalizar correctamente sobre topologías, configuraciones de encaminamiento y tráfico nunca vistos durante el entrenamiento La segunda parte de esta tesis investiga el diseño de herramientas de análisis de red eficientes en el contexto de KDN. El análisis de red resulta esencial para proporcionar al plano de control una visión completa y actualizada del estado de la red. No obstante, esto no es una tarea trivial considerando que esta información representa una cantidad masiva de datos en despliegues de red reales. Esta parte de la tesis analiza los principales aspectos a considerar a la hora de medir y clasificar el tráfico en SDN (p. ej., escalabilidad, exactitud, coste). Como resultado, se propone una solución práctica que genera informes de medidas de tráfico a nivel de flujo similares a los de NetFlow/IPFIX en redes tradicionales. El sistema propuesto utiliza sólo funciones soportadas por OpenFlow, actualmente uno de los estándares más consolidados en SDN, y permite mantener de forma eficiente estadísticas de tráfico en conmutadores con características básicas y enviarlas de forma asíncrona hacia el plano de control. Asimismo, un sistema que combina ML e Inspección Profunda de Paquetes (DPI) identifica las aplicaciones que generan cada flujo de tráfico.Postprint (published version

Optimization and Management Techniques for Geo-distributed SDN-enabled Cloud Datacenters\u27 Provisioning

Cloud computing has become a business reality that impacts technology users around the world. It has become a cornerstone for emerging technologies and an enabler of future Internet services as it provides on-demand IT services delivery via geographically distributed data centers. At the core of cloud computing, virtualization technology has played a crucial role by allowing resource sharing, which in turn allows cloud service providers to offer computing services without discrepancies in platform compatibility. At the same time, a trend has emerged in which enterprises are adopting a software-based network infrastructure with paradigms, such as software-defined networking, gaining further attention for large-scale networks. This trend is due to the flexibility and agility offered to networks by such paradigms. Software-defined networks allow for network resource sharing by facilitating network virtualization. Hence, combining cloud computing with a software-defined network architecture promises to enhance the quality of services that are delivered to clients and reduces the operational costs to service providers. However, this combined architecture introduces several challenges to cloud service providers, including resource management, energy efficiency, virtual network provisioning, and controller placement. This thesis tackles these challenges by proposing innovative resource provisioning techniques and developing novel frameworks to improve resource utilization, power efficiency, and quality of service performance. These metrics have a direct impact on the capital and operational expenditure of service providers. In this thesis, the problem of virtual computing and network provisioning in geographically distributed software-defined network-enabled cloud data centers is modeled and formulated. It proposes and evaluates optimal and sub-optimal heuristic solutions to validate their efficiency. To address the energy efficiency of cloud environments that are enabled for software-defined networks, this thesis presents an innovative architecture and develops a comprehensive power consumption model that accurately describes the power consumption behavior of such environments. To address the challenge of the number of software-defined network controllers and locations, a sub-optimal solution is proposed that combines unsupervised hierarchical clustering. Finally, betweenness centrality is proposed as an efficient solution to the controller placement problem

A monitoring and threat detection system using stream processing as a virtual function for big data

The late detection of security threats causes a significant increase in the risk of irreparable damages, disabling any defense attempt. As a consequence, fast realtime threat detection is mandatory for security guarantees. In addition, Network Function Virtualization (NFV) provides new opportunities for efficient and low-cost security solutions. We propose a fast and efficient threat detection system based on stream processing and machine learning algorithms. The main contributions of this work are i) a novel monitoring threat detection system based on stream processing; ii) two datasets, first a dataset of synthetic security data containing both legitimate and malicious traffic, and the second, a week of real traffic of a telecommunications operator in Rio de Janeiro, Brazil; iii) a data pre-processing algorithm, a normalizing algorithm and an algorithm for fast feature selection based on the correlation between variables; iv) a virtualized network function in an open-source platform for providing a real-time threat detection service; v) near-optimal placement of sensors through a proposed heuristic for strategically positioning sensors in the network infrastructure, with a minimum number of sensors; and, finally, vi) a greedy algorithm that allocates on demand a sequence of virtual network functions.A detecção tardia de ameaças de segurança causa um significante aumento no risco de danos irreparáveis, impossibilitando qualquer tentativa de defesa. Como consequência, a detecção rápida de ameaças em tempo real é essencial para a administração de segurança. Além disso, A tecnologia de virtualização de funções de rede (Network Function Virtualization - NFV) oferece novas oportunidades para soluções de segurança eficazes e de baixo custo. Propomos um sistema de detecção de ameaças rápido e eficiente, baseado em algoritmos de processamento de fluxo e de aprendizado de máquina. As principais contribuições deste trabalho são: i) um novo sistema de monitoramento e detecção de ameaças baseado no processamento de fluxo; ii) dois conjuntos de dados, o primeiro ´e um conjunto de dados sintético de segurança contendo tráfego suspeito e malicioso, e o segundo corresponde a uma semana de tráfego real de um operador de telecomunicações no Rio de Janeiro, Brasil; iii) um algoritmo de pré-processamento de dados composto por um algoritmo de normalização e um algoritmo para seleção rápida de características com base na correlação entre variáveis; iv) uma função de rede virtualizada em uma plataforma de código aberto para fornecer um serviço de detecção de ameaças em tempo real; v) posicionamento quase perfeito de sensores através de uma heurística proposta para posicionamento estratégico de sensores na infraestrutura de rede, com um número mínimo de sensores; e, finalmente, vi) um algoritmo guloso que aloca sob demanda uma sequencia de funções de rede virtual

Scale-free topology optimization for software-defined wireless sensor networks: A cyber-physical system

Due to the limited resource and vulnerability in wireless sensor networks, maximizing the network lifetime and improving network survivability have become the top priority problem in network topology optimization. This article presents a wireless sensor networks topology optimization model based on complex network theory and cyber-physical systems using software-defined wireless sensor network architecture. The multiple-factor-driven virtual force field and network division–oriented particle swarm algorithm are introduced into the deployment strategy of super-node for the implementation in wireless sensor networks topology initialization, which help to rationally allocate heterogeneous network resources and balance the energy consumption in wireless sensor networks. Furthermore, the preferential attachment scheme guided by corresponding priority of crucial sensors is added into scale-free structure for optimization in topology evolution process and for protection of vulnerable nodes in wireless sensor networks. Software-defined wireless sensor network–based functional architecture is adopted to optimize the network evolution rules and algorithm parameters using information cognition and flow-table configure mode. The theoretical analysis and experimental results demonstrate that the proposed wireless sensor networks topology optimization model possesses both the small-world effect and the scale-free property, which can contribute to extend the lifetime of wireless sensor networks with energy efficiency and improve the robustness of wireless sensor networks with structure invulnerability

Separation Framework: An Enabler for Cooperative and D2D Communication for Future 5G Networks

Soaring capacity and coverage demands dictate that future cellular networks need to soon migrate towards ultra-dense networks. However, network densification comes with a host of challenges that include compromised energy efficiency, complex interference management, cumbersome mobility management, burdensome signaling overheads and higher backhaul costs. Interestingly, most of the problems, that beleaguer network densification, stem from legacy networks' one common feature i.e., tight coupling between the control and data planes regardless of their degree of heterogeneity and cell density. Consequently, in wake of 5G, control and data planes separation architecture (SARC) has recently been conceived as a promising paradigm that has potential to address most of aforementioned challenges. In this article, we review various proposals that have been presented in literature so far to enable SARC. More specifically, we analyze how and to what degree various SARC proposals address the four main challenges in network densification namely: energy efficiency, system level capacity maximization, interference management and mobility management. We then focus on two salient features of future cellular networks that have not yet been adapted in legacy networks at wide scale and thus remain a hallmark of 5G, i.e., coordinated multipoint (CoMP), and device-to-device (D2D) communications. After providing necessary background on CoMP and D2D, we analyze how SARC can particularly act as a major enabler for CoMP and D2D in context of 5G. This article thus serves as both a tutorial as well as an up to date survey on SARC, CoMP and D2D. Most importantly, the article provides an extensive outlook of challenges and opportunities that lie at the crossroads of these three mutually entangled emerging technologies.Comment: 28 pages, 11 figures, IEEE Communications Surveys & Tutorials 201

A Novel Placement Algorithm for the Controllers Of the Virtual Networks (COVN) in SD-WAN with Multiple VNs

The escalation of communication demands and the emergence of new telecommunication concepts such as 5G cellular system and smart cities requires the consolidation of a flexible and manageable backbone network. These requirements motivated the researcher to come up with a new placement algorithm for the Controller of Virtual Network (COVN). This is because SDN and network virtualisation techniques (NFV and NV), are integrated to produce multiple virtual networks running on a single SD-WAN infrastructure, which serves the new backbone. One of the significant challenges of SD-WAN is determining the number and the locations of its controllers to optimise the network latency and reliability. This problem is fairly investigated and solved by several controller placement algorithms where the focus is only on physical controllers. The advent of the sliced SD-WAN produces a new challenge, which necessitates the SDWAN controllers (physical controller/hosted server) to run multiple instances of controllers (virtual controllers). Every virtual network is managed by its virtual controllers. This calls for an algorithm to determine the number and the positions of physical and virtual controllers of the multiple virtual SD-WANs. According to the literature review and to the best of the author knowledge, this problem is neither examined nor yet solved. To address this issue, the researcher designed a novel COVN placement algorithm to compute the controller placement of the physical controllers, then calculate the controller placement of every virtual SD-WAN independently, taking into consideration the controller placement of other virtual SD-WANs. COVN placement does not partition the SD-WAN when placing the physical controllers, unlike all previous placement algorithms. Instead, it identifies the nodes of the optimal reliability and latency to all switches of the network. Then, it partitions every VN separately to create its independent controller placement. COVN placement optimises the reliability and the latency according to the desired weights. It also maintains the load balancing and the optimal resources utilisation. Moreover, it supports the recovering of the controller failure. This novel algorithm is intensively evaluated using the produced COVN simulator and the developed Mininet emulator. The results indicate that COVN placement achieves the required optimisations mentioned above. Also, the implementations disclose that COVN placement can compute the controller placement for a large network ( 754 switches) in very small computation time (49.53 s). In addition, COVN placement is compared to POCO algorithm. The outcome reveals that COVN placement provides better reliability in about 30.76% and a bit higher latency in about 1.38%. Further, it surpasses POCO by constructing the balanced clusters according to the switch loads and offering the more efficient placement to recover controller-failure

LOcAl DEcisions on Replicated States (LOADER) in programmable data planes: programming abstraction and experimental evaluation

Programmable data planes recently emerged as a prominent innovation in Software Defined Networking (SDN), by permitting support of stateful flow processing functions over hardware network switches specifically designed for network processing. Unlike early SDN solutions such as OpenFlow, modern stateful data planes permit to keep (and dynamically update) local per-flow states inside network switches, thus dramatically improving reactiveness of network applications to state changes. Still, also in stateful data planes, the control and update of non-local states is assumed to be completely delegated to a centralized controller and thus accessed only at the price of extra delay. Our LOADER proposal aims at contrasting the apparent dichotomy between local states and global states. We do so by introducing a new possibility: permit to take localized (in-switch) decisions not only on local states but also on replicated global states, thus providing support for network-wide applications without incurring the drawbacks of classical approaches. To this purpose, i) we provide high-level programming abstractions devised to define the states and the update logic of a generic network-wide application, and ii) we detail the underlying low level state management and replication mechanisms. We then show LOADER's independence of the stateful data plane technology employed, by implementing it over two distinct stateful data planes (P4 switches and OPP - Open Packet Processor - switches), and by experimentally validating both implementations in an emulated testbed using a simple distributed Deny-of-Service (DoS) detection application

Traffic Optimization in Data Center and Software-Defined Programmable Networks

L'abstract è presente nell'allegato / the abstract is in the attachmen