Rule caching in SDN-enabled mobile access networks

A software defined network (SDN) enabled mobile access network is a future network with great potential to support scalable and flexible network applications. To support various network applications, the SDN-enabled mobile access network usually uses forwarding rules in SDN devices. With a limited rule space in existing SDN devices, a rule caching mechanism is an efficient way to improve the network performance. In this paper, we propose SRCMN, which is a new caching structure to improve the network performance with a limited rule space in the SDN-enabled mobile access network. We design a twolayer rule space in each SDN device, which is managed by the SDN controller. We also design a cache prefetching mechanism with the consideration of user mobility. By conducting extensive simulations, we demonstrate that our proposed structure and mechanism significantly outperform original rule space management under various network settings

An Efficient SDN load balancing scheme based on variance analysis for massive mobile users

In a traditional network, server load balancing is used to satisfy the demand for high data volumes. The technique requires large capital investment while offering poor scalability and flexibility, which difficultly supports highly dynamic workload demands from massive mobile users. To solve these problems, this paper analyses the principle of software-defined networking (SDN) and presents a new probabilistic method of load balancing based on variance analysis. The method can be used to dynamically manage traffic flows for supporting massive mobile users in SDN networks. The paper proposes a solution using the OpenFlow virtual switching technology instead of the traditional hardware switching technology. A SDN controller monitors data traffic of each port by means of variance analysis and provides a probability-based selection algorithm to redirect traffic dynamically with the OpenFlow technology. Compared with the existing load balancing methods which were designed to support traditional networks, this solution has lower cost, higher reliability, and greater scalability which satisfy the needs of mobile users.The work was supported by the National Natural Science Foundation of China (no. 61173188, no. 61572001, and no. 61502008), the Research Fund for the Doctoral Program of Higher Education (no. 20133401110004), the Educational Commission of Anhui Province, China (no. KJ2013A017), the Natural Science Foundation of Anhui Province (no. 1508085QF132), the Tender Project of the Co-Innovation Center for Information Supply & Assurance Technology of Anhui University (no. ADXXBZ2014-7), and the Doctoral Research Startup Funds Project of Anhui University

A Kernel-space POF virtual switch

Protocol Oblivious Forwarding (POF) aims at providing a standard southbound interface for sustainable Software Defined Networking (SDN) evolvement. It overcomes the limitations of popular Open Flow protocols (an existing widely-adopted southbound interface), through the enhancement of SDN forwarding plane. This paper pioneers the design and implementation of a Kernel-space POF Virtual Switch (K_POFVS) on Linux platform. K_POFVS can improve the packet processing speed, through fast packet forwarding and the capability of adding/deleting/modifying protocol fields in kernel space. In addition, it is able to enhance flow table matching speed, by separating the mask table (consisting of flow entry masks used to figure out the matching field) and the flow table under a caching mechanism. Furthermore, K_POFVS can achieve efficient communication between the kernel space and the user space, via extending the Netlink communication between them. Experimental results show that K_POFVS can provide much better performance than existing user-space POF virtual switches, in terms of packet forwarding delay, packet processing delay and packet transmission rateThis work is partially supported by the National Program on Key Basic Research Project of China (973 Program) under Grant No. 2012CB315803, the Strategic Priority Research Program of the Chinese Academy of Sciences under grant No. XDA06010306, the National Natural Science Foundation of China under Grant No. 61303241, and the University of Exeter’s Innovation Platform – Link Fund under Award No. LF207

Security Threats in Software Defined Mobile Clouds (SDMC)

Future Internet comprises of emerging ICT mega-trends (e.g., mobile, social, cloud, and big data) commands new challenges like ubiquitous accessibility, high bandwidth, and dynamic management to meet the data tsunami requirements. In the recent years, the rapid growth of smartphone business is highly evidenced due to its versatile usage irrespective of location, personality or context. Despite of increased smartphone usage, exploiting its full potential becomes very difficult owing to its typical issues such as resource scarcity, mobility and more prominently the security. Software Defined Networking (SDN), an emerging wireless network paradigm can make use of rich mobile cloud functionalities such as traffic management, load balancing, routing, and firewall configuration over physical abstraction of control planes from data planes. Hence SDN leads to a clear roadmap to Software Security control in Mobile Clouds (SDMC). Further it can be extended to a level of Security prevention. To address in this direction, this paper surveys the relevant backgrounds of the existing state-of-art works to come up with all possible SDMC threats and its countermeasures

Aspectos de seguridad para sistemas de cómputo social-inspirados construidos sobre manets

the present paper makes a literary review about the present and future advances that are expected in security for Ad hoc networks, furthermore, it exposes the principal features that the security models should have it and how could the social-inspired model TLÖN have it. The Software Defined Network (SDN) are revised and how could they be applied to wireless systems like Ad hoc networks, the article describes the main attacks on an Ad hoc network and how could Through the attributes of security: Confidentiality, Integrity, Availability, resolve some of the main problems of security.El presente artículo realiza una revisión literaria sobre el presente y los avances futuros que se esperan en temas relacionados con seguridad informática para sistemas de cómputo basados en MANETs (Mobile Ad hoc Network), además, expone las principales características que deberían tener los modelos de seguridad y cómo se podrían aplicar al modelo social-inspirado TLÖN.  Se da una revisión a las redes definidas por software (SDN) y cómo se podrían aplicar a sistemas inalámbricos como las redes Ad hoc, el articulo describe los principales ataques sobre una red Ad hoc y cómo mediante los atributos de seguridad: confidencialidad, integridad y disponibilidad, se pueden resolver algunos de los problemas principales de seguridad

Performance Modelling and Resource Allocation of the Emerging Network Architectures for Future Internet

With the rapid development of information and communications technologies, the traditional network architecture has approached to its performance limit, and thus is unable to meet the requirements of various resource-hungry applications. Significant infrastructure improvements to the network domain are urgently needed to guarantee the continuous network evolution and innovation. To address this important challenge, tremendous research efforts have been made to foster the evolution to Future Internet. Long-term Evolution Advanced (LTE-A), Software Defined Networking (SDN) and Network Function Virtualisation (NFV) have been proposed as the key promising network architectures for Future Internet and attract significant attentions in the network and telecom community. This research mainly focuses on the performance modelling and resource allocations of these three architectures. The major contributions are three-fold: 1) LTE-A has been proposed by the 3rd Generation Partnership Project (3GPP) as a promising candidate for the evolution of LTE wireless communication. One of the major features of LTE-A is the concept of Carrier Aggregation (CA). CA enables the network operators to exploit the fragmented spectrum and increase the peak transmission data rate, however, this technical innovation introduces serious unbalanced loads among in the radio resource allocation of LTE-A. To alleviate this problem, a novel QoS-aware resource allocation scheme, termed as Cross-CC User Migration (CUM) scheme, is proposed in this research to support real-time services, taking into consideration the system throughput, user fairness and QoS constraints. 2) SDN is an emerging technology towards next-generation Internet. In order to improve the performance of the SDN network, a preemption-based packet-scheduling scheme is firstly proposed in this research to improve the global fairness and reduce the packet loss rate in SDN data plane. Furthermore, in order to achieve a comprehensive and deeper understanding of the performance behaviour of SDN network, this work develops two analytical models to investigate the performance of SDN in the presence of Poisson Process and Markov Modulated Poisson Process (MMPP) respectively. 3) NFV is regarded as a disruptive technology for telecommunication service providers to reduce the Capital Expenditure (CAPEX) and Operational Expenditure (OPEX) through decoupling individual network functions from the underlying hardware devices. While NFV faces a significant challenging problem of Service-Level-Agreement (SLA) guarantee during service provisioning. In order to bridge this gap, a novel comprehensive analytical model based on stochastic network calculus is proposed in this research to investigate end-to-end performance of NFV network. The resource allocation strategies proposed in this study significantly improve the network performance in terms of packet loss probability, global allocation fairness and throughput per user in LTE-A and SDN networks; the analytical models designed in this study can accurately predict the network performances of SDN and NFV networks. Both theoretical analysis and simulation experiments are conducted to demonstrate the effectiveness of the proposed algorithms and the accuracy of the designed models. In addition, the models are used as practical and cost-effective tools to pinpoint the performance bottlenecks of SDN and NFV networks under various network conditions