iTeleScope: Intelligent Video Telemetry and Classification in Real-Time using Software Defined Networking

Video continues to dominate network traffic, yet operators today have poor visibility into the number, duration, and resolutions of the video streams traversing their domain. Current approaches are inaccurate, expensive, or unscalable, as they rely on statistical sampling, middle-box hardware, or packet inspection software. We present {\em iTelescope}, the first intelligent, inexpensive, and scalable SDN-based solution for identifying and classifying video flows in real-time. Our solution is novel in combining dynamic flow rules with telemetry and machine learning, and is built on commodity OpenFlow switches and open-source software. We develop a fully functional system, train it in the lab using multiple machine learning algorithms, and validate its performance to show over 95\% accuracy in identifying and classifying video streams from many providers including Youtube and Netflix. Lastly, we conduct tests to demonstrate its scalability to tens of thousands of concurrent streams, and deploy it live on a campus network serving several hundred real users. Our system gives unprecedented fine-grained real-time visibility of video streaming performance to operators of enterprise and carrier networks at very low cost.Comment: 12 pages, 16 figure

Develop a Cyber Physical Security Platform for Supporting Security Countermeasure for Digital Energy System

The paper develops a cyber physical system (CPS) security platform for supporting security countermeasures for digital energy systems based on real-time simulators. The CPS platform provides functions that trainers or trainees can be able to operate and test their scenarios with a state-of-the-art integrated solution running at a real-time simulator. Those integrated solutions include energy systems simulation software and communication systems simulation/emulation software. The platform provides practical “hand-on-experiences” for participants and they are able to test, monitor and predict behaviors of both systems at the same time. The platform also helps achieve training’s objectives that meet skilled requirements for the future generation in both smart energy systems evaluation and cyber physical security fields. In particular, we present the CPS platform’s architecture and its functionalities. The developed CPS platform has also been validated and tested within different simulated threat cases and systems.©2022 Mike Mekkanen, Tero Vartiainen, Duong Dang. This work is licensed under a Creative Commons Attribution 4.0 International License.fi=vertaisarvioitu|en=peerReviewed

Parallel Modular Scheduler Design for Clos Switches in Optical Data Center Networks

As data centers enter the exascale computing era, the traffic exchanged between internal network nodes, increases exponentially. Optical networking is an attractive solution to deliver the high capacity, low latency, and scalable interconnection needed. Among other switching methods, packet switching is particularly interesting as it can be widely deployed in the network to handle rapidly-changing traffic of arbitrary size. Nanosecond-reconfigurable photonic integrated switch fabrics, built as multi-stage architectures such as the Clos network, are key enablers to scalable packet switching. However, the accompanying control plane needs to also operate on packet timescales. Designing a central scheduler, to control an optical packet switch in nanoseconds, presents a challenge especially as the switch size increases. To this end, we present a highly-parallel, modular scheduler design for Clos switches along with a proposed routing scheme to enable nanosecond scalable scheduling. We synthesize our scheduler as an application-specific integrated circuit (ASIC) and demonstrate scaling to a 256 × 256 size with an ultra-low scheduling delay of only 6.0 ns. In a cycle-accurate rack-scale network emulation, for this switch size, we show a minimum end-to-end latency of 30.8 ns and maintain nanosecond average latency up to 80% of input traffic load. We achieve zero packet loss and short-tailed packet latency distributions for all traffic loads and switch sizes. Our work is compared to state-of-the-art optical switches, in terms of scheduling delay, packet latency, and switch throughput

Control Plane Hardware Design for Optical Packet Switched Data Centre Networks

Optical packet switching for intra-data centre networks is key to addressing traffic requirements. Photonic integration and wavelength division multiplexing (WDM) can overcome bandwidth limits in switching systems. A promising technology to build a nanosecond-reconfigurable photonic-integrated switch, compatible with WDM, is the semiconductor optical amplifier (SOA). SOAs are typically used as gating elements in a broadcast-and-select (B\&S) configuration, to build an optical crossbar switch. For larger-size switching, a three-stage Clos network, based on crossbar nodes, is a viable architecture. However, the design of the switch control plane, is one of the barriers to packet switching; it should run on packet timescales, which becomes increasingly challenging as line rates get higher. The scheduler, used for the allocation of switch paths, limits control clock speed. To this end, the research contribution was the design of highly parallel hardware schedulers for crossbar and Clos network switches. On a field-programmable gate array (FPGA), the minimum scheduler clock period achieved was 5.0~ns and 5.4~ns, for a 32-port crossbar and Clos switch, respectively. By using parallel path allocation modules, one per Clos node, a minimum clock period of 7.0~ns was achieved, for a 256-port switch. For scheduler application-specific integrated circuit (ASIC) synthesis, this reduces to 2.0~ns; a record result enabling scalable packet switching. Furthermore, the control plane was demonstrated experimentally. Moreover, a cycle-accurate network emulator was developed to evaluate switch performance. Results showed a switch saturation throughput at a traffic load 60\% of capacity, with sub-microsecond packet latency, for a 256-port Clos switch, outperforming state-of-the-art optical packet switches

Application of overlay techniques to network monitoring

Measurement and monitoring are important for correct and efficient operation of a network, since these activities provide reliable information and accurate analysis for characterizing and troubleshooting a network’s performance. The focus of network measurement is to measure the volume and types of traffic on a particular network and to record the raw measurement results. The focus of network monitoring is to initiate measurement tasks, collect raw measurement results, and report aggregated outcomes. Network systems are continuously evolving: besides incremental change to accommodate new devices, more drastic changes occur to accommodate new applications, such as overlay-based content delivery networks. As a consequence, a network can experience significant increases in size and significant levels of long-range, coordinated, distributed activity; furthermore, heterogeneous network technologies, services and applications coexist and interact. Reliance upon traditional, point-to-point, ad hoc measurements to manage such networks is becoming increasingly tenuous. In particular, correlated, simultaneous 1-way measurements are needed, as is the ability to access measurement information stored throughout the network of interest. To address these new challenges, this dissertation proposes OverMon, a new paradigm for edge-to-edge network monitoring systems through the application of overlay techniques. Of particular interest, the problem of significant network overheads caused by normal overlay network techniques has been addressed by constructing overlay networks with topology awareness - the network topology information is derived from interior gateway protocol (IGP) traffic, i.e. OSPF traffic, thus eliminating all overlay maintenance network overhead. Through a prototype that uses overlays to initiate measurement tasks and to retrieve measurement results, systematic evaluation has been conducted to demonstrate the feasibility and functionality of OverMon. The measurement results show that OverMon achieves good performance in scalability, flexibility and extensibility, which are important in addressing the new challenges arising from network system evolution. This work, therefore, contributes an innovative approach of applying overly techniques to solve realistic network monitoring problems, and provides valuable first hand experience in building and evaluating such a distributed system

Improving multipath routing of TCP flows by network exploration

Ethernet switched networks are widely used in enterprise and data center networks. However, they have some drawbacks, mainly that, to prevent loops, they cannot take advantage of multipath topologies to balance traffic. Several multipath routing proposals use link-state protocols and Equal Cost Multi-Path routing (ECMP) to distribute the load over multiple paths. But, these proposals are complex and prone to flow collisions that may degrade performance. This paper studies TCP-Path, a protocol that employs a different approach. It uses a distributed network exploration mechanism based on broadcasting the TCPSYN packet to identify and select the fastest available path to the destination host, on the fly. Our evaluation shows that it improves on ECMP by up to 70% in terms of throughput for elephant flows and by up to 60% in terms of flow completion time for mouse flows. Indeed, network exploration offers a better, yet simple alternative to ECMP-based solutions for multipath topologies. In addition, we also study TCP-Path for elephant flows (TFE), which restricts TCP-Path application to elephant flows to reduce the exploration broadcast overhead and the size of forwarding tables, thus improving its scalability. Although elephant flows represent a small fraction (about 5%) of total flows, they have a major impact on overall performance, as we show in our evaluation. TFE reduces both the overhead incurred during path setup and the size of the forwarding tables by a factor of almost 20. Moreover, it achieves results close to those obtained by TCPPath for elephant flows, especially when working with high loads, and yields significant improvements for all types of flow at medium and high load levels.Comunidad de MadridUniversidad de Alcal