HASFC: a MANO-compliant Framework for Availability Management of Service Chains

Most softwarized telco services are conveniently framed as Service Function Chains (SFCs). Indeed, being structured as a combination of interconnected nodes, service chains may suffer from the single point of failure problem, meaning that an individual node malfunctioning could compromise the whole chain operation. To guarantee "highly available" (HA) levels, service providers are required to introduce redundancy strategies to achieve specific availability demands, where cost constraints have to be taken into account as well. Along these lines we propose HASFC (standing for High Availability SFC), a framework designed to support, through a dedicated REST interface, the MANO infrastructure in deploying SFCs with an optimal availability-cost trade off. Our framework is equipped with: i) an availability model builder aimed to construct probabilistic models of the SFC nodes in terms of failure and repair actions; ii) a chaining and selection module to compose the possible redundant SFCs, and extract the best candidates thereof. Beyond providing architectural details, we demonstrate the functionalities of HASFC through a use case which considers the IP Multimedia Subsystem, an SFC-like structure adopted to manage multimedia contents within 4G and 5G networks

Experimental Review of Neural-Based Approaches for Network Intrusion Management

The use of Machine Learning (ML) techniques in Intrusion Detection Systems (IDS) has taken a prominent role in the network security management field, due to the substantial number of sophisticated attacks that often pass undetected through classic IDSs. These are typically aimed at recognizing attacks based on a specific signature, or at detecting anomalous events. However, deterministic, rule-based methods often fail to differentiate particular (rarer) network conditions (as in peak traffic during specific network situations) from actual cyber attacks. In this article we provide an experimental-based review of neural-based methods applied to intrusion detection issues. Specifically, we i) offer a complete view of the most prominent neural-based techniques relevant to intrusion detection, including deep-based approaches or weightless neural networks, which feature surprising outcomes; ii) evaluate novel datasets (updated w.r.t. the obsolete KDD99 set) through a designed-from-scratch Python-based routine; iii) perform experimental analyses including time complexity and performance (accuracy and F-measure), considering both single-class and multi-class problems, and identifying trade-offs between resource consumption and performance. Our evaluation quantifies the value of neural networks, particularly when state-of-the-art datasets are used to train the models. This leads to interesting guidelines for security managers and computer network practitioners who are looking at the incorporation of neural-based ML into IDS

Hybrid learning strategies for multivariate time series forecasting of network quality metrics

This work addresses the challenge of forecasting temporal metrics that characterize cellular traffic behavior. The ultimate goal is to provide network operators with a valuable tool for modeling mobile network traffic and optimizing connected resources. The idea is to estimate beforehand the temporal evolution of some Quality-of-Experience (QoE) and Quality-of-Service (QoS) metrics, which is helpful for accurately tuning the allocation of network resources. Remarkably, these metrics (expressed as time series) are typically correlated, and changes in one time series can affect others in a variety of ways and to different extents. For example, high network delay (a QoS-related metric) is associated with degradation in voice quality over time (a QoE-related metric). Accordingly, we address the problem of cellular traffic forecasting with correlated time series, proposing three innovative hybrid learning strategies designed by combining the advantages of two approaches: (i) a statistical approach, implemented through the Vector Autoregressive (VAR) model, which encodes each metric as combination of past values of the same metric along with a combination of values of other related metrics, resulting in a multivariate structure; and (ii) an approach based on deep learning techniques (specifically, CNN, LSTM, and GRU) which operate on such a multivariate structure to perform the forecasting. The resulting performance demonstrates the benefits of the proposed hybrid schemes (VAR-CNN, VAR-LSTM, VAR-GRU) over their pure counterparts, with a significant reduction in forecasting errors. The network metrics were gathered in a real urban cellular environment, where the presence of exogenous factors (e.g., interferences, weather conditions, etc.) makes the forecasting assessment particularly challenging

Multivariate Time Series characterization and forecasting of VoIP traffic in real mobile networks

Predicting the behavior of real-time traffic (e.g., VoIP) in mobility scenarios could help the operators to better plan their network infrastructures and to optimize the allocation of resources. Accordingly, in this work the authors propose a forecasting analysis of crucial QoS/QoE descriptors (some of which neglected in the technical literature) of VoIP traffic in a real mobile environment. The problem is formulated in terms of a multivariate time series analysis. Such a formalization allows to discover and model the temporal relationships among various descriptors and to forecast their behaviors for future periods. Techniques such as Vector Autoregressive models and machine learning (deep-based and tree-based) approaches are employed and compared in terms of performance and time complexity, by reframing the multivariate time series problem into a supervised learning one. Moreover, a series of auxiliary analyses (stationarity, orthogonal impulse responses, etc.) are performed to discover the analytical structure of the time series and to provide deep insights about their relationships. The whole theoretical analysis has an experimental counterpart since a set of trials across a real-world LTE-Advanced environment has been performed to collect, post-process and analyze about 600,000 voice packets, organized per flow and differentiated per codec.Comment: 15 page

Availability Analysis of IP Multimedia Subsystem in Cloud Environments

As of today, telecommunication providers are exploiting the possibilities offered by the cloud paradigm to efficiently decouple physical network resources, like hardware equipment, optical interfaces and cables, from offered services, for instance multimedia content delivery and data storage. Among technologies conceived to implement this paradigm, containerization stands out. It can be considered as an evolution of classic virtualization, where software instances called containers are designed to offer specific network functionalities by relying on a separate infrastructure composed of virtual machines and hardware. In line with this new trend, we characterize, from an availability viewpoint, an IP Multimedia Subsystem (IMS) architecture deployed in a containerized environment (dubbed cIMS), which represents a pivotal part of novel network architectures such as 5G. Firstly, we model the availability of cIMS by employing both Reliability Block Diagram (RBD), to capture logical dependencies among cIMS nodes, and Stochastic Reward Networks (SRN), to characterize individually the probabilistic behavior of each node. Then, also supported by an ad-hoc automated procedure, we carry out an experimental assessment of a typical telecommunication network service satisfying a desired availability constraint, whose results are some feasible cIMS configurations that can be deployed

Availability Assessment of IP Multimedia Subsystem in an NFV-based Environment

Network Function Virtualization (NFV) is considered one of the most influencing concepts in modern telecommunication frameworks, since it has the merit of transposing (and adapting) the virtualization paradigms from the computer world to the networking context. An instance of NFV is known as a Virtual Network Function (VNF), and represents a virtualized abstraction of a network element such as a router, a firewall, a load balancer, deployed in a virtualized environment. Actually, complex infrastructures, such as IP Multimedia Subsystem (IMS), a framework in charge of providing advanced multimedia services, can benefit of a virtualized deployment by implementing its constitutive elements as VNFs. The resulting architecture is a vIMS that, in this work, is characterized in terms of availability. More specifically, relying on a failure/repair model of a generic vIMS entity (modeled as a three-layer structure composed of hardware, hypervisor and software), we propose an availability assessment of the whole system by means of Stochastic Reward Networks framework