20 research outputs found
D-STREAMON: from middlebox to distributed NFV framework for network monitoring
Many reasons make NFV an attractive paradigm for IT security: lowers costs,
agile operations and better isolation as well as fast security updates,
improved incident responses and better level of automation. On the other side,
the network threats tend to be increasingly complex and distributed, implying
huge traffic scale to be monitored and increasingly strict mitigation delay
requirements. Considering the current trend of the net- working and the
requirements to counteract to the evolution of cyber-threats, it is expected
that also network monitoring will move towards NFV based solutions. In this
paper, we present D- StreaMon an NFV-capable distributed framework for network
monitoring realized to face the above described challenges. It relies on the
StreaMon platform, a solution for network monitoring originally designed for
traditional middleboxes. An evolution path which migrates StreaMon from
middleboxes to Virtual Network Functions (VNFs) has been realized.Comment: Short paper at IEEE LANMAN 2017. arXiv admin note: text overlap with
arXiv:1608.0137
Impact of caries and dental fluorosis on oral health-related quality of life: a cross-sectional study in schoolchildren receiving water naturally fluoridated at above-optimal levels
Purpose
The purpose of this study was to evaluate the impact of caries and fluorosis on oral health-related quality of life (OHRQoL) among schoolchildren living in areas with high concentrations of fluoride in water.
Methods
Five hundred and twenty-four schoolchildren (8–12 year olds) residing in rural communities in central Mexico were examined for oral hygiene, caries (International Caries Detection and Assessment System, ICDAS II), and fluorosis (Thylstrup and Fejerskov Index, TFI). OHRQoL was evaluated with the Child Perceptions Questionnaire for two age groups (CPQ8–10 and CPQ11–14). Generalized structural equation models were constructed for data analysis.
Results
Overall prevalence of caries was 88.5% and fluorosis 46.9%. In the group of 8–10 year olds, 48% of the children had advanced carious lesions in primary or permanent teeth (ICDAS ≥4), 22.6% had moderate/severe fluorosis, and 59.9% of children had an impact on OHRQoL. Schoolchildren with ICDAS ≥4 were more likely [OR = 1.75, (95% CI 1.34–2.28)] to suffer a negative impact on OHRQoL. In the group of 11–12 year olds, 19.9% of children had advanced carious lesions and 23.2% showed moderate/severe fluorosis; 67.3% of children reported had an impact on OHRQoL. Children 11–12 year olds with fluorosis (TFI ≥4) [OR = 2.39 (95% CI 2.12–2.69)], caries (ICDAS ≥4) [OR = 2.18 (95% CI 2.13–2.24)], and low brushing frequency [OR = 2.04 (95% CI 1.21–3.44)] were more likely to have deterioration on OHRQoL.
Conclusion
A negative impact on OHRQoL was observed in children with caries and fluorosis
LOcAl DEcisions on Replicated States (LOADER) in programmable data planes: programming abstraction and experimental evaluation
Programmable data planes recently emerged as a prominent innovation in
Software Defined Networking (SDN), by permitting support of stateful flow
processing functions over hardware network switches specifically designed for
network processing. Unlike early SDN solutions such as OpenFlow, modern
stateful data planes permit to keep (and dynamically update) local per-flow
states inside network switches, thus dramatically improving reactiveness of
network applications to state changes. Still, also in stateful data planes, the
control and update of non-local states is assumed to be completely delegated to
a centralized controller and thus accessed only at the price of extra delay.
Our LOADER proposal aims at contrasting the apparent dichotomy between local
states and global states. We do so by introducing a new possibility: permit to
take localized (in-switch) decisions not only on local states but also on
replicated global states, thus providing support for network-wide applications
without incurring the drawbacks of classical approaches. To this purpose, i) we
provide high-level programming abstractions devised to define the states and
the update logic of a generic network-wide application, and ii) we detail the
underlying low level state management and replication mechanisms. We then show
LOADER's independence of the stateful data plane technology employed, by
implementing it over two distinct stateful data planes (P4 switches and OPP -
Open Packet Processor - switches), and by experimentally validating both
implementations in an emulated testbed using a simple distributed
Deny-of-Service (DoS) detection application
Per-application Mobility Management: Performance Evaluation of the UPMT Solution
Abstract — In this paper, we provide the performance evaluation of the UPMT (Universal Per-application Mobility management using Tunnels) solution. UPMT offers per-application mobility management, i.e. the capability of separately taking handover decisions for each application. UPMT supports legacy applications, private IP addressing/NATs and it is an overlay solution that does not require the access network to offer any specific support. We have implemented UPMT under Linux OS and made it available under the GPL Open Source license
Hyperion: A Case for Unified, Self-Hosting, Zero-CPU Data-Processing Units (DPUs)
Since the inception of computing, we have been reliant on CPU-powered architectures. However, today this reliance is challenged by manufacturing limitations (CMOS scaling), performance expectations (stalled clocks, Turing tax), and security concerns (microarchitectural attacks). To re-imagine our computing architecture, in this work we take a more radical but pragmatic approach and propose to eliminate the CPU with its design baggage, and integrate three primary pillars of computing, i.e., networking, storage, and computing, into a single, self-hosting, unified CPU-free Data Processing Unit (DPU) called Hyperion. In this paper, we present the case for Hyperion, its design choices, initial work-in-progress details, and seek feedback from the systems community