Security Features in a Hybrid Software-Defined Network

The paper presents a novel paradigm of software-defined network that is significantly different from previous traditional networks and enables new opportunities in the architecture and implementation of security solutions. The analysis of network environments will compare traditional networks and software-defined networks and emphasize significant differences. A survey of the existing research includes vector attacks and troubleshooting using the capabilities of SDN with an emphasis on access control, detection, and prevention of attacks. This paper uses previous research and results to obtain information that will be used in improving critical system network protection and compares it with the existing conventional approach as well as implements it through a hybrid software-defined network

Dynamic Server Selection by Using a Client Side Composite DNS-Metric

Dynamic Server Selection (DSS) is a new DNS method for the optimal server selection of a multiple available network service. The method allows dynamic selection of a server on the client side based on the information of the server load and its network topological distance from the client. The server selection is based on the calculations of a composite DNS-metric in which servers, whose IP addresses are sent in a DNS response, are ranked from the optimal to the least suitable. Calculation parameters are server response time, which the client measures for each server independently, and the server load, which is specified by the server administrator. The DSS method has the lowest overall network service response time in comparison with the other four observed methods (Geographical, Hops, Random and RTT) which, in measurements done in a real time environment, have longer response time from 8.5% to 26.8% compared to DSS

Implementation of basic QoS mechanisms on videoconferencing network model

Ovo istraživanje je posljedica višegodišnjeg korištenja videokonferencijske veze te pojave raznih problema koji prate istu. Kašnjenje slike i zvuka, pucanje veze, prekid slike ili zvuka samo su neki od razloga zbog kojih je nastao ovaj rad. U ovom radu pokušava se primjenom mehanizama kvalitete usluge na modelu CARNet-ove mreže poboljšati kvaliteta videokonferencijske veze. Na osnovu dobivenih rezultata simulacije videokonferencijske veze prikazani su grafovi ispuštanja paketa, kašnjenja te ostalih parametara bitnih za videokonferencijsku vezu.This research is the outcome of multiannual use of videoconferencing services and the emersion of various problems that come with videoconferencing applications. Video and audio delay, dropped connection, missing audio or video, are just some of the reasons for creating this paper. In this article quality of videoconferencing link in CARNet network is improved by implementing various QoS mechanisms. The obtained results of the videoconferencing simulation are represented in graphs which display dropped packets, delay and other videoconferencing parameters

Measurement Procedure for Commercial Loss Reduction in a Distribution Power System

Total power losses in a power system consist of technical losses and commercial losses. Commercial losses are 30-40 % of total losses and appear as a result of unreliable measurement devices for electricity registering and wilful unauthorised consumption of electricity. It is almost impossible to find illegal connections in a distribution power system due to hidden main power cables in the house walls or underground. A proposed and elaborated measurement procedure based on time domain reflectometer successfully solves the problem described

Application and Upgrading of On-line Monitoring System for Measurement and Processing of Electric Signals at Arc Stud Welding Process

As the application of on-line monitoring system is shown to be a good solution during monitoring of main welding parameters at different welding processes, this paper describes application and upgrading of an on-line monitoring system developed at the Mechanical Engineering Faculty in Slavonski Brod. The experiment described in the paper shows application of an on-line monitoring system during welding of two types of studs with application of activating flux for ATIG process (VS-2E) on the base metal surface. Monitoring of the main welding parameters (welding current and voltage) was conducted during welding of studs usually used in steam boiler production (stud diameter: 10 mm), and welding voltage was monitored on the studs (shear stud) of 22 mm diameters used in bridge construction. The goal of monitoring and analysis of main welding parameters is to evaluate the connection of electric arc parameters variations with the presence of an activating flux

Parallel Redundancy System for Critical Conditions Monitoring and Alerting

Monitoring critical conditions is of outmost importance in any system for achieving long life and stability. In this process, various parameters can be classified as critical and their values must be kept within a bounded interval by means of monitoring and acting upon a change in the value. A practical example of critical conditions monitoring is temperature monitoring in data centers (server rooms) where the temperature value must be kept below a certain threshold in order to achieve long life and stability of equipment. This paper presents a system designed for monitoring temperatures and alerting of their critical values is proposed - PRSMA. With a parallel redundancy feature that guarantees high reliability of the proposed solution, this approach achieves timely alerting upon critical condition, real-time supervision of temperature values and forecasting of critical conditions. The redundancy aspect is realized by using a mobile operator link alongside with the Internet-based landline connection to a cloud-based service – the Internet of Things concept. The proposed architecture is tested in laboratory conditions and the advantages of this approach are shown through measurement and testing

Bolja spektralna iskoristivost linka za višestruke kapacitete koji pokazuju prometnu međuovisnost

Network providers need very effective optimization tool for good utilization of scarce link capacities during exploitation. In the case of multiple link capacities with mutual traffic correlation such problem could be more demanding. The sizing problem is explained for satellite link, but it could be applicable for other transmission resources. Dimensioning of getaway link (G-link) can be realized only by new constructions (new channel equipment) on the Earth side. Mathematical model for optimal capacity sizing of N different link elements (capacity types) is explained, minimizing the total cost (expansion, conversion and maintenance). Instead of nonlinear convex optimization technique, that could be very exhausting, the network optimization method is applied. With such approach an efficient heuristic algorithm for three different capacity types is being developed. Through numerical test-examples this approach shows the significant complexity savings, but giving us very close to optimal result. However, in real circumstances some adding limitations on capacity state values have to be introduced. In comparison to other options it is obvious that heuristic option M_H (with only one negative value per capacity state) shows the best ratio between complexity reduction and result deterioration.Mrežni operateri nužno trebaju vrlo efikasan optimizacijski alat za učinkovito iskorištenje oskudnih kapaciteta na prijenosnim linkovima kroz određeno eksploatacijsko razdoblje. U slučaju višestrukih kapaciteta, a koji pokazuju prometnu međuovisnost, takav problem postaje još složeniji. Članak se koncentrira na probleme satelitskog linka, ali je primjenjiv i za neke druge prijenosne kapacitete. Proširenje G-linka može se ostvariti samo uvođenjem nove kanalske opreme na Zemlji. U radu je prikazan matematički model za optimalno dimenzioniranje linka sa N različitih kapacitivnih elemenata, s ciljem minimiziranja troškova ekspanzije, konverzije i održavanja kanalske opreme. Umjesto nelinearnog konveksnog programiranja, a koje može biti vrlo iscrpljujuće, primjenjuje se metoda mrežne optimizacije. Potom je razvijen i testiran heuristički algoritam za tri vrste kapaciteta. Algoritam pokazuje visoku učinkovitost, a nerijetko postiže i najbolji mogući rezultat, pri čemu se značajno smanjuje složenost. Ipak u realnim uvjetima uvode se dodatna ograničenja na vrijednosti kapacitivnih točaka, pa govorimo o algoritamskim varijantama. Algoritamska varijanta M_H (samo jedna negativna vrijednost po kapacitivnoj točki) pokazuje najbolji odnos između kompleksnosti algoritma i odstupanja od najboljeg mogućeg rezultata, odnosno pogrješke

Optimizacija modela LAN/MAN mreže temeljena na eksperimentalnim mjerenjima

MAN design includes elements of LAN and WAN design. A model of MAN design presented in this paper describes a methodological approach to MAN modeling and necessity for single link optimization and link system optimization in case of common communication link sharing. MAN optimization methods are presented using experimental MAN made in IEEE 802.11g technology and a point-to-multipoint operation mode where wireless links share a common communication medium. Results of measurements confirm the influence of communication media sharing as well as the size and the number of packets and a hierarchical MAN network model on MAN throughput.Dizajn MAN-a uključuje elemente LAN i WAN mreža. Model dizajna MAN-a predstavljen ovim radom opisuje metodološki pristup modeliranju MAN-a i potrebu za optimizacijom pojedinačnog linka kao i sustava poveznica u slučaju dijeljenja zajedničkog komunikacijskog medija. Metode optimizacije MAN-a predstavljene su na primjeru eksperimentalne MAN mreže izgrađene IEEE 802.11g tehnologijom u načinu rada točka-više točaka u kojemu bežične poveznice dijele zajednički komunikacijski medij. Rezultati mjerenja potvrđuju utjecaj dijeljenja zajedničkog komunikacijskog medija, veličine i broja paketa te hijerarhijskog modela mreže na propusnost MAN-a

Parallel Redundancy System for Critical Conditions Monitoring and Alerting

Monitoring critical conditions is of outmost importance in any system for achieving long life and stability. In this process, various parameters can be classified as critical and their values must be kept within a bounded interval by means of monitoring and acting upon a change in the value. A practical example of critical conditions monitoring is temperature monitoring in data centers (server rooms) where the temperature value must be kept below a certain threshold in order to achieve long life and stability of equipment. This paper presents a system designed for monitoring temperatures and alerting of their critical values is proposed - PRSMA. With a parallel redundancy feature that guarantees high reliability of the proposed solution, this approach achieves timely alerting upon critical condition, real-time supervision of temperature values and forecasting of critical conditions. The redundancy aspect is realized by using a mobile operator link alongside with the Internet-based landline connection to a cloud-based service – the Internet of Things concept. The proposed architecture is tested in laboratory conditions and the advantages of this approach are shown through measurement and testing

Application of PSVR-DNS Algorithm for Attacker Detection and Isolation

The DNS (Domain Name System) is used to map and convert human-friendly domain names to the numeric IP (Internet Protocol) addresses. As with the operation of any communication system, there are some security risks associated with the operation of DNS. Actions targeting the availability or stability of a network\u27s DNS service are considered DNS attack. For example, a high volume of traffic and a large number of requests coming to DNS servers are part of a type of DoS (Denial of Service) attack that uses DNS for amplification. Although most DNS servers are open source, some commercial protective DNS services are available for network traffic control, filtering and automatic blocking of requests to undesirable, dangerous or malicious internet domains, but the price of such services is high. In this paper, a new PSVR-DNS (Probability Support Vector Regression-Domain Name System) algorithm is proposed for the purpose of detecting and isolating attackers who pose a threat to an uninterrupted work of the DNS servers. The main focus is on the prevention of the DNS cache poisoning. The collected results showed that the proposed PSVR-DNS algorithm achieves better performance related to faster detection and isolation of attacks compared to some existing algorithms