A framework for SFC integrity in NFV environments

Part 6: Ph.D. Track: Methods for the Protection of Infrastructure and ServicesInternational audienceIndustry and academia have increased the deployment of Network Functions Virtualization (NFV) on their environments, either for reducing expenditures or taking advantage of NFV flexibility for service provisioning. In NFV, Service Function Chainings (SFC) composed of Virtualized Network Functions (VNF) are defined to deliver services to different customers. Despite the advancements in SFC composition for service provisioning, there is still a lack of proposals for ensuring the integrity of NFV service delivery, i.e., detecting anomalies in SFC operation. Such anomalies could indicate a series of different threats, such as DDoS attacks, information leakage, and unauthorized access. In this PhD, we propose a framework composed of an SFC Integrity Module (SIM) for the standard NFV architecture, providing the integration of anomaly detection mechanisms to NFV orchestrators. We present recent results of this PhD regarding the implementation of an entropy-based anomaly detection mechanism using the SIM framework. The results presented in this paper are based on the execution of the proposed mechanism using a realistic SFC data set

An SDN-based framework for slice orchestration using in-band network telemetry in IEEE 802.11

The fifth generation of mobile networks (5G) and the Software-Defined Radio Access Networks (SD-RAN) architecture envision to support lower latency, enhanced reliability, massive connectivity, and improved energy efficiency. In this context, low latency is considered crucial and Ultra-Reliable Low Latency Communication (URLLC) as one of the key enablers. Currently, IEEE 802.11 networks cannot be programmed fine-grained enough nor manage multiple networks at runtime. Besides, in such scenarios, the coarse-grained level of monitoring information has been hindering troubleshooting and management. In this paper, we present an SDN-based framework where fine-grained End-to-End (E2E) network statistics can be gathered using In-band Network Telemetry (INT) and used for network control and management. With such fine-grained network information, we show how our system can enhance the Quality of Service (QoS) delivery through slice orchestration in IEEE 802.11 Radio Access Networks (RANs)

Airtime-based resource allocation modeling for network slicing in IEEE 802.11 RANs

In this letter, we propose an airtime-based Resource Allocation (RA) model for network slicing in IEEE 802.11 Radio Access Networks (RANs). We formulate this problem as a Quadratically Constrained Quadratic Program (QCQP), where the overall queueing delay of the system is minimized while strict Ultra-Reliable Low Latency Communication (URLLC) constraints are respected. We evaluated our model using three different solvers where the optimal and feasible sets of airtime configurations were computed. We also validated our model with experimentation in real hardware. Our results show that the solution time for computing optimal and feasible configurations vary according to the slice's demand distribution and the number of slices to be allocated. Our findings support the need for precise RA over IEEE 802.11 RANs and present the limitations of performing such optimizations at runtime