BIDS: Bio-Inspired, Collaborative Intrusion Detection for Software Defined Networks

With network attacks becoming more sophisticated and unpredictable, detecting their onset and mitigating their effects in an automated manner become increasingly challenging. Lightweight and agile detection mechanisms that are able to detect zero-day attacks are in great need. High true-negative rate and low false-positive rate are the most important indicators for a intrusion detection system. In this paper, we exploit the logically-centralised view of Software-Defined Networking (SDN) to increase true-negative rate and lower false-positive rate in a intrusion detection system based on the Artificial Immune System (AIS). We propose the use of an antibody fuser in the controller to merge and fuse the mature antibody sets trained in the individual switches and turn the real intrusion records each switch has seen into antibodies. Our results show that both the false-positive rate and true-negative rate experience significant improvement with the number of local antibody sets fused grows, consuming less cpu usage overhead. A peak improvement can reach over 80% when antibody sets from all switches are taken into consideration

Ontology-driven knowledge based autonomic management for telecommunication networks : theory, implementation, and applications

Current telecommunication networks are heterogeneous, with devices manufactured by different vendors, operating on di↵erent protocols, and recorded by databases with different schemas. This heterogeneity has resulted in current network managements system becoming enormously complicated and often relying on human intervention. Knowledge based network management, which relies on a universally accepted knowledge base of the network, has been discussed extensively as a promising solution for autonomic network management. To build an autonomic network management system, a universally-shared and machine interpretable knowledge base is required which describes the resources inside the telecommunication system. Semantic web technologies, especially ontologies, have been used for many years in building autonomic knowledge based systems in Artificial Intelligence. There is a pressing need for a standard ontology to enable technology agnostic, autonomic control in telecommunication networks. Network clients need to describe the resource they require, while resource providers need to describe the resource they can provide. With semantic technologies, the data inside complex hybrid networks can be treated as a distributed knowledge graph, where an SQL-like language – SPARQL is ready to search, locate, and configure a node or link of the network. The goal of this thesis is two-fold. The first goal is to build a formal, machine interpretable information model for the current heterogeneous networks. Thus, we propose an ontology, describing resources inside the hybrid telecommunication networks with different technology domains. This ontology follows the Device-Interface-Link pattern, which we identified during the modelling process for networks within different technology domains. The second goal is to develop a system that can use this ontology to build a knowledge base automatically and enable autonomic reasoning over it. We develop a Semantic Enabled Autonomic management system of software defined NETworks (SEANET), a lightweight, plug-and-play, technology-independent solution for knowledge-based autonomic network management that uses the proposed ontology. SEANET abstracts details of network management into a formally defined knowledge graph augmented by inference rules. SEANET’s architecture consists of three components: a knowledge base generator, a SPARQL engine, and an open API. With the open API developed, SEANET enables users without knowledge of Semantic Web or telecommunication networks to develop semantic-intelligent applications on their production networks. Use cases of the proposed ontology and system are demonstrated in the thesis, ranging from network management task and social applications

SeaNet -- Towards A Knowledge Graph Based Autonomic Management of Software Defined Networks

Automatic network management driven by Artificial Intelligent technologies has been heatedly discussed over decades. However, current reports mainly focus on theoretic proposals and architecture designs, works on practical implementations on real-life networks are yet to appear. This paper proposes our effort toward the implementation of knowledge graph driven approach for autonomic network management in software defined networks (SDNs), termed as SeaNet. Driven by the ToCo ontology, SeaNet is reprogrammed based on Mininet (a SDN emulator). It consists three core components, a knowledge graph generator, a SPARQL engine, and a network management API. The knowledge graph generator represents the knowledge in the telecommunication network management tasks into formally represented ontology driven model. Expert experience and network management rules can be formalized into knowledge graph and by automatically inferenced by SPARQL engine, Network management API is able to packet technology-specific details and expose technology-independent interfaces to users. The Experiments are carried out to evaluate proposed work by comparing with a commercial SDN controller Ryu implemented by the same language Python. The evaluation results show that SeaNet is considerably faster in most circumstances than Ryu and the SeaNet code is significantly more compact. Benefit from RDF reasoning, SeaNet is able to achieve O(1) time complexity on different scales of the knowledge graph while the traditional database can achieve O(nlogn) at its best. With the developed network management API, SeaNet enables researchers to develop semantic-intelligent applications on their own SDNs

A prediction-based model for consistent adaptive routing in back-bone networks at extreme situations

To reduce congestion, numerous routing solutions have been proposed for backbone networks, but how to select paths that stay consistently optimal for a long time in extremely congested situations, avoiding the unnecessary path reroutings, has not yet been investigated much. To solve that issue, a model that can measure the consistency of path latency difference is needed. In this paper, we make a humble step towards a consistent differential path latency model and by predicting base on that model, a metric Path Swap Indicator (PSI) is proposed. By learning the history latency of all optional paths, PSI is able to predict the onset of an obvious and steady channel deterioration and make the decision to switch paths. The effect of PSI is evaluated from the following aspects: (1) the consistency of the path selected, by measuring the time interval between PSI changes; (2) the accuracy of the channel congestion situation prediction; and (3) the improvement of the congestion situation. Experiments were carried out on a testbed using real-life Abilene traffic datasets collected at different times and locations. Results show that the proposed PSI can stay consistent for over 1000 s on average, and more than 3000 s at the longest in our experiment, while at the same time achieving a congestion situation improvement of more than 300% on average, and more than 200% at the least. It is evident that the proposed PSI metric is able to provide a consistent channel congestion prediction with satisfiable channel improvement at the same time. The results also demonstrate how different parameter values impact the result, both in terms of prediction consistency and the congestion improvement

SARA – A Semantic Access Point Resource Allocation Service for Heterogenous Wireless Networks

In this paper, we present SARA, a Semantic Access point Resource Allocation service for heterogenous wireless networks with various wireless access technologies existing together. By automatically reasoning on the knowledge base of the full system provided by a knowledge based autonomic network management system - SEANET, SARA selects the access point providing the best quality of service among the different access technologies. Based on an ontology assisted knowledge based system SEANET, SARA can also adapt the access point selection strategy according to customer defined rules automatically. Results of our evaluation based on emulated networks with hybrid access technologies and various scales show that SARA is able to improve the channel condition, in terms of throughput, evidently. Comparisons with current AP selection algorithms demonstrate that SARA outperforms the existing AP selection algorithms. The overhead in terms of time expense is reasonable and is shown to be faster than traditional access point selection approaches

Mitochondrial Protein PINK1 Positively Regulates RLR Signaling

The serine/threonine kinase phosphatase and tensin homolog (PTEN)-induced putative kinase 1(PINK1) controls mitochondrial quality and plays a vital role in the pathogenesis of early-onset Parkinson's disease. However, whether PINK1 has functions in innate antiviral immunity is largely unknown. Here, we report that viral infection down regulates PINK1 expression in macrophages. PINK1 knockdown results in decreased cytokine production and attenuated IRF3 and NF-κB activation upon viral infection. PINK1 promotes the retinoic-acid-inducible gene I (RIG-I)-like receptors (RLR)-triggered immune responses in a kinase domain-dependent manner. Furthermore, PINK1 associates with TRAF3 via the kinase domain and inhibits Parkin-mediated TRAF3 K48-linked proteasomal degradation. In addition, PINK1 interacts with Yes-associated protein 1 (YAP1) upon viral infection and impairs YAP1/IRF3 complex formation. Collectively, our results demonstrate that PINK1 positively regulates RIG-I triggered innate immune responses by inhibiting TRAF3 degradation and relieving YAP-mediated inhibition of the cellular antiviral response