This white paper explores three popular development methodologies for network softwarization: DevOps, NetOps, and Verification. The paper compares and contrasts the strengths and weaknesses of each approach and provid...This white paper explores three popular development methodologies for network softwarization: DevOps, NetOps, and Verification. The paper compares and contrasts the strengths and weaknesses of each approach and provides recommendations for organizations looking to adopt network softwarization.展开更多
Software-defined networking(SDN)is an innovative paradigm that separates the control and data planes,introducing centralized network control.SDN is increasingly being adopted by Carrier Grade networks,offering enhance...Software-defined networking(SDN)is an innovative paradigm that separates the control and data planes,introducing centralized network control.SDN is increasingly being adopted by Carrier Grade networks,offering enhanced networkmanagement capabilities than those of traditional networks.However,because SDN is designed to ensure high-level service availability,it faces additional challenges.One of themost critical challenges is ensuring efficient detection and recovery from link failures in the data plane.Such failures can significantly impact network performance and lead to service outages,making resiliency a key concern for the effective adoption of SDN.Since the recovery process is intrinsically dependent on timely failure detection,this research surveys and analyzes the current literature on both failure detection and recovery approaches in SDN.The survey provides a critical comparison of existing failure detection techniques,highlighting their advantages and disadvantages.Additionally,it examines the current failure recovery methods,categorized as either restoration-based or protection-based,and offers a comprehensive comparison of their strengths and limitations.Lastly,future research challenges and directions are discussed to address the shortcomings of existing failure recovery methods.展开更多
Link failure is a critical issue in large networks and must be effectively addressed.In software-defined networks(SDN),link failure recovery schemes can be categorized into proactive and reactive approaches.Reactive s...Link failure is a critical issue in large networks and must be effectively addressed.In software-defined networks(SDN),link failure recovery schemes can be categorized into proactive and reactive approaches.Reactive schemes have longer recovery times while proactive schemes provide faster recovery but overwhelm the memory of switches by flow entries.As SDN adoption grows,ensuring efficient recovery from link failures in the data plane becomes crucial.In particular,data center networks(DCNs)demand rapid recovery times and efficient resource utilization to meet carrier-grade requirements.This paper proposes an efficient Decentralized Failure Recovery(DFR)model for SDNs,meeting recovery time requirements and optimizing switch memory resource consumption.The DFR model enables switches to autonomously reroute traffic upon link failures without involving the controller,achieving fast recovery times while minimizing memory usage.DFR employs the Fast Failover Group in the OpenFlow standard for local recovery without requiring controller communication and utilizes the k-shortest path algorithm to proactively install backup paths,allowing immediate local recovery without controller intervention and enhancing overall network stability and scalability.DFR employs flow entry aggregation techniques to reduce switch memory usage.Instead of matching flow entries to the destination host’s MAC address,DFR matches packets to the destination switch’s MAC address.This reduces the switches’Ternary Content-Addressable Memory(TCAM)consumption.Additionally,DFR modifies Address Resolution Protocol(ARP)replies to provide source hosts with the destination switch’s MAC address,facilitating flow entry aggregation without affecting normal network operations.The performance of DFR is evaluated through the network emulator Mininet 2.3.1 and Ryu 3.1 as SDN controller.For different number of active flows,number of hosts per edge switch,and different network sizes,the proposed model outperformed various failure recovery models:restoration-based,protection by flow entries,protection by group entries and protection by Vlan-tagging model in terms of recovery time,switch memory consumption and controller overhead which represented the number of flow entry updates to recover from the failure.Experimental results demonstrate that DFR achieves recovery times under 20 milliseconds,satisfying carrier-grade requirements for rapid failure recovery.Additionally,DFR reduces switch memory usage by up to 95%compared to traditional protection methods and minimizes controller load by eliminating the need for controller intervention during failure recovery.Theresults underscore the efficiency and scalability of the DFR model,making it a practical solution for enhancing network resilience in SDN environments.展开更多
Software systems play increasing important roles in modern society,and the ability against attacks is of great practical importance to crucial software systems,resulting in that the structure and robustness of softwar...Software systems play increasing important roles in modern society,and the ability against attacks is of great practical importance to crucial software systems,resulting in that the structure and robustness of software systems have attracted a tremendous amount of interest in recent years.In this paper,based on the source code of Tar and MySQL,we propose an approach to generate coupled software networks and construct three kinds of directed software networks:The function call network,the weakly coupled network and the strongly coupled network.The structural properties of these complex networks are extensively investigated.It is found that the average influence and the average dependence for all functions are the same.Moreover,eight attacking strategies and two robustness indicators(the weakly connected indicator and the strongly connected indicator)are introduced to analyze the robustness of software networks.This shows that the strongly coupled network is just a weakly connected network rather than a strongly connected one.For MySQL,high in-degree strategy outperforms other attacking strategies when the weakly connected indicator is used.On the other hand,high out-degree strategy is a good choice when the strongly connected indicator is adopted.This work will highlight a better understanding of the structure and robustness of software networks.展开更多
In order to improve the scalability and reliability of Software Defined Networking(SDN),many studies use multiple controllers to constitute logically centralized control plane to provide load balancing and fail over.I...In order to improve the scalability and reliability of Software Defined Networking(SDN),many studies use multiple controllers to constitute logically centralized control plane to provide load balancing and fail over.In this paper,we develop a flexible dormant multi-controller model based on the centralized multi-controller architecture.The dormant multi-controller model allows part of controllers to enter the dormant state under light traffic condition for saving system cost.Meanwhile,through queueing analysis,various performance measures of the system can be obtained.Moreover,we analyze the real traffic of China Education Network and use the results as the parameters of computer simulation and verify the effects of parameters on the system characteristics.Finally,a total expected cost function is established,and genetic algorithm is employed to find the optimal values of various parameters to minimize system cost for the deployment decision making.展开更多
The Internet of Vehicles(IoV)has been widely researched in recent years,and cloud computing has been one of the key technologies in the IoV.Although cloud computing provides high performance compute,storage and networ...The Internet of Vehicles(IoV)has been widely researched in recent years,and cloud computing has been one of the key technologies in the IoV.Although cloud computing provides high performance compute,storage and networking services,the IoV still suffers with high processing latency,less mobility support and location awareness.In this paper,we integrate fog computing and software defined networking(SDN) to address those problems.Fog computing extends computing and storing to the edge of the network,which could decrease latency remarkably in addition to enable mobility support and location awareness.Meanwhile,SDN provides flexible centralized control and global knowledge to the network.In order to apply the software defined cloud/fog networking(SDCFN) architecture in the IoV effectively,we propose a novel SDN-based modified constrained optimization particle swarm optimization(MPSO-CO) algorithm which uses the reverse of the flight of mutation particles and linear decrease inertia weight to enhance the performance of constrained optimization particle swarm optimization(PSO-CO).The simulation results indicate that the SDN-based MPSO-CO algorithm could effectively decrease the latency and improve the quality of service(QoS) in the SDCFN architecture.展开更多
Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an improved detecting method has been proposed. The basic idea of this method originates from advanced persistent threat (APT) atta...Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an improved detecting method has been proposed. The basic idea of this method originates from advanced persistent threat (APT) attack intents: besides dealing with damaging or destroying facilities, the more essential purpose of APT attacks is to gather confidential data from target hosts by planting Trojans. Inspired by this idea and some in-depth analyses on recently happened APT attacks, five typical communication characteristics are adopted to describe application’s network behavior, with which a fine-grained classifier based on Decision Tree and Na ve Bayes is modeled. Finally, with the training of supervised machine learning approaches, the classification detection method is implemented. Compared with general methods, this method is capable of enhancing the detection and awareness capability of unknown Trojans with less resource consumption.展开更多
Several software network models are constructed based on the relationships between classes in the object-oriented software systems.Then,a variety of well-known open source software applications are statistically analy...Several software network models are constructed based on the relationships between classes in the object-oriented software systems.Then,a variety of well-known open source software applications are statistically analyzed by using these models.The results show that: (1) Dependency network does play a key role in software architecture;(2) The exponents of in-degree and total-degree distribution functions of different networks differ slightly,while the exponent of out-degree varies obviously;(3) Weak-coupling relationships have greater impact on software architecture than strong-coupling relationships.Finally,a theoretically analysis on these statistical phenomena is proposed from the perspectives of software develop technology,develop process and developer’s habits,respectively.展开更多
Satellite communication networks have been evolving from standalone networks with ad-hoc infrastructures to possibly interconnected portions of a wider Future Internet architecture. Experts belonging to the fifth-gene...Satellite communication networks have been evolving from standalone networks with ad-hoc infrastructures to possibly interconnected portions of a wider Future Internet architecture. Experts belonging to the fifth-generation(5 G) standardization committees are considering satellites as a technology to integrate in the 5 G environment. Software Defined Networking(SDN) is one of the paradigms of the next generation of mobile and fixed communications. It can be employed to perform different control functionalities, such as routing, because it allows traffic flow identification based on different parameters and traffic flow management in a centralized way. A centralized set of controllers makes the decisions and sends the corresponding forwarding rules for each traffic flow to the involved intermediate nodes that practically forward data up to the destination. The time to perform this process in integrated terrestrial-satellite networks could be not negligible due to satellite link delays. The aim of this paper is to introduce an SDN-based terrestrial satellite network architecture and to estimate the mean time to deliver the data of a new traffic flow from the source to the destination including the time required to transfer SDN control actions. The practical effect is to identify the maximum performance than can be expected.展开更多
In recent years,satellite networks have been proposed as an essential part of next-generation mobile communication systems.Software defined networking techniques are introduced in satellite networks to handle the grow...In recent years,satellite networks have been proposed as an essential part of next-generation mobile communication systems.Software defined networking techniques are introduced in satellite networks to handle the growing challenges induced by time-varying topology,intermittent inter-satellite link and dramatically increased satellite constellation size.This survey covers the latest progress of software defined satellite networks,including key techniques,existing solutions,challenges,opportunities,and simulation tools.To the best of our knowledge,this paper is the most comprehensive survey that covers the latest progress of software defined satellite networks.An open GitHub repository is further created where the latest papers on this topic will be tracked and updated periodically.Compared with these existing surveys,this survey contributes from three aspects:(1)an up-to-date SDN-oriented review for the latest progress of key techniques and solutions in software defined satellite networks;(2)an inspiring summary of existing challenges,new research opportunities and publicly available simulation tools for follow-up studies;(3)an effort of building a public repository to track new results.展开更多
The data traffic that is accumulated at the Macro Base Station(MBS)keeps on increasing as almost all the people start using mobile phones.The MBS cannot accommodate all user’s demands,and attempts to offload some use...The data traffic that is accumulated at the Macro Base Station(MBS)keeps on increasing as almost all the people start using mobile phones.The MBS cannot accommodate all user’s demands,and attempts to offload some users to the nearby small cells so that the user could get the expected service.For the MBS to offload data traffic to an Access Point(AP),it should offer an optimal economic incentive in a way its utility is maximized.Similarly,the APs should choose an optimal traffic to admit load for the price that it gets from MBS.To balance this tradeoff between the economic incentive and the admittance load to achieve optimal offloading,Software Defined Networking(SDN)assisted Stackelberg Game(SaSG)model is proposed.In this model,the MBS selects the users carefully to aggregate the service with AP,so that the user experiencing least service gets aggregated first.The MBS uses the Received Signal Strength Indicator(RSSI)value of the users as the main parameter for aggregating a particular user for a contract period with LTE and WiFi.Each player involved in the game tries to maximize their payoff utilities,and thus,while incorporating those utilities in real-time scenario,we obtain maximum throughput per user which experiences best data service without any lack in Quality of Experience(QoE).Thus,the proposed SaSG model proves better when compared with other game theory models,and hence an optimal data offloading is achieved.展开更多
Communication-dependent and software-based distributed energy resources(DERs)are extensively integrated into modern microgrids,providing extensive benefits such as increased distributed controllability,scalability,and...Communication-dependent and software-based distributed energy resources(DERs)are extensively integrated into modern microgrids,providing extensive benefits such as increased distributed controllability,scalability,and observability.However,malicious cyber-attackers can exploit various potential vulnerabilities.In this study,a programmable adaptive security scanning(PASS)approach is presented to protect DER inverters against various power-bot attacks.Specifically,three different types of attacks,namely controller manipulation,replay,and injection attacks,are considered.This approach employs both software-defined networking technique and a novel coordinated detection method capable of enabling programmable and scalable networked microgrids(NMs)in an ultra-resilient,time-saving,and autonomous manner.The coordinated detection method efficiently identifies the location and type of power-bot attacks without disrupting normal NM operations.Extensive simulation results validate the efficacy and practicality of the PASS for securing NMs.展开更多
With the increase of network complexity,the flexibility of network control and management becomes a nontrivial problem.Both Software Defined Network(SDN) and Autonomic Network technologies are sophisticated technologi...With the increase of network complexity,the flexibility of network control and management becomes a nontrivial problem.Both Software Defined Network(SDN) and Autonomic Network technologies are sophisticated technologies for the network control and management.These two technologies could be combined together to construct a software defined self-managing solution for the future network.An autonomic QoS management mechanism in Software Defined Network(AQSDN) is proposed in this paper.In AQSDN,the various QoS features can be configured autonomically in an OpenFlow switch through extending the OpenFlow and OF-Config protocols.Based on AQSDN,a novel packet context-aware QoS model(PCaQoS) is also introduced for improving the network QoS.PCaQoS takes packet context into account when packet is marked and managed into forwarding queues.The implementation of a video application's prototype which evaluates the self-configuration feature of the AQSDN and the enhancement ability of the PCaQoS is presented in order to validate this design.展开更多
As communication technology and smart manufacturing have developed, the industrial internet of things(IIo T)has gained considerable attention from academia and industry.Wireless sensor networks(WSNs) have many advanta...As communication technology and smart manufacturing have developed, the industrial internet of things(IIo T)has gained considerable attention from academia and industry.Wireless sensor networks(WSNs) have many advantages with broad applications in many areas including environmental monitoring, which makes it a very important part of IIo T. However,energy depletion and hardware malfunctions can lead to node failures in WSNs. The industrial environment can also impact the wireless channel transmission, leading to network reliability problems, even with tightly coupled control and data planes in traditional networks, which obviously also enhances network management cost and complexity. In this paper, we introduce a new software defined network(SDN), and modify this network to propose a framework called the improved software defined wireless sensor network(improved SD-WSN). This proposed framework can address the following issues. 1) For a large scale heterogeneous network, it solves the problem of network management and smooth merging of a WSN into IIo T. 2) The network coverage problem is solved which improves the network reliability. 3) The framework addresses node failure due to various problems, particularly related to energy consumption.Therefore, it is necessary to improve the reliability of wireless sensor networks, by developing certain schemes to reduce energy consumption and the delay time of network nodes under IIo T conditions. Experiments have shown that the improved approach significantly reduces the energy consumption of nodes and the delay time, thus improving the reliability of WSN.展开更多
Software Defined Satellite Networks(SDSN) are proposed to solve the problems in traditional satellite networks, such as time-consuming configuration and inflexible traffic scheduling. The emerging application of small...Software Defined Satellite Networks(SDSN) are proposed to solve the problems in traditional satellite networks, such as time-consuming configuration and inflexible traffic scheduling. The emerging application of small satellite and research of SDSN make it possible for satellite networks to provide flexible network services. Service Function Chain(SFC) can satisfy this need. In this paper, we are motivated to investigate applying SFC in the small satellite-based SDSN for service delivery. We introduce the structure of the multi-layer constellation-based SDSN. Then, we describe two deployment patterns of SFC in SDSN, the Multi-Domain(MD) pattern and the Satellite Formation(SF) pattern. We propose two algorithms, SFP-MD, and SFP-SF, to calculate the Service Function Path(SFP). We implement the algorithms and conduct contrast experiments in our prototype. Finally, we summarize the applicable conditions of two deployment patterns according to the experimental results in terms of hops, delay, and packet loss rate.展开更多
Software defined optical networks (SDONs) integrate software defined technology with optical communication networks and represent the promising development trend of future optical networks. The key technologies for ...Software defined optical networks (SDONs) integrate software defined technology with optical communication networks and represent the promising development trend of future optical networks. The key technologies for SDONs include software-defined optical transmission, switching, and networking. The main features include control and transport separation, hard-ware universalization, protocol standardization, controllable optical network, and flexible optical network applications. This paper introduces software defined optical networks and its innovation environment, in terms of network architecture, protocol extension solution, experiment platform and typical applications. Batch testing has been conducted to evaluate the performance of this SDON testbed. The results show that the SDON testbed has good scalability in different sizes. Meanwhile, we notice that controller output bandwidth has great influence on lightpath setup delay.展开更多
In software-defined networking,the separation of control plane from forwarding plane introduces new challenges to network reliability.This paper proposes a fault-tolerant routing mechanism to improve survivability by ...In software-defined networking,the separation of control plane from forwarding plane introduces new challenges to network reliability.This paper proposes a fault-tolerant routing mechanism to improve survivability by converting the survivability problem into two sub-problems:constructing an elastic-aware routing tree and controller selection.Based on the shortest path tree,this scheme continuously attempts to prune the routing tree to enhance network survivability.After a certain number of iterations,elastic-aware routing continues to improve network resiliency by increasing the number of edges in this tree.Simulation results demonstrate this fault-tolerant mechanism performs better than the traditional method in terms of the number of protected nodes and network fragility indicator.展开更多
Distributed Denial of Service(DDoS) attacks have been one of the most destructive threats to Internet security. By decoupling the network control and data plane, software defined networking(SDN) offers a flexible netw...Distributed Denial of Service(DDoS) attacks have been one of the most destructive threats to Internet security. By decoupling the network control and data plane, software defined networking(SDN) offers a flexible network management paradigm to solve DDoS attack in traditional networks. However, the centralized nature of SDN is also a potential vulnerability for DDo S attack. In this paper, we first provide some SDN-supported mechanisms against DDoS attack in traditional networks. A systematic review of various SDN-self DDo S threats are then presented as well as the existing literatures on quickly DDoS detection and defense in SDN. Finally, some promising research directions in this field are introduced.展开更多
Due to 5G's stringent and uncertainty traffic requirements,open ecosystem would be one inevitable way to develop 5G.On the other hand,GPP based mobile communication becomes appealing recently attributed to its str...Due to 5G's stringent and uncertainty traffic requirements,open ecosystem would be one inevitable way to develop 5G.On the other hand,GPP based mobile communication becomes appealing recently attributed to its striking advantage in flexibility and re-configurability.In this paper,both the advantages and challenges of GPP platform are detailed analyzed.Furthermore,both GPP based software and hardware architectures for open 5G are presented and the performances of real-time signal processing and power consumption are also evaluated.The evaluation results indicate that turbo and power consumption may be another challengeable problem should be further solved to meet the requirements of realistic deployments.展开更多
The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,securit...The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,security,and network management.However,the SDN is vulnerable to security threats that target its controller,such as low-rate Distributed Denial of Service(DDoS)attacks,The low-rate DDoS attack is one of the most prevalent attacks that poses a severe threat to SDN network security because the controller is a vital architecture component.Therefore,there is an urgent need to propose a detection approach for this type of attack with a high detection rate and low false-positive rates.Thus,this paper proposes an approach to detect low-rate DDoS attacks on the SDN controller by adapting a dynamic threshold.The proposed approach has been evaluated using four simulation scenarios covering a combination of low-rate DDoS attacks against the SDN controller involving(i)a single host attack targeting a single victim;(ii)a single host attack targeting multiple victims;(iii)multiple hosts attack targeting a single victim;and(iv)multiple hosts attack targeting multiple victims.The proposed approach’s average detection rates are 96.65%,91.83%,96.17%,and 95.33%for the above scenarios,respectively;and its average false-positive rates are 3.33%,8.17%,3.83%,and 4.67%for similar scenarios,respectively.The comparison between the proposed approach and two existing approaches showed that it outperformed them in both categories.展开更多
文摘This white paper explores three popular development methodologies for network softwarization: DevOps, NetOps, and Verification. The paper compares and contrasts the strengths and weaknesses of each approach and provides recommendations for organizations looking to adopt network softwarization.
文摘Software-defined networking(SDN)is an innovative paradigm that separates the control and data planes,introducing centralized network control.SDN is increasingly being adopted by Carrier Grade networks,offering enhanced networkmanagement capabilities than those of traditional networks.However,because SDN is designed to ensure high-level service availability,it faces additional challenges.One of themost critical challenges is ensuring efficient detection and recovery from link failures in the data plane.Such failures can significantly impact network performance and lead to service outages,making resiliency a key concern for the effective adoption of SDN.Since the recovery process is intrinsically dependent on timely failure detection,this research surveys and analyzes the current literature on both failure detection and recovery approaches in SDN.The survey provides a critical comparison of existing failure detection techniques,highlighting their advantages and disadvantages.Additionally,it examines the current failure recovery methods,categorized as either restoration-based or protection-based,and offers a comprehensive comparison of their strengths and limitations.Lastly,future research challenges and directions are discussed to address the shortcomings of existing failure recovery methods.
文摘Link failure is a critical issue in large networks and must be effectively addressed.In software-defined networks(SDN),link failure recovery schemes can be categorized into proactive and reactive approaches.Reactive schemes have longer recovery times while proactive schemes provide faster recovery but overwhelm the memory of switches by flow entries.As SDN adoption grows,ensuring efficient recovery from link failures in the data plane becomes crucial.In particular,data center networks(DCNs)demand rapid recovery times and efficient resource utilization to meet carrier-grade requirements.This paper proposes an efficient Decentralized Failure Recovery(DFR)model for SDNs,meeting recovery time requirements and optimizing switch memory resource consumption.The DFR model enables switches to autonomously reroute traffic upon link failures without involving the controller,achieving fast recovery times while minimizing memory usage.DFR employs the Fast Failover Group in the OpenFlow standard for local recovery without requiring controller communication and utilizes the k-shortest path algorithm to proactively install backup paths,allowing immediate local recovery without controller intervention and enhancing overall network stability and scalability.DFR employs flow entry aggregation techniques to reduce switch memory usage.Instead of matching flow entries to the destination host’s MAC address,DFR matches packets to the destination switch’s MAC address.This reduces the switches’Ternary Content-Addressable Memory(TCAM)consumption.Additionally,DFR modifies Address Resolution Protocol(ARP)replies to provide source hosts with the destination switch’s MAC address,facilitating flow entry aggregation without affecting normal network operations.The performance of DFR is evaluated through the network emulator Mininet 2.3.1 and Ryu 3.1 as SDN controller.For different number of active flows,number of hosts per edge switch,and different network sizes,the proposed model outperformed various failure recovery models:restoration-based,protection by flow entries,protection by group entries and protection by Vlan-tagging model in terms of recovery time,switch memory consumption and controller overhead which represented the number of flow entry updates to recover from the failure.Experimental results demonstrate that DFR achieves recovery times under 20 milliseconds,satisfying carrier-grade requirements for rapid failure recovery.Additionally,DFR reduces switch memory usage by up to 95%compared to traditional protection methods and minimizes controller load by eliminating the need for controller intervention during failure recovery.Theresults underscore the efficiency and scalability of the DFR model,making it a practical solution for enhancing network resilience in SDN environments.
基金supported by the Beijing Education Commission Science and Technology Project(No.KM201811417005)the National Natural Science Foundation of China(No.62173237)+6 种基金the Aeronautical Science Foundation of China(No.20240055054001)the Open Fund of State Key Laboratory of Satellite Navigation System and Equipment Technology(No.CEPNT2023A01)Joint Fund of Ministry of Natural Resources Key Laboratory of Spatiotemporal Perception and Intelligent Processing(No.232203)the Civil Aviation Flight Technology and Flight Safety Engineering Technology Research Center of Sichuan(No.GY2024-02B)the Applied Basic Research Programs of Liaoning Province(No.2025JH2/101300011)the General Project of Liaoning Provincial Education Department(No.20250054)Research on Safety Intelligent Management Technology and Systems for Mixed Operations of General Aviation Aircraft in Low-Altitude Airspace(No.310125011).
文摘Software systems play increasing important roles in modern society,and the ability against attacks is of great practical importance to crucial software systems,resulting in that the structure and robustness of software systems have attracted a tremendous amount of interest in recent years.In this paper,based on the source code of Tar and MySQL,we propose an approach to generate coupled software networks and construct three kinds of directed software networks:The function call network,the weakly coupled network and the strongly coupled network.The structural properties of these complex networks are extensively investigated.It is found that the average influence and the average dependence for all functions are the same.Moreover,eight attacking strategies and two robustness indicators(the weakly connected indicator and the strongly connected indicator)are introduced to analyze the robustness of software networks.This shows that the strongly coupled network is just a weakly connected network rather than a strongly connected one.For MySQL,high in-degree strategy outperforms other attacking strategies when the weakly connected indicator is used.On the other hand,high out-degree strategy is a good choice when the strongly connected indicator is adopted.This work will highlight a better understanding of the structure and robustness of software networks.
基金the National High-tech R&D Program ("863" Program) of China,the National Science Foundation of China,National Science & Technology Pillar Program of China,the National Science Foundation of China,the Post-Doctoral Funding of China,Tsinghua-Huawei joint research project
文摘In order to improve the scalability and reliability of Software Defined Networking(SDN),many studies use multiple controllers to constitute logically centralized control plane to provide load balancing and fail over.In this paper,we develop a flexible dormant multi-controller model based on the centralized multi-controller architecture.The dormant multi-controller model allows part of controllers to enter the dormant state under light traffic condition for saving system cost.Meanwhile,through queueing analysis,various performance measures of the system can be obtained.Moreover,we analyze the real traffic of China Education Network and use the results as the parameters of computer simulation and verify the effects of parameters on the system characteristics.Finally,a total expected cost function is established,and genetic algorithm is employed to find the optimal values of various parameters to minimize system cost for the deployment decision making.
基金supported in part by National Natural Science Foundation of China (No.61401331,No.61401328)111 Project in Xidian University of China(B08038)+2 种基金Hong Kong,Macao and Taiwan Science and Technology Cooperation Special Project (2014DFT10320,2015DFT10160)The National Science and Technology Major Project of the Ministry of Science and Technology of China(2015zx03002006-003)FundamentalResearch Funds for the Central Universities (20101155739)
文摘The Internet of Vehicles(IoV)has been widely researched in recent years,and cloud computing has been one of the key technologies in the IoV.Although cloud computing provides high performance compute,storage and networking services,the IoV still suffers with high processing latency,less mobility support and location awareness.In this paper,we integrate fog computing and software defined networking(SDN) to address those problems.Fog computing extends computing and storing to the edge of the network,which could decrease latency remarkably in addition to enable mobility support and location awareness.Meanwhile,SDN provides flexible centralized control and global knowledge to the network.In order to apply the software defined cloud/fog networking(SDCFN) architecture in the IoV effectively,we propose a novel SDN-based modified constrained optimization particle swarm optimization(MPSO-CO) algorithm which uses the reverse of the flight of mutation particles and linear decrease inertia weight to enhance the performance of constrained optimization particle swarm optimization(PSO-CO).The simulation results indicate that the SDN-based MPSO-CO algorithm could effectively decrease the latency and improve the quality of service(QoS) in the SDCFN architecture.
基金Supported by the National Natural Science Foundation of China (61202387, 61103220)Major Projects of National Science and Technology of China(2010ZX03006-001-01)+3 种基金Doctoral Fund of Ministry of Education of China (2012014110002)China Postdoctoral Science Foundation (2012M510641)Hubei Province Natural Science Foundation (2011CDB456)Wuhan Chenguang Plan Project(2012710367)
文摘Aiming at the difficulty of unknown Trojan detection in the APT flooding situation, an improved detecting method has been proposed. The basic idea of this method originates from advanced persistent threat (APT) attack intents: besides dealing with damaging or destroying facilities, the more essential purpose of APT attacks is to gather confidential data from target hosts by planting Trojans. Inspired by this idea and some in-depth analyses on recently happened APT attacks, five typical communication characteristics are adopted to describe application’s network behavior, with which a fine-grained classifier based on Decision Tree and Na ve Bayes is modeled. Finally, with the training of supervised machine learning approaches, the classification detection method is implemented. Compared with general methods, this method is capable of enhancing the detection and awareness capability of unknown Trojans with less resource consumption.
基金The paper is supported by the National High Technology Research and Development Program of China (863 Program) (No.2009AA01Z439) and the National Natural Science Foundation of China (U0835001)
文摘Several software network models are constructed based on the relationships between classes in the object-oriented software systems.Then,a variety of well-known open source software applications are statistically analyzed by using these models.The results show that: (1) Dependency network does play a key role in software architecture;(2) The exponents of in-degree and total-degree distribution functions of different networks differ slightly,while the exponent of out-degree varies obviously;(3) Weak-coupling relationships have greater impact on software architecture than strong-coupling relationships.Finally,a theoretically analysis on these statistical phenomena is proposed from the perspectives of software develop technology,develop process and developer’s habits,respectively.
文摘Satellite communication networks have been evolving from standalone networks with ad-hoc infrastructures to possibly interconnected portions of a wider Future Internet architecture. Experts belonging to the fifth-generation(5 G) standardization committees are considering satellites as a technology to integrate in the 5 G environment. Software Defined Networking(SDN) is one of the paradigms of the next generation of mobile and fixed communications. It can be employed to perform different control functionalities, such as routing, because it allows traffic flow identification based on different parameters and traffic flow management in a centralized way. A centralized set of controllers makes the decisions and sends the corresponding forwarding rules for each traffic flow to the involved intermediate nodes that practically forward data up to the destination. The time to perform this process in integrated terrestrial-satellite networks could be not negligible due to satellite link delays. The aim of this paper is to introduce an SDN-based terrestrial satellite network architecture and to estimate the mean time to deliver the data of a new traffic flow from the source to the destination including the time required to transfer SDN control actions. The practical effect is to identify the maximum performance than can be expected.
基金This work is supported by the Fundamental Research Funds for the Central Universities.
文摘In recent years,satellite networks have been proposed as an essential part of next-generation mobile communication systems.Software defined networking techniques are introduced in satellite networks to handle the growing challenges induced by time-varying topology,intermittent inter-satellite link and dramatically increased satellite constellation size.This survey covers the latest progress of software defined satellite networks,including key techniques,existing solutions,challenges,opportunities,and simulation tools.To the best of our knowledge,this paper is the most comprehensive survey that covers the latest progress of software defined satellite networks.An open GitHub repository is further created where the latest papers on this topic will be tracked and updated periodically.Compared with these existing surveys,this survey contributes from three aspects:(1)an up-to-date SDN-oriented review for the latest progress of key techniques and solutions in software defined satellite networks;(2)an inspiring summary of existing challenges,new research opportunities and publicly available simulation tools for follow-up studies;(3)an effort of building a public repository to track new results.
文摘The data traffic that is accumulated at the Macro Base Station(MBS)keeps on increasing as almost all the people start using mobile phones.The MBS cannot accommodate all user’s demands,and attempts to offload some users to the nearby small cells so that the user could get the expected service.For the MBS to offload data traffic to an Access Point(AP),it should offer an optimal economic incentive in a way its utility is maximized.Similarly,the APs should choose an optimal traffic to admit load for the price that it gets from MBS.To balance this tradeoff between the economic incentive and the admittance load to achieve optimal offloading,Software Defined Networking(SDN)assisted Stackelberg Game(SaSG)model is proposed.In this model,the MBS selects the users carefully to aggregate the service with AP,so that the user experiencing least service gets aggregated first.The MBS uses the Received Signal Strength Indicator(RSSI)value of the users as the main parameter for aggregating a particular user for a contract period with LTE and WiFi.Each player involved in the game tries to maximize their payoff utilities,and thus,while incorporating those utilities in real-time scenario,we obtain maximum throughput per user which experiences best data service without any lack in Quality of Experience(QoE).Thus,the proposed SaSG model proves better when compared with other game theory models,and hence an optimal data offloading is achieved.
基金This work was supported in part by the National Science Foundation,USA(ECCS-2018492,CNS-2006828,ECCS-2002897,and OIA-2040599).
文摘Communication-dependent and software-based distributed energy resources(DERs)are extensively integrated into modern microgrids,providing extensive benefits such as increased distributed controllability,scalability,and observability.However,malicious cyber-attackers can exploit various potential vulnerabilities.In this study,a programmable adaptive security scanning(PASS)approach is presented to protect DER inverters against various power-bot attacks.Specifically,three different types of attacks,namely controller manipulation,replay,and injection attacks,are considered.This approach employs both software-defined networking technique and a novel coordinated detection method capable of enabling programmable and scalable networked microgrids(NMs)in an ultra-resilient,time-saving,and autonomous manner.The coordinated detection method efficiently identifies the location and type of power-bot attacks without disrupting normal NM operations.Extensive simulation results validate the efficacy and practicality of the PASS for securing NMs.
基金This work was supported in part by the National High Technology Research and Development Program (863 Program) of China under Grant No. 2011AA01A101, No.2013AA013303, No.2013AA013301and National Natural science foundation of China No. 61370197 & 61271041.
文摘With the increase of network complexity,the flexibility of network control and management becomes a nontrivial problem.Both Software Defined Network(SDN) and Autonomic Network technologies are sophisticated technologies for the network control and management.These two technologies could be combined together to construct a software defined self-managing solution for the future network.An autonomic QoS management mechanism in Software Defined Network(AQSDN) is proposed in this paper.In AQSDN,the various QoS features can be configured autonomically in an OpenFlow switch through extending the OpenFlow and OF-Config protocols.Based on AQSDN,a novel packet context-aware QoS model(PCaQoS) is also introduced for improving the network QoS.PCaQoS takes packet context into account when packet is marked and managed into forwarding queues.The implementation of a video application's prototype which evaluates the self-configuration feature of the AQSDN and the enhancement ability of the PCaQoS is presented in order to validate this design.
基金supported by the National Natural Science Foundation of China(61571336)the Science and Technology Project of Henan Province in China(172102210081)the Independent Innovation Research Foundation of Wuhan University of Technology(2016-JL-036)
文摘As communication technology and smart manufacturing have developed, the industrial internet of things(IIo T)has gained considerable attention from academia and industry.Wireless sensor networks(WSNs) have many advantages with broad applications in many areas including environmental monitoring, which makes it a very important part of IIo T. However,energy depletion and hardware malfunctions can lead to node failures in WSNs. The industrial environment can also impact the wireless channel transmission, leading to network reliability problems, even with tightly coupled control and data planes in traditional networks, which obviously also enhances network management cost and complexity. In this paper, we introduce a new software defined network(SDN), and modify this network to propose a framework called the improved software defined wireless sensor network(improved SD-WSN). This proposed framework can address the following issues. 1) For a large scale heterogeneous network, it solves the problem of network management and smooth merging of a WSN into IIo T. 2) The network coverage problem is solved which improves the network reliability. 3) The framework addresses node failure due to various problems, particularly related to energy consumption.Therefore, it is necessary to improve the reliability of wireless sensor networks, by developing certain schemes to reduce energy consumption and the delay time of network nodes under IIo T conditions. Experiments have shown that the improved approach significantly reduces the energy consumption of nodes and the delay time, thus improving the reliability of WSN.
基金supported in part by NSFC of China under Grant No.61232017National Basic Research Program of China(“973 program”)under Grant No.2013CB329101+1 种基金Fundamental Research Funds for the Central Universities under Grant No.2016YJS026NSAF of China under Grant No.U1530118
文摘Software Defined Satellite Networks(SDSN) are proposed to solve the problems in traditional satellite networks, such as time-consuming configuration and inflexible traffic scheduling. The emerging application of small satellite and research of SDSN make it possible for satellite networks to provide flexible network services. Service Function Chain(SFC) can satisfy this need. In this paper, we are motivated to investigate applying SFC in the small satellite-based SDSN for service delivery. We introduce the structure of the multi-layer constellation-based SDSN. Then, we describe two deployment patterns of SFC in SDSN, the Multi-Domain(MD) pattern and the Satellite Formation(SF) pattern. We propose two algorithms, SFP-MD, and SFP-SF, to calculate the Service Function Path(SFP). We implement the algorithms and conduct contrast experiments in our prototype. Finally, we summarize the applicable conditions of two deployment patterns according to the experimental results in terms of hops, delay, and packet loss rate.
基金supported by ZTE Industry-Academia-Research Cooperation Funds under Grant No.Surrey-Ref-9953
文摘Software defined optical networks (SDONs) integrate software defined technology with optical communication networks and represent the promising development trend of future optical networks. The key technologies for SDONs include software-defined optical transmission, switching, and networking. The main features include control and transport separation, hard-ware universalization, protocol standardization, controllable optical network, and flexible optical network applications. This paper introduces software defined optical networks and its innovation environment, in terms of network architecture, protocol extension solution, experiment platform and typical applications. Batch testing has been conducted to evaluate the performance of this SDON testbed. The results show that the SDON testbed has good scalability in different sizes. Meanwhile, we notice that controller output bandwidth has great influence on lightpath setup delay.
基金supported by the Key Laboratory of Universal Wireless Communications(Beijing University of Posts and Telecommunications)Ministry of Education,P.R.China(KFKT-2013104)+6 种基金the National Natural Science Foundation of China(61501105,61471109,61302071)the China Postdoctoral Science Foundation(2013M541243)the Doctoral Scientific Research Foundation of Liaoning Province(20141014)the Fundamental Research Funds for the Central Universities(N150404018,N130304001,N150401002,N150404015)the National 973 Advance Research Program(2014CB360509)the Postdoctoral Science Foundation of Northeast University(20140319)Ministry of Education-China Mobile Research Foundation(MCM20130131)
文摘In software-defined networking,the separation of control plane from forwarding plane introduces new challenges to network reliability.This paper proposes a fault-tolerant routing mechanism to improve survivability by converting the survivability problem into two sub-problems:constructing an elastic-aware routing tree and controller selection.Based on the shortest path tree,this scheme continuously attempts to prune the routing tree to enhance network survivability.After a certain number of iterations,elastic-aware routing continues to improve network resiliency by increasing the number of edges in this tree.Simulation results demonstrate this fault-tolerant mechanism performs better than the traditional method in terms of the number of protected nodes and network fragility indicator.
基金supported in part by the“973”Program of China under Grant No.2013CB329103the National Natural Science Foundation of China under Grant No.61271171 and No.61401070+1 种基金National Key Research and Development Program of China No.2016YFB0800105the“863”Program of China under Grant No.2015AA015702 and No.2015AA016102
文摘Distributed Denial of Service(DDoS) attacks have been one of the most destructive threats to Internet security. By decoupling the network control and data plane, software defined networking(SDN) offers a flexible network management paradigm to solve DDoS attack in traditional networks. However, the centralized nature of SDN is also a potential vulnerability for DDo S attack. In this paper, we first provide some SDN-supported mechanisms against DDoS attack in traditional networks. A systematic review of various SDN-self DDo S threats are then presented as well as the existing literatures on quickly DDoS detection and defense in SDN. Finally, some promising research directions in this field are introduced.
基金funded in part by National Natural Science Foundation of China(grant NO.61471347)National S&T Mayor Project of the Ministry of S&T of China(grant NO.2016ZX03001020-003)+1 种基金key program for international S&T Cooperation Program of China(grant NO.2014DFA11640)Shanghai Natural Science Foundation(grant NO.16ZR1435100)
文摘Due to 5G's stringent and uncertainty traffic requirements,open ecosystem would be one inevitable way to develop 5G.On the other hand,GPP based mobile communication becomes appealing recently attributed to its striking advantage in flexibility and re-configurability.In this paper,both the advantages and challenges of GPP platform are detailed analyzed.Furthermore,both GPP based software and hardware architectures for open 5G are presented and the performances of real-time signal processing and power consumption are also evaluated.The evaluation results indicate that turbo and power consumption may be another challengeable problem should be further solved to meet the requirements of realistic deployments.
基金This work was supported by Universiti Sains Malaysia under external grant(Grant Number 304/PNAV/650958/U154).
文摘The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,security,and network management.However,the SDN is vulnerable to security threats that target its controller,such as low-rate Distributed Denial of Service(DDoS)attacks,The low-rate DDoS attack is one of the most prevalent attacks that poses a severe threat to SDN network security because the controller is a vital architecture component.Therefore,there is an urgent need to propose a detection approach for this type of attack with a high detection rate and low false-positive rates.Thus,this paper proposes an approach to detect low-rate DDoS attacks on the SDN controller by adapting a dynamic threshold.The proposed approach has been evaluated using four simulation scenarios covering a combination of low-rate DDoS attacks against the SDN controller involving(i)a single host attack targeting a single victim;(ii)a single host attack targeting multiple victims;(iii)multiple hosts attack targeting a single victim;and(iv)multiple hosts attack targeting multiple victims.The proposed approach’s average detection rates are 96.65%,91.83%,96.17%,and 95.33%for the above scenarios,respectively;and its average false-positive rates are 3.33%,8.17%,3.83%,and 4.67%for similar scenarios,respectively.The comparison between the proposed approach and two existing approaches showed that it outperformed them in both categories.
