The rapid expansion of the Internet of Things(IoT)and Edge Artificial Intelligence(AI)has redefined automation and connectivity acrossmodern networks.However,the heterogeneity and limited resources of IoT devices expo...The rapid expansion of the Internet of Things(IoT)and Edge Artificial Intelligence(AI)has redefined automation and connectivity acrossmodern networks.However,the heterogeneity and limited resources of IoT devices expose them to increasingly sophisticated and persistentmalware attacks.These adaptive and stealthy threats can evade conventional detection,establish remote control,propagate across devices,exfiltrate sensitive data,and compromise network integrity.This study presents a Software-Defined Internet of Things(SD-IoT)control-plane-based,AI-driven framework that integrates Gated Recurrent Units(GRU)and Long Short-TermMemory(LSTM)networks for efficient detection of evolving multi-vector,malware-driven botnet attacks.The proposed CUDA-enabled hybrid deep learning(DL)framework performs centralized real-time detection without adding computational overhead to IoT nodes.A feature selection strategy combining variable clustering,attribute evaluation,one-R attribute evaluation,correlation analysis,and principal component analysis(PCA)enhances detection accuracy and reduces complexity.The framework is rigorously evaluated using the N_BaIoT dataset under k-fold cross-validation.Experimental results achieve 99.96%detection accuracy,a false positive rate(FPR)of 0.0035%,and a detection latency of 0.18 ms,confirming its high efficiency and scalability.The findings demonstrate the framework’s potential as a robust and intelligent security solution for next-generation IoT ecosystems.展开更多
为解决高密度无线局域网中接入拥塞、资源失衡及流量混传导致的性能瓶颈问题,从接入层面、资源层面及流量层面分析无线局域网接入拥塞问题,并从3个层面提出基于软件定义网络(Software Defined Network,SDN)流量调度的应对策略。实践案...为解决高密度无线局域网中接入拥塞、资源失衡及流量混传导致的性能瓶颈问题,从接入层面、资源层面及流量层面分析无线局域网接入拥塞问题,并从3个层面提出基于软件定义网络(Software Defined Network,SDN)流量调度的应对策略。实践案例验证了该策略在提升网络吞吐量、降低传输时延方面具有明显成效。展开更多
The rise of time-sensitive applications with broad geographical scope drives the development of time-sensitive networking(TSN)from intra-domain to inter-domain to ensure overall end-to-end connectivity requirements in...The rise of time-sensitive applications with broad geographical scope drives the development of time-sensitive networking(TSN)from intra-domain to inter-domain to ensure overall end-to-end connectivity requirements in heterogeneous deployments.When multiple TSN networks interconnect over non-TSN networks,all devices in the network need to be syn-chronized by sharing a uniform time reference.How-ever,most non-TSN networks are best-effort.Path delay asymmetry and random noise accumulation can introduce unpredictable time errors during end-to-end time synchronization.These factors can degrade syn-chronization performance.Therefore,cross-domain time synchronization becomes a challenging issue for multiple TSN networks interconnected by non-TSN networks.This paper presents a cross-domain time synchronization scheme that follows the software-defined TSN(SD-TSN)paradigm.It utilizes a com-bined control plane constructed by a coordinate con-troller and a domain controller for centralized control and management of cross-domain time synchroniza-tion.The general operation flow of the cross-domain time synchronization process is designed.The mecha-nism of cross-domain time synchronization is revealed by introducing a synchronization model and an error compensation method.A TSN cross-domain proto-type testbed is constructed for verification.Results show that the scheme can achieve end-to-end high-precision time synchronization with accuracy and sta-bility.展开更多
Distributed denial of service(DDoS)attacks are common network attacks that primarily target Internet of Things(IoT)devices.They are critical for emerging wireless services,especially for applications with limited late...Distributed denial of service(DDoS)attacks are common network attacks that primarily target Internet of Things(IoT)devices.They are critical for emerging wireless services,especially for applications with limited latency.DDoS attacks pose significant risks to entrepreneurial businesses,preventing legitimate customers from accessing their websites.These attacks require intelligent analytics before processing service requests.Distributed denial of service(DDoS)attacks exploit vulnerabilities in IoT devices by launchingmulti-point distributed attacks.These attacks generate massive traffic that overwhelms the victim’s network,disrupting normal operations.The consequences of distributed denial of service(DDoS)attacks are typically more severe in software-defined networks(SDNs)than in traditional networks.The centralised architecture of these networks can exacerbate existing vulnerabilities,as these weaknesses may not be effectively addressed in this model.The preliminary objective for detecting and mitigating distributed denial of service(DDoS)attacks in software-defined networks(SDN)is to monitor traffic patterns and identify anomalies that indicate distributed denial of service(DDoS)attacks.It implements measures to counter the effects ofDDoS attacks,and ensure network reliability and availability by leveraging the flexibility and programmability of SDN to adaptively respond to threats.The authors present a mechanism that leverages the OpenFlow and sFlow protocols to counter the threats posed by DDoS attacks.The results indicate that the proposed model effectively mitigates the negative effects of DDoS attacks in an SDN environment.展开更多
Accurate early classification of elephant flows(elephants)is important for network management and resource optimization.Elephant models,mainly based on the byte count of flows,can always achieve high accuracy,but not ...Accurate early classification of elephant flows(elephants)is important for network management and resource optimization.Elephant models,mainly based on the byte count of flows,can always achieve high accuracy,but not in a time-efficient manner.The time efficiency becomes even worse when the flows to be classified are sampled by flow entry timeout over Software-Defined Networks(SDNs)to achieve a better resource efficiency.This paper addresses this situation by combining co-training and Reinforcement Learning(RL)to enable a closed-loop classification approach that divides the entire classification process into episodes,each involving two elephant models.One predicts elephants and is retrained by a selection of flows automatically labeled online by the other.RL is used to formulate a reward function that estimates the values of the possible actions based on the current states of both models and further adjusts the ratio of flows to be labeled in each phase.Extensive evaluation based on real traffic traces shows that the proposed approach can stably predict elephants using the packets received in the first 10% of their lifetime with an accuracy of over 80%,and using only about 10% more control channel bandwidth than the baseline over the evolved SDNs.展开更多
Zero Trust Network(ZTN)enhances network security through strict authentication and access control.However,in the ZTN,optimizing flow control to improve the quality of service is still facing challenges.Software Define...Zero Trust Network(ZTN)enhances network security through strict authentication and access control.However,in the ZTN,optimizing flow control to improve the quality of service is still facing challenges.Software Defined Network(SDN)provides solutions through centralized control and dynamic resource allocation,but the existing scheduling methods based on Deep Reinforcement Learning(DRL)are insufficient in terms of convergence speed and dynamic optimization capability.To solve these problems,this paper proposes DRL-AMIR,which is an efficient flow scheduling method for software defined ZTN.This method constructs a flow scheduling optimization model that comprehensively considers service delay,bandwidth occupation,and path hops.Additionally,it balances the differentiated requirements of delay-critical K-flows,bandwidth-intensive D-flows,and background B-flows through adaptiveweighting.Theproposed framework employs a customized state space comprising node labels,link bandwidth,delaymetrics,and path length.It incorporates an action space derived fromnode weights and a hybrid reward function that integrates both single-step and multi-step excitation mechanisms.Based on these components,a hierarchical architecture is designed,effectively integrating the data plane,control plane,and knowledge plane.In particular,the adaptive expert mechanism is introduced,which triggers the shortest path algorithm in the training process to accelerate convergence,reduce trial and error costs,and maintain stability.Experiments across diverse real-world network topologies demonstrate that DRL-AMIR achieves a 15–20%reduction in K-flow transmission delays,a 10–15%improvement in link bandwidth utilization compared to SPR,QoSR,and DRSIR,and a 30%faster convergence speed via adaptive expert mechanisms.展开更多
目的/意义建设基于软件定义网络(software defined networking,SDN)架构的网络安全平台,以增强医院云计算安全防护。方法/过程基于SDN架构构建网络安全平台,并与入侵检测系统联动形成主动防御系统。对比分析平台应用前后租户横向攻击数...目的/意义建设基于软件定义网络(software defined networking,SDN)架构的网络安全平台,以增强医院云计算安全防护。方法/过程基于SDN架构构建网络安全平台,并与入侵检测系统联动形成主动防御系统。对比分析平台应用前后租户横向攻击数量、攻击成功率、策略无阻断业务数、勒索软件加密数据量和安全团队操作工时等指标,验证平台的有效性。结果/结论基于SDN架构的网络安全平台可有效识别并阻断恶意流量,增强对医院云计算的安全防护。展开更多
我国城市轨道交通业务逐步向云平台集中,对网络时延、可靠性和资源调度能力提出了更高要求,而传统网络架构在多业务并发和高负载场景下的灵活性不足,故障恢复时间较长。针对该问题,将软件定义网络(Software Defined Network,SDN)技术引...我国城市轨道交通业务逐步向云平台集中,对网络时延、可靠性和资源调度能力提出了更高要求,而传统网络架构在多业务并发和高负载场景下的灵活性不足,故障恢复时间较长。针对该问题,将软件定义网络(Software Defined Network,SDN)技术引入城市轨道交通中心云,构建基于Spine-Leaf拓扑的SDN网络架构,并结合OpenFlow流表控制与虚拟扩展局域网(Virtual Extensible Local Area Network,VXLAN)实现网络统一调度。研究结果表明,相较于传统网络架构,SDN技术能够有效提升城市轨道交通云平台的网络性能和运维效率,为轨道交通智能化发展提供有力支撑。展开更多
The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are ...The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.展开更多
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting ProjectNumber(PNURSP2025R97),PrincessNourah bint AbdulrahmanUniversity,Riyadh,Saudi Arabia.
文摘The rapid expansion of the Internet of Things(IoT)and Edge Artificial Intelligence(AI)has redefined automation and connectivity acrossmodern networks.However,the heterogeneity and limited resources of IoT devices expose them to increasingly sophisticated and persistentmalware attacks.These adaptive and stealthy threats can evade conventional detection,establish remote control,propagate across devices,exfiltrate sensitive data,and compromise network integrity.This study presents a Software-Defined Internet of Things(SD-IoT)control-plane-based,AI-driven framework that integrates Gated Recurrent Units(GRU)and Long Short-TermMemory(LSTM)networks for efficient detection of evolving multi-vector,malware-driven botnet attacks.The proposed CUDA-enabled hybrid deep learning(DL)framework performs centralized real-time detection without adding computational overhead to IoT nodes.A feature selection strategy combining variable clustering,attribute evaluation,one-R attribute evaluation,correlation analysis,and principal component analysis(PCA)enhances detection accuracy and reduces complexity.The framework is rigorously evaluated using the N_BaIoT dataset under k-fold cross-validation.Experimental results achieve 99.96%detection accuracy,a false positive rate(FPR)of 0.0035%,and a detection latency of 0.18 ms,confirming its high efficiency and scalability.The findings demonstrate the framework’s potential as a robust and intelligent security solution for next-generation IoT ecosystems.
文摘为解决高密度无线局域网中接入拥塞、资源失衡及流量混传导致的性能瓶颈问题,从接入层面、资源层面及流量层面分析无线局域网接入拥塞问题,并从3个层面提出基于软件定义网络(Software Defined Network,SDN)流量调度的应对策略。实践案例验证了该策略在提升网络吞吐量、降低传输时延方面具有明显成效。
基金supported in part by National Key R&D Program of China(Grant No.2022YFC3803700)in part by the National Natural Science Foundation of China(Grant No.92067102)in part by the project of Beijing Laboratory of Advanced Information Networks.
文摘The rise of time-sensitive applications with broad geographical scope drives the development of time-sensitive networking(TSN)from intra-domain to inter-domain to ensure overall end-to-end connectivity requirements in heterogeneous deployments.When multiple TSN networks interconnect over non-TSN networks,all devices in the network need to be syn-chronized by sharing a uniform time reference.How-ever,most non-TSN networks are best-effort.Path delay asymmetry and random noise accumulation can introduce unpredictable time errors during end-to-end time synchronization.These factors can degrade syn-chronization performance.Therefore,cross-domain time synchronization becomes a challenging issue for multiple TSN networks interconnected by non-TSN networks.This paper presents a cross-domain time synchronization scheme that follows the software-defined TSN(SD-TSN)paradigm.It utilizes a com-bined control plane constructed by a coordinate con-troller and a domain controller for centralized control and management of cross-domain time synchroniza-tion.The general operation flow of the cross-domain time synchronization process is designed.The mecha-nism of cross-domain time synchronization is revealed by introducing a synchronization model and an error compensation method.A TSN cross-domain proto-type testbed is constructed for verification.Results show that the scheme can achieve end-to-end high-precision time synchronization with accuracy and sta-bility.
基金supported by the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘Distributed denial of service(DDoS)attacks are common network attacks that primarily target Internet of Things(IoT)devices.They are critical for emerging wireless services,especially for applications with limited latency.DDoS attacks pose significant risks to entrepreneurial businesses,preventing legitimate customers from accessing their websites.These attacks require intelligent analytics before processing service requests.Distributed denial of service(DDoS)attacks exploit vulnerabilities in IoT devices by launchingmulti-point distributed attacks.These attacks generate massive traffic that overwhelms the victim’s network,disrupting normal operations.The consequences of distributed denial of service(DDoS)attacks are typically more severe in software-defined networks(SDNs)than in traditional networks.The centralised architecture of these networks can exacerbate existing vulnerabilities,as these weaknesses may not be effectively addressed in this model.The preliminary objective for detecting and mitigating distributed denial of service(DDoS)attacks in software-defined networks(SDN)is to monitor traffic patterns and identify anomalies that indicate distributed denial of service(DDoS)attacks.It implements measures to counter the effects ofDDoS attacks,and ensure network reliability and availability by leveraging the flexibility and programmability of SDN to adaptively respond to threats.The authors present a mechanism that leverages the OpenFlow and sFlow protocols to counter the threats posed by DDoS attacks.The results indicate that the proposed model effectively mitigates the negative effects of DDoS attacks in an SDN environment.
基金supported by the National Natural Science Foundation of China(61962016)the Ministry of Science and Technology of China(G2022033002L)+1 种基金National Natural Science Foundation of Guangxi(2022JJA170057)Guangxi Education Department’s Project on Improving the Basic Research Ability of Young and Middleaged Teachers in Universities(2023ky0812,Research on Statistical Network Delay Predictions in Large-scale SDNs).
文摘Accurate early classification of elephant flows(elephants)is important for network management and resource optimization.Elephant models,mainly based on the byte count of flows,can always achieve high accuracy,but not in a time-efficient manner.The time efficiency becomes even worse when the flows to be classified are sampled by flow entry timeout over Software-Defined Networks(SDNs)to achieve a better resource efficiency.This paper addresses this situation by combining co-training and Reinforcement Learning(RL)to enable a closed-loop classification approach that divides the entire classification process into episodes,each involving two elephant models.One predicts elephants and is retrained by a selection of flows automatically labeled online by the other.RL is used to formulate a reward function that estimates the values of the possible actions based on the current states of both models and further adjusts the ratio of flows to be labeled in each phase.Extensive evaluation based on real traffic traces shows that the proposed approach can stably predict elephants using the packets received in the first 10% of their lifetime with an accuracy of over 80%,and using only about 10% more control channel bandwidth than the baseline over the evolved SDNs.
基金supported in part by Scientific Research Fund of Zhejiang Provincial Education Department under Grant Y202351110in part by Huzhou Science and Technology Plan Project under Grant 2024YZ23+1 种基金in part by Research Fund of National Key Laboratory of Advanced Communication Networks under Grant SCX23641X004in part by Postgraduate Research and Innovation Project of Huzhou University under Grant 2024KYCX50.
文摘Zero Trust Network(ZTN)enhances network security through strict authentication and access control.However,in the ZTN,optimizing flow control to improve the quality of service is still facing challenges.Software Defined Network(SDN)provides solutions through centralized control and dynamic resource allocation,but the existing scheduling methods based on Deep Reinforcement Learning(DRL)are insufficient in terms of convergence speed and dynamic optimization capability.To solve these problems,this paper proposes DRL-AMIR,which is an efficient flow scheduling method for software defined ZTN.This method constructs a flow scheduling optimization model that comprehensively considers service delay,bandwidth occupation,and path hops.Additionally,it balances the differentiated requirements of delay-critical K-flows,bandwidth-intensive D-flows,and background B-flows through adaptiveweighting.Theproposed framework employs a customized state space comprising node labels,link bandwidth,delaymetrics,and path length.It incorporates an action space derived fromnode weights and a hybrid reward function that integrates both single-step and multi-step excitation mechanisms.Based on these components,a hierarchical architecture is designed,effectively integrating the data plane,control plane,and knowledge plane.In particular,the adaptive expert mechanism is introduced,which triggers the shortest path algorithm in the training process to accelerate convergence,reduce trial and error costs,and maintain stability.Experiments across diverse real-world network topologies demonstrate that DRL-AMIR achieves a 15–20%reduction in K-flow transmission delays,a 10–15%improvement in link bandwidth utilization compared to SPR,QoSR,and DRSIR,and a 30%faster convergence speed via adaptive expert mechanisms.
文摘目的/意义建设基于软件定义网络(software defined networking,SDN)架构的网络安全平台,以增强医院云计算安全防护。方法/过程基于SDN架构构建网络安全平台,并与入侵检测系统联动形成主动防御系统。对比分析平台应用前后租户横向攻击数量、攻击成功率、策略无阻断业务数、勒索软件加密数据量和安全团队操作工时等指标,验证平台的有效性。结果/结论基于SDN架构的网络安全平台可有效识别并阻断恶意流量,增强对医院云计算的安全防护。
文摘我国城市轨道交通业务逐步向云平台集中,对网络时延、可靠性和资源调度能力提出了更高要求,而传统网络架构在多业务并发和高负载场景下的灵活性不足,故障恢复时间较长。针对该问题,将软件定义网络(Software Defined Network,SDN)技术引入城市轨道交通中心云,构建基于Spine-Leaf拓扑的SDN网络架构,并结合OpenFlow流表控制与虚拟扩展局域网(Virtual Extensible Local Area Network,VXLAN)实现网络统一调度。研究结果表明,相较于传统网络架构,SDN技术能够有效提升城市轨道交通云平台的网络性能和运维效率,为轨道交通智能化发展提供有力支撑。
基金extend their appreciation to Researcher Supporting Project Number(RSPD2023R582)King Saud University,Riyadh,Saudi Arabia.
文摘The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.
