The rapid expansion of the Internet of Things(IoT)and Edge Artificial Intelligence(AI)has redefined automation and connectivity acrossmodern networks.However,the heterogeneity and limited resources of IoT devices expo...The rapid expansion of the Internet of Things(IoT)and Edge Artificial Intelligence(AI)has redefined automation and connectivity acrossmodern networks.However,the heterogeneity and limited resources of IoT devices expose them to increasingly sophisticated and persistentmalware attacks.These adaptive and stealthy threats can evade conventional detection,establish remote control,propagate across devices,exfiltrate sensitive data,and compromise network integrity.This study presents a Software-Defined Internet of Things(SD-IoT)control-plane-based,AI-driven framework that integrates Gated Recurrent Units(GRU)and Long Short-TermMemory(LSTM)networks for efficient detection of evolving multi-vector,malware-driven botnet attacks.The proposed CUDA-enabled hybrid deep learning(DL)framework performs centralized real-time detection without adding computational overhead to IoT nodes.A feature selection strategy combining variable clustering,attribute evaluation,one-R attribute evaluation,correlation analysis,and principal component analysis(PCA)enhances detection accuracy and reduces complexity.The framework is rigorously evaluated using the N_BaIoT dataset under k-fold cross-validation.Experimental results achieve 99.96%detection accuracy,a false positive rate(FPR)of 0.0035%,and a detection latency of 0.18 ms,confirming its high efficiency and scalability.The findings demonstrate the framework’s potential as a robust and intelligent security solution for next-generation IoT ecosystems.展开更多
The rise of time-sensitive applications with broad geographical scope drives the development of time-sensitive networking(TSN)from intra-domain to inter-domain to ensure overall end-to-end connectivity requirements in...The rise of time-sensitive applications with broad geographical scope drives the development of time-sensitive networking(TSN)from intra-domain to inter-domain to ensure overall end-to-end connectivity requirements in heterogeneous deployments.When multiple TSN networks interconnect over non-TSN networks,all devices in the network need to be syn-chronized by sharing a uniform time reference.How-ever,most non-TSN networks are best-effort.Path delay asymmetry and random noise accumulation can introduce unpredictable time errors during end-to-end time synchronization.These factors can degrade syn-chronization performance.Therefore,cross-domain time synchronization becomes a challenging issue for multiple TSN networks interconnected by non-TSN networks.This paper presents a cross-domain time synchronization scheme that follows the software-defined TSN(SD-TSN)paradigm.It utilizes a com-bined control plane constructed by a coordinate con-troller and a domain controller for centralized control and management of cross-domain time synchroniza-tion.The general operation flow of the cross-domain time synchronization process is designed.The mecha-nism of cross-domain time synchronization is revealed by introducing a synchronization model and an error compensation method.A TSN cross-domain proto-type testbed is constructed for verification.Results show that the scheme can achieve end-to-end high-precision time synchronization with accuracy and sta-bility.展开更多
Distributed denial of service(DDoS)attacks are common network attacks that primarily target Internet of Things(IoT)devices.They are critical for emerging wireless services,especially for applications with limited late...Distributed denial of service(DDoS)attacks are common network attacks that primarily target Internet of Things(IoT)devices.They are critical for emerging wireless services,especially for applications with limited latency.DDoS attacks pose significant risks to entrepreneurial businesses,preventing legitimate customers from accessing their websites.These attacks require intelligent analytics before processing service requests.Distributed denial of service(DDoS)attacks exploit vulnerabilities in IoT devices by launchingmulti-point distributed attacks.These attacks generate massive traffic that overwhelms the victim’s network,disrupting normal operations.The consequences of distributed denial of service(DDoS)attacks are typically more severe in software-defined networks(SDNs)than in traditional networks.The centralised architecture of these networks can exacerbate existing vulnerabilities,as these weaknesses may not be effectively addressed in this model.The preliminary objective for detecting and mitigating distributed denial of service(DDoS)attacks in software-defined networks(SDN)is to monitor traffic patterns and identify anomalies that indicate distributed denial of service(DDoS)attacks.It implements measures to counter the effects ofDDoS attacks,and ensure network reliability and availability by leveraging the flexibility and programmability of SDN to adaptively respond to threats.The authors present a mechanism that leverages the OpenFlow and sFlow protocols to counter the threats posed by DDoS attacks.The results indicate that the proposed model effectively mitigates the negative effects of DDoS attacks in an SDN environment.展开更多
Accurate early classification of elephant flows(elephants)is important for network management and resource optimization.Elephant models,mainly based on the byte count of flows,can always achieve high accuracy,but not ...Accurate early classification of elephant flows(elephants)is important for network management and resource optimization.Elephant models,mainly based on the byte count of flows,can always achieve high accuracy,but not in a time-efficient manner.The time efficiency becomes even worse when the flows to be classified are sampled by flow entry timeout over Software-Defined Networks(SDNs)to achieve a better resource efficiency.This paper addresses this situation by combining co-training and Reinforcement Learning(RL)to enable a closed-loop classification approach that divides the entire classification process into episodes,each involving two elephant models.One predicts elephants and is retrained by a selection of flows automatically labeled online by the other.RL is used to formulate a reward function that estimates the values of the possible actions based on the current states of both models and further adjusts the ratio of flows to be labeled in each phase.Extensive evaluation based on real traffic traces shows that the proposed approach can stably predict elephants using the packets received in the first 10% of their lifetime with an accuracy of over 80%,and using only about 10% more control channel bandwidth than the baseline over the evolved SDNs.展开更多
Zero Trust Network(ZTN)enhances network security through strict authentication and access control.However,in the ZTN,optimizing flow control to improve the quality of service is still facing challenges.Software Define...Zero Trust Network(ZTN)enhances network security through strict authentication and access control.However,in the ZTN,optimizing flow control to improve the quality of service is still facing challenges.Software Defined Network(SDN)provides solutions through centralized control and dynamic resource allocation,but the existing scheduling methods based on Deep Reinforcement Learning(DRL)are insufficient in terms of convergence speed and dynamic optimization capability.To solve these problems,this paper proposes DRL-AMIR,which is an efficient flow scheduling method for software defined ZTN.This method constructs a flow scheduling optimization model that comprehensively considers service delay,bandwidth occupation,and path hops.Additionally,it balances the differentiated requirements of delay-critical K-flows,bandwidth-intensive D-flows,and background B-flows through adaptiveweighting.Theproposed framework employs a customized state space comprising node labels,link bandwidth,delaymetrics,and path length.It incorporates an action space derived fromnode weights and a hybrid reward function that integrates both single-step and multi-step excitation mechanisms.Based on these components,a hierarchical architecture is designed,effectively integrating the data plane,control plane,and knowledge plane.In particular,the adaptive expert mechanism is introduced,which triggers the shortest path algorithm in the training process to accelerate convergence,reduce trial and error costs,and maintain stability.Experiments across diverse real-world network topologies demonstrate that DRL-AMIR achieves a 15–20%reduction in K-flow transmission delays,a 10–15%improvement in link bandwidth utilization compared to SPR,QoSR,and DRSIR,and a 30%faster convergence speed via adaptive expert mechanisms.展开更多
目的/意义建设基于软件定义网络(software defined networking,SDN)架构的网络安全平台,以增强医院云计算安全防护。方法/过程基于SDN架构构建网络安全平台,并与入侵检测系统联动形成主动防御系统。对比分析平台应用前后租户横向攻击数...目的/意义建设基于软件定义网络(software defined networking,SDN)架构的网络安全平台,以增强医院云计算安全防护。方法/过程基于SDN架构构建网络安全平台,并与入侵检测系统联动形成主动防御系统。对比分析平台应用前后租户横向攻击数量、攻击成功率、策略无阻断业务数、勒索软件加密数据量和安全团队操作工时等指标,验证平台的有效性。结果/结论基于SDN架构的网络安全平台可有效识别并阻断恶意流量,增强对医院云计算的安全防护。展开更多
The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are ...The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.展开更多
当前移动互联的社会背景与网络环境对移动数据的管理与相关网络的建设提出更高要求,中国移动需要采取合理措施持续优化数据中心与软件定义网络(software defined network,SDN),确保满足最新的移动互联发展需求。基于此,概述中国移动数...当前移动互联的社会背景与网络环境对移动数据的管理与相关网络的建设提出更高要求,中国移动需要采取合理措施持续优化数据中心与软件定义网络(software defined network,SDN),确保满足最新的移动互联发展需求。基于此,概述中国移动数据中心与SDN,深入探讨中国移动数据中心SDN架构构建策略与技术应用要点,以供相关人员参考。展开更多
By decoupling control plane and data plane,Software-Defined Networking(SDN) approach simplifies network management and speeds up network innovations.These benefits have led not only to prototypes,but also real SDN dep...By decoupling control plane and data plane,Software-Defined Networking(SDN) approach simplifies network management and speeds up network innovations.These benefits have led not only to prototypes,but also real SDN deployments.For wide-area SDN deployments,multiple controllers are often required,and the placement of these controllers becomes a particularly important task in the SDN context.This paper studies the problem of placing controllers in SDNs,so as to maximize the reliability of SDN control networks.We present a novel metric,called expected percentage of control path loss,to characterize the reliability of SDN control networks.We formulate the reliability-aware control placement problem,prove its NP-hardness,and examine several placement algorithms that can solve this problem.Through extensive simulations using real topologies,we show how the number of controllers and their placement influence the reliability of SDN control networks.Besides,we also found that,through strategic controller placement,the reliability of SDN control networks can be significantly improved without introducing unacceptable switch-to-controller latencies.展开更多
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting ProjectNumber(PNURSP2025R97),PrincessNourah bint AbdulrahmanUniversity,Riyadh,Saudi Arabia.
文摘The rapid expansion of the Internet of Things(IoT)and Edge Artificial Intelligence(AI)has redefined automation and connectivity acrossmodern networks.However,the heterogeneity and limited resources of IoT devices expose them to increasingly sophisticated and persistentmalware attacks.These adaptive and stealthy threats can evade conventional detection,establish remote control,propagate across devices,exfiltrate sensitive data,and compromise network integrity.This study presents a Software-Defined Internet of Things(SD-IoT)control-plane-based,AI-driven framework that integrates Gated Recurrent Units(GRU)and Long Short-TermMemory(LSTM)networks for efficient detection of evolving multi-vector,malware-driven botnet attacks.The proposed CUDA-enabled hybrid deep learning(DL)framework performs centralized real-time detection without adding computational overhead to IoT nodes.A feature selection strategy combining variable clustering,attribute evaluation,one-R attribute evaluation,correlation analysis,and principal component analysis(PCA)enhances detection accuracy and reduces complexity.The framework is rigorously evaluated using the N_BaIoT dataset under k-fold cross-validation.Experimental results achieve 99.96%detection accuracy,a false positive rate(FPR)of 0.0035%,and a detection latency of 0.18 ms,confirming its high efficiency and scalability.The findings demonstrate the framework’s potential as a robust and intelligent security solution for next-generation IoT ecosystems.
基金supported in part by National Key R&D Program of China(Grant No.2022YFC3803700)in part by the National Natural Science Foundation of China(Grant No.92067102)in part by the project of Beijing Laboratory of Advanced Information Networks.
文摘The rise of time-sensitive applications with broad geographical scope drives the development of time-sensitive networking(TSN)from intra-domain to inter-domain to ensure overall end-to-end connectivity requirements in heterogeneous deployments.When multiple TSN networks interconnect over non-TSN networks,all devices in the network need to be syn-chronized by sharing a uniform time reference.How-ever,most non-TSN networks are best-effort.Path delay asymmetry and random noise accumulation can introduce unpredictable time errors during end-to-end time synchronization.These factors can degrade syn-chronization performance.Therefore,cross-domain time synchronization becomes a challenging issue for multiple TSN networks interconnected by non-TSN networks.This paper presents a cross-domain time synchronization scheme that follows the software-defined TSN(SD-TSN)paradigm.It utilizes a com-bined control plane constructed by a coordinate con-troller and a domain controller for centralized control and management of cross-domain time synchroniza-tion.The general operation flow of the cross-domain time synchronization process is designed.The mecha-nism of cross-domain time synchronization is revealed by introducing a synchronization model and an error compensation method.A TSN cross-domain proto-type testbed is constructed for verification.Results show that the scheme can achieve end-to-end high-precision time synchronization with accuracy and sta-bility.
基金supported by the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘Distributed denial of service(DDoS)attacks are common network attacks that primarily target Internet of Things(IoT)devices.They are critical for emerging wireless services,especially for applications with limited latency.DDoS attacks pose significant risks to entrepreneurial businesses,preventing legitimate customers from accessing their websites.These attacks require intelligent analytics before processing service requests.Distributed denial of service(DDoS)attacks exploit vulnerabilities in IoT devices by launchingmulti-point distributed attacks.These attacks generate massive traffic that overwhelms the victim’s network,disrupting normal operations.The consequences of distributed denial of service(DDoS)attacks are typically more severe in software-defined networks(SDNs)than in traditional networks.The centralised architecture of these networks can exacerbate existing vulnerabilities,as these weaknesses may not be effectively addressed in this model.The preliminary objective for detecting and mitigating distributed denial of service(DDoS)attacks in software-defined networks(SDN)is to monitor traffic patterns and identify anomalies that indicate distributed denial of service(DDoS)attacks.It implements measures to counter the effects ofDDoS attacks,and ensure network reliability and availability by leveraging the flexibility and programmability of SDN to adaptively respond to threats.The authors present a mechanism that leverages the OpenFlow and sFlow protocols to counter the threats posed by DDoS attacks.The results indicate that the proposed model effectively mitigates the negative effects of DDoS attacks in an SDN environment.
基金supported by the National Natural Science Foundation of China(61962016)the Ministry of Science and Technology of China(G2022033002L)+1 种基金National Natural Science Foundation of Guangxi(2022JJA170057)Guangxi Education Department’s Project on Improving the Basic Research Ability of Young and Middleaged Teachers in Universities(2023ky0812,Research on Statistical Network Delay Predictions in Large-scale SDNs).
文摘Accurate early classification of elephant flows(elephants)is important for network management and resource optimization.Elephant models,mainly based on the byte count of flows,can always achieve high accuracy,but not in a time-efficient manner.The time efficiency becomes even worse when the flows to be classified are sampled by flow entry timeout over Software-Defined Networks(SDNs)to achieve a better resource efficiency.This paper addresses this situation by combining co-training and Reinforcement Learning(RL)to enable a closed-loop classification approach that divides the entire classification process into episodes,each involving two elephant models.One predicts elephants and is retrained by a selection of flows automatically labeled online by the other.RL is used to formulate a reward function that estimates the values of the possible actions based on the current states of both models and further adjusts the ratio of flows to be labeled in each phase.Extensive evaluation based on real traffic traces shows that the proposed approach can stably predict elephants using the packets received in the first 10% of their lifetime with an accuracy of over 80%,and using only about 10% more control channel bandwidth than the baseline over the evolved SDNs.
基金supported in part by Scientific Research Fund of Zhejiang Provincial Education Department under Grant Y202351110in part by Huzhou Science and Technology Plan Project under Grant 2024YZ23+1 种基金in part by Research Fund of National Key Laboratory of Advanced Communication Networks under Grant SCX23641X004in part by Postgraduate Research and Innovation Project of Huzhou University under Grant 2024KYCX50.
文摘Zero Trust Network(ZTN)enhances network security through strict authentication and access control.However,in the ZTN,optimizing flow control to improve the quality of service is still facing challenges.Software Defined Network(SDN)provides solutions through centralized control and dynamic resource allocation,but the existing scheduling methods based on Deep Reinforcement Learning(DRL)are insufficient in terms of convergence speed and dynamic optimization capability.To solve these problems,this paper proposes DRL-AMIR,which is an efficient flow scheduling method for software defined ZTN.This method constructs a flow scheduling optimization model that comprehensively considers service delay,bandwidth occupation,and path hops.Additionally,it balances the differentiated requirements of delay-critical K-flows,bandwidth-intensive D-flows,and background B-flows through adaptiveweighting.Theproposed framework employs a customized state space comprising node labels,link bandwidth,delaymetrics,and path length.It incorporates an action space derived fromnode weights and a hybrid reward function that integrates both single-step and multi-step excitation mechanisms.Based on these components,a hierarchical architecture is designed,effectively integrating the data plane,control plane,and knowledge plane.In particular,the adaptive expert mechanism is introduced,which triggers the shortest path algorithm in the training process to accelerate convergence,reduce trial and error costs,and maintain stability.Experiments across diverse real-world network topologies demonstrate that DRL-AMIR achieves a 15–20%reduction in K-flow transmission delays,a 10–15%improvement in link bandwidth utilization compared to SPR,QoSR,and DRSIR,and a 30%faster convergence speed via adaptive expert mechanisms.
文摘目的/意义建设基于软件定义网络(software defined networking,SDN)架构的网络安全平台,以增强医院云计算安全防护。方法/过程基于SDN架构构建网络安全平台,并与入侵检测系统联动形成主动防御系统。对比分析平台应用前后租户横向攻击数量、攻击成功率、策略无阻断业务数、勒索软件加密数据量和安全团队操作工时等指标,验证平台的有效性。结果/结论基于SDN架构的网络安全平台可有效识别并阻断恶意流量,增强对医院云计算的安全防护。
基金extend their appreciation to Researcher Supporting Project Number(RSPD2023R582)King Saud University,Riyadh,Saudi Arabia.
文摘The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.
文摘当前移动互联的社会背景与网络环境对移动数据的管理与相关网络的建设提出更高要求,中国移动需要采取合理措施持续优化数据中心与软件定义网络(software defined network,SDN),确保满足最新的移动互联发展需求。基于此,概述中国移动数据中心与SDN,深入探讨中国移动数据中心SDN架构构建策略与技术应用要点,以供相关人员参考。
基金supported in part by the National High Technology Research and Development Program(863 Program)of China under Grant No.2011AA01A101the National High Technology Research and Development Program(863 Program)of China under Grant No.2013AA01330the National High Technology Research and Development Program(863 Program)of China under Grant No.2013AA013303
文摘By decoupling control plane and data plane,Software-Defined Networking(SDN) approach simplifies network management and speeds up network innovations.These benefits have led not only to prototypes,but also real SDN deployments.For wide-area SDN deployments,multiple controllers are often required,and the placement of these controllers becomes a particularly important task in the SDN context.This paper studies the problem of placing controllers in SDNs,so as to maximize the reliability of SDN control networks.We present a novel metric,called expected percentage of control path loss,to characterize the reliability of SDN control networks.We formulate the reliability-aware control placement problem,prove its NP-hardness,and examine several placement algorithms that can solve this problem.Through extensive simulations using real topologies,we show how the number of controllers and their placement influence the reliability of SDN control networks.Besides,we also found that,through strategic controller placement,the reliability of SDN control networks can be significantly improved without introducing unacceptable switch-to-controller latencies.
