This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset g...This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling.The proposed model is based on the XGBoost algorithm,optimized with Principal Component Analysis for dimensionality reduction,utilizing lightweight flowlevel features extracted from Open Flow statistics to classify attacks across critical IoT protocols including TCP,UDP,HTTP,MQTT,and CoAP.The model employs lightweight flow-level features extracted from Open Flow statistics to ensure low computational overhead and fast processing.Performance was rigorously evaluated using key metrics,including Accuracy,Precision,Recall,F1-Score,False Alarm Rate,AUC-ROC,and Detection Time.Experimental results demonstrate the model’s high performance,achieving an accuracy of 98.93%and a low FAR of 0.86%,with a rapid median detection time of 1.02 s.This efficiency validates its superiority in meeting critical Key Performance Indicators,such as Latency and high Throughput,necessary for time-sensitive SDN-IoT systems.Furthermore,the model’s robustness and statistically significant outperformance against baseline models such as Random Forest,k-Nearest Neighbors,and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.展开更多
With the birth of Software-Defined Networking(SDN),integration of both SDN and traditional architectures becomes the development trend of computer networks.Network intrusion detection faces challenges in dealing with ...With the birth of Software-Defined Networking(SDN),integration of both SDN and traditional architectures becomes the development trend of computer networks.Network intrusion detection faces challenges in dealing with complex attacks in SDN environments,thus to address the network security issues from the viewpoint of Artificial Intelligence(AI),this paper introduces the Crayfish Optimization Algorithm(COA)to the field of intrusion detection for both SDN and traditional network architectures,and based on the characteristics of the original COA,an Improved Crayfish Optimization Algorithm(ICOA)is proposed by integrating strategies of elite reverse learning,Levy flight,crowding factor and parameter modification.The ICOA is then utilized for AI-integrated feature selection of intrusion detection for both SDN and traditional network architectures,to reduce the dimensionality of the data and improve the performance of network intrusion detection.Finally,the performance evaluation is performed by testing not only the NSL-KDD dataset and the UNSW-NB 15 dataset for traditional networks but also the InSDN dataset for SDN-based networks.Experimental results show that ICOA improves the accuracy by 0.532%and 2.928%respectively compared with GWO and COA in traditional networks.In SDN networks,the accuracy of ICOA is 0.25%and 0.3%higher than COA and PSO.These findings collectively indicate that AI-integrated feature selection based on the proposed ICOA can promote network intrusion detection for both SDN and traditional architectures.展开更多
Along with the completion of the development of 4G technologies, the global mobile community starts the study of the next generation technologies, i.e. 5G technologies. This paper proposes a new flexible architecture ...Along with the completion of the development of 4G technologies, the global mobile community starts the study of the next generation technologies, i.e. 5G technologies. This paper proposes a new flexible architecture for 5G mobile networks based on Network Function Virtualization(NFV) and Software Defined Network(SDN) technologies, which is adaptable to use cases and scenarios. Then implementation reference architecture and some typical 5G network deployment cases are discussed. Besides, some key issues for further study are also indicated at the end.展开更多
Software-Defined Network(SDN)empowers the evolution of Internet with the OpenFlow,Network Virtualization and Service Slicing strategies.With the fast increasing requirements of Mobile Internet services,the Internet an...Software-Defined Network(SDN)empowers the evolution of Internet with the OpenFlow,Network Virtualization and Service Slicing strategies.With the fast increasing requirements of Mobile Internet services,the Internet and Mobile Networks go to the convergence.Mobile Networks can also get benefits from the SDN evolution to fulfill the 5th Generation(5G)capacity booming.The article implements SDN into Frameless Network Architecture(FNA)for 5G Mobile Network evolution with proposed Mobile-oriented OpenFlow Protocol(MOFP).The Control Plane/User Plane(CP/UP)separation and adaptation strategy is proposed to support the User-Centric scenario in FNA.The traditional Base Station is separated with Central Processing Entity(CPE)and Antenna Element(AE)to perform the OpenFlow and Network Virtualization.The AEs are released as new resources for serving users.The mobile-oriented Service Slicing with different Quality of Service(QoS)classification is proposed and Resource Pooling based Virtualized Radio Resource Management(VRRM)is optimized for the Service Slicing strategy with resource-limited feature in Mobile Networks.The capacity gains are provided to show the merits of SDN based FNA.And the MiniNet based Trial Network with Service Slicing is implemented with experimental results.展开更多
The traffic explosion and the rising of diverse requirements lead to many challenges for traditional mobile network architecture on flexibility, scalability, and deployability. To meet new requirements in the 5 G era,...The traffic explosion and the rising of diverse requirements lead to many challenges for traditional mobile network architecture on flexibility, scalability, and deployability. To meet new requirements in the 5 G era, service based architecture is introduced into mobile networks. The monolithic network elements(e.g., MME, PGW, etc.) are split into smaller network functions to provide customized services. However, the management and deployment of network functions in service based 5 G core network are still big challenges. In this paper, we propose a novel management architecture for 5 G service based core network based on NFV and SDN. Combined with SDN, NFV and edge computing, the proposed framework can provide distributed and on-demand deployment of network functions, service guaranteed network slicing, flexible orchestration of network functions and optimal workload allocation. Simulations are conducted to show that the proposed framework and algorithm are effective in terms of reducing network operating cost.展开更多
It's promising to use Software-Defined Networking(SDN) and Network Functions Virtualization(NFV) to integrate satellite and terrestrial networks. To construct network service function chains in such a multi-domain...It's promising to use Software-Defined Networking(SDN) and Network Functions Virtualization(NFV) to integrate satellite and terrestrial networks. To construct network service function chains in such a multi-domain environment, we propose a horizontal-based Multi-domain Service Function Chaining(Md-SFC) orchestration framework. In this framework, multi-domain orchestrators can coordinate with each other to guarantee the end-to-end service quality. Intra-domain orchestrators also coordinate SDN controllers and NFV management components to implement intra-domain service function chains. Based on this, we further propose a heuristic SFC mapping algorithm with a cooperative inter-domain path calculation method to map service function chains to infrastructures. In this method, master multi-domain orchestrator and intra-domain orchestrators coordinate to select proper inter-domain links. We compare the cooperative method with a naive uncooperative way that domains' topology information is provided to the master multi-domain orchestrator and it calculates the shortest inter-domain path between intra-domain service function chains directly. Simulation results demonstrate that our solution is feasible. It is able to construct end-to-end performance guaranteed service function chain by horizontal-based cooperation. The cooperative inter-domain path calculation method decreasesthe mapping load for the master orchestrator and gets the same end-to-end performance.展开更多
Loop free alternate(LFA)is a routing protection scheme that is currently deployed in commercial routers.However,LFA cannot handle all single network component failure scenarios in traditional networks.As Internet serv...Loop free alternate(LFA)is a routing protection scheme that is currently deployed in commercial routers.However,LFA cannot handle all single network component failure scenarios in traditional networks.As Internet service providers have begun to deploy software defined network(SDN)technology,the Internet will be in a hybrid SDN network where traditional and SDN devices coexist for a long time.Therefore,this study aims to deploy the LFA scheme in hybrid SDN network architecture to handle all possible single network component failure scenarios.First,the deployment of LFA scheme in a hybrid SDN network is described as a 0-1 integer linear programming(ILP)problem.Then,two greedy algorithms,namely,greedy algorithm for LFA based on hybrid SDN(GALFAHSDN)and improved greedy algorithm for LFA based on hybrid SDN(IGALFAHSDN),are proposed to solve the proposed problem.Finally,both algorithms are tested in the simulation environment and the real platform.Experiment results show that GALFAHSDN and IGALFAHSDN can cope with all single network component failure scenarios when only a small number of nodes are upgraded to SDN nodes.The path stretch of the two algorithms is less than 1.36.展开更多
New and emerging use cases, such as the interconnection of geographically distributed data centers(DCs), are drawing attention to the requirement for dynamic end-to-end service provisioning, spanning multiple and hete...New and emerging use cases, such as the interconnection of geographically distributed data centers(DCs), are drawing attention to the requirement for dynamic end-to-end service provisioning, spanning multiple and heterogeneous optical network domains. This heterogeneity is, not only due to the diverse data transmission and switching technologies, but also due to the different options of control plane techniques. In light of this, the problem of heterogeneous control plane interworking needs to be solved, and in particular, the solution must address the specific issues of multi-domain networks, such as limited domain topology visibility, given the scalability and confidentiality constraints. In this article, some of the recent activities regarding the Software-Defined Networking(SDN) orchestration are reviewed to address such a multi-domain control plane interworking problem. Specifically, three different models, including the single SDN controller model, multiple SDN controllers in mesh, and multiple SDN controllers in a hierarchical setting, are presented for the DC interconnection network with multiple SDN/Open Flow domains or multiple Open Flow/Generalized Multi-Protocol Label Switching( GMPLS) heterogeneous domains. I n addition, two concrete implementations of the orchestration architectures are detailed, showing the overall feasibility and procedures of SDN orchestration for the end-to-endservice provisioning in multi-domain data center optical networks.展开更多
This paper investigates on the base stations(BSs) sleeping control and energy saving in wireless network. The objective is to find the sleeping control and energy saving configuration between total power consumption a...This paper investigates on the base stations(BSs) sleeping control and energy saving in wireless network. The objective is to find the sleeping control and energy saving configuration between total power consumption and average video's quality. On the Software Defined Network(SDN) access network architecture, a type of sleeping control and active BSs' optimal transmitting time strategy is considered, the BS sleeps when there is no active users, and wakes up after a period of vacation time. In this paper, we study the active users grouping strategy, In order to spare more BSs into sleeping mode. Then this paper proposes an active BS transmitting time optimal strategy according to the users' Qo S. In the proposed strategy, the active BSs' transmitting time is minimized in order to save energy. This paper employs the mixed integer-programming model to present this optimization problem. Then we utilized a novel algorithm to save the energy in access networks and also meet the Qo S requirements. Both the analytical and simulation results show that the algorithm can effectively save energy in the access network BSs.展开更多
All-optical network,as a new backbone network,is featured with high speed and large capacity transmission.It may be out of order due to various faults while providing high-performance transmission service,thus more ef...All-optical network,as a new backbone network,is featured with high speed and large capacity transmission.It may be out of order due to various faults while providing high-performance transmission service,thus more effective fault repairing methods are required.A routing and wavelength assignment method based on SDN is designed and analyzed from the perspective of service function chaining in this paper.A multi-objective integer linear programming model based on impairment-aware and scheduling time is constructed by combining the unified control of control plane with the resource allocation mode of service function virtualization.Meanwhile,an improved Firefly Algorithm is adopted to solve the model for obtaining a better scheduling scheme,so as to the resources are allocated on-demand in a more flexible and efficient way,which effectively improved the self-recovery capability of the network.In the simulation experiments,Through the comparison between the method proposed and methods based on centralization and distribution,method proposed in the paper is superior to the compared ones in the indexes of survivability,blocking probability,link recovery time,and presents a better scheduling performance,makes the system has stronger ability of self-healing in the face of failure.展开更多
Software defined networking( SDN) offers programmable interface to effectively control their networks by decoupling control and data plane. The network operators utilize a centralized controller to deploy advanced net...Software defined networking( SDN) offers programmable interface to effectively control their networks by decoupling control and data plane. The network operators utilize a centralized controller to deploy advanced network management strategies. An architecture for application-aware routing which can support dynamic quality of service( Qo S) in SDN networks is proposed. The applicationaware routing as a multi-constrained optimal path( MCOP) problem is proposed,where applications are treated as Qo S flow and best-effort flows. With the SDN controller applications,it is able to dynamically lead routing decisions based on application characteristics and requirements,leading to a better overall user experience and higher utilization of network resources. The simulation results show that the improvement of application-aware routing framework on discovering appropriate routes,which can provide Qo S guarantees for a specific application in SDN networks.展开更多
Virtualization is the key technology of cloud computing. Network virtualization plays an important role in this field. Its performance is very relevant to network virtualizing. Nowadays its implementations are mainly ...Virtualization is the key technology of cloud computing. Network virtualization plays an important role in this field. Its performance is very relevant to network virtualizing. Nowadays its implementations are mainly based on the idea of Software Define Network (SDN). Open vSwitch is a sort of software virtual switch, which conforms to the OpenFlow protocol standard. It is basically deployed in the Linux kernel hypervisor. This leads to its performance relatively poor because of the limited system resource. In turn, the packet process throughput is very low.In this paper, we present a Cavium-based Open vSwitch implementation. The Cavium platform features with multi cores and couples of hard ac-celerators. It supports zero-copy of packets and handles packet more quickly. We also carry some experiments on the platform. It indicates that we can use it in the enterprise network or campus network as convergence layer and core layer device.展开更多
Software-defined networks (SDN) have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. ...Software-defined networks (SDN) have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. One enabling technology for wireless SDN is network virtualization, which logically divides one wireless network element, such as a base station, into multiple slices, and each slice serving as a standalone virtual BS. In this way, one physical mobile wireless network can be partitioned into multiple virtual networks in a software-defined manner. Wireless virtual networks comprising virtual base stations also need to provide QoS to mobile end-user services in the same context as their physical hosting networks. One key QoS parameter is delay. This paper presents a delay model for software-defined wireless virtual networks. Network calculus is used in the modelling. In particular, stochastic network calculus, which describes more realistic models than deterministic network calculus, is used. The model enables theoretical investigation of wireless SDN, which is largely dominated by either algorithms or prototype implementations.展开更多
The ever-increasing needs of Internet of Things networks (IoTn) present considerable issues in computing complexity, security, trust, and authentication, among others. This gets increasingly more challenging as techno...The ever-increasing needs of Internet of Things networks (IoTn) present considerable issues in computing complexity, security, trust, and authentication, among others. This gets increasingly more challenging as technology advances, and its use expands. As a consequence, boosting the capacity of these networks has garnered widespread attention. As a result, 5G, the next phase of cellular networks, is expected to be a game-changer, bringing with it faster data transmission rates, more capacity, improved service quality, and reduced latency. However, 5G networks continue to confront difficulties in establishing pervasive and dependable connections amongst high-speed IoT devices. Thus, to address the shortcomings in current recommendations, we present a unified architecture based on software-defined networks (SDNs) that provides 5G-enabled devices that must have complete secrecy. Through SDN, the architecture streamlines network administration while optimizing network communications. A mutual authentication protocol using elliptic curve cryptography is introduced for mutual authentication across certificate authorities and clustered heads in IoT network deployments based on IoT. Again, a dimensionality reduction intrusion detection mechanism is introduced to decrease computational cost and identify possible network breaches. However, to leverage the method’s potential, the initial module's security is reviewed. The second module is evaluated and compared to modern models.展开更多
With the development of satellite communications,the number of satellite nodes is constantly increasing,which undoubtedly increases the difficulty of maintaining network security.Combining software defined network(SDN...With the development of satellite communications,the number of satellite nodes is constantly increasing,which undoubtedly increases the difficulty of maintaining network security.Combining software defined network(SDN) with traditional space-based networks provides a new class of ideas for solving this problem.However,because of the highly centralized network management of the SDN controller,once the SDN controller is destroyed by network attacks,the network it manages will be paralyzed due to loss of control.One of the main security threats to SDN controllers is Distributed Denial of Service(DDoS) attacks,so how to detect DDoS attacks scientifically has become a hot topic among SDN security management.This paper proposes a DDoS attack detection method for space-based networks based on SDN architecture.This attack detection method combines the optimized Long Short-Term Memory(LSTM) deep learning model and Support Vector Machine(SVM),which can not only make classification judgments on the time series,but also achieve the purpose of detecting and judging through the flow characteristics of a period of time.In addition,it can reduce the detection time as well as the system burden.展开更多
空天地一体化网络作为6G技术的关键组成,在整合天基、空基和地基网络时,面临节点异构性、业务多样性等挑战,进而引发资源分配、竞争及故障风险等问题。基于此,聚焦基于软件定义网络(software defined network,SDN)与网络功能虚拟化(netw...空天地一体化网络作为6G技术的关键组成,在整合天基、空基和地基网络时,面临节点异构性、业务多样性等挑战,进而引发资源分配、竞争及故障风险等问题。基于此,聚焦基于软件定义网络(software defined network,SDN)与网络功能虚拟化(network functions virtualization,NFV)的空天地一体化网络任务部署与恢复,首先阐述了空天地一体化网络系统架构,介绍了各层网络构成、SDN和NFV原理及其相关应用,然后,针对上述挑战,以服务功能链技术为抓手,提出了面向任务的服务功能链优化部署、利用智能算法实现动态调度、通过匹配博弈算法完成失效恢复等策略,最后,构建了一个用例,设定节点部署、服务功能链建模等,验证了所提策略在提升服务功能链完成效率以及应对资源故障方面的有效性,旨在为空天地一体化网络资源管理提供理论基础。展开更多
文摘This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling.The proposed model is based on the XGBoost algorithm,optimized with Principal Component Analysis for dimensionality reduction,utilizing lightweight flowlevel features extracted from Open Flow statistics to classify attacks across critical IoT protocols including TCP,UDP,HTTP,MQTT,and CoAP.The model employs lightweight flow-level features extracted from Open Flow statistics to ensure low computational overhead and fast processing.Performance was rigorously evaluated using key metrics,including Accuracy,Precision,Recall,F1-Score,False Alarm Rate,AUC-ROC,and Detection Time.Experimental results demonstrate the model’s high performance,achieving an accuracy of 98.93%and a low FAR of 0.86%,with a rapid median detection time of 1.02 s.This efficiency validates its superiority in meeting critical Key Performance Indicators,such as Latency and high Throughput,necessary for time-sensitive SDN-IoT systems.Furthermore,the model’s robustness and statistically significant outperformance against baseline models such as Random Forest,k-Nearest Neighbors,and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.
基金supported by the National Natural Science Foundation of China under Grant 61602162the Hubei Provincial Science and Technology Plan Project under Grant 2023BCB041.
文摘With the birth of Software-Defined Networking(SDN),integration of both SDN and traditional architectures becomes the development trend of computer networks.Network intrusion detection faces challenges in dealing with complex attacks in SDN environments,thus to address the network security issues from the viewpoint of Artificial Intelligence(AI),this paper introduces the Crayfish Optimization Algorithm(COA)to the field of intrusion detection for both SDN and traditional network architectures,and based on the characteristics of the original COA,an Improved Crayfish Optimization Algorithm(ICOA)is proposed by integrating strategies of elite reverse learning,Levy flight,crowding factor and parameter modification.The ICOA is then utilized for AI-integrated feature selection of intrusion detection for both SDN and traditional network architectures,to reduce the dimensionality of the data and improve the performance of network intrusion detection.Finally,the performance evaluation is performed by testing not only the NSL-KDD dataset and the UNSW-NB 15 dataset for traditional networks but also the InSDN dataset for SDN-based networks.Experimental results show that ICOA improves the accuracy by 0.532%and 2.928%respectively compared with GWO and COA in traditional networks.In SDN networks,the accuracy of ICOA is 0.25%and 0.3%higher than COA and PSO.These findings collectively indicate that AI-integrated feature selection based on the proposed ICOA can promote network intrusion detection for both SDN and traditional architectures.
基金supported by the National Science and Technology Major Project No.2015ZX03002004
文摘Along with the completion of the development of 4G technologies, the global mobile community starts the study of the next generation technologies, i.e. 5G technologies. This paper proposes a new flexible architecture for 5G mobile networks based on Network Function Virtualization(NFV) and Software Defined Network(SDN) technologies, which is adaptable to use cases and scenarios. Then implementation reference architecture and some typical 5G network deployment cases are discussed. Besides, some key issues for further study are also indicated at the end.
基金This material is supported by the National Natural Science Foundation of China under Grant No.61001116 and 61121001Beijing Nova Programme No.Z131101000413030+1 种基金the National Major Project No.2013ZX03003002Program for Changjiang Scholars and Innovative Research Team in University No.IRT1049
文摘Software-Defined Network(SDN)empowers the evolution of Internet with the OpenFlow,Network Virtualization and Service Slicing strategies.With the fast increasing requirements of Mobile Internet services,the Internet and Mobile Networks go to the convergence.Mobile Networks can also get benefits from the SDN evolution to fulfill the 5th Generation(5G)capacity booming.The article implements SDN into Frameless Network Architecture(FNA)for 5G Mobile Network evolution with proposed Mobile-oriented OpenFlow Protocol(MOFP).The Control Plane/User Plane(CP/UP)separation and adaptation strategy is proposed to support the User-Centric scenario in FNA.The traditional Base Station is separated with Central Processing Entity(CPE)and Antenna Element(AE)to perform the OpenFlow and Network Virtualization.The AEs are released as new resources for serving users.The mobile-oriented Service Slicing with different Quality of Service(QoS)classification is proposed and Resource Pooling based Virtualized Radio Resource Management(VRRM)is optimized for the Service Slicing strategy with resource-limited feature in Mobile Networks.The capacity gains are provided to show the merits of SDN based FNA.And the MiniNet based Trial Network with Service Slicing is implemented with experimental results.
基金supported by China Ministry of Education-CMCC Research Fund Project No.MCM20160104National Science and Technology Major Project No.No.2018ZX03001016+1 种基金Beijing Municipal Science and technology Commission Research Fund Project No.Z171100005217001Fundamental Research Funds for Central Universities NO.2018RC06
文摘The traffic explosion and the rising of diverse requirements lead to many challenges for traditional mobile network architecture on flexibility, scalability, and deployability. To meet new requirements in the 5 G era, service based architecture is introduced into mobile networks. The monolithic network elements(e.g., MME, PGW, etc.) are split into smaller network functions to provide customized services. However, the management and deployment of network functions in service based 5 G core network are still big challenges. In this paper, we propose a novel management architecture for 5 G service based core network based on NFV and SDN. Combined with SDN, NFV and edge computing, the proposed framework can provide distributed and on-demand deployment of network functions, service guaranteed network slicing, flexible orchestration of network functions and optimal workload allocation. Simulations are conducted to show that the proposed framework and algorithm are effective in terms of reducing network operating cost.
基金supported by National High Technology of China ("863 program") under Grant No. 2015AA015702NSAF under Grant No.U1530118+1 种基金NSFC under Grant No.61602030National Basic Research Program of China ("973 program")under Grant No. 2013CB329101
文摘It's promising to use Software-Defined Networking(SDN) and Network Functions Virtualization(NFV) to integrate satellite and terrestrial networks. To construct network service function chains in such a multi-domain environment, we propose a horizontal-based Multi-domain Service Function Chaining(Md-SFC) orchestration framework. In this framework, multi-domain orchestrators can coordinate with each other to guarantee the end-to-end service quality. Intra-domain orchestrators also coordinate SDN controllers and NFV management components to implement intra-domain service function chains. Based on this, we further propose a heuristic SFC mapping algorithm with a cooperative inter-domain path calculation method to map service function chains to infrastructures. In this method, master multi-domain orchestrator and intra-domain orchestrators coordinate to select proper inter-domain links. We compare the cooperative method with a naive uncooperative way that domains' topology information is provided to the master multi-domain orchestrator and it calculates the shortest inter-domain path between intra-domain service function chains directly. Simulation results demonstrate that our solution is feasible. It is able to construct end-to-end performance guaranteed service function chain by horizontal-based cooperation. The cooperative inter-domain path calculation method decreasesthe mapping load for the master orchestrator and gets the same end-to-end performance.
基金This work is supported by the Program of Hainan Association for Science and Technology Plans to Youth R&D Innovation(No.QCXM201910)the National Natural Science Foundation of China(No.61702315,No.61802092)+2 种基金the Scientific Research Setup Fund of Hainan University(No.KYQD(ZR)1837)the Key R&D program(international science and technology cooperation project)of Shanxi Province China(No.201903D421003)Scientific and Technological Innovation Programs of Higher Education Institutions in Shanxi(No.201802013).
文摘Loop free alternate(LFA)is a routing protection scheme that is currently deployed in commercial routers.However,LFA cannot handle all single network component failure scenarios in traditional networks.As Internet service providers have begun to deploy software defined network(SDN)technology,the Internet will be in a hybrid SDN network where traditional and SDN devices coexist for a long time.Therefore,this study aims to deploy the LFA scheme in hybrid SDN network architecture to handle all possible single network component failure scenarios.First,the deployment of LFA scheme in a hybrid SDN network is described as a 0-1 integer linear programming(ILP)problem.Then,two greedy algorithms,namely,greedy algorithm for LFA based on hybrid SDN(GALFAHSDN)and improved greedy algorithm for LFA based on hybrid SDN(IGALFAHSDN),are proposed to solve the proposed problem.Finally,both algorithms are tested in the simulation environment and the real platform.Experiment results show that GALFAHSDN and IGALFAHSDN can cope with all single network component failure scenarios when only a small number of nodes are upgraded to SDN nodes.The path stretch of the two algorithms is less than 1.36.
文摘New and emerging use cases, such as the interconnection of geographically distributed data centers(DCs), are drawing attention to the requirement for dynamic end-to-end service provisioning, spanning multiple and heterogeneous optical network domains. This heterogeneity is, not only due to the diverse data transmission and switching technologies, but also due to the different options of control plane techniques. In light of this, the problem of heterogeneous control plane interworking needs to be solved, and in particular, the solution must address the specific issues of multi-domain networks, such as limited domain topology visibility, given the scalability and confidentiality constraints. In this article, some of the recent activities regarding the Software-Defined Networking(SDN) orchestration are reviewed to address such a multi-domain control plane interworking problem. Specifically, three different models, including the single SDN controller model, multiple SDN controllers in mesh, and multiple SDN controllers in a hierarchical setting, are presented for the DC interconnection network with multiple SDN/Open Flow domains or multiple Open Flow/Generalized Multi-Protocol Label Switching( GMPLS) heterogeneous domains. I n addition, two concrete implementations of the orchestration architectures are detailed, showing the overall feasibility and procedures of SDN orchestration for the end-to-endservice provisioning in multi-domain data center optical networks.
基金supported by the National High-Tech R&D Program (863 Program2015AA01A705)in part by Beijing Municipal Commission of Education (The City's Vehicle Sensing Grid Construction Based on Public Transportation Network)
文摘This paper investigates on the base stations(BSs) sleeping control and energy saving in wireless network. The objective is to find the sleeping control and energy saving configuration between total power consumption and average video's quality. On the Software Defined Network(SDN) access network architecture, a type of sleeping control and active BSs' optimal transmitting time strategy is considered, the BS sleeps when there is no active users, and wakes up after a period of vacation time. In this paper, we study the active users grouping strategy, In order to spare more BSs into sleeping mode. Then this paper proposes an active BS transmitting time optimal strategy according to the users' Qo S. In the proposed strategy, the active BSs' transmitting time is minimized in order to save energy. This paper employs the mixed integer-programming model to present this optimization problem. Then we utilized a novel algorithm to save the energy in access networks and also meet the Qo S requirements. Both the analytical and simulation results show that the algorithm can effectively save energy in the access network BSs.
基金supported by the National Science and Technology Major Project(No.2016ZX03001023-005)National Natural Science Foundation of China(No.61403109)+2 种基金China Postdoctoral Science Foundation(No.2019M651263)Scientific Research Fund of Heilongjiang Provincial Education Department(No.12541169)Natural Science Foundation of Heilongjiang Province(No.F2017015)。
文摘All-optical network,as a new backbone network,is featured with high speed and large capacity transmission.It may be out of order due to various faults while providing high-performance transmission service,thus more effective fault repairing methods are required.A routing and wavelength assignment method based on SDN is designed and analyzed from the perspective of service function chaining in this paper.A multi-objective integer linear programming model based on impairment-aware and scheduling time is constructed by combining the unified control of control plane with the resource allocation mode of service function virtualization.Meanwhile,an improved Firefly Algorithm is adopted to solve the model for obtaining a better scheduling scheme,so as to the resources are allocated on-demand in a more flexible and efficient way,which effectively improved the self-recovery capability of the network.In the simulation experiments,Through the comparison between the method proposed and methods based on centralization and distribution,method proposed in the paper is superior to the compared ones in the indexes of survivability,blocking probability,link recovery time,and presents a better scheduling performance,makes the system has stronger ability of self-healing in the face of failure.
基金Supported by the National Basic Research Program of China(No.2012CB315803)the Around Five Top Priorities of One-Three-Five Strategic Planning,CNIC(No.CNIC PY 1401)Chinese Academy of Sciences,and the Knowledge Innovation Program of the Chinese Academy of Sciences(No.CNIC_QN_1508)
文摘Software defined networking( SDN) offers programmable interface to effectively control their networks by decoupling control and data plane. The network operators utilize a centralized controller to deploy advanced network management strategies. An architecture for application-aware routing which can support dynamic quality of service( Qo S) in SDN networks is proposed. The applicationaware routing as a multi-constrained optimal path( MCOP) problem is proposed,where applications are treated as Qo S flow and best-effort flows. With the SDN controller applications,it is able to dynamically lead routing decisions based on application characteristics and requirements,leading to a better overall user experience and higher utilization of network resources. The simulation results show that the improvement of application-aware routing framework on discovering appropriate routes,which can provide Qo S guarantees for a specific application in SDN networks.
文摘Virtualization is the key technology of cloud computing. Network virtualization plays an important role in this field. Its performance is very relevant to network virtualizing. Nowadays its implementations are mainly based on the idea of Software Define Network (SDN). Open vSwitch is a sort of software virtual switch, which conforms to the OpenFlow protocol standard. It is basically deployed in the Linux kernel hypervisor. This leads to its performance relatively poor because of the limited system resource. In turn, the packet process throughput is very low.In this paper, we present a Cavium-based Open vSwitch implementation. The Cavium platform features with multi cores and couples of hard ac-celerators. It supports zero-copy of packets and handles packet more quickly. We also carry some experiments on the platform. It indicates that we can use it in the enterprise network or campus network as convergence layer and core layer device.
基金supported in part by the grant from the National Natural Science Foundation of China (60973129)
文摘Software-defined networks (SDN) have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. One enabling technology for wireless SDN is network virtualization, which logically divides one wireless network element, such as a base station, into multiple slices, and each slice serving as a standalone virtual BS. In this way, one physical mobile wireless network can be partitioned into multiple virtual networks in a software-defined manner. Wireless virtual networks comprising virtual base stations also need to provide QoS to mobile end-user services in the same context as their physical hosting networks. One key QoS parameter is delay. This paper presents a delay model for software-defined wireless virtual networks. Network calculus is used in the modelling. In particular, stochastic network calculus, which describes more realistic models than deterministic network calculus, is used. The model enables theoretical investigation of wireless SDN, which is largely dominated by either algorithms or prototype implementations.
文摘The ever-increasing needs of Internet of Things networks (IoTn) present considerable issues in computing complexity, security, trust, and authentication, among others. This gets increasingly more challenging as technology advances, and its use expands. As a consequence, boosting the capacity of these networks has garnered widespread attention. As a result, 5G, the next phase of cellular networks, is expected to be a game-changer, bringing with it faster data transmission rates, more capacity, improved service quality, and reduced latency. However, 5G networks continue to confront difficulties in establishing pervasive and dependable connections amongst high-speed IoT devices. Thus, to address the shortcomings in current recommendations, we present a unified architecture based on software-defined networks (SDNs) that provides 5G-enabled devices that must have complete secrecy. Through SDN, the architecture streamlines network administration while optimizing network communications. A mutual authentication protocol using elliptic curve cryptography is introduced for mutual authentication across certificate authorities and clustered heads in IoT network deployments based on IoT. Again, a dimensionality reduction intrusion detection mechanism is introduced to decrease computational cost and identify possible network breaches. However, to leverage the method’s potential, the initial module's security is reviewed. The second module is evaluated and compared to modern models.
基金the National Natural Science Foundation of Chi⁃na under Grant Nos.61671183 and 61771163.
文摘With the development of satellite communications,the number of satellite nodes is constantly increasing,which undoubtedly increases the difficulty of maintaining network security.Combining software defined network(SDN) with traditional space-based networks provides a new class of ideas for solving this problem.However,because of the highly centralized network management of the SDN controller,once the SDN controller is destroyed by network attacks,the network it manages will be paralyzed due to loss of control.One of the main security threats to SDN controllers is Distributed Denial of Service(DDoS) attacks,so how to detect DDoS attacks scientifically has become a hot topic among SDN security management.This paper proposes a DDoS attack detection method for space-based networks based on SDN architecture.This attack detection method combines the optimized Long Short-Term Memory(LSTM) deep learning model and Support Vector Machine(SVM),which can not only make classification judgments on the time series,but also achieve the purpose of detecting and judging through the flow characteristics of a period of time.In addition,it can reduce the detection time as well as the system burden.
文摘空天地一体化网络作为6G技术的关键组成,在整合天基、空基和地基网络时,面临节点异构性、业务多样性等挑战,进而引发资源分配、竞争及故障风险等问题。基于此,聚焦基于软件定义网络(software defined network,SDN)与网络功能虚拟化(network functions virtualization,NFV)的空天地一体化网络任务部署与恢复,首先阐述了空天地一体化网络系统架构,介绍了各层网络构成、SDN和NFV原理及其相关应用,然后,针对上述挑战,以服务功能链技术为抓手,提出了面向任务的服务功能链优化部署、利用智能算法实现动态调度、通过匹配博弈算法完成失效恢复等策略,最后,构建了一个用例,设定节点部署、服务功能链建模等,验证了所提策略在提升服务功能链完成效率以及应对资源故障方面的有效性,旨在为空天地一体化网络资源管理提供理论基础。
