In order to improve the scalability and reliability of Software Defined Networking(SDN),many studies use multiple controllers to constitute logically centralized control plane to provide load balancing and fail over.I...In order to improve the scalability and reliability of Software Defined Networking(SDN),many studies use multiple controllers to constitute logically centralized control plane to provide load balancing and fail over.In this paper,we develop a flexible dormant multi-controller model based on the centralized multi-controller architecture.The dormant multi-controller model allows part of controllers to enter the dormant state under light traffic condition for saving system cost.Meanwhile,through queueing analysis,various performance measures of the system can be obtained.Moreover,we analyze the real traffic of China Education Network and use the results as the parameters of computer simulation and verify the effects of parameters on the system characteristics.Finally,a total expected cost function is established,and genetic algorithm is employed to find the optimal values of various parameters to minimize system cost for the deployment decision making.展开更多
With the increase of network complexity,the flexibility of network control and management becomes a nontrivial problem.Both Software Defined Network(SDN) and Autonomic Network technologies are sophisticated technologi...With the increase of network complexity,the flexibility of network control and management becomes a nontrivial problem.Both Software Defined Network(SDN) and Autonomic Network technologies are sophisticated technologies for the network control and management.These two technologies could be combined together to construct a software defined self-managing solution for the future network.An autonomic QoS management mechanism in Software Defined Network(AQSDN) is proposed in this paper.In AQSDN,the various QoS features can be configured autonomically in an OpenFlow switch through extending the OpenFlow and OF-Config protocols.Based on AQSDN,a novel packet context-aware QoS model(PCaQoS) is also introduced for improving the network QoS.PCaQoS takes packet context into account when packet is marked and managed into forwarding queues.The implementation of a video application's prototype which evaluates the self-configuration feature of the AQSDN and the enhancement ability of the PCaQoS is presented in order to validate this design.展开更多
Distributed Denial of Service(DDoS) attacks have been one of the most destructive threats to Internet security. By decoupling the network control and data plane, software defined networking(SDN) offers a flexible netw...Distributed Denial of Service(DDoS) attacks have been one of the most destructive threats to Internet security. By decoupling the network control and data plane, software defined networking(SDN) offers a flexible network management paradigm to solve DDoS attack in traditional networks. However, the centralized nature of SDN is also a potential vulnerability for DDo S attack. In this paper, we first provide some SDN-supported mechanisms against DDoS attack in traditional networks. A systematic review of various SDN-self DDo S threats are then presented as well as the existing literatures on quickly DDoS detection and defense in SDN. Finally, some promising research directions in this field are introduced.展开更多
The Internet of Vehicles(IoV)has been widely researched in recent years,and cloud computing has been one of the key technologies in the IoV.Although cloud computing provides high performance compute,storage and networ...The Internet of Vehicles(IoV)has been widely researched in recent years,and cloud computing has been one of the key technologies in the IoV.Although cloud computing provides high performance compute,storage and networking services,the IoV still suffers with high processing latency,less mobility support and location awareness.In this paper,we integrate fog computing and software defined networking(SDN) to address those problems.Fog computing extends computing and storing to the edge of the network,which could decrease latency remarkably in addition to enable mobility support and location awareness.Meanwhile,SDN provides flexible centralized control and global knowledge to the network.In order to apply the software defined cloud/fog networking(SDCFN) architecture in the IoV effectively,we propose a novel SDN-based modified constrained optimization particle swarm optimization(MPSO-CO) algorithm which uses the reverse of the flight of mutation particles and linear decrease inertia weight to enhance the performance of constrained optimization particle swarm optimization(PSO-CO).The simulation results indicate that the SDN-based MPSO-CO algorithm could effectively decrease the latency and improve the quality of service(QoS) in the SDCFN architecture.展开更多
Satellite communication networks have been evolving from standalone networks with ad-hoc infrastructures to possibly interconnected portions of a wider Future Internet architecture. Experts belonging to the fifth-gene...Satellite communication networks have been evolving from standalone networks with ad-hoc infrastructures to possibly interconnected portions of a wider Future Internet architecture. Experts belonging to the fifth-generation(5 G) standardization committees are considering satellites as a technology to integrate in the 5 G environment. Software Defined Networking(SDN) is one of the paradigms of the next generation of mobile and fixed communications. It can be employed to perform different control functionalities, such as routing, because it allows traffic flow identification based on different parameters and traffic flow management in a centralized way. A centralized set of controllers makes the decisions and sends the corresponding forwarding rules for each traffic flow to the involved intermediate nodes that practically forward data up to the destination. The time to perform this process in integrated terrestrial-satellite networks could be not negligible due to satellite link delays. The aim of this paper is to introduce an SDN-based terrestrial satellite network architecture and to estimate the mean time to deliver the data of a new traffic flow from the source to the destination including the time required to transfer SDN control actions. The practical effect is to identify the maximum performance than can be expected.展开更多
Software defined optical networks (SDONs) integrate software defined technology with optical communication networks and represent the promising development trend of future optical networks. The key technologies for ...Software defined optical networks (SDONs) integrate software defined technology with optical communication networks and represent the promising development trend of future optical networks. The key technologies for SDONs include software-defined optical transmission, switching, and networking. The main features include control and transport separation, hard-ware universalization, protocol standardization, controllable optical network, and flexible optical network applications. This paper introduces software defined optical networks and its innovation environment, in terms of network architecture, protocol extension solution, experiment platform and typical applications. Batch testing has been conducted to evaluate the performance of this SDON testbed. The results show that the SDON testbed has good scalability in different sizes. Meanwhile, we notice that controller output bandwidth has great influence on lightpath setup delay.展开更多
Software Defined Satellite Networks(SDSN) are proposed to solve the problems in traditional satellite networks, such as time-consuming configuration and inflexible traffic scheduling. The emerging application of small...Software Defined Satellite Networks(SDSN) are proposed to solve the problems in traditional satellite networks, such as time-consuming configuration and inflexible traffic scheduling. The emerging application of small satellite and research of SDSN make it possible for satellite networks to provide flexible network services. Service Function Chain(SFC) can satisfy this need. In this paper, we are motivated to investigate applying SFC in the small satellite-based SDSN for service delivery. We introduce the structure of the multi-layer constellation-based SDSN. Then, we describe two deployment patterns of SFC in SDSN, the Multi-Domain(MD) pattern and the Satellite Formation(SF) pattern. We propose two algorithms, SFP-MD, and SFP-SF, to calculate the Service Function Path(SFP). We implement the algorithms and conduct contrast experiments in our prototype. Finally, we summarize the applicable conditions of two deployment patterns according to the experimental results in terms of hops, delay, and packet loss rate.展开更多
This paper proposes a cross-layer design to enhance the location privacy under a coordinated medium access control(MAC) protocol for the Internet of Vehicles(Io V). The channel and pseudonym resources are both essenti...This paper proposes a cross-layer design to enhance the location privacy under a coordinated medium access control(MAC) protocol for the Internet of Vehicles(Io V). The channel and pseudonym resources are both essential for transmission efficiency and privacy preservation in the Io V. Nevertheless, the MAC protocol and pseudonym scheme are usually studied separately, in which a new MAC layer semantic linking attack could be carried out by analyzing the vehicles' transmission patterns even if they change pseudonyms simultaneously. This paper presents a hierarchical architecture named as the software defined Internet of Vehicles(SDIV). Facilitated by the architecture, a MAC layer aware pseudonym(MAP) scheme is proposed to resist the new attack. In the MAP, RSU clouds coordinate vehicles to change their transmission slots and pseudonyms simultaneously in the mix-zones by measuring the privacy level quantitatively. Security analysis and extensive simulations are conducted to show that the scheme provides reliable safety message broadcasting, improves the location privacy and network throughput in the Io V.展开更多
Due to 5G's stringent and uncertainty traffic requirements,open ecosystem would be one inevitable way to develop 5G.On the other hand,GPP based mobile communication becomes appealing recently attributed to its str...Due to 5G's stringent and uncertainty traffic requirements,open ecosystem would be one inevitable way to develop 5G.On the other hand,GPP based mobile communication becomes appealing recently attributed to its striking advantage in flexibility and re-configurability.In this paper,both the advantages and challenges of GPP platform are detailed analyzed.Furthermore,both GPP based software and hardware architectures for open 5G are presented and the performances of real-time signal processing and power consumption are also evaluated.The evaluation results indicate that turbo and power consumption may be another challengeable problem should be further solved to meet the requirements of realistic deployments.展开更多
In software-defined networking,the separation of control plane from forwarding plane introduces new challenges to network reliability.This paper proposes a fault-tolerant routing mechanism to improve survivability by ...In software-defined networking,the separation of control plane from forwarding plane introduces new challenges to network reliability.This paper proposes a fault-tolerant routing mechanism to improve survivability by converting the survivability problem into two sub-problems:constructing an elastic-aware routing tree and controller selection.Based on the shortest path tree,this scheme continuously attempts to prune the routing tree to enhance network survivability.After a certain number of iterations,elastic-aware routing continues to improve network resiliency by increasing the number of edges in this tree.Simulation results demonstrate this fault-tolerant mechanism performs better than the traditional method in terms of the number of protected nodes and network fragility indicator.展开更多
Software-defined networks (SDN) have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. ...Software-defined networks (SDN) have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. One enabling technology for wireless SDN is network virtualization, which logically divides one wireless network element, such as a base station, into multiple slices, and each slice serving as a standalone virtual BS. In this way, one physical mobile wireless network can be partitioned into multiple virtual networks in a software-defined manner. Wireless virtual networks comprising virtual base stations also need to provide QoS to mobile end-user services in the same context as their physical hosting networks. One key QoS parameter is delay. This paper presents a delay model for software-defined wireless virtual networks. Network calculus is used in the modelling. In particular, stochastic network calculus, which describes more realistic models than deterministic network calculus, is used. The model enables theoretical investigation of wireless SDN, which is largely dominated by either algorithms or prototype implementations.展开更多
Virtualization of network/service functions means time sharing network/service(and affiliated)resources in a hyper speed manner.The concept of time sharing was popularized in the 1970s with mainframe computing.The s...Virtualization of network/service functions means time sharing network/service(and affiliated)resources in a hyper speed manner.The concept of time sharing was popularized in the 1970s with mainframe computing.The same concept has recently resurfaced under the guise of cloud computing and virtualized computing.Although cloud computing was originally used in IT for server virtualization,the ICT industry is taking a new look at virtualization.This paradigm shift is shaking up the computing,storage,networking,and ser vice industries.The hope is that virtualizing and automating configuration and service management/orchestration will save both capes and opex for network transformation.A complimentary trend is the separation(over an open interface)of control and transmission.This is commonly referred to as software defined networking(SDN).This paper reviews trends in network/service functions,efforts to standardize these functions,and required management and orchestration.展开更多
Due to the development of network technology,the number of users is increasing rapidly,and the demand for emerging multicast services is becoming more and more abundant,traffic data is increasing day by day,network no...Due to the development of network technology,the number of users is increasing rapidly,and the demand for emerging multicast services is becoming more and more abundant,traffic data is increasing day by day,network nodes are becoming denser,network topology is becoming more complex,and operators’equipment operation and maintenance costs are increasing.Network functions virtualization multicast issues include building a traffic forwarding topology,deploying the required functions,and directing traffic.Combining the two is still a problem to be studied in depth at present,and this paper proposes a two-stage solution where the decisions of these two stages are interdependent.Specifically,this paper decouples multicast traffic forwarding and function delivery.The minimum spanning tree of traffic forwarding is constructed by Steiner tree,and the traffic forwarding is realized by Viterbi-algorithm.Use a general topology network to examine network cost and service performance.Simulation results show that this method can reduce overhead and delay and optimize user experience.展开更多
Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,t...Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,the proliferation of Internet of Things(IoT)has increased the quantity of vulnerable devices connected to the network and has intensified the threat of LFAs.In LFAs,attackers typically utilize low-speed flows that do not reach the victims,making the attack difficult to detect.Traditional LFA defense methods mainly reroute the attack traffic around the congested link,which encounters high complexity and high computational overhead due to the aggregation of massive attack traffic.To address these challenges,we present an LFA defense framework which can mitigate the attack flows at the border switches when they are small in scale.This framework is lightweight and can be deployed at border switches of the network in a distributed manner,which ensures the scalability of our defense system.The performance of our framework is assessed in an experimental environment.The simulation results indicate that our method is effective in detecting and mitigating LFAs with low time complexity.展开更多
Software Defined Networking(SDN) is a revolutionary networking paradigm towards the future network,experiencing rapid development nowadays.However,its main characteristic,the separation of control plane and data plane...Software Defined Networking(SDN) is a revolutionary networking paradigm towards the future network,experiencing rapid development nowadays.However,its main characteristic,the separation of control plane and data plane,also brings about new security challenges,i.e.,Denial-of-Service(DoS) attacks specific to Open Flow SDN networks to exhaust the control plane bandwidth and overload the buffer memory of Open Flow switch.To mitigate the DoS attacks in the Open Flow networks,we design and implement SGuard,a security application on top of the NOX controller that mainly contains two modules:Access control module and Classification module.We employ novel six-tuple as feature vector to classify traffic flows,meanwhile optimizing classification by feature ranking and selecting algorithms.All the modules will cooperate with each other to complete a series of tasks such as authorization,classification and so on.At the end of this paper,we experimentally use Mininet to evaluate SGuard in a software environment.The results show that SGuard works efficiently and accurately without adding more overhead to the SDN networks.展开更多
Software Defined Networking(SDN) provides flexible network management by decoupling control plane from data plane. And multiple controllers are deployed to improve the scalability and reliability of the control plane,...Software Defined Networking(SDN) provides flexible network management by decoupling control plane from data plane. And multiple controllers are deployed to improve the scalability and reliability of the control plane, which could divide the network into several subdomains with separate controllers. However, such deployment introduces a new problem of controller load imbalance due to the dynamic traffic and the static configuration between switches and controllers. To address this issue, this paper proposes a Distribution Decision Mechanism(DDM) based on switch migration in the multiple subdomains SDN network. Firstly, through collecting network information, it constructs distributed migration decision fields based on the controller load condition. Then we choose the migrating switches according to the selection probability, and the target controllers are determined by integrating three network costs, including data collection, switch migration and controller state synchronization. Finally, we set the migrating countdown to achieve the ordered switch migration. Through verifying several evaluation indexes, results show that the proposed mechanism can achieve controller load balancing with better performance.展开更多
Software Defined Networking(SDN) provides flexible network management by decoupling control plane and data plane. However, such separation introduces the issues regarding the reliability of the control plane and contr...Software Defined Networking(SDN) provides flexible network management by decoupling control plane and data plane. However, such separation introduces the issues regarding the reliability of the control plane and controller load imbalance in the distributed SDN network, which will cause the low network stability and the poor controller performance. This paper proposes Reliable and Load balance-aware Multi-controller Deployment(RLMD) strategy to address the above problems. Firstly, we establish a multiple-controller network model and define the relevant parameters for RLMD. Then, we design the corresponding algorithms to implement this strategy. By weighing node efficiency and path quality, Controller Placement Selection(CPS) algorithm is introduced to explore the reliable deployments of the controllers. On this basis, we design Multiple Domain Partition(MDP) algorithm to allocate switches for controllers according to node attractability and controller load balancing rate, which could realize the reasonable domain planning. Finally, the simulations show that, compared with the typical strategies, RLMD has the better performance in improving the reliability of the control plane and balancing the distribution of the controller loads.展开更多
Publish/subscribe paradigm paves a way to integrate and serve many scalable, inter-operable Internet of Things(IoT) applications. The increasing IoT applications require new properties of publish/subscribe communicati...Publish/subscribe paradigm paves a way to integrate and serve many scalable, inter-operable Internet of Things(IoT) applications. The increasing IoT applications require new properties of publish/subscribe communication model, for example, strict quality of service(Qo S) guarantees, supporting a large number of widely distributed devices, etc. Software Defined Networking(SDN) enables personalized programming and individualized QoS supports for different applications. The combination of the two will have a good prospect. In this paper, we present an IoT-oriented communication platform which combines the publish/subscribe paradigm with SDN, aiming at establishing an IoT ecosystem to facilitate IoT services/applications accessing internet. We design the interaction logic of topic-based publish/subscribe middleware, and describe the setup and maintenance of topology information as well as event routing in detail, considering the characteristics of SDN. Finally, we exemplify its practicability with a deployed District Heating Control and Information Service System(DHCISS) and validity the effectiveness with some experiments.展开更多
Software-Defined Networking(SDN)provides flexible and global network management by decoupling control plane from data plane,and multiple controllers are deployed in the network in a logically centralized and physicall...Software-Defined Networking(SDN)provides flexible and global network management by decoupling control plane from data plane,and multiple controllers are deployed in the network in a logically centralized and physically distributed way.However,the existing approaches generally deploy the controllers with the same type in the network,which easily causes homogeneous controller common-mode fault.To this end,this paper proposes heterogeneous controller deployment in the SDN,considering the different types of controllers and relevant criteria(e.g.,delay,control link interruption rate,and controller fault rate).Then,we introduce a Safe and Reliable Heterogeneous Controller Deployment(SRHCD)approach,consisting of two stages.Stage 1 determines the type and the number of heterogeneous controllers required for the SDN network based on the dynamic programming.Stage 2 divides the SDN network into multiple subnets by k-means algorithm and improves the genetic algorithm to optimize the heterogeneous controller deployment in these SDN subnets to ensure reliable switch-controller communications.Finally,the simulation results show that the proposed approach can effectively reduce the control plane fault rate and increase the attack difficulties.Besides,the switch-controller delay has been lowered by 16.5%averagely.展开更多
The fast deployment and penetration of 4G has cultivated human behaviors on mobile data consumption, leading to explosive growth in mobile traffic and stimulating new requirements on the capabilities of mobile network...The fast deployment and penetration of 4G has cultivated human behaviors on mobile data consumption, leading to explosive growth in mobile traffic and stimulating new requirements on the capabilities of mobile networks. To meet the requirements of mobile networks toward year 2020, the next genera- tion of mobile networks (termed as IMT-2020, or 5G) is designed to support 100 Mbps-1 Gbps user-experienced data rate, 1 ms radio transmission latency, and 1 million connec- tions per square kilometer. Recalling the vision and requirements of 5G targeting for commer- cial launch in 2020, this article overviews the key features of 5G and compares with those of 4G, and reports the world first field trials conducted to validate the key performance of 5G radio interface in 3.SGHz band. The trial results show that a 1 ms transmission latency and 1 Gbps data rate are achievable.展开更多
基金the National High-tech R&D Program ("863" Program) of China,the National Science Foundation of China,National Science & Technology Pillar Program of China,the National Science Foundation of China,the Post-Doctoral Funding of China,Tsinghua-Huawei joint research project
文摘In order to improve the scalability and reliability of Software Defined Networking(SDN),many studies use multiple controllers to constitute logically centralized control plane to provide load balancing and fail over.In this paper,we develop a flexible dormant multi-controller model based on the centralized multi-controller architecture.The dormant multi-controller model allows part of controllers to enter the dormant state under light traffic condition for saving system cost.Meanwhile,through queueing analysis,various performance measures of the system can be obtained.Moreover,we analyze the real traffic of China Education Network and use the results as the parameters of computer simulation and verify the effects of parameters on the system characteristics.Finally,a total expected cost function is established,and genetic algorithm is employed to find the optimal values of various parameters to minimize system cost for the deployment decision making.
基金This work was supported in part by the National High Technology Research and Development Program (863 Program) of China under Grant No. 2011AA01A101, No.2013AA013303, No.2013AA013301and National Natural science foundation of China No. 61370197 & 61271041.
文摘With the increase of network complexity,the flexibility of network control and management becomes a nontrivial problem.Both Software Defined Network(SDN) and Autonomic Network technologies are sophisticated technologies for the network control and management.These two technologies could be combined together to construct a software defined self-managing solution for the future network.An autonomic QoS management mechanism in Software Defined Network(AQSDN) is proposed in this paper.In AQSDN,the various QoS features can be configured autonomically in an OpenFlow switch through extending the OpenFlow and OF-Config protocols.Based on AQSDN,a novel packet context-aware QoS model(PCaQoS) is also introduced for improving the network QoS.PCaQoS takes packet context into account when packet is marked and managed into forwarding queues.The implementation of a video application's prototype which evaluates the self-configuration feature of the AQSDN and the enhancement ability of the PCaQoS is presented in order to validate this design.
基金supported in part by the“973”Program of China under Grant No.2013CB329103the National Natural Science Foundation of China under Grant No.61271171 and No.61401070+1 种基金National Key Research and Development Program of China No.2016YFB0800105the“863”Program of China under Grant No.2015AA015702 and No.2015AA016102
文摘Distributed Denial of Service(DDoS) attacks have been one of the most destructive threats to Internet security. By decoupling the network control and data plane, software defined networking(SDN) offers a flexible network management paradigm to solve DDoS attack in traditional networks. However, the centralized nature of SDN is also a potential vulnerability for DDo S attack. In this paper, we first provide some SDN-supported mechanisms against DDoS attack in traditional networks. A systematic review of various SDN-self DDo S threats are then presented as well as the existing literatures on quickly DDoS detection and defense in SDN. Finally, some promising research directions in this field are introduced.
基金supported in part by National Natural Science Foundation of China (No.61401331,No.61401328)111 Project in Xidian University of China(B08038)+2 种基金Hong Kong,Macao and Taiwan Science and Technology Cooperation Special Project (2014DFT10320,2015DFT10160)The National Science and Technology Major Project of the Ministry of Science and Technology of China(2015zx03002006-003)FundamentalResearch Funds for the Central Universities (20101155739)
文摘The Internet of Vehicles(IoV)has been widely researched in recent years,and cloud computing has been one of the key technologies in the IoV.Although cloud computing provides high performance compute,storage and networking services,the IoV still suffers with high processing latency,less mobility support and location awareness.In this paper,we integrate fog computing and software defined networking(SDN) to address those problems.Fog computing extends computing and storing to the edge of the network,which could decrease latency remarkably in addition to enable mobility support and location awareness.Meanwhile,SDN provides flexible centralized control and global knowledge to the network.In order to apply the software defined cloud/fog networking(SDCFN) architecture in the IoV effectively,we propose a novel SDN-based modified constrained optimization particle swarm optimization(MPSO-CO) algorithm which uses the reverse of the flight of mutation particles and linear decrease inertia weight to enhance the performance of constrained optimization particle swarm optimization(PSO-CO).The simulation results indicate that the SDN-based MPSO-CO algorithm could effectively decrease the latency and improve the quality of service(QoS) in the SDCFN architecture.
文摘Satellite communication networks have been evolving from standalone networks with ad-hoc infrastructures to possibly interconnected portions of a wider Future Internet architecture. Experts belonging to the fifth-generation(5 G) standardization committees are considering satellites as a technology to integrate in the 5 G environment. Software Defined Networking(SDN) is one of the paradigms of the next generation of mobile and fixed communications. It can be employed to perform different control functionalities, such as routing, because it allows traffic flow identification based on different parameters and traffic flow management in a centralized way. A centralized set of controllers makes the decisions and sends the corresponding forwarding rules for each traffic flow to the involved intermediate nodes that practically forward data up to the destination. The time to perform this process in integrated terrestrial-satellite networks could be not negligible due to satellite link delays. The aim of this paper is to introduce an SDN-based terrestrial satellite network architecture and to estimate the mean time to deliver the data of a new traffic flow from the source to the destination including the time required to transfer SDN control actions. The practical effect is to identify the maximum performance than can be expected.
基金supported by ZTE Industry-Academia-Research Cooperation Funds under Grant No.Surrey-Ref-9953
文摘Software defined optical networks (SDONs) integrate software defined technology with optical communication networks and represent the promising development trend of future optical networks. The key technologies for SDONs include software-defined optical transmission, switching, and networking. The main features include control and transport separation, hard-ware universalization, protocol standardization, controllable optical network, and flexible optical network applications. This paper introduces software defined optical networks and its innovation environment, in terms of network architecture, protocol extension solution, experiment platform and typical applications. Batch testing has been conducted to evaluate the performance of this SDON testbed. The results show that the SDON testbed has good scalability in different sizes. Meanwhile, we notice that controller output bandwidth has great influence on lightpath setup delay.
基金supported in part by NSFC of China under Grant No.61232017National Basic Research Program of China(“973 program”)under Grant No.2013CB329101+1 种基金Fundamental Research Funds for the Central Universities under Grant No.2016YJS026NSAF of China under Grant No.U1530118
文摘Software Defined Satellite Networks(SDSN) are proposed to solve the problems in traditional satellite networks, such as time-consuming configuration and inflexible traffic scheduling. The emerging application of small satellite and research of SDSN make it possible for satellite networks to provide flexible network services. Service Function Chain(SFC) can satisfy this need. In this paper, we are motivated to investigate applying SFC in the small satellite-based SDSN for service delivery. We introduce the structure of the multi-layer constellation-based SDSN. Then, we describe two deployment patterns of SFC in SDSN, the Multi-Domain(MD) pattern and the Satellite Formation(SF) pattern. We propose two algorithms, SFP-MD, and SFP-SF, to calculate the Service Function Path(SFP). We implement the algorithms and conduct contrast experiments in our prototype. Finally, we summarize the applicable conditions of two deployment patterns according to the experimental results in terms of hops, delay, and packet loss rate.
基金supported by key special project of National Key Research and Development Program (2017YFC0803900)
文摘This paper proposes a cross-layer design to enhance the location privacy under a coordinated medium access control(MAC) protocol for the Internet of Vehicles(Io V). The channel and pseudonym resources are both essential for transmission efficiency and privacy preservation in the Io V. Nevertheless, the MAC protocol and pseudonym scheme are usually studied separately, in which a new MAC layer semantic linking attack could be carried out by analyzing the vehicles' transmission patterns even if they change pseudonyms simultaneously. This paper presents a hierarchical architecture named as the software defined Internet of Vehicles(SDIV). Facilitated by the architecture, a MAC layer aware pseudonym(MAP) scheme is proposed to resist the new attack. In the MAP, RSU clouds coordinate vehicles to change their transmission slots and pseudonyms simultaneously in the mix-zones by measuring the privacy level quantitatively. Security analysis and extensive simulations are conducted to show that the scheme provides reliable safety message broadcasting, improves the location privacy and network throughput in the Io V.
基金funded in part by National Natural Science Foundation of China(grant NO.61471347)National S&T Mayor Project of the Ministry of S&T of China(grant NO.2016ZX03001020-003)+1 种基金key program for international S&T Cooperation Program of China(grant NO.2014DFA11640)Shanghai Natural Science Foundation(grant NO.16ZR1435100)
文摘Due to 5G's stringent and uncertainty traffic requirements,open ecosystem would be one inevitable way to develop 5G.On the other hand,GPP based mobile communication becomes appealing recently attributed to its striking advantage in flexibility and re-configurability.In this paper,both the advantages and challenges of GPP platform are detailed analyzed.Furthermore,both GPP based software and hardware architectures for open 5G are presented and the performances of real-time signal processing and power consumption are also evaluated.The evaluation results indicate that turbo and power consumption may be another challengeable problem should be further solved to meet the requirements of realistic deployments.
基金supported by the Key Laboratory of Universal Wireless Communications(Beijing University of Posts and Telecommunications)Ministry of Education,P.R.China(KFKT-2013104)+6 种基金the National Natural Science Foundation of China(61501105,61471109,61302071)the China Postdoctoral Science Foundation(2013M541243)the Doctoral Scientific Research Foundation of Liaoning Province(20141014)the Fundamental Research Funds for the Central Universities(N150404018,N130304001,N150401002,N150404015)the National 973 Advance Research Program(2014CB360509)the Postdoctoral Science Foundation of Northeast University(20140319)Ministry of Education-China Mobile Research Foundation(MCM20130131)
文摘In software-defined networking,the separation of control plane from forwarding plane introduces new challenges to network reliability.This paper proposes a fault-tolerant routing mechanism to improve survivability by converting the survivability problem into two sub-problems:constructing an elastic-aware routing tree and controller selection.Based on the shortest path tree,this scheme continuously attempts to prune the routing tree to enhance network survivability.After a certain number of iterations,elastic-aware routing continues to improve network resiliency by increasing the number of edges in this tree.Simulation results demonstrate this fault-tolerant mechanism performs better than the traditional method in terms of the number of protected nodes and network fragility indicator.
基金supported in part by the grant from the National Natural Science Foundation of China (60973129)
文摘Software-defined networks (SDN) have attracted much attention recently because of their flexibility in terms of network management. Increasingly, SDN is being introduced into wireless networks to form wireless SDN. One enabling technology for wireless SDN is network virtualization, which logically divides one wireless network element, such as a base station, into multiple slices, and each slice serving as a standalone virtual BS. In this way, one physical mobile wireless network can be partitioned into multiple virtual networks in a software-defined manner. Wireless virtual networks comprising virtual base stations also need to provide QoS to mobile end-user services in the same context as their physical hosting networks. One key QoS parameter is delay. This paper presents a delay model for software-defined wireless virtual networks. Network calculus is used in the modelling. In particular, stochastic network calculus, which describes more realistic models than deterministic network calculus, is used. The model enables theoretical investigation of wireless SDN, which is largely dominated by either algorithms or prototype implementations.
文摘Virtualization of network/service functions means time sharing network/service(and affiliated)resources in a hyper speed manner.The concept of time sharing was popularized in the 1970s with mainframe computing.The same concept has recently resurfaced under the guise of cloud computing and virtualized computing.Although cloud computing was originally used in IT for server virtualization,the ICT industry is taking a new look at virtualization.This paradigm shift is shaking up the computing,storage,networking,and ser vice industries.The hope is that virtualizing and automating configuration and service management/orchestration will save both capes and opex for network transformation.A complimentary trend is the separation(over an open interface)of control and transmission.This is commonly referred to as software defined networking(SDN).This paper reviews trends in network/service functions,efforts to standardize these functions,and required management and orchestration.
基金supported by the R&D Program of Beijing Municipal Education Commission(Nos.KM202110858003 and2022X003-KXD)。
文摘Due to the development of network technology,the number of users is increasing rapidly,and the demand for emerging multicast services is becoming more and more abundant,traffic data is increasing day by day,network nodes are becoming denser,network topology is becoming more complex,and operators’equipment operation and maintenance costs are increasing.Network functions virtualization multicast issues include building a traffic forwarding topology,deploying the required functions,and directing traffic.Combining the two is still a problem to be studied in depth at present,and this paper proposes a two-stage solution where the decisions of these two stages are interdependent.Specifically,this paper decouples multicast traffic forwarding and function delivery.The minimum spanning tree of traffic forwarding is constructed by Steiner tree,and the traffic forwarding is realized by Viterbi-algorithm.Use a general topology network to examine network cost and service performance.Simulation results show that this method can reduce overhead and delay and optimize user experience.
基金supported in part by the National Key R&D Program of China under Grant 2018YFA0701601in part by the National Natural Science Foundation of China(Grant No.62201605,62341110,U22A2002)in part by Tsinghua University-China Mobile Communications Group Co.,Ltd.Joint Institute。
文摘Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,the proliferation of Internet of Things(IoT)has increased the quantity of vulnerable devices connected to the network and has intensified the threat of LFAs.In LFAs,attackers typically utilize low-speed flows that do not reach the victims,making the attack difficult to detect.Traditional LFA defense methods mainly reroute the attack traffic around the congested link,which encounters high complexity and high computational overhead due to the aggregation of massive attack traffic.To address these challenges,we present an LFA defense framework which can mitigate the attack flows at the border switches when they are small in scale.This framework is lightweight and can be deployed at border switches of the network in a distributed manner,which ensures the scalability of our defense system.The performance of our framework is assessed in an experimental environment.The simulation results indicate that our method is effective in detecting and mitigating LFAs with low time complexity.
基金supported by the National key Research and Development Program of China(No.2016YFB0800100,2016YFB0800101)the National Natural Science Fund for Creative Research Groups Project(No.61521003)the National Natural Science Fund for Youth Found Project(No.61602509)
文摘Software Defined Networking(SDN) is a revolutionary networking paradigm towards the future network,experiencing rapid development nowadays.However,its main characteristic,the separation of control plane and data plane,also brings about new security challenges,i.e.,Denial-of-Service(DoS) attacks specific to Open Flow SDN networks to exhaust the control plane bandwidth and overload the buffer memory of Open Flow switch.To mitigate the DoS attacks in the Open Flow networks,we design and implement SGuard,a security application on top of the NOX controller that mainly contains two modules:Access control module and Classification module.We employ novel six-tuple as feature vector to classify traffic flows,meanwhile optimizing classification by feature ranking and selecting algorithms.All the modules will cooperate with each other to complete a series of tasks such as authorization,classification and so on.At the end of this paper,we experimentally use Mininet to evaluate SGuard in a software environment.The results show that SGuard works efficiently and accurately without adding more overhead to the SDN networks.
基金supported in part by This work is supported by the Project of National Network Cyberspace Security(Grant No.2017YFB0803204)the National High-Tech Research and Development Program of China(863 Program)(Grant No.2015AA016102)+1 种基金Foundation for Innovative Research Group of the National Natural Science Foundation of China(Grant No.61521003)Foundation for the National Natural Science Foundation of China(Grant No.61502530)
文摘Software Defined Networking(SDN) provides flexible network management by decoupling control plane from data plane. And multiple controllers are deployed to improve the scalability and reliability of the control plane, which could divide the network into several subdomains with separate controllers. However, such deployment introduces a new problem of controller load imbalance due to the dynamic traffic and the static configuration between switches and controllers. To address this issue, this paper proposes a Distribution Decision Mechanism(DDM) based on switch migration in the multiple subdomains SDN network. Firstly, through collecting network information, it constructs distributed migration decision fields based on the controller load condition. Then we choose the migrating switches according to the selection probability, and the target controllers are determined by integrating three network costs, including data collection, switch migration and controller state synchronization. Finally, we set the migrating countdown to achieve the ordered switch migration. Through verifying several evaluation indexes, results show that the proposed mechanism can achieve controller load balancing with better performance.
基金supported in part by the Project of National Network Cyberspace Security (Grant No.2017YFB0803204)the National High-Tech Research and Development Program of China (863 Program) (Grant No. 2015AA016102)+1 种基金Foundation for Innovative Research Group of the National Natural Science Foundation of China (Grant No.61521003)Foundation for the National Natural Science Foundation of China (Grant No. 61502530)
文摘Software Defined Networking(SDN) provides flexible network management by decoupling control plane and data plane. However, such separation introduces the issues regarding the reliability of the control plane and controller load imbalance in the distributed SDN network, which will cause the low network stability and the poor controller performance. This paper proposes Reliable and Load balance-aware Multi-controller Deployment(RLMD) strategy to address the above problems. Firstly, we establish a multiple-controller network model and define the relevant parameters for RLMD. Then, we design the corresponding algorithms to implement this strategy. By weighing node efficiency and path quality, Controller Placement Selection(CPS) algorithm is introduced to explore the reliable deployments of the controllers. On this basis, we design Multiple Domain Partition(MDP) algorithm to allocate switches for controllers according to node attractability and controller load balancing rate, which could realize the reasonable domain planning. Finally, the simulations show that, compared with the typical strategies, RLMD has the better performance in improving the reliability of the control plane and balancing the distribution of the controller loads.
基金supported by National Hightech R&D Program of China (863 Program) under Grant (No. 2013AA102301)Natural Science Foundation of China under Grant (No. U1536112)
文摘Publish/subscribe paradigm paves a way to integrate and serve many scalable, inter-operable Internet of Things(IoT) applications. The increasing IoT applications require new properties of publish/subscribe communication model, for example, strict quality of service(Qo S) guarantees, supporting a large number of widely distributed devices, etc. Software Defined Networking(SDN) enables personalized programming and individualized QoS supports for different applications. The combination of the two will have a good prospect. In this paper, we present an IoT-oriented communication platform which combines the publish/subscribe paradigm with SDN, aiming at establishing an IoT ecosystem to facilitate IoT services/applications accessing internet. We design the interaction logic of topic-based publish/subscribe middleware, and describe the setup and maintenance of topology information as well as event routing in detail, considering the characteristics of SDN. Finally, we exemplify its practicability with a deployed District Heating Control and Information Service System(DHCISS) and validity the effectiveness with some experiments.
基金National Key Research and Development Project of China(No.2020YFB1804803)National Natural Science Foundation of China(No.61802429,61872382).
文摘Software-Defined Networking(SDN)provides flexible and global network management by decoupling control plane from data plane,and multiple controllers are deployed in the network in a logically centralized and physically distributed way.However,the existing approaches generally deploy the controllers with the same type in the network,which easily causes homogeneous controller common-mode fault.To this end,this paper proposes heterogeneous controller deployment in the SDN,considering the different types of controllers and relevant criteria(e.g.,delay,control link interruption rate,and controller fault rate).Then,we introduce a Safe and Reliable Heterogeneous Controller Deployment(SRHCD)approach,consisting of two stages.Stage 1 determines the type and the number of heterogeneous controllers required for the SDN network based on the dynamic programming.Stage 2 divides the SDN network into multiple subnets by k-means algorithm and improves the genetic algorithm to optimize the heterogeneous controller deployment in these SDN subnets to ensure reliable switch-controller communications.Finally,the simulation results show that the proposed approach can effectively reduce the control plane fault rate and increase the attack difficulties.Besides,the switch-controller delay has been lowered by 16.5%averagely.
基金supported in part by national Key Project (2016ZX03001021)
文摘The fast deployment and penetration of 4G has cultivated human behaviors on mobile data consumption, leading to explosive growth in mobile traffic and stimulating new requirements on the capabilities of mobile networks. To meet the requirements of mobile networks toward year 2020, the next genera- tion of mobile networks (termed as IMT-2020, or 5G) is designed to support 100 Mbps-1 Gbps user-experienced data rate, 1 ms radio transmission latency, and 1 million connec- tions per square kilometer. Recalling the vision and requirements of 5G targeting for commer- cial launch in 2020, this article overviews the key features of 5G and compares with those of 4G, and reports the world first field trials conducted to validate the key performance of 5G radio interface in 3.SGHz band. The trial results show that a 1 ms transmission latency and 1 Gbps data rate are achievable.
