{"title":"P2PNIC: High-Speed Packet Forwarding by Direct Communication between NICs","authors":"Yukito Ueno, Ryo Nakamura, Yohei Kuga, H. Esaki","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484641","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484641","url":null,"abstract":"Against the background of the contiguous growth of the Internet and data center traffic, the performance requirement for software middleboxes is increasing rapidly. Although their performance has been improved by continuous research and development, their packet forwarding architecture depends on the CPU and the main memory. Thus, their throughput cannot exceed the limit of the memory bandwidth, for instance. To address these limits, we propose a novel packet forwarding architecture called P2PNIC. In P2PNIC, a NIC directly communicates with other NICs through the PCIe interconnect without CPU and main memory involvement, like the inter-linecard communication in a hardware router. To show the feasibility and the performance advantages of P2PNIC architecture, we implemented P2PNIC on a programmable 40 GbE NIC and compared the throughput and latency with TestPMD, which is an application of DPDK. The evaluation shows that P2PNIC achieves 40.37 Mpps for 64-byte packets, which is 1.45 times higher than TestPMD. In addition, P2PNIC shows 36% lower latency than TestPMD for 64-byte packets with 1 Gbps background traffic. The P2PNIC architecture accelerates packet forwarding on a general-purpose server and advances software-based network technologies.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123101129","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yan Zhang, Tian Pan, Yan Zheng, Enge Song, Tao Huang, Yun-jie Liu
{"title":"VXLAN-based INT: In-band Network Telemetry for Overlay Network Monitoring","authors":"Yan Zhang, Tian Pan, Yan Zheng, Enge Song, Tao Huang, Yun-jie Liu","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484508","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484508","url":null,"abstract":"Overlay network protocols, such as VXLAN, are leveraged to address the need for network multiplexing and resource isolation within public clouds to accommodate multiple tenants. Since overlay networks are much more complex than underlay networks, overlay network monitoring is more significant and challenging. In-band Network Telemetry (INT) can achieve fine-grained network monitoring by encapsulating data plane states into probe packets. However, as an underlying device-level primitive, INT cannot be directly applied to overlay network monitoring given underlay networks and overlay networks are generally transparent from each other. In this work, we propose VXLAN-based INT, a telemetry system for overlay network monitoring based on VXLAN. By inserting the INT metadata collected from the underlay devices into the VXLAN payload, we successfully build the real-time overlay-underlay association at the controller, through which, one can easily localize the root cause of overlay path congestion within a simple database lookup.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":" 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120828807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. Baranda, J. Mangues‐Bafalluy, L. Vettori, R. Martínez, E. Zeydan
{"title":"Scaling Federated Network Services: Managing SLAs in Multi-Provider Industry 4.0 Scenarios","authors":"J. Baranda, J. Mangues‐Bafalluy, L. Vettori, R. Martínez, E. Zeydan","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484476","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484476","url":null,"abstract":"Next generation mobile networks require flexibility and dynamicity to satisfy the needs of vertical industries. This may entail the deployment of slices instantiated in the form of composite network services (NSs) spanning multiple administrative domains through network service federation (NSF). In this way, different nested NSs of the composite service can be deployed by different service providers. But fulfilling the needs of verticals is not only needed during instantiation time but also during NS operation to honour the required service level agreements (SLAs) under changing network conditions. In this demonstration, we present the capabilities of the 5Growth platform to handle the scaling of federated NSs. In particular, we show the scale out/in of a nested NS deployed in a federated domain, which is part of a composite NS. These scaling operations, triggered to maintain the NS SLAs, imply a set of coordinated operations between involved administrative domains.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129491135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Walter Wong, Aleksandr Zavodovski, Lorenzo Corneo, Nitinder Mohan, J. Kangasharju
{"title":"SPA: Harnessing Availability in the AWS Spot Market","authors":"Walter Wong, Aleksandr Zavodovski, Lorenzo Corneo, Nitinder Mohan, J. Kangasharju","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484646","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484646","url":null,"abstract":"Amazon Web Services (AWS) offers transient virtual servers at a discounted price as a way to sell unused spare capacity in its data centers. Although transient servers are very appealing as some instances have up to 90% discount, they are not bound to regular availability guarantees as they are opportunistic resources sold on the spot market. In this paper, we present SPA, a framework that remarkably increases the spot instance reliability over time due to insights gained from the analysis of historical data, such as cross-region price variability and intervals between evictions. We implemented the SPA reliability strategy, evaluated them using over one year of historical pricing data from AWS, and found out that we can increase the transient instance lifetime by adding a pricing overhead of 3.5% in the spot price in the best scenario.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"602 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134332198","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Saffana Alshangiti, Mawada Alahmadi, Mohammed Alkhatib, Rashid Tahir, Fareed Zaffar
{"title":"Poster Abstract: BounceBack - A DDoS Attack Using Unsuspecting Accomplices in the Network","authors":"Saffana Alshangiti, Mawada Alahmadi, Mohammed Alkhatib, Rashid Tahir, Fareed Zaffar","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484611","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484611","url":null,"abstract":"DDoS attacks often target a victim’s machine to isolate it from the rest of the Internet by overwhelming it with unwanted traffic. Due to the serious threat they pose, numerous defensive strategies have been proposed in the literature and the industry has developed effective techniques to help identify the abusers and combat the attacks. A more sophisticated type of DDoS attack, called the transit-link DDoS attack, instead aims to consume the resources of the intermediate core links rather than attacking the victim’s machine directly thereby avoiding attribution. The goal of such attacks is to severely congest one or more of the network links that are used to service the traffic of the victim, hence, causing the victim to experience a denial of service. In this paper, we present the BounceBack attack, which is a novel transit-link DDoS attack that leverages the ICMP protocol to recruit a large number of \"unwilling\" accomplices to solicit attack traffic from them, creating congestion in certain carefully selected links. The proposed attack has the potential to cause serious problems for ISPs, and makes attribution and mitigation challenging as it relies on reflection, redirection and deception to carry out the bandwidth-exhaustion attack.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133264434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
G. Drainakis, P. Pantazopoulos, K. Katsaros, Vasilis Sourlas, A. Amditis
{"title":"On the Distribution of ML Workloads to the Network Edge and Beyond","authors":"G. Drainakis, P. Pantazopoulos, K. Katsaros, Vasilis Sourlas, A. Amditis","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484503","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484503","url":null,"abstract":"The emerging paradigm of edge computing has revolutionized network applications, delivering computational power closer to the end-user. Consequently, Machine Learning (ML) tasks, typically performed in a data centre (Centralized Learning - CL), can now be offloaded to the edge (Edge Learning - EL) or mobile devices (Federated Learning - FL). While the inherent flexibility of such distributed schemes has drawn considerable attention, a thorough investigation on their resource consumption footprint is still missing.In our work, we consider a FL scheme and two EL variants, representing varying proximity to the end users (data sources) and corresponding levels of workload distribution across the network; namely Access Edge Learning (AEL), where edge nodes are essentially co-located with the base stations and Regional Edge Learning (REL), where they lie towards the network core. Based on real systems’ measurements and user mobility traces, we devise a realistic simulation model to evaluate and compare the performance of the considered ML schemes under an image classification task. Our results indicate that FL and EL can act as viable alternatives to CL. Edge learning effectiveness is shaped by the configuration of edge nodes in the network with REL achieving the prominent combination of accuracy and bandwidth needs. Energy-wise, edge learning is shown to offer an attractive choice (for involved stakeholders) to offload centralised ML tasks.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116438575","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Entering Watch Dogs*: Evaluating Privacy Risks Against Large-Scale Facial Search and Data Collection","authors":"Bahadır Durmaz, Erman Ayday","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484550","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484550","url":null,"abstract":"Discovering friends on online platforms have become relatively easier with the introduction of contact discovery and ability to search using phone numbers. Such features conveniently connect users by acting as unique tokens across platforms, as opposed to other attributes, such as user names. Using this feature, in this work, one of our contributions is to explore how an attacker can easily create a massive dataset of individuals residing in a given region (e.g., country) that includes high amount of personal information about such individuals. To identify the active social network accounts of individuals in a given region, we show that brute force phone number verification is possible in popular online services, such as WhatsApp, Facebook Messenger, and Twitter. We also go beyond and show the feasibility of collecting several data points on discovered accounts, including multiple facial data belonging to each account owner along with 23 other attributes. Then, as our main contribution, we quantify the privacy risk for an attacker linking a total stranger (e.g., someone it randomly comes across in public) to one of the collected records via facial features. Our results show that accurate facial search is possible in the constructed dataset and that an attacker can link a randomly taken photo (i.e., a single facial photo) of an individual to their profile with 67% accuracy. This means that an attacker can, on a large scale, create a search engine that is capable of identifying individuals’ records efficiently and accurately from just a single facial photo.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134444349","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"IPv6 Flow-Label based Application Aware Routing in SDNs","authors":"Aniruddha Kushwaha, Naveen Bazard, A. Gumaste","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484442","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484442","url":null,"abstract":"Application-aware routing has been proposed to facilitate fine-grained control and better resource utilization in Wide Area Networks (WANs). However, there are two key challenges that impact the deployment of application-aware routing in a traditional network: (1) The run time identification of applications and (2) Routing mechanism that is specific to an application’s need. However, recent advancements in SDN technology and programmable switches paved a way towards feasible implementations of application-aware routing, by providing flexibility in data-plane for parsing; and in control-plane to employ appropriate routing algorithms.In this paper, we propose to use the IPv6 flow label for the identification of the applications at run time. We also present a link-weight-based routing mechanism that adapts itself for the traffic of different application categories and results in better throughput (>2x) as compared to the shortest path routing. We argue that the use of the IPv6 flow label for application identification also does not require any modification at the protocol and switch level in OpenFlow/P4 supporting hardware.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"56 32","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132389763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sayani Sarkar, Shivanjali Khare, Michael W. Totaro, Ashok Kumar
{"title":"A Novel Energy Aware Secure Internet of Drones Design: ESIoD","authors":"Sayani Sarkar, Shivanjali Khare, Michael W. Totaro, Ashok Kumar","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484461","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484461","url":null,"abstract":"Unmanned aerial vehicles (UAVs), or drones, are emerging as a promising technology for a variety of monitoring and surveillance-based applications. Smart UAVs are not limited only to image capturing, but also to real-time decision making using artificial intelligence. Moreover, it is important to consider the data security of captured images. In this paper, we propose a novel Energy-aware Secure Internet of Drone (ESIoD) architecture. A crucial research problem addressed by this work is how to accomplish faster onboard processing and reduce battery usage for a UAV to prolong the flight time while retaining data security of UAV captured images. Specifically, drone-captured real-time images are encrypted using either AES or RSA algorithms and offloaded by the onboard computer to a cloud server for the processing of cognitive actions using both a standard Haar cascade classifier and an advanced faster R-CNN classifier. The focus of this study is to conserve the drone battery life by secure computational offloading to optimize drone flight time. Two sets of experiments were performed using drone-captured sample images and videos. Results show that the ESIoD architecture can conserve 80% onboard processing time and 3X drone battery charge usage as compared to conventional real-time onboard processing for the considered application.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133168362","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
N. Bartolini, Andrea Coletta, G. Maselli, Mauro Piva, Domenicomichele Silvestri
{"title":"GenPath - A Genetic Multi-Round Path Planning Algorithm for Aerial Vehicles","authors":"N. Bartolini, Andrea Coletta, G. Maselli, Mauro Piva, Domenicomichele Silvestri","doi":"10.1109/INFOCOMWKSHPS51825.2021.9484505","DOIUrl":"https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484505","url":null,"abstract":"The past few years have witnessed unprecedented proliferation of Unmanned Aerial Vehicles (UAVs).They are employed in a growing number of scenarios, from parcel delivery to search and rescue operations, requiring coordinated missions of a fleet of drones. Recently, there has been growing interest in optimized techniques to assign tasks and related trajectories to drones. While these techniques promise high coverage of inspected area, their applicability in real scenarios is precluded by unconsidered constraints. Among these, the limited amount of power of UAVs, and the consequent need of performing multiple trips to provide complete monitoring coverage, with battery replacement/charging and data offloading in between.To address this problem we develop Gen-Path, a genetic algorithm for efficient scheduling of multi-round UAV missions, under several objective functions.By means of simulations we show that Gen-Path fits various scenarios, improving existing solutions in terms of covered points, and energetic cost.","PeriodicalId":109588,"journal":{"name":"IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116615990","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}