{"title":"An adaptive allocation scheme for load balancing and SLA maintenance in multi-location data center networks","authors":"M. Maswood, D. Medhi","doi":"10.1109/NOMS.2018.8406274","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406274","url":null,"abstract":"Allocation of resources in data centers (DCs) needs to be done in a dynamic fashion for cloud enterprise customers who require virtualized reservation-oriented services on demand. Due to the spatial diversity of data centers, the cost of using different DCs also varies. In this paper, we propose an allocation scheme to balance the load among these DCs with different cost to minimize the total provisioning cost in a dynamic environment while ensuring that the service level agreements (SLAs) are met. Compared to a benchmark scheme (where all requests are first sent to the cheapest data center), our scheme can decrease the proportional utilization from 24% (for heavy load) to 30% (for normal load) and achieve a significant balance in the cost incurred by individual DCs. Our scheme can also achieve 7.5% reduction in total provisioning cost under certain service level agreement (SLA) in exchange of low increment in blocking. Finally, we tested our heuristic on 5 DCs to show that our allocation scheme follows the weighted cost proportionally.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77024010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Application performance optimization using application-aware networking","authors":"Shuai Zhao, D. Medhi","doi":"10.1109/NOMS.2018.8406134","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406134","url":null,"abstract":"The traditional IP network has its inherent limitations that could cause application runs in a non-optimized manner. The common methods to improve applications' performance requires a great effort from both network administrators and application designers. In this work, we propose a Software- Defined Network (SDN) approach in an Application-Aware Network (AAN) platform. We first present an architecture for our approach and then show how this architecture can be applied to two real-world applications: Hadoop MapReduce (M/R) framework and MPEG-DASH. Our approach provides both underlying network functions and application-level forwarding logic for MapReduce and video streaming. Based on our experiments, we observed that our AAN platform for Hadoop MapReduce job optimization offers a significant improvement compared to a static, traditional IP network environment by reducing job run time by 16% to 300% for various MapReduce benchmark jobs. As for MPEG-DASH based video streaming, we can increase user perceived video bitrate by 100%.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74962471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"5G networks must be autonomic!","authors":"S. Meer, J. Keeney, Liam Fallon","doi":"10.1109/NOMS.2018.8406185","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406185","url":null,"abstract":"5G networks will be the first real converged networks supporting a plethora of different services, each with their own requirements. A static best-effort approach is no longer sufficient. Extreme flexibility and dynamicity is required, yet costs must be drastically reduced. The only way that these conflicting goals can be achieved is with vastly increased automation in the provision and operation of our future 5G networks. In this paper we briefly discuss the facilitators, goals and challenges for 5G networks. We identify some of the places where automation is not just helpful, but is in fact required for 5G to become a reality. We go on to present a conceptual approach for modeling and achieving autonomic operations and management in 5G networks positioning modern policy-based management as a key enabler for autonomic 5G network management.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72968211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Softwarized and distributed learning for SON management systems","authors":"Tony Daher, S. B. Jemaa, L. Decreusefond","doi":"10.1109/NOMS.2018.8406173","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406173","url":null,"abstract":"Self-Organizing Networks (SON) functions have already proven to be useful for network operations. However, a higher automation level is required to make a network enabled with SON capabilities respond as a whole to the operator's objectives. For this purpose, a Policy Based SON Management (PBSM) layer has been proposed to manage the deployed SON functions. In this paper, we propose to empower the PBSM with cognition capability in order to manage efficiently SON enabled networks. We focus particularly on the implementation of such a Cognitive PBSM (C- PBSM) on a large scale network and propose a scalable approach based on distributed Reinforcement Learning (RL): RL agents are deployed on different clusters of the network. These clusters should be defined in such a way that the RL agents can learn independently. As the interaction between these clusters may evolve in time due for instance to traffic dynamics, we propose a flexible implementation of this C-PBSM framework with dynamic clustering to adapt to network's evolutions. We show how this flexible implementation is rendered possible under Software Defined Networks (SDN) framework. We also assess the performance of the proposed distributed learning approach on an LTE- A simulator.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73723626","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Bargaining game for effective coexistence between LTE-U and Wi-Fi systems","authors":"A. Bairagi, Nguyen H. Tran, W. Saad, C. Hong","doi":"10.1109/NOMS.2018.8406260","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406260","url":null,"abstract":"LTE over unlicensed band (LTE-U) has emerged as an effective technique to overcome the challenge of spectrum scarcity. Using LTE-U along with advanced techniques such as carrier aggregation (CA), one can boost the performance of existing cellular networks. However, if not properly managed, the use of LTE-U can potentially degrade the performance of coexisting Wi-Fi access points which operate over the unlicensed frequency bands. Moreover, most of the existing works consider a macro base station (MBS) or a small cell base station (SBS) for their proposals. In this paper, an effective coexistence mechanism between LTE-U and Wi-Fi systems is studied. The goal is to enable the cellular network to use LTE-U with CA to meet the quality-of-service (QoS) of the users while protecting Wi-Fi access points (WAPs), considering multiple SBSs from different operators in a dense deployment scenario. Specifically, an LTE-U sum-rate maximization problem is formulated under a user QoS and WAP-LTE-U co-existence constraints. To solve this problem, a cooperative Nash bargaining game is proposed. This game allows LTE-U and WAPs to share time resource while protecting Wi-Fi system. For allocating unlicensed resource among LTE-U users, a heuristic algorithm is proposed. Simulation results show that the proposed method is better than the comparing methods regarding per user achieved rate, percentage of unsatisfied users and fairness. The result also shows that the proposed method protects Wi-Fi user far better way than basic listen-before-talk (LBT) does.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84863775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz
{"title":"Synaptic: A formal checker for SDN-based security policies","authors":"Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz","doi":"10.1109/NOMS.2018.8406122","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406122","url":null,"abstract":"Software-defined networking offers new opportunities for protecting end users by designing dynamic security policies. In particular, security chains can be built by combining security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. The configuration of these security functions and their associated policies is based on behavioural models of end-user applications when accessing the network. In this demo, we present our tool Synaptic, a SDN-based framework intended for the formal verification of security policies as well as for automatically generating such policies based on automata learning methods applied on NetFlow records of end-user applications collected at the device level.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85418052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Lukás Kekely, Martin Spinler, Stepán Friedl, Jiri Sikora, J. Korenek
{"title":"Live demonstration of FPGA based networking accelerator for 200 Gbps data transfers","authors":"Lukás Kekely, Martin Spinler, Stepán Friedl, Jiri Sikora, J. Korenek","doi":"10.1109/NOMS.2018.8406115","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406115","url":null,"abstract":"CESNET (Czech NREN) is ready to demonstrate a new NFB-200G2QL accelerator with Virtex UltraScale+ FPGA specifically designed to push the achievable traffic processing throughput to 200 Gbps in a single card. Unique high-speed DMA engines in the FPGA together with highly optimized Linux drivers enable to achieve 200 Gbps data transfer through two PCIe Gen3 χ 16 interfaces with minimal CPU overhead. Captured network traffic can be independently distributed among individual cores of two physical CPUs (NUMA nodes) without utilization of QPI. As a result, wire-speed packet capture to the host memory from two fully saturated 100 Gbps Ethernet interfaces (QSFP28+) is achieved and various network monitoring applications can utilize the power of the latest FPGAs and CPUs for data processing. This is especially useful when traffic of both directions of a single 100GbE link needs to be processed. The proposed demonstration will show how the packets can be received from two 100 Gbps Ethernet links at full speed and captured to the host memory at 200 Gbps without any loss. The opposite direction of communication will also be shown, i.e. how the packets can be transmitted from the host memory towards the two 100GbE network interfaces. Achieved speeds will be demonstrated by counters and graphs showing generated, received/transmitted and captured packets. We will also show detailed statistics of CPU load during the packet capture/transmission for different packet lengths.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79784375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Extending IoT/M2M system scalability by network slicing","authors":"David de la Bastida, F. Lin","doi":"10.1109/NOMS.2018.8406254","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406254","url":null,"abstract":"In this research, we have extended our initial effort in cloud-based IoT/M2M system scalability and developed a more robust solution by considering diverse QoS requirements from various IoT/M2M traffic patterns. Though our initial effort created a highly scalable architecture for IoT/M2M platforms based on OpenStack, it treated all IoT/M2M traffic without any discrepancy in the same underlying network (i.e. in the same network slice). Now, by leveraging software-defined networking in OpenStack and by using our traffic-slice optimal matching algorithm, we can direct different types of IoT traffic to feasible network slices in terms of QoS. Our experiments show that when compared with a system without network slicing, our scalability system performs better in terms of response time, power consumption, and computational cost.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84542490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"REMO: Resource efficient distributed network monitoring","authors":"Tao Li, H. Salah, Mu He, T. Strufe, S. Santini","doi":"10.1109/NOMS.2018.8406239","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406239","url":null,"abstract":"Increasing the traffic visibility, by monitoring network flow packets, provides valuable information for various network management tasks. The mirroring mode of flow packet monitoring requires the switches and routers to duplicate packets of interest, and to send them to flow monitors for in-depth analysis. A common practice to avoid the interference between the original and the mirrored flows is to transmit them separately, in two different planes (data plane and monitoring plane, respectively). In this paper, we aim at reducing the overall cost of transmitting both the original and mirrored flows. Towards that end, we present a generic monitoring framework called REMO. The key idea of REMO is twofold: (i) placing the flow monitors in central locations, and (ii) passing the original flows through the vicinity of the monitors. By doing so, REMO reduces the resources consumed in the monitoring plane, without unworthily increasing the resource consumption in the data plane. The results of extensive numerical simulations show that REMO effectively reduces the overall transmission cost, remarkably outperforming several baseline strategies, particularly when the transmission is more expensive in the monitoring plane.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85279945","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Anagnostopoulos, G. Kambourakis, S. Gritzalis, David K. Y. Yau
{"title":"Never say never: Authoritative TLD nameserver-powered DNS amplification","authors":"M. Anagnostopoulos, G. Kambourakis, S. Gritzalis, David K. Y. Yau","doi":"10.1109/NOMS.2018.8406224","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406224","url":null,"abstract":"DNS amplification attack is a significant and persistent threat to the Internet. Authoritative name servers (ANSes) of popular domains, especially the DNSSEC-enabled ones, give attractive leverage for attackers in distributed denial-of-service (DDoS) attacks. Particularly, the ANS list of top-level domains (TLD) is publicly accessible, including by would-be attackers, in the form of a root.zone file. In this work, we examine the potential of TLD ANSes to be exploited as unknowing agents in DNS amplification attacks. Specifically, over a period of 12 months that covers two different versions of the root.zone file, we assess the amplification factor (AF) that these servers may provide to attackers when replying to both individual and multiple queries. Also, we measure the degree of actual adoption of the recommended response rate limiting (RRL) countermeasure for the ANSes. Our major findings are that (i) 70% of the distinct ANSes and 47% of the possible DNS queries for the TLDs produce a large AF that exceeds 60, (ii) 10% of the distinct ANSes reflect inbound network traffic and magnify it by a factor that exceeds 50, (iii) the number of most useful ANSes for the attacker, in terms of their role as amplifiers, appears increasing during the monitoring period, and (iv) there still exists a significant number of ANSes that do not implement the RRL or leave it inactive.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83709360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}