The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are ...The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.展开更多
Software-defined networking(SDN)algorithms are gaining increas-ing interest and are making networks flexible and agile.The basic idea of SDN is to move the control planes to more than one server’s named controllers a...Software-defined networking(SDN)algorithms are gaining increas-ing interest and are making networks flexible and agile.The basic idea of SDN is to move the control planes to more than one server’s named controllers and limit the data planes to numerous sending network components,enabling flexible and dynamic network management.A distinctive characteristic of SDN is that it can logically centralize the control plane by utilizing many physical controllers.The deployment of the controller—that is,the controller placement problem(CPP)—becomes a vital model challenge.Through the advancements of blockchain technology,data integrity between nodes can be enhanced with no requirement for a trusted third party.Using the lat-est developments in blockchain technology,this article designs a novel sea turtle foraging optimization algorithm for the controller placement problem(STFOA-CPP)with blockchain-based intrusion detection in an SDN environ-ment.The major intention of the STFOA-CPP technique is the maximization of lifetime,network connectivity,and load balancing with the minimization of latency.In addition,the STFOA-CPP technique is based on the sea turtles’food-searching characteristics of tracking the odour path of dimethyl sulphide(DMS)released from food sources.Moreover,the presented STFOA-CPP technique can adapt with the controller’s count mandated and the shift to controller mapping to variable network traffic.Finally,the blockchain can inspect the data integrity,determine significantly malicious input,and improve the robust nature of developing a trust relationship between sev-eral nodes in the SDN.To demonstrate the improved performance of the STFOA-CPP algorithm,a wide-ranging experimental analysis was carried out.The extensive comparison study highlighted the improved outcomes of the STFOA-CPP technique over other recent approaches.展开更多
Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively ...Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively manage,optimize,and maintain these systems.Due to their distributed nature,machine learning models are challenging to deploy in traditional networks.However,Software-Defined Networking(SDN)presents an opportunity to integrate intelligence into networks by offering a programmable architecture that separates data and control planes.SDN provides a centralized network view and allows for dynamic updates of flow rules and softwarebased traffic analysis.While the programmable nature of SDN makes it easier to deploy machine learning techniques,the centralized control logic also makes it vulnerable to cyberattacks.To address these issues,recent research has focused on developing powerful machine-learning methods for detecting and mitigating attacks in SDN environments.This paper highlighted the countermeasures for cyberattacks on SDN and how current machine learningbased solutions can overcome these emerging issues.We also discuss the pros and cons of using machine learning algorithms for detecting and mitigating these attacks.Finally,we highlighted research issues,gaps,and challenges in developing machine learning-based solutions to secure the SDN controller,to help the research and network community to develop more robust and reliable solutions.展开更多
With the advancements of software defined network(SDN)and network function virtualization(NFV),service function chain(SFC)placement becomes a crucial enabler for flexible resource scheduling in low earth orbit(LEO)sat...With the advancements of software defined network(SDN)and network function virtualization(NFV),service function chain(SFC)placement becomes a crucial enabler for flexible resource scheduling in low earth orbit(LEO)satellite networks.While due to the scarcity of bandwidth resources and dynamic topology of LEO satellites,the static SFC placement schemes may cause performance degradation,resource waste and even service failure.In this paper,we consider migration and establish an online migration model,especially considering the dynamic topology.Given the scarcity of bandwidth resources,the model aims to maximize the total number of accepted SFCs while incurring as little bandwidth cost of SFC transmission and migration as possible.Due to its NP-hardness,we propose a heuristic minimized dynamic SFC migration(MDSM)algorithm that only triggers the migration procedure when new SFCs are rejected.Simulation results demonstrate that MDSM achieves a performance close to the upper bound with lower complexity.展开更多
Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,t...Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.展开更多
Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,f...Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.展开更多
The ever-increasing needs of Internet of Things networks (IoTn) present considerable issues in computing complexity, security, trust, and authentication, among others. This gets increasingly more challenging as techno...The ever-increasing needs of Internet of Things networks (IoTn) present considerable issues in computing complexity, security, trust, and authentication, among others. This gets increasingly more challenging as technology advances, and its use expands. As a consequence, boosting the capacity of these networks has garnered widespread attention. As a result, 5G, the next phase of cellular networks, is expected to be a game-changer, bringing with it faster data transmission rates, more capacity, improved service quality, and reduced latency. However, 5G networks continue to confront difficulties in establishing pervasive and dependable connections amongst high-speed IoT devices. Thus, to address the shortcomings in current recommendations, we present a unified architecture based on software-defined networks (SDNs) that provides 5G-enabled devices that must have complete secrecy. Through SDN, the architecture streamlines network administration while optimizing network communications. A mutual authentication protocol using elliptic curve cryptography is introduced for mutual authentication across certificate authorities and clustered heads in IoT network deployments based on IoT. Again, a dimensionality reduction intrusion detection mechanism is introduced to decrease computational cost and identify possible network breaches. However, to leverage the method’s potential, the initial module's security is reviewed. The second module is evaluated and compared to modern models.展开更多
As a new networking paradigm,Software-Defined Networking(SDN)enables us to cope with the limitations of traditional networks.SDN uses a controller that has a global view of the network and switch devices which act as ...As a new networking paradigm,Software-Defined Networking(SDN)enables us to cope with the limitations of traditional networks.SDN uses a controller that has a global view of the network and switch devices which act as packet forwarding hardware,known as“OpenFlow switches”.Since load balancing service is essential to distribute workload across servers in data centers,we propose an effective load balancing scheme in SDN,using a genetic programming approach,called Genetic Programming based Load Balancing(GPLB).We formulate the problem to find a path:1)with the best bottleneck switch which has the lowest capacity within bottleneck switches of each path,2)with the shortest path,and 3)requiring the less possible operations.For the purpose of choosing the real-time least loaded path,GPLB immediately calculates the integrated load of paths based on the information that receives from the SDN controller.Hence,in this design,the controller sends the load information of each path to the load balancing algorithm periodically and then the load balancing algorithm returns a least loaded path to the controller.In this paper,we use the Mininet emulator and the OpenDaylight controller to evaluate the effectiveness of the GPLB.The simulative study of the GPLB shows that there is a big improvement in performance metrics and the latency and the jitter are minimized.The GPLB also has the maximum throughput in comparison with related works and has performed better in the heavy traffic situation.The results show that our model stands smartly while not increasing further overhead.展开更多
Software.defined networking(SDN) enables third.part companies to participate in the network function innovations. A number of instances for one network function will inevitably co.exist in the network. Although some o...Software.defined networking(SDN) enables third.part companies to participate in the network function innovations. A number of instances for one network function will inevitably co.exist in the network. Although some orchestration architecture has been proposed to chain network functions, rare works are focused on how to optimize this process. In this paper, we propose an optimized model for network function orchestration, function combination model(FCM). Our main contributions are as following. First, network functions are featured with a new abstraction, and are open to external providers. And FCM identifies network functions using unique type, and organizes their instances distributed over the network with the appropriate way. Second, with the specialized demands, we can combine function instances under the global network views, and formulate it into the problem of Boolean linear program(BLP). A simulated annealing algorithm is designed to approach optimal solution for this BLP. Finally, the numerical experiment demonstrates that our model can create outstanding composite schemas efficiently.展开更多
Based on the analysis of data centre(DC) traffic pattern, we introduced a holistic software-defined optical DC solution. Architecture-on-Demand based hybrid optical switched(OPS/OCS) data centre network(DCN) fabric is...Based on the analysis of data centre(DC) traffic pattern, we introduced a holistic software-defined optical DC solution. Architecture-on-Demand based hybrid optical switched(OPS/OCS) data centre network(DCN) fabric is introduced, which is able to realise different inter-and intra-cluster configurations and dynamically support diverse traffic in the DC. The optical DCN is controlled and managed by a software-defined networking(SDN) enabled control plane to achieve high programmability. Moreover, virtual data centre(VDC) composition is developed as an application of such softwaredefined optical DC to create VDC slices for different tenants.展开更多
To cope with the rapid growth of mobile video, video providers have leveraged cloud technologies to deploy their mobile video service system for more cost-effective and scalable performance. The emergence of Software-...To cope with the rapid growth of mobile video, video providers have leveraged cloud technologies to deploy their mobile video service system for more cost-effective and scalable performance. The emergence of Software-Defined Networking(SDN) provides a promising solution to manage the underlying network. In this paper, we introduce an SDN-enabled cloud mobile video distribution architecture and propose a joint video placement, request dispatching and traffic management mechanism to improve user experience and reduce the system operational cost. We use a utility function to capture the two aspects of user experience: the level of satisfaction and average latency, and formulate the joint optimization problem as a mixed integer programming problem. We develop an optimal algorithm based on dual decomposition and prove its optimality. We conduct simulations to evaluate the performance of our algorithm and the results show that our strategy can effectively cut down the total cost and guarantee user experience.展开更多
Federated learning(FL)activates distributed on-device computation techniques to model a better algorithm performance with the interaction of local model updates and global model distributions in aggregation averaging ...Federated learning(FL)activates distributed on-device computation techniques to model a better algorithm performance with the interaction of local model updates and global model distributions in aggregation averaging processes.However,in large-scale heterogeneous Internet of Things(IoT)cellular networks,massive multi-dimensional model update iterations and resource-constrained computation are challenging aspects to be tackled significantly.This paper introduces the system model of converging softwaredefined networking(SDN)and network functions virtualization(NFV)to enable device/resource abstractions and provide NFV-enabled edge FL(eFL)aggregation servers for advancing automation and controllability.Multi-agent deep Q-networks(MADQNs)target to enforce a self-learning softwarization,optimize resource allocation policies,and advocate computation offloading decisions.With gathered network conditions and resource states,the proposed agent aims to explore various actions for estimating expected longterm rewards in a particular state observation.In exploration phase,optimal actions for joint resource allocation and offloading decisions in different possible states are obtained by maximum Q-value selections.Action-based virtual network functions(VNF)forwarding graph(VNFFG)is orchestrated to map VNFs towards eFL aggregation server with sufficient communication and computation resources in NFV infrastructure(NFVI).The proposed scheme indicates deficient allocation actions,modifies the VNF backup instances,and reallocates the virtual resource for exploitation phase.Deep neural network(DNN)is used as a value function approximator,and epsilongreedy algorithm balances exploration and exploitation.The scheme primarily considers the criticalities of FL model services and congestion states to optimize long-term policy.Simulation results presented the outperformance of the proposed scheme over reference schemes in terms of Quality of Service(QoS)performance metrics,including packet drop ratio,packet drop counts,packet delivery ratio,delay,and throughput.展开更多
Software-defined network(SDN)is a new form of network architecture that has programmability,ease of use,centralized control,and protocol independence.It has received high attention since its birth.With SDN network arc...Software-defined network(SDN)is a new form of network architecture that has programmability,ease of use,centralized control,and protocol independence.It has received high attention since its birth.With SDN network architecture,network management becomes more efficient,and programmable interfaces make network operations more flexible and can meet the different needs of various users.The mainstream communication protocol of SDN is OpenFlow,which contains aMatch Field in the flow table structure of the protocol,which matches the content of the packet header of the data received by the switch,and completes the corresponding actions according to the matching results,getting rid of the dependence on the protocol to avoid designing a new protocol.In order to effectively optimize the routing forSDN,this paper proposes a novel algorithm based on reinforcement learning.The proposed technique canmaximize numerous objectives to dynamically update the routing strategy,and it has great generality and is not reliant on any specific network state.The control of routing strategy is more complicated than many Q-learning-based algorithms due to the employment of reinforcement learning.The performance of the method is tested by experiments using the OMNe++simulator.The experimental results reveal that our PPO-based SDN routing control method has superior performance and stability than existing algorithms.展开更多
Software-defined networking(SDN)plays a critical role in transforming networking from traditional to intelligent networking.The increasing demand for services from cloud users has increased the load on the network.An ...Software-defined networking(SDN)plays a critical role in transforming networking from traditional to intelligent networking.The increasing demand for services from cloud users has increased the load on the network.An efficient system must handle various loads and increasing needs representing the relationships and dependence of businesses on automated measurement systems and guarantee the quality of service(QoS).Themultiple paths from source to destination give a scope to select an optimal path by maintaining an equilibrium of load using some best algorithms.Moreover,the requests need to be transferred to reliable network elements.To address SDN’s current and future challenges,there is a need to know how artificial intelligence(AI)optimization techniques can efficiently balance the load.This study aims to explore two artificial intelligence optimization techniques,namely Ant Colony Optimization(ACO)and Particle Swarm Optimization(PSO),used for load balancing in SDN.Further,we identified that a modification to the existing optimization technique could improve the performance by using a reliable link and node to form the path to reach the target node and improve load balancing.Finally,we propose a conceptual framework for SDN futurology by evaluating node and link reliability,which can balance the load efficiently and improve QoS in SDN.展开更多
For the past few decades,the internet of underwater things(IoUT)otained a lot of attention in mobile aquatic applications such as oceanography,diver network monitoring,unmanned underwater exploration,underwater survei...For the past few decades,the internet of underwater things(IoUT)otained a lot of attention in mobile aquatic applications such as oceanography,diver network monitoring,unmanned underwater exploration,underwater surveillance,location tracking system,etc.Most of the IoUT applications rely on acoustic medium.The current IoUT applications face difficulty in delivering a reliable communication system due to the various technical limitations of IoUT environment such as low data rate,attenuation,limited bandwidth,limited battery,limited memory,connectivity problem,etc.One of the significant applications of IoUT include monitoring underwater diver networks.In order to perform a reliable and energy-efficient communication system in the underwater diver networks,a smart underwater hybrid softwaredefined modem(UHSDM)for the mobile ad-hoc network was developed that is used for selecting the best channel/medium among acoustic,visible light communication(VLC),and infrared(IR)based on the criteria established within the system.However,due to the mobility of underwater divers,the developed UHSDMmeets the challenges such as connectivity errors,frequent link failure,transmission delay caused by re-routing,etc.During emergency,the divers are most at the risk of survival.To deal with diver mobility,connectivity,energy efficiency,and reducing the latency in ADN,a handover mechanism based on pre-built UHSDM is proposed in this paper.This paper focuses on(1)design of UHSDM for ADN(2)propose the channel selection mechanism in UHSDM for selecting the best medium for handover and(3)propose handover protocol inADN.The implementation result shows that the proposed mechanism can be used to find the new route for divers in advance and the latency can be reduced significantly.Additionally,this paper shows the real field experiment of air tests and underwater tests with various distances.This research will contribute much to the profit of researchers in underwater diver networks and underwater networks,for improving the quality of services(QoS)of underwater applications.展开更多
文章深入研究基于强化学习的流量优化与拥塞控制方法在软件定义网络(Software Defined Network,SDN)中的应用。首先,详细阐述SDN网络的架构与原理。SDN网络的灵活性和可编程性为网络管理提供了全新的范式。其次,提出了一种基于强化学习...文章深入研究基于强化学习的流量优化与拥塞控制方法在软件定义网络(Software Defined Network,SDN)中的应用。首先,详细阐述SDN网络的架构与原理。SDN网络的灵活性和可编程性为网络管理提供了全新的范式。其次,提出了一种基于强化学习的流量优化与拥塞控制方法,通过建模状态、动作、奖励等要素,实现网络流量智能调整。最后,在Mininet仿真环境中进行了实验验证。通过监测吞吐量、延迟、拥塞情况等性能指标,验证所提方法的有效性。实验结果表明,在网络性能方面,所提方法相较于传统方法取得了显著改善,具备更好的适应性和优化能力。展开更多
重点研究智慧校园网络与安全的软件定义网络(Software Defined Network,SDN)架构选择,分别讨论SDN架构应用的必要性、实现方法、网络与安全维护建议等内容。从智慧校园的集中部署、意图网络与智慧校园的融合、以零信任为核心构建网络安...重点研究智慧校园网络与安全的软件定义网络(Software Defined Network,SDN)架构选择,分别讨论SDN架构应用的必要性、实现方法、网络与安全维护建议等内容。从智慧校园的集中部署、意图网络与智慧校园的融合、以零信任为核心构建网络安全架构3个维度出发,提出保护智慧校园网络安全的建议。旨在强调SDN架构对于智慧校园建设的运行安全维护作用,以期为今后智慧校园的深化建设提供技术支持。展开更多
Satellite-Terrestrial integrated Networks(STNs)have been advocated by both academia and industry as a promising network paradigm to achieve service continuity and ubiquity.However,STNs suffer from problems including p...Satellite-Terrestrial integrated Networks(STNs)have been advocated by both academia and industry as a promising network paradigm to achieve service continuity and ubiquity.However,STNs suffer from problems including poor flexibility of network architecture,low adaptability to dynamic environments,the lack of network intelligence,and low resource utilization.To handle these challenges,a Software defined Intelligent STN(SISTN)architecture is introduced.Specifically,the hierarchical architecture of the proposal is described and a distributed deployment scheme for SISTNs controllers is proposed to realize agile and effective network management and control.Moreover,three use cases in SISTNs are discussed.Meanwhile,key techniques and their corresponding solutions are presented,followed by the identification of several open issues in SISTNs including compatibility with existing networks,the tradeoff between network flexibility and performance,and so on.展开更多
基金extend their appreciation to Researcher Supporting Project Number(RSPD2023R582)King Saud University,Riyadh,Saudi Arabia.
文摘The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.
文摘Software-defined networking(SDN)algorithms are gaining increas-ing interest and are making networks flexible and agile.The basic idea of SDN is to move the control planes to more than one server’s named controllers and limit the data planes to numerous sending network components,enabling flexible and dynamic network management.A distinctive characteristic of SDN is that it can logically centralize the control plane by utilizing many physical controllers.The deployment of the controller—that is,the controller placement problem(CPP)—becomes a vital model challenge.Through the advancements of blockchain technology,data integrity between nodes can be enhanced with no requirement for a trusted third party.Using the lat-est developments in blockchain technology,this article designs a novel sea turtle foraging optimization algorithm for the controller placement problem(STFOA-CPP)with blockchain-based intrusion detection in an SDN environ-ment.The major intention of the STFOA-CPP technique is the maximization of lifetime,network connectivity,and load balancing with the minimization of latency.In addition,the STFOA-CPP technique is based on the sea turtles’food-searching characteristics of tracking the odour path of dimethyl sulphide(DMS)released from food sources.Moreover,the presented STFOA-CPP technique can adapt with the controller’s count mandated and the shift to controller mapping to variable network traffic.Finally,the blockchain can inspect the data integrity,determine significantly malicious input,and improve the robust nature of developing a trust relationship between sev-eral nodes in the SDN.To demonstrate the improved performance of the STFOA-CPP algorithm,a wide-ranging experimental analysis was carried out.The extensive comparison study highlighted the improved outcomes of the STFOA-CPP technique over other recent approaches.
文摘Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively manage,optimize,and maintain these systems.Due to their distributed nature,machine learning models are challenging to deploy in traditional networks.However,Software-Defined Networking(SDN)presents an opportunity to integrate intelligence into networks by offering a programmable architecture that separates data and control planes.SDN provides a centralized network view and allows for dynamic updates of flow rules and softwarebased traffic analysis.While the programmable nature of SDN makes it easier to deploy machine learning techniques,the centralized control logic also makes it vulnerable to cyberattacks.To address these issues,recent research has focused on developing powerful machine-learning methods for detecting and mitigating attacks in SDN environments.This paper highlighted the countermeasures for cyberattacks on SDN and how current machine learningbased solutions can overcome these emerging issues.We also discuss the pros and cons of using machine learning algorithms for detecting and mitigating these attacks.Finally,we highlighted research issues,gaps,and challenges in developing machine learning-based solutions to secure the SDN controller,to help the research and network community to develop more robust and reliable solutions.
基金supported in part by the National Natural Science Foundation of China(NSFC)under grant numbers U22A2007 and 62171010the Open project of Satellite Internet Key Laboratory in 2022(Project 3:Research on Spaceborne Lightweight Core Network and Intelligent Collaboration)the Beijing Natural Science Foundation under grant number L212003.
文摘With the advancements of software defined network(SDN)and network function virtualization(NFV),service function chain(SFC)placement becomes a crucial enabler for flexible resource scheduling in low earth orbit(LEO)satellite networks.While due to the scarcity of bandwidth resources and dynamic topology of LEO satellites,the static SFC placement schemes may cause performance degradation,resource waste and even service failure.In this paper,we consider migration and establish an online migration model,especially considering the dynamic topology.Given the scarcity of bandwidth resources,the model aims to maximize the total number of accepted SFCs while incurring as little bandwidth cost of SFC transmission and migration as possible.Due to its NP-hardness,we propose a heuristic minimized dynamic SFC migration(MDSM)algorithm that only triggers the migration procedure when new SFCs are rejected.Simulation results demonstrate that MDSM achieves a performance close to the upper bound with lower complexity.
基金This work was supported by the Fundamental Research Funds for the Central Universities(2021RC239)the Postdoctoral Science Foundation of China(2021 M690338)+3 种基金the Hainan Provincial Natural Science Foundation of China(620RC562,2019RC096,620RC560)the Scientific Research Setup Fund of Hainan University(KYQD(ZR)1877)the Program of Hainan Association for Science and Technology Plans to Youth R&D Innovation(QCXM201910)the National Natural Science Foundation of China(61802092,62162021).
文摘Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.
文摘Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.
文摘The ever-increasing needs of Internet of Things networks (IoTn) present considerable issues in computing complexity, security, trust, and authentication, among others. This gets increasingly more challenging as technology advances, and its use expands. As a consequence, boosting the capacity of these networks has garnered widespread attention. As a result, 5G, the next phase of cellular networks, is expected to be a game-changer, bringing with it faster data transmission rates, more capacity, improved service quality, and reduced latency. However, 5G networks continue to confront difficulties in establishing pervasive and dependable connections amongst high-speed IoT devices. Thus, to address the shortcomings in current recommendations, we present a unified architecture based on software-defined networks (SDNs) that provides 5G-enabled devices that must have complete secrecy. Through SDN, the architecture streamlines network administration while optimizing network communications. A mutual authentication protocol using elliptic curve cryptography is introduced for mutual authentication across certificate authorities and clustered heads in IoT network deployments based on IoT. Again, a dimensionality reduction intrusion detection mechanism is introduced to decrease computational cost and identify possible network breaches. However, to leverage the method’s potential, the initial module's security is reviewed. The second module is evaluated and compared to modern models.
文摘As a new networking paradigm,Software-Defined Networking(SDN)enables us to cope with the limitations of traditional networks.SDN uses a controller that has a global view of the network and switch devices which act as packet forwarding hardware,known as“OpenFlow switches”.Since load balancing service is essential to distribute workload across servers in data centers,we propose an effective load balancing scheme in SDN,using a genetic programming approach,called Genetic Programming based Load Balancing(GPLB).We formulate the problem to find a path:1)with the best bottleneck switch which has the lowest capacity within bottleneck switches of each path,2)with the shortest path,and 3)requiring the less possible operations.For the purpose of choosing the real-time least loaded path,GPLB immediately calculates the integrated load of paths based on the information that receives from the SDN controller.Hence,in this design,the controller sends the load information of each path to the load balancing algorithm periodically and then the load balancing algorithm returns a least loaded path to the controller.In this paper,we use the Mininet emulator and the OpenDaylight controller to evaluate the effectiveness of the GPLB.The simulative study of the GPLB shows that there is a big improvement in performance metrics and the latency and the jitter are minimized.The GPLB also has the maximum throughput in comparison with related works and has performed better in the heavy traffic situation.The results show that our model stands smartly while not increasing further overhead.
基金supported by the China Postdoctoral Fund Project (No.44603)the National Natural Science Foundation of China (No.61309020)+1 种基金the National key Research and Development Program of China (No.2016YFB0800100, 2016YFB0800101)the National Natural Science Fund for Creative Research Groups Project(No.61521003)
文摘Software.defined networking(SDN) enables third.part companies to participate in the network function innovations. A number of instances for one network function will inevitably co.exist in the network. Although some orchestration architecture has been proposed to chain network functions, rare works are focused on how to optimize this process. In this paper, we propose an optimized model for network function orchestration, function combination model(FCM). Our main contributions are as following. First, network functions are featured with a new abstraction, and are open to external providers. And FCM identifies network functions using unique type, and organizes their instances distributed over the network with the appropriate way. Second, with the specialized demands, we can combine function instances under the global network views, and formulate it into the problem of Boolean linear program(BLP). A simulated annealing algorithm is designed to approach optimal solution for this BLP. Finally, the numerical experiment demonstrates that our model can create outstanding composite schemas efficiently.
基金performed in the Projects " LIGHTNESS : Low latency and high throughput dynamic network infrastructures for high performance datacentre interconnects" (No. 318606) "COSIGN: Combining Optics and SDN In next Generation data centre Networks" (No. 619572) supported by European Commission FP7
文摘Based on the analysis of data centre(DC) traffic pattern, we introduced a holistic software-defined optical DC solution. Architecture-on-Demand based hybrid optical switched(OPS/OCS) data centre network(DCN) fabric is introduced, which is able to realise different inter-and intra-cluster configurations and dynamically support diverse traffic in the DC. The optical DCN is controlled and managed by a software-defined networking(SDN) enabled control plane to achieve high programmability. Moreover, virtual data centre(VDC) composition is developed as an application of such softwaredefined optical DC to create VDC slices for different tenants.
基金supported by the State Key Program of National Natural Science Foundation of China(Grant No.61233003)National Natural Science Foundation of China(Grant No.61503358)
文摘To cope with the rapid growth of mobile video, video providers have leveraged cloud technologies to deploy their mobile video service system for more cost-effective and scalable performance. The emergence of Software-Defined Networking(SDN) provides a promising solution to manage the underlying network. In this paper, we introduce an SDN-enabled cloud mobile video distribution architecture and propose a joint video placement, request dispatching and traffic management mechanism to improve user experience and reduce the system operational cost. We use a utility function to capture the two aspects of user experience: the level of satisfaction and average latency, and formulate the joint optimization problem as a mixed integer programming problem. We develop an optimal algorithm based on dual decomposition and prove its optimality. We conduct simulations to evaluate the performance of our algorithm and the results show that our strategy can effectively cut down the total cost and guarantee user experience.
基金This work was funded by BK21 FOUR(Fostering Outstanding Universities for Research)(No.5199990914048)this research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(NRF-2020R1I1A3066543)In addition,this work was supported by the Soonchunhyang University Research Fund.
文摘Federated learning(FL)activates distributed on-device computation techniques to model a better algorithm performance with the interaction of local model updates and global model distributions in aggregation averaging processes.However,in large-scale heterogeneous Internet of Things(IoT)cellular networks,massive multi-dimensional model update iterations and resource-constrained computation are challenging aspects to be tackled significantly.This paper introduces the system model of converging softwaredefined networking(SDN)and network functions virtualization(NFV)to enable device/resource abstractions and provide NFV-enabled edge FL(eFL)aggregation servers for advancing automation and controllability.Multi-agent deep Q-networks(MADQNs)target to enforce a self-learning softwarization,optimize resource allocation policies,and advocate computation offloading decisions.With gathered network conditions and resource states,the proposed agent aims to explore various actions for estimating expected longterm rewards in a particular state observation.In exploration phase,optimal actions for joint resource allocation and offloading decisions in different possible states are obtained by maximum Q-value selections.Action-based virtual network functions(VNF)forwarding graph(VNFFG)is orchestrated to map VNFs towards eFL aggregation server with sufficient communication and computation resources in NFV infrastructure(NFVI).The proposed scheme indicates deficient allocation actions,modifies the VNF backup instances,and reallocates the virtual resource for exploitation phase.Deep neural network(DNN)is used as a value function approximator,and epsilongreedy algorithm balances exploration and exploitation.The scheme primarily considers the criticalities of FL model services and congestion states to optimize long-term policy.Simulation results presented the outperformance of the proposed scheme over reference schemes in terms of Quality of Service(QoS)performance metrics,including packet drop ratio,packet drop counts,packet delivery ratio,delay,and throughput.
基金The researchers would like to thank the Deanship of Scientific Research,Qassim University for funding the publication of this project.
文摘Software-defined network(SDN)is a new form of network architecture that has programmability,ease of use,centralized control,and protocol independence.It has received high attention since its birth.With SDN network architecture,network management becomes more efficient,and programmable interfaces make network operations more flexible and can meet the different needs of various users.The mainstream communication protocol of SDN is OpenFlow,which contains aMatch Field in the flow table structure of the protocol,which matches the content of the packet header of the data received by the switch,and completes the corresponding actions according to the matching results,getting rid of the dependence on the protocol to avoid designing a new protocol.In order to effectively optimize the routing forSDN,this paper proposes a novel algorithm based on reinforcement learning.The proposed technique canmaximize numerous objectives to dynamically update the routing strategy,and it has great generality and is not reliant on any specific network state.The control of routing strategy is more complicated than many Q-learning-based algorithms due to the employment of reinforcement learning.The performance of the method is tested by experiments using the OMNe++simulator.The experimental results reveal that our PPO-based SDN routing control method has superior performance and stability than existing algorithms.
基金The authors received Excellent Graduate Assistant funding from Universiti Kuala Lumpur for this study.
文摘Software-defined networking(SDN)plays a critical role in transforming networking from traditional to intelligent networking.The increasing demand for services from cloud users has increased the load on the network.An efficient system must handle various loads and increasing needs representing the relationships and dependence of businesses on automated measurement systems and guarantee the quality of service(QoS).Themultiple paths from source to destination give a scope to select an optimal path by maintaining an equilibrium of load using some best algorithms.Moreover,the requests need to be transferred to reliable network elements.To address SDN’s current and future challenges,there is a need to know how artificial intelligence(AI)optimization techniques can efficiently balance the load.This study aims to explore two artificial intelligence optimization techniques,namely Ant Colony Optimization(ACO)and Particle Swarm Optimization(PSO),used for load balancing in SDN.Further,we identified that a modification to the existing optimization technique could improve the performance by using a reliable link and node to form the path to reach the target node and improve load balancing.Finally,we propose a conceptual framework for SDN futurology by evaluating node and link reliability,which can balance the load efficiently and improve QoS in SDN.
基金This research was a part of the project titled“Development of the wide-area underwater mobile communication systems”funded by the Ministry of Oceans and Fisheries,Korea.
文摘For the past few decades,the internet of underwater things(IoUT)otained a lot of attention in mobile aquatic applications such as oceanography,diver network monitoring,unmanned underwater exploration,underwater surveillance,location tracking system,etc.Most of the IoUT applications rely on acoustic medium.The current IoUT applications face difficulty in delivering a reliable communication system due to the various technical limitations of IoUT environment such as low data rate,attenuation,limited bandwidth,limited battery,limited memory,connectivity problem,etc.One of the significant applications of IoUT include monitoring underwater diver networks.In order to perform a reliable and energy-efficient communication system in the underwater diver networks,a smart underwater hybrid softwaredefined modem(UHSDM)for the mobile ad-hoc network was developed that is used for selecting the best channel/medium among acoustic,visible light communication(VLC),and infrared(IR)based on the criteria established within the system.However,due to the mobility of underwater divers,the developed UHSDMmeets the challenges such as connectivity errors,frequent link failure,transmission delay caused by re-routing,etc.During emergency,the divers are most at the risk of survival.To deal with diver mobility,connectivity,energy efficiency,and reducing the latency in ADN,a handover mechanism based on pre-built UHSDM is proposed in this paper.This paper focuses on(1)design of UHSDM for ADN(2)propose the channel selection mechanism in UHSDM for selecting the best medium for handover and(3)propose handover protocol inADN.The implementation result shows that the proposed mechanism can be used to find the new route for divers in advance and the latency can be reduced significantly.Additionally,this paper shows the real field experiment of air tests and underwater tests with various distances.This research will contribute much to the profit of researchers in underwater diver networks and underwater networks,for improving the quality of services(QoS)of underwater applications.
文摘文章深入研究基于强化学习的流量优化与拥塞控制方法在软件定义网络(Software Defined Network,SDN)中的应用。首先,详细阐述SDN网络的架构与原理。SDN网络的灵活性和可编程性为网络管理提供了全新的范式。其次,提出了一种基于强化学习的流量优化与拥塞控制方法,通过建模状态、动作、奖励等要素,实现网络流量智能调整。最后,在Mininet仿真环境中进行了实验验证。通过监测吞吐量、延迟、拥塞情况等性能指标,验证所提方法的有效性。实验结果表明,在网络性能方面,所提方法相较于传统方法取得了显著改善,具备更好的适应性和优化能力。
文摘重点研究智慧校园网络与安全的软件定义网络(Software Defined Network,SDN)架构选择,分别讨论SDN架构应用的必要性、实现方法、网络与安全维护建议等内容。从智慧校园的集中部署、意图网络与智慧校园的融合、以零信任为核心构建网络安全架构3个维度出发,提出保护智慧校园网络安全的建议。旨在强调SDN架构对于智慧校园建设的运行安全维护作用,以期为今后智慧校园的深化建设提供技术支持。
基金This work was supported in part by the National Key Research and Development Program of China under Grant 2020YFB1806703in part by the National Natural Science Foundation of China under Grant 62001053,Grant 61831002,and Grant 61925101in part by Young Elite Scientist Sponsorship Program by China Institute of Communications,and in part by the BUPT Excellent Ph.D.Students Foundation under Grant CX2020106.
文摘Satellite-Terrestrial integrated Networks(STNs)have been advocated by both academia and industry as a promising network paradigm to achieve service continuity and ubiquity.However,STNs suffer from problems including poor flexibility of network architecture,low adaptability to dynamic environments,the lack of network intelligence,and low resource utilization.To handle these challenges,a Software defined Intelligent STN(SISTN)architecture is introduced.Specifically,the hierarchical architecture of the proposal is described and a distributed deployment scheme for SISTNs controllers is proposed to realize agile and effective network management and control.Moreover,three use cases in SISTNs are discussed.Meanwhile,key techniques and their corresponding solutions are presented,followed by the identification of several open issues in SISTNs including compatibility with existing networks,the tradeoff between network flexibility and performance,and so on.