Federated Network Intelligence Orchestration for Scalable and Automated FL-Based Anomaly Detection in B5G Networks

The management of network intelligence in Beyond 5G(B5G)networks encompasses the complex challenges of scalability,dynamicity,interoperability,privacy,and security.These are essential steps towards achieving the realization of truly ubiquitous Artificial Intelligence(AI)-based analytics,empowering seamless integration across the entire Continuum(Edge,Fog,Core,Cloud).This paper introduces a Federated Network Intelligence Orchestration approach aimed at scalable and automated Federated Learning(FL)-based anomaly detection in B5Gnetworks.By leveraging a horizontal Federated learning approach based on the FedAvg aggregation algorithm,which employs a deep autoencoder model trained on non-anomalous traffic samples to recognize normal behavior,the systemorchestrates network intelligence to detect and prevent cyber-attacks.Integrated into a B5G Zero-touch Service Management(ZSM)aligned Security Framework,the proposal utilizes multi-domain and multi-tenant orchestration to automate and scale the deployment of FL-agents and AI-based anomaly detectors,enhancing reaction capabilities against cyber-attacks.The proposed FL architecture can be dynamically deployed across the B5G Continuum,utilizing a hierarchy of Network Intelligence orchestrators for real-time anomaly and security threat handling.Implementation includes FL enforcement operations for interoperability and extensibility,enabling dynamic deployment,configuration,and reconfiguration on demand.Performance validation of the proposed solution was conducted through dynamic orchestration,FL,and real-time anomaly detection processes using a practical test environment.Analysis of key performance metrics,leveraging the 5G-NIDD dataset,demonstrates the system’s capability for automatic and near real-time handling of anomalies and attacks,including real-time network monitoring and countermeasure implementation for mitigation.

Security Monitoring and Management for the Network Services in the Orchestration of SDN-NFV Environment Using Machine Learning Techniques

Software Defined Network(SDN)and Network Function Virtualization(NFV)technology promote several benefits to network operators,including reduced maintenance costs,increased network operational performance,simplified network lifecycle,and policies management.Network vulnerabilities try to modify services provided by Network Function Virtualization MANagement and Orchestration(NFV MANO),and malicious attacks in different scenarios disrupt the NFV Orchestrator(NFVO)and Virtualized Infrastructure Manager(VIM)lifecycle management related to network services or individual Virtualized Network Function(VNF).This paper proposes an anomaly detection mechanism that monitors threats in NFV MANO and manages promptly and adaptively to implement and handle security functions in order to enhance the quality of experience for end users.An anomaly detector investigates these identified risks and provides secure network services.It enables virtual network security functions and identifies anomalies in Kubernetes(a cloud-based platform).For training and testing purpose of the proposed approach,an intrusion-containing dataset is used that hold multiple malicious activities like a Smurf,Neptune,Teardrop,Pod,Land,IPsweep,etc.,categorized as Probing(Prob),Denial of Service(DoS),User to Root(U2R),and Remote to User(R2L)attacks.An anomaly detector is anticipated with the capabilities of a Machine Learning(ML)technique,making use of supervised learning techniques like Logistic Regression(LR),Support Vector Machine(SVM),Random Forest(RF),Naïve Bayes(NB),and Extreme Gradient Boosting(XGBoost).The proposed framework has been evaluated by deploying the identified ML algorithm on a Jupyter notebook in Kubeflow to simulate Kubernetes for validation purposes.RF classifier has shown better outcomes(99.90%accuracy)than other classifiers in detecting anomalies/intrusions in the containerized environment.

Horizontal-Based Orchestration for Multi-Domain SFC in SDN/NFV-Enabled Satellite/Terrestrial Networks

It's promising to use Software-Defined Networking(SDN) and Network Functions Virtualization(NFV) to integrate satellite and terrestrial networks. To construct network service function chains in such a multi-domain environment, we propose a horizontal-based Multi-domain Service Function Chaining(Md-SFC) orchestration framework. In this framework, multi-domain orchestrators can coordinate with each other to guarantee the end-to-end service quality. Intra-domain orchestrators also coordinate SDN controllers and NFV management components to implement intra-domain service function chains. Based on this, we further propose a heuristic SFC mapping algorithm with a cooperative inter-domain path calculation method to map service function chains to infrastructures. In this method, master multi-domain orchestrator and intra-domain orchestrators coordinate to select proper inter-domain links. We compare the cooperative method with a naive uncooperative way that domains' topology information is provided to the master multi-domain orchestrator and it calculates the shortest inter-domain path between intra-domain service function chains directly. Simulation results demonstrate that our solution is feasible. It is able to construct end-to-end performance guaranteed service function chain by horizontal-based cooperation. The cooperative inter-domain path calculation method decreasesthe mapping load for the master orchestrator and gets the same end-to-end performance.

SDN Orchestration for Dynamic End-to-End Control of Data Center Multi-Domain Optical Networking

New and emerging use cases, such as the interconnection of geographically distributed data centers(DCs), are drawing attention to the requirement for dynamic end-to-end service provisioning, spanning multiple and heterogeneous optical network domains. This heterogeneity is, not only due to the diverse data transmission and switching technologies, but also due to the different options of control plane techniques. In light of this, the problem of heterogeneous control plane interworking needs to be solved, and in particular, the solution must address the specific issues of multi-domain networks, such as limited domain topology visibility, given the scalability and confidentiality constraints. In this article, some of the recent activities regarding the Software-Defined Networking(SDN) orchestration are reviewed to address such a multi-domain control plane interworking problem. Specifically, three different models, including the single SDN controller model, multiple SDN controllers in mesh, and multiple SDN controllers in a hierarchical setting, are presented for the DC interconnection network with multiple SDN/Open Flow domains or multiple Open Flow/Generalized Multi-Protocol Label Switching( GMPLS) heterogeneous domains. I n addition, two concrete implementations of the orchestration architectures are detailed, showing the overall feasibility and procedures of SDN orchestration for the end-to-endservice provisioning in multi-domain data center optical networks.

Service Function Chain Orchestration across Multiple Clouds

Network function virtualization is a new network concept that moves network functions from dedicated hardware to software-defined applications running on standard high volume severs. In order to accomplish network services, traffic flows are usually processed by a list of network functions in sequence which is defined by service function chain. By incorporating network function virtualization in inter-data center(DC) network, we can use the network resources intelligently and deploy network services faster. However, orchestrating service function chains across multiple data centers will incur high deployment cost, including the inter-data center bandwidth cost, virtual network function cost and the intra-data center bandwidth cost. In this paper, we orchestrate SFCs across multiple data centers, with a goal to minimize the overall cost. An integer linear programming(ILP) model is formulated and we provide a meta-heuristic algorithm named GBAO which contains three modules to solve it. We implemented our algorithm in Python and performed side-by-side comparison with prior algorithms. Simulation results show that our proposed algorithm reduces the overall cost by at least 21.4% over the existing algorithms for accommodating the same service function chain requests.

Performance Evaluation of Service Orchestration with Dynarric Latency Simulation

Dynamic latency over the Intemet is an Important parameter for evaluating the performance of Web service orchestration. In this paper, we propose a performance analyzing and correctness checking method for service orchestration with dynamic latency simulated in Colored PetriNets （CPNs）. First, we extend the CPN to Web Service Composition Orchestration Network System （WS-CONS） for the description of dynamic latency in service orchestration. Secondly, with simulated dynamic latency, a buffer-limited policy and admittance-control policy are designed in WS- CONS and implemented on CPN Tools. In the buffer-limited policy, the passing messages would be discarded if the node capacity is not adequate. In the admittance-control policy, the ability of a message entering the system depends on the number of messages concurrently flowing in the system. This helps to enhance the success rate of message passing. Finally, the system performance is evaluated through running models in CPN Tools. Simulated results show that the dynamic latency plays an important role in the system throughput and response latency. This simulation helps system designers to quickly make proper compromises at low cost.

Intelligent Approach for Traffic Orchestration in SDVN Based on CMPR

The vehicle ad hoc network that has emerged in recent years was originally a branch of the mobile ad hoc network.With the drafting and gradual establishment of standards such as IEEE802.11p and IEEE1609,the vehicle ad hoc network has gradually become independent of the mobile ad hoc network.The Internet of Vehicles(Vehicular Ad Hoc Network,VANET)is a vehicle-mounted network that comprises vehicles and roadside basic units.This multi-hop hybrid wireless network is based on a vehicle-mounted self-organizing network.As compared to other wireless networks,such as mobile ad hoc networks,wireless sensor networks,wireless mesh networks,etc.,the Internet of Vehicles offers benefits such as a large network scale,limited network topology,and predictability of node movement.The paper elaborates on the Traffic Orchestration(TO)problems in the Software-Defined Vehicular Networks(SDVN).A succinct examination of the Software-defined networks(SDN)is provided along with the growing relevance of TO in SDVN.Considering the technology features of SDN,a modified TO method is proposed,which makes it possible to reduce time complexity in terms of a group of path creation while simultaneously reducing the time needed for path reconfiguration.A criterion for path choosing is proposed and justified,which makes it possible to optimize the load of transport network channels.Summing up,this paper justifies using multipath routing for TO.

Complex Problems Solution as a Service Based on Predictive Optimization and Tasks Orchestration in Smart Cities

Smart cities have different contradicting goals having no apparent solution.The selection of the appropriate solution,which is considered the best compromise among the candidates,is known as complex problem-solving.Smart city administrators face different problems of complex nature,such as optimal energy trading in microgrids and optimal comfort index in smart homes,to mention a few.This paper proposes a novel architecture to offer complex problem solutions as a service(CPSaaS)based on predictive model optimization and optimal task orchestration to offer solutions to different problems in a smart city.Predictive model optimization uses a machine learning module and optimization objective to compute the given problem’s solutions.The task orchestration module helps decompose the complex problem in small tasks and deploy them on real-world physical sensors and actuators.The proposed architecture is hierarchical and modular,making it robust against faults and easy to maintain.The proposed architecture’s evaluation results highlight its strengths in fault tolerance,accuracy,and processing speed.

Novel Architecture of Security Orchestration, Automation and Response in Internet of Blended Environment

New technologies that take advantage of the emergence of massive Internet of Things(IoT)and a hyper-connected network environment have rapidly increased in recent years.These technologies are used in diverse environments,such as smart factories,digital healthcare,and smart grids,with increased security concerns.We intend to operate Security Orchestration,Automation and Response(SOAR)in various environments through new concept definitions as the need to detect and respond automatically to rapidly increasing security incidents without the intervention of security personnel has emerged.To facilitate the understanding of the security concern involved in this newly emerging area,we offer the definition of Internet of Blended Environment(IoBE)where various convergence environments are interconnected and the data analyzed in automation.We define Blended Threat(BT)as a security threat that exploits security vulnerabilities through various attack surfaces in the IoBE.We propose a novel SOAR-CUBE architecture to respond to security incidents with minimal human intervention by automating the BT response process.The Security Orchestration,Automation,and Response(SOAR)part of our architecture is used to link heterogeneous security technologies and the threat intelligence function that collects threat data and performs a correlation analysis of the data.SOAR is operated under Collaborative Units of Blended Environment(CUBE)which facilitates dynamic exchanges of data according to the environment applied to the IoBE by distributing and deploying security technologies for each BT type and dynamically combining them according to the cyber kill chain stage to minimize the damage and respond efficiently to BT.

数字化转型背景下中小制造企业如何编排资源利用数字机会——基于资源编排理论的fsQCA研究

利用数字机会是中小制造企业实现数字化转型的关键。资源编排理论指出,利用数字机会离不开企业资源和能力的支持,尤其要将各种资源和能力有效组合起来。但大量中小制造企业难以有效编排自身资源和能力来利用数字机会。为此,本文关注中小制造企业的五种传统资源和能力(实物资源、关系资源、制造能力、营销能力和创新能力)及两种数字资源和能力(大数据资源和数字平台能力),运用模糊集定性比较分析(fsQCA)方法对392份问卷数据进行分析,研究发现:五种传统资源和能力及两种数字资源和能力都不能单独作为中小制造企业数字机会利用的必要条件,但数字平台能力作为核心条件能发挥较为普适的作用。同时,中小制造企业的数字机会利用存在三种路径,可归纳为“内向型”“外向型”和“内外兼顾型”,通过进一步聚焦高技术制造业,发现其数字机会利用存在两种路径:“渐进型”和“突破型”。本文有助于发现如何在数字化背景下编排企业资源和能力,拓展了资源编排理论的研究情境(数字化背景)和研究范围(数字资源和能力),回应了识别“数据时代的资源编排规律”的呼吁。

数字化转型能提升农业企业全要素生产率吗?

基于2007—2020年我国A股上市农业企业的微观数据,实证分析数字化转型对农业企业全要素生产率的影响及其机制。研究表明,数字化转型有利于提升农业企业的全要素生产率。机制检验表明,数字化转型通过提高资金利用率、降低超额雇员率、增大研发投入来提高农业企业全要素生产率。调节效应检验表明,营商环境不确定性、行业竞争强度加剧将削减数字化转型对农业企业全要素生产率的提升效果。异质性检验表明,数字化转型对小规模农业企业、处于成长期和成熟期的农业企业、国有农业企业、两职分离的农业企业全要素生产率的提升作用更为显著。为此,政府等治理主体应完善数字基础设施,营造良好营商环境和市场竞争秩序,优化农业企业数字化转型的外部环境;同时农业企业也要根据自身发展实际,科学配置资金、技术、劳动力等资源,选择适宜的数字化转型路径。

老字号求新求变中的战略转型研究——基于组织注意力和资源编排视角

面对年轻品牌冲击,转型与变革是老字号摆脱“生死线”的重要手段,传承与创新是老字号发展的关键。通过采用探索性单案例的研究方法,基于北京同升和鞋业有限责任公司从1978年至2022年的发展历程,探讨老字号如何凭借组织注意力和资源编排完成转型过程,实现求新求变目标。研究发现,老字号在战略转型过程中会经历“转型准备—转型实施—转型整合”三个阶段,具体表现为:(1)战略转型准备基于组织注意力情境化条件感知、组织注意力有效配置以及组织注意力选择,三者协同配合识别影响转型的关键要素;(2)战略转型实施通过资源结构化、资源捆绑以及资源利用完成,落实组织注意力选择的结果;(3)战略转型整合通过商业模式或经营领域的调整完成,呈现战略决策。

数字化视角下资源编排对中小企业组织韧性的影响

资源编排理论为探索数字化背景下中小企业组织韧性培育提供了新思路。聚焦资源编排对中小企业组织韧性的影响,揭示两者间的作用机理与边界条件,以334家中小企业为样本的实证研究结果表明:资源构建、资源协调对中小企业组织韧性具有正向影响;数字运营能力、数字协同能力中介资源编排与组织韧性的关系,而数字感知能力在二者间的中介作用未得到证实;变革型领导正向调节数字运营能力、数字协同能力对组织韧性的影响。结论可打开数字化视角下组织韧性培育过程的“黑箱”,为数字经济背景下中小企业实施资源编排行为以强化组织韧性提供实践启示。

传统能源行业领军企业绿色创新生态演进机制和路径研究

领军企业绿色创新对推动企业绿色低碳发展具有示范和辐射效应。本文基于资源编排和生态位理论,以国有领军企业陕煤集团和民营领军企业潞宝集团为案例研究对象,分析了传统能源行业领军企业绿色创新生态的内在演进机制,探讨了不同所有制领军企业的共性特征和差异化表现。研究发现:第一,以关键事件划分时序区间,领军企业绿色创新生态演化可以划分为3个阶段,且不同阶段的制度逻辑、资源编排和行为特征存在明显差异;第二,领军企业绿色创新生态演进的关键因子为环境响应、资源编排、创新能力和价值创造,通过关键因子的协同作用,企业绿色创新生态均呈现出从态能积累到势能提升到适宜度优化的共性演进过程;第三,不同所有制领军企业在多重制度逻辑约束下,在绿色创新生态演进过程中表现出显著的差异性,国有领军企业遵循主动响应的创新战略,通过资源的“内延式整合”创新机制推动绿色创新生态的进阶,而民营领军企业则遵循组织自适应的创新战略,通过资源的“外延式拓展”创新机制推动绿色创新生态的迭代演进。本研究从“情景驱动—协同治理—演进结果”整合视角下探讨了领军企业绿色创新生态从构建到演进的内在机制和核心要素,揭示了国有和民营领军企业因绿色创新战略导向的不同,在演进逻辑、治理模式和行为特征上的差异性。研究结论为传统能源行业领军企业绿色创新生态升级和实现绿色高质量发展,提供了理论支撑和管理启示。

基于资源感知的多域服务功能链编排成本优化

网络功能虚拟化技术的兴起使得实例化为服务功能链(SFC)的网络服务能够共享基底网络,缓解了传统网络体系结构僵化的问题.然而,网络中大量服务请求给多域SFC编排带来了新的挑战.首先由于域内网络资源信息及内部策略的保密性,使得多域SFC的编排更为复杂.其次多域SFC编排要确定最佳候选编排域集,先前的研究较少考虑域间负载的均衡性,对服务接受率造成了消极影响.此外跨网络域编排服务请求对服务的成本和响应时间提出了更严格的要求.为解决上述挑战,在本文中,我们首先针对多域网络隐私性需求,提出了域级图的构造方法;然后基于域间负载均衡提出了域权重的计算方法进行SFC编排域的选择;最后,针对多域网络成本和响应时间需求,提出编排算法.实验结果表明,提出的算法有效地权衡了平均服务成本和接受率,并且在服务平均响应时间方面也得到了优化.

安全编排与自动化响应平台在医院网络安全中的应用探索

目的为解决当前医疗机构使用多种不同的安全设备造成医院安全运维难度大以及无法统一管理等问题,探索建设和应用面向医院安全管理的安全编排与自动化响应平台。方法从全网覆盖、异构联动、综合分析、快速响应的设计角度出发,构建一个安全编排与自动化响应平台,将原本分散且各自独立的安全设备和系统协同联动起来。结果建成了医院安全编排与自动化响应平台,实现了安全能力的集成与编排。自2022年7月上线以来,共监测到外部系统攻击123150次,协助修复应用系统漏洞43个,封锁恶意攻击IP达5019个。结论安全编排与自动化响应平台能够提升医院系统的安全响应及时性和防御实效性,实现全网威胁统一监测分析与运维。

资源编排视角下企业质量资源转化为竞争优势的内在机理——来自“泸州老窖”的案例

质量资源如何推动企业竞争优势构建已引起业界与学术界的关注,而其微观层面的内在转化机理尚未厘清。本研究从资源编排理论视角出发,将泸州老窖作为案例研究对象,对质量资源驱动企业竞争优势构建的内在转化机理进行了深入研究。研究发现:第一,质量资源助力企业竞争优势构建的过程经历了资源组合到资源捆绑再到资源撬动的三次跃升;第二,在三次跃升过程中企业质量资源的编排内在机理存在明显差异,不同质量资源编排方式下企业竞争优势转化的具体内在机理为质量资源组合驱动竞争优势结构化、质量资源捆绑实现竞争优势能力化、质量资源撬动促进竞争优势杠杆化。本研究揭示了质量资源助力企业竞争优势构建的内在机理,拓展并丰富了资源编排理论的应用领域,为企业实现质量升级提供了启发与参考。

边缘计算中支持分簇编排的应用缓存方法研究

移动边缘计算通过在距离终端更近的位置提供计算存储服务来提供更优的任务处理表现.为减少系统通信链路压力,进一步优化任务处理时延和能耗,本文首先提出了一种支持位置更新的分布式分簇编排策略,对通信区域进行分簇和簇头选取,簇头作为编排节点进行簇内管理,当有卸载任务时寻找最佳执行设备进行处理;然后基于Docker容器提出应用程序协作缓存算法,通过在存储资源丰富的设备中提前部署高频拉取的应用程序来降低任务部署延迟,从而进一步降低任务处理延迟;最后应用多接入边缘计算仿真平台进行对比实验,结果表明提出的分簇编排策略和协作缓存算法可以有效降低网络和CPU占用率,获得超低任务部署和完成时延,显著提高服务质量,并显示出强可扩展性.

核心企业数字创新生态系统构建的内在机制——基于意义建构和资源编排视角

为探究以传统制造企业为核心的数字创新生态系统构建过程,并弥补以往主要从意义建构单一认知层面探讨问题的不足,选取潍柴动力股份有限公司为研究对象,运用纵向单案例研究方法,基于意义建构与资源编排相结合的视角,探索核心企业意义建构、资源编排与数字创新生态系统构建的内在机制。结果发现:(1)意义建构及其跨层次传递是推动数字创新生态系统构建的先决条件,意义建构的形成和转变是核心企业为匹配适应环境中技术与需求变化的结果;(2)核心企业始于领导层面的跨层次意义建构及其引发的资源编排行为,以及二者的交互和协同演进是推动数字创新生态系统构建的核心机制;(3)意义建构通过资源编排获得反馈,不断对自身认知进行迭代,最终实现从生态基础搭建到生态共享,进而发展到创新生态可持续发展。从而得到启示:核心企业数字创新生态系统构建的关键驱动因素是管理者认知,同时管理者要充分重视引导高管团队、企业及企业间形成统一认知的意义给赋行为,并充分重视资源编排行为的价值。

老字号食品企业商业模式创新的形成机理研究

老字号创新是学界和业界关注的热点问题。采用资源编排理论分析成功的老字号食品企业商业模式创新的形成机理,有助于系统解析其创新发展的规律。选取北京稻香村和天津桂发祥两家典型老字号食品企业开展双案例研究,研究发现:企业家精神是推动老字号食品企业商业模式创新的根本动因,并调节其他动因对商业模式创新的作用效果;老字号食品企业商业模式创新过程中实施以老字号内核资源为核心的资源编排策略;老字号食品企业商业模式创新表现为传承与创新有机结合的多模块组合。