We present multi-stratum resources integration architecture based on network function virtualization with resources integrated mapping strategy in software defined elastic data center optical interconnect. The feasibi...
详细信息
With the exponential growth of the Internet use, cyber-threats are emerging rapidly. Distributed Denial of Service (DDoS) attack is one of the most common but damaging kinds of cyberattacks. A DDoS attack to a server ...
详细信息
ISBN:
(纸本)9781467388450
With the exponential growth of the Internet use, cyber-threats are emerging rapidly. Distributed Denial of Service (DDoS) attack is one of the most common but damaging kinds of cyberattacks. A DDoS attack to a server typically prevents clients from receiving service by making the server overwhelmed with many invalid service requests. It is always a challenging problem to protect a system from DDoS attacks as it is not trivial to distinguish between an attack packet and a legitimate one. In this work, we have proposed VFence - a defense mechanism against DDoS attack that leverages the capability of the network function virtualization (NFV) architecture. NFV is the technology of virtualizing networkfunctions in virtual machines on commodity servers and it allows a flexible and dynamic implementation of the networkfunctions. Our proposed mechanism uses network agents to intercept packets when the system is potentially under attack, to verify their authenticity, and to keep the server safe by dropping illegitimate packets. Since the attack intensity often varies, our NFV-based defense framework deploys agents dynamically to balance the attack load. Our simulation results demonstrate that the mechanism can successfully defeat the DDoS attacks by having all legitimate requests served, and the increase in the server's response time is insignificant compared to that of a successful DDoS attack.
networkfunctions (NFs) in edge clouds are required to provide scalability, fault tolerance, and mobility support. They all require maintaining NF states (i.e., processing results), e.g., for recovery, especially for ...
详细信息
ISBN:
(纸本)9798350327939;9798350327946
networkfunctions (NFs) in edge clouds are required to provide scalability, fault tolerance, and mobility support. They all require maintaining NF states (i.e., processing results), e.g., for recovery, especially for stateful NFs like firewalls. Even though current solutions provide an alternative to storing states in memory, their design can support only a single requirement, either fault tolerance or scaling. Advocating the versatility, we propose StateOS - an operating system of NF states for user-defined programs supporting different requirements. Additionally, we propose a state transfer scheme, namely Divide-and-Conquer (DAC), to accelerate StateOS. The combination of DAC and StateOS demonstrates its efficiency for all three scenarios: scaling, fault tolerance, and service function chain acceleration.
network function virtualization (NFV) enables the execution of Virtual networkfunctions (VNFs) on standard commodity servers. This brings flexibility, allowing for the rapid deployment of various network services whi...
详细信息
ISBN:
(纸本)9798350327939;9798350327946
network function virtualization (NFV) enables the execution of Virtual networkfunctions (VNFs) on standard commodity servers. This brings flexibility, allowing for the rapid deployment of various network services while reducing costs. However, NFV configurations are becoming increasingly complex, necessitating experts for the setup. Intent-based network configuration has emerged as a solution to simplify NFV configuration and management. Nonetheless, it presents challenges, such as translating high-level natural language intents into low-level network configurations. In this work, we propose NFV-Intent - a system that leverages in-context learning in Large Language Models to perform the intent translation task. In-context learning enables NFV-Intent to work without retraining the Large Language Models, which is a difficult and expensive task. NFV-Intent uses a JSON template as the desired output, allowing Large Language Models to learn with a small number of examples and enabling easy verification of the configuration. Our evaluation showed that the intent can be translated into JSON configuration with high accuracy. To demonstrate the feasibility of NFV-Intent, we implemented and integrated it into the NI-testbed, our previously developed system for AI-based NFV life-cycle management.
A hazard of ongoing network function virtualization (NFV) realizations is the lack of a common understanding in support of development, deployment and operation tasks related to Virtual functionnetworks (VNFs), NFV c...
详细信息
ISBN:
(纸本)9781509051373
A hazard of ongoing network function virtualization (NFV) realizations is the lack of a common understanding in support of development, deployment and operation tasks related to Virtual functionnetworks (VNFs), NFV components and interfaces. In the current state of affairs, NFV stake-holders commonly create their own terminology to define and describe NFV components, following going the specifications led by European Telecommunications Standard Institute but also adopting telecommunication-and software-centric definitions. As a consequence, portability and interoperability goals of NFV get compromised since NFV technology providers have hard times in understanding and using definitions and descriptions across different domains. Furthermore, VNF data models of operational systems and deployment configuration software need to be re-defined, re-coded, and re-compiled to make them work over different NFV platforms. In this work, we present the design and implementation of our proposed NFV Ontology (NOn) enabling Semantic nFV Services (SnS) to reduce manual intervention during the integration process of heterogeneous NFV domains and effectively overcome the costly re-work hazards of current NFV implementation approaches. We present the proof of concept implementation of a Generic Client leveraging SnS/NOn to create and consume dynamic workflows in an open source testbed based on OpenStack and OpenBaton.
The discovery process of OPC Unified Architecture (OPC-UA) is well defined but lacks flexibility when implemented in large networks. While the standard provides concepts for local and global discovery services, the co...
详细信息
ISBN:
(纸本)9781538610664
The discovery process of OPC Unified Architecture (OPC-UA) is well defined but lacks flexibility when implemented in large networks. While the standard provides concepts for local and global discovery services, the core assumption is that all clients and servers are aware of the discovery server(s) in the network. This dependency is a barrier for Plug-and-Play installations and is overcome by self announces via the multicast Domain Name System (mDNS), however, this scales badly with an increasing number of network nodes and deployed servers. We propose a discovery approach based on Software-Defined networking (SDN) and network function virtualization (NFV), that installs a plug-and-play mechanism for global OPC-UA discovery in modern virtualized networks.
In an era of ubiquitous connectivity, various new applications, network protocols, and online services (e.g., cloud services, distributed machine learning, cryptocurrency) have been constantly creating, underpinning m...
详细信息
ISBN:
(纸本)9781728181592
In an era of ubiquitous connectivity, various new applications, network protocols, and online services (e.g., cloud services, distributed machine learning, cryptocurrency) have been constantly creating, underpinning many of our daily activities. Emerging demands for networks have led to growing traffic volume and complexity of modern networks, which heavily rely on a wide spectrum of specialized networkfunctions (e.g., Firewall, Load Balancer) for diverse purposes. Although these (virtual) networkfunctions (VNFs) are widely deployed, they are instantiated in an uncoordinated manner failing to meet growing demands of evolving networks. In this dissertation, we argue that networks equipped with VNFs can be designed in a fashion similar to how computer software is programmed today. By following the blueprint of modularization, networks can be made more efficient, secure, and manageable.
network function virtualization (NFV) can significantly reduce the operation cost and speed up the deployment for network services to markets. Under NFV, a network service is composed by a chain of ordered virtual fun...
详细信息
ISBN:
(纸本)9781450357708
network function virtualization (NFV) can significantly reduce the operation cost and speed up the deployment for network services to markets. Under NFV, a network service is composed by a chain of ordered virtual functions, or we call a "networkfunction chain." A fundamental question is when given a number of networkfunction chains, on which servers should we place these functions and how should we form a chain on these functions? This is challenging due to the intricate dependency relationship of functions and the intrinsic complex nature of the optimization. In this paper, we formulate the function placement and chaining problem as an integer optimization, where each variable is an indicator whether one service chain can be deployed on a configuration (or a possible function placement of a service chain). While this problem is generally NP-hard, our contribution is to show that it can be mapped to an exponential number of min-cost flow problems. Instead of solving all the min-cost problems, one can select a small number of mapped min-cost problems, which are likely to have a low cost. To achieve this, we relax the integer problem into a fractional linear problem, and theoretically prove that the fractional solutions possess some desirable properties, i.e., the number and the utilization of selected configurations can be upper and lower bounded, respectively. Based on such properties, we determine some "good" configurations selected from the fractional solution and determine the mapped min-cost flow problem, and this helps us to develop efficient algorithms for networkfunction placement and chaining. Via extensive simulations, we show that our algorithms significantly outperform state-of-art algorithms and achieve near-optimal performance.
The network function virtualization (NFV) initiative was launched in 2012 by the European Telecommunications Standard Institute (ETSI) and group of telecom companies and IT vendors to serve the network operators in de...
详细信息
Mobile Edge Cloud (MEC) has emerged as a promising paradigm shift from the centralized mobile cloud due to the explosive growth of edge devices and traffic volumes. network function virtualization (NFV) is a key techn...
详细信息
暂无评论