Computer Engineering Commons^™

Demonstrating Configuration Of Software Defined Networking In Real Wireless Testbeds, Saish Urumkar, Gianluca Fontanesi, Avishek Nag, Sachin Sharma

Conference papers

Currently, several wireless testbeds are available to test networking solutions including Fed4Fire testbeds such as w-ilab. t and CityLab in the EU, and POWDER and COSMOS in the US. In this demonstration, we use the w-ilab.t testbed to set up a wireless ad-hoc Software-Defined Network (SDN). OpenFlow is used as an SDN protocol and is deployed using a grid wireless ad-hoc topology in w-ilab.t. In this paper, we demonstrate: (1) the configuration of a wireless ad-hoc network based on w-ilab.t and (2) the automatic deployment of OpenFlow in an ad-hoc wireless network where some wireless nodes are not directly connected …

Honeypot-Based Security Enhancements For Information Systems, Javier R. Franco

FIU Electronic Theses and Dissertations

The purpose of this thesis is to explore honeypot-based security enhancements for information systems. First, we provide a comprehensive survey of the research that has been carried out on honeypots and honeynets for Internet of Things (IoT), Industrial Internet of Things (IIoT), and Cyber-physical Systems (CPS). We provide a taxonomy and extensive analysis of the existing honeypots and honeynets, state key design factors for the state-of-the-art honeypot/honeynet research and outline open issues. Second, we propose S-Pot, a smart honeypot framework based on open-source resources. S-Pot uses enterprise and IoT honeypots to attract attackers, learns from attacks via ML classifiers, and …

Cross-Atlantic Experiments On Eu-Us Test-Beds, Sachin Sharma, Avishek Nag, Byrav Ramamurthy

Articles

Today, there are a number of real testbeds worldwide among which Fed4Fire testbeds are prominent in the EU, while POWDER and COSMOS are prominent in the US. This paper aims to validate inter-testbed experiments between the EU and the US by connecting a number of Fed4Fire and US testbeds as part of an NGIAtlantic project. The goal is to compare the hop count, the topology formed, the maximum bandwidth permitted, and the loss and jitter that occurred between different testbeds. Additionally, Software Defined Networking (SDN) experiments between EU and US testbeds are conducted, and an edge-computing use case is developed …

Network Virtualization And Emulation Using Docker, Openvswitch And Mininet-Based Link Emulation, Narendra Prabhu

Masters Theses

With the advent of virtualization and artificial intelligence, research on networked systems has progressed substantially. As the technology progresses, we expect a boom in not only the systems research but also in the network of systems domain. It is paramount that we understand and develop methodologies to connect and communicate among the plethora of devices and systems that exist today. One such area is mobile ad-hoc and space communication, which further complicates the task of networking due to myriad of environmental and physical conditions. Developing and testing such systems is an important step considering the large investment required to build …

Intelligent Sdn Traffic Classification Using Deep Learning: Deep-Sdn, Ali Malik, Ruairí De Fréin, Mohammed Al-Zeyadi, Javier Andreu-Perez

Conference papers

Accurate traffic classification is fundamentally important for various network activities such as fine-grained network management and resource utilisation. Port-based approaches, deep packet inspection and machine learning are widely used techniques to classify and analyze network traffic flows. However, over the past several years, the growth of Internet traffic has been explosive due to the greatly increased number of Internet users. Therefore, both port-based and deep packet inspection approaches have become inefficient due to the exponential growth of the Internet applications that incurs high computational cost. The emerging paradigm of software-defined networking has reshaped the network architecture by detaching the control …

A Proactive-Restoration Technique For Sdns, Ali Malik, Ruairí De Fréin

Conference papers

Failure incidents result in temporarily preventing the network from delivering services properly. Such a deterioration in services called service unavailability. The traditional fault management techniques, i.e. protection and restoration, are inevitably concerned with service unavailability due to the convergence time that is required to achieve the recovery when a failure occurs. However, with the global view feature of software-defined networking a failure prediction is becoming attainable, which in turn reduces the service interruptions that originated by failures. In this paper, we propose a proactive restoration technique that reconfigure the vulnerable routes which are likely to be affected if the …

Sla-Aware Routing Strategy For Multi-Tenant Software-Defined Networks, Ali Malik, Ruairí De Fréin

Conference papers

A crucial requirement for the network service provider is to satisfy the Service Level Agreements (SLA) that it has made with its customers. Coexisting network tenants may have agreed different SLAs, and thus, the service provider must be able to provide QoS differentiation in order to meet his contractual commitments. Current one-size-fits-all routing models are not appropriate for all network tenants if their individual SLA requirements are to be efficiently met. We propose a SDN-based multi-cost routing approach which allocates network resources based on a portfolio of tenant SLA, which achieves the goal of accommodating multiple tenants, given their SLAs. …

State Acquisition In Computer Networks, Ruairí De Fréin

Conference papers

We establish that State Acquisition should be per- formed in networks at a rate which is consistent with the rate-of-change of the element or service being observed. We demonstrate that many existing monitoring and service-level prediction tools do not acquire network state in an appropriate manner. To address this challenge: (1) we define the rate-of- change of different applications; (2) we use methods for analysis of unevenly spaced time series, specifically, time series arising from video and voice applications, to estimate the rate-of-change of these services; and finally, (3) we demonstrate how to acquire network state accurately for a number …

Sd-Mcan: A Software-Defined Solution For Ip Mobility In Campus Area Networks, Adam Chase Calabrigo

Master's Theses

Campus Area Networks (CANs) are a subset of enterprise networks, comprised of a network core connecting multiple Local Area Networks (LANs) across a college campus. Traditionally, hosts connect to the CAN via a single point of attachment; however, the past decade has seen the employment of mobile computing rise dramatically. Mobile devices must obtain new Internet Protocol (IP) addresses at each LAN as they migrate, wasting address space and disrupting host services. To prevent these issues, modern CANs should support IP mobility: allowing devices to keep a single IP address as they migrate between LANs with low-latency handoffs. Traditional approaches …

Active Response Using Host-Based Intrusion Detection System And Software-Defined Networking, Jonathon S. Goodgion

Theses and Dissertations

This research proposes AHNSR: Active Host-based Network Security Response by utilizing Host-based Intrusion Detection Systems (HIDS) with Software-Defined Networking (SDN) to enhance system security by allowing dynamic active response and reconstruction from a global network topology perspective. Responses include traffic redirection, host quarantining, filtering, and more. A testable SDN-controlled network is constructed with multiple hosts, OpenFlow enabled switches, and a Floodlight controller, all linked to a custom, novel interface for the Open-Source SECurity (OSSEC) HIDS framework. OSSEC is implemented in a server-agent architecture, allowing scalability and OS independence. System effectiveness is evaluated against the following factors: alert density and a …

A Hypernet Architecture, Shufeng Huang

Theses and Dissertations--Computer Science

Network virtualization is becoming a fundamental building block of future Internet architectures. By adding networking resources into the “cloud”, it is possible for users to rent virtual routers from the underlying network infrastructure, connect them with virtual channels to form a virtual network, and tailor the virtual network (e.g., load application-specific networking protocols, libraries and software stacks on to the virtual routers) to carry out a specific task. In addition, network virtualization technology allows such special-purpose virtual networks to co-exist on the same set of network infrastructure without interfering with each other.

Although the underlying network resources needed to support …