2019 IEEE Conference on Network Softwarization (NetSoft), 2019
Software-Defined Networking (SDN) is a paradigm that enables easier network programmability based... more Software-Defined Networking (SDN) is a paradigm that enables easier network programmability based on separation between network control plane and data plane. Network Function Virtualization (NFV) is another recent technology that has enabled design, deploy, and management of softwarized networking services. The vast majority of SDN and NFV based architectures, whether they use Virtual machines (VMs) or Lightweight Virtual Machines (LVMs), are designed to program forwarding, probably the most fundamental among all network mechanisms. In this paper instead we demonstrated that there are other (as important) networking mechanisms that need programmability. In particular, we designed, implemented and extensively tested an architecture that enables policy-programmability of (live) migration of LVMs. Migration is used for maintenance, load balancing, or as a security mechanism in what is called Moving Target Defence (a virtual host migrates to hide from an attacker). Our architecture is b...
2019 4th International Conference on Computing, Communications and Security (ICCCS), 2019
Edge computing allows computationally intensive tasks to be offloaded to nearby (more) powerful s... more Edge computing allows computationally intensive tasks to be offloaded to nearby (more) powerful servers, passing through an edge network. The goal of such offloading is to reduce data-intensive application response time or energy consumption, crucial constraints in mobile and IoT devices. In challenged networked scenarios, such as those deployed by first responders after a natural or man-made disaster, it is particularly difficult to achieve high levels of throughput due to scarce network conditions. In this paper, we present an architecture for traffic management that may use deep learning to support forwarding during task offloading in these challenging scenarios. In particular, our goal is to study if and when it is worth using deep learning to route traffic generated by microservices and offloading requests in these situations. Our design is different than classical approaches that use learning since we do not train for centralized routing decisions, but we let each router learn...
Proceedings of the 16th International Conference on emerging Networking EXperiments and Technologies, 2020
The abiding attempt of automation has also pervaded computer networks, with the ability to measur... more The abiding attempt of automation has also pervaded computer networks, with the ability to measure, analyze, and control themselves in an automated manner, by reacting to changes in the environment (e.g., demand) while exploiting existing flexibilities. When provided with these features, networks are often referred to as "self-driving". Network virtualization and machine learning are the drivers. In this regard, the provision and orchestration of physical or virtual resources are crucial for both Quality of Service guarantees and cost management in the edge/cloud computing ecosystem. Auto-scaling mechanisms are hence essential to effectively manage the lifecycle of network resources. In this poster, we propose Relevant, a distributed reinforcement learning approach to enable distributed automation for network orchestrators. Our solution aims at solving the congestion control problem within Software-Defined Network infrastructures, while being mindful of the energy consumpt...
Proceedings of the 17th ACM Workshop on Hot Topics in Networks, 2018
For several years researchers have used the term "network orchestration" as a metaphor.... more For several years researchers have used the term "network orchestration" as a metaphor. In this paper, we make the metaphor reality; we describe a novel approach to network orchestration that leverages sounds to augment or replace various network management operations. We test our Music-Defined Networking approach with both a real and a virtual network testbed, on several mechanisms and applications: from datacenter server fan failure detection to authentication, from load balancing to explicit congestion notification and detection of heavy hitter flows. Our approach can be used with and without a Software-Defined Network controller. Despite its limitations, we believe that sound-based network management has potential to be further explored as an effective and inexpensive out-of-band orchestration technique.
Telepathology is the practice of digitizing histological images for transmission along telecommun... more Telepathology is the practice of digitizing histological images for transmission along telecommunication pathways for diagnosis, consultation or continuing medical education. Existing telepathology solutions are limited to offline or delay-tolerant diagnosis. In this paper we present LiveMicro, a telepathology system that, leveraging edge computing, enables multiple pathologists to collaborate on a diagnosis by allowing a remote live control of a microscope. In such environment, computation at the edge is used in three ways: (1) to allow remote users to control the microscope simultaneously, (2) to process histological image and live video, by running algorithms that recognize e.g., tumor grades, (3) to preserve privacy creating virtual shared data views. In particular, we built the first opensource edge computing based telepathology system. In our prototype, the examples of edge processing that we currently support are extraction of diagnosis-oriented features and compression of pa...
The prevailing network security measures are often implemented on proprietary appliances that are... more The prevailing network security measures are often implemented on proprietary appliances that are deployed at fixed network locations with constant capacity. Such a rigid deployment is sometimes necessary, but undermines the flexibility of security services in meeting the demands of emerging applications, such as augmented/virtual reality, autonomous driving, and 5G for industry 4.0, which are provoked by the evolution of connected and smart devices, their heterogeneity, and integration with cloud and edge computing infrastructures. To loosen these rigid security deployments, in this paper, we propose a data-centric SECurity-as-a-Service (SECaaS) framework for elastic deployment and provisioning of security services at the Multi-Access Edge Computing (MEC) infrastructure. In particular, we discuss three security services that are suitable for edge deployment: (i) an intrusion detection and prevention system (IDPS), (ii) an access control enforcement system (ACE), and (iii) a communi...
2019 IEEE Conference on Network Softwarization (NetSoft), 2019
Software-Defined Networking (SDN) is a paradigm that enables easier network programmability based... more Software-Defined Networking (SDN) is a paradigm that enables easier network programmability based on separation between network control plane and data plane. Network Function Virtualization (NFV) is another recent technology that has enabled design, deploy, and management of softwarized networking services. The vast majority of SDN and NFV based architectures, whether they use Virtual machines (VMs) or Lightweight Virtual Machines (LVMs), are designed to program forwarding, probably the most fundamental among all network mechanisms. In this paper instead we demonstrated that there are other (as important) networking mechanisms that need programmability. In particular, we designed, implemented and extensively tested an architecture that enables policy-programmability of (live) migration of LVMs. Migration is used for maintenance, load balancing, or as a security mechanism in what is called Moving Target Defence (a virtual host migrates to hide from an attacker). Our architecture is b...
2019 4th International Conference on Computing, Communications and Security (ICCCS), 2019
Edge computing allows computationally intensive tasks to be offloaded to nearby (more) powerful s... more Edge computing allows computationally intensive tasks to be offloaded to nearby (more) powerful servers, passing through an edge network. The goal of such offloading is to reduce data-intensive application response time or energy consumption, crucial constraints in mobile and IoT devices. In challenged networked scenarios, such as those deployed by first responders after a natural or man-made disaster, it is particularly difficult to achieve high levels of throughput due to scarce network conditions. In this paper, we present an architecture for traffic management that may use deep learning to support forwarding during task offloading in these challenging scenarios. In particular, our goal is to study if and when it is worth using deep learning to route traffic generated by microservices and offloading requests in these situations. Our design is different than classical approaches that use learning since we do not train for centralized routing decisions, but we let each router learn...
Proceedings of the 16th International Conference on emerging Networking EXperiments and Technologies, 2020
The abiding attempt of automation has also pervaded computer networks, with the ability to measur... more The abiding attempt of automation has also pervaded computer networks, with the ability to measure, analyze, and control themselves in an automated manner, by reacting to changes in the environment (e.g., demand) while exploiting existing flexibilities. When provided with these features, networks are often referred to as "self-driving". Network virtualization and machine learning are the drivers. In this regard, the provision and orchestration of physical or virtual resources are crucial for both Quality of Service guarantees and cost management in the edge/cloud computing ecosystem. Auto-scaling mechanisms are hence essential to effectively manage the lifecycle of network resources. In this poster, we propose Relevant, a distributed reinforcement learning approach to enable distributed automation for network orchestrators. Our solution aims at solving the congestion control problem within Software-Defined Network infrastructures, while being mindful of the energy consumpt...
Proceedings of the 17th ACM Workshop on Hot Topics in Networks, 2018
For several years researchers have used the term "network orchestration" as a metaphor.... more For several years researchers have used the term "network orchestration" as a metaphor. In this paper, we make the metaphor reality; we describe a novel approach to network orchestration that leverages sounds to augment or replace various network management operations. We test our Music-Defined Networking approach with both a real and a virtual network testbed, on several mechanisms and applications: from datacenter server fan failure detection to authentication, from load balancing to explicit congestion notification and detection of heavy hitter flows. Our approach can be used with and without a Software-Defined Network controller. Despite its limitations, we believe that sound-based network management has potential to be further explored as an effective and inexpensive out-of-band orchestration technique.
Telepathology is the practice of digitizing histological images for transmission along telecommun... more Telepathology is the practice of digitizing histological images for transmission along telecommunication pathways for diagnosis, consultation or continuing medical education. Existing telepathology solutions are limited to offline or delay-tolerant diagnosis. In this paper we present LiveMicro, a telepathology system that, leveraging edge computing, enables multiple pathologists to collaborate on a diagnosis by allowing a remote live control of a microscope. In such environment, computation at the edge is used in three ways: (1) to allow remote users to control the microscope simultaneously, (2) to process histological image and live video, by running algorithms that recognize e.g., tumor grades, (3) to preserve privacy creating virtual shared data views. In particular, we built the first opensource edge computing based telepathology system. In our prototype, the examples of edge processing that we currently support are extraction of diagnosis-oriented features and compression of pa...
The prevailing network security measures are often implemented on proprietary appliances that are... more The prevailing network security measures are often implemented on proprietary appliances that are deployed at fixed network locations with constant capacity. Such a rigid deployment is sometimes necessary, but undermines the flexibility of security services in meeting the demands of emerging applications, such as augmented/virtual reality, autonomous driving, and 5G for industry 4.0, which are provoked by the evolution of connected and smart devices, their heterogeneity, and integration with cloud and edge computing infrastructures. To loosen these rigid security deployments, in this paper, we propose a data-centric SECurity-as-a-Service (SECaaS) framework for elastic deployment and provisioning of security services at the Multi-Access Edge Computing (MEC) infrastructure. In particular, we discuss three security services that are suitable for edge deployment: (i) an intrusion detection and prevention system (IDPS), (ii) an access control enforcement system (ACE), and (iii) a communi...
Uploads
Papers by Flavio Esposito