Juliano Araujo Wickboldt currently works as an Associate Professor at the Institute of Informatics of the Federal University of Rio Grande do Sul. Juliano does research in Computer Communications and Network Management. His current research interests include Software-defined Networking, Network Functions Virtualization, 5G, and IoT.
Quality of Experience (QoE) should be the driver for network orchestration in 4G networks. At the... more Quality of Experience (QoE) should be the driver for network orchestration in 4G networks. At the same time, the network must be able to cope with high bandwidth requirements from applications such as video streaming, while dealing with a large number of users. This paper proposes a network orchestrator that adjusts network parameters to improve QoE of video streaming. The orchestrator uses Device-to-Device (D2D) communication to improve user’s QoE, also reducing the demand on 4G network. The use of D2D is triggered by a machine learning engine. Experiments made in a physical testbed show an improvement on the mean horizontal video resolution from 768 to 1280 pixels, as well as a decrease of around 90% at the impact on the QoE, considering the number of video resolution changes. Finally, the demand on the network backhaul is decreased by around 38%.
The use of IoT-related technologies is growing in several areas. Applications of environmental mo... more The use of IoT-related technologies is growing in several areas. Applications of environmental monitoring, logistics, smart cities are examples of applications that benefit from advances in IoT. In the military context, IoT applications can support the decision-making process by delivering information collected directly from the battlefield to Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) systems. Taking the benefit of the installed IoT network in the battlefield, the use of the data collected by the IoT nodes is a way to improve resiliency and increase the survivability of networks, as well as to optimize the use of available resources. Towards improving the communication network present on the battlefield, this work presents a contextaware environmental monitoring system that uses real-time battlefield information to increase military networks’ resilience and survivability. The proposed approach is validated by a proof-of-concep...
Currently, many investigations addressed SDN management
considering using monitoring information ... more Currently, many investigations addressed SDN management considering using monitoring information for different purposes. Zhang [1] used monitoring information to develop algorithms for anomaly detection and traffic engineering. Jose et al. [2] used the same monitoring information to propose mechanisms for online measurement of large traffic aggregates. Yu et al. [3] proposed FlowSense, which is aimed to keep the lowest control channel overhead and the highest information accuracy as possible in OpenFlow monitoring. Chowdhury et al. addressed SDN monitoring from a different perspective. The authors proposed Payless [4] framework that is able to deal with monitoring considering the polling frequency and data granularity. Payless relies on OpenTM [5] to select only important switches to be monitored, also aiming to reduce the overhead imposed in the control channel. Thus, this framework allows to adjust the polling frequency parameter to balance the control channel overhead, imposed by monitoring messages, and accuracy of monitored information. The aforementioned proposals are focused on the use of monitoring information to automate tasks, such as reducing control traffic overhead and protecting the network. No previous investigation aims to employ monitoring information to help the administrator understanding the network behavior nor interact with it. To the best of our knowledge, there are no solutions that leverage OpenFlow monitoring messages to create network visualizations and address the interactive configuration of SDN-related parameters. Before presenting how we approached such a problem, we present our motivation and all objectives to archieve with our propototype, focusing on didactly detach important central points of our solution.
In this work we report the experience of adding a high availability solution to an IaaS (Infrastr... more In this work we report the experience of adding a high availability solution to an IaaS (Infrastructure as a Service) cloud platform called Aurora. The proposed solution is based on the multi-master replication of the cloud manager, replicas form a cluster of cloud managers running on multiple datacenters. The implementation also includes a monitoring service for the replicas. The high availability solution is fully integrated to the cloud platform so that activation is done directly by pushing a button of the Graphical User Interface. The performance and robustness of the proposed solution were evaluated experimentally. The time to (1) incorporate a new manager instance to a cluster; (2) recover an instance after a failure and (3) replicate data in different scenarios were measured and are reported in this paper. The impact of the proposed solution cost is evaluated by measuring CPU and network usage. A stress test in which the link delay between two datacenters grows up to the operating limit of the replication solution is also reported. Finally, we present a table for the system availability as a function of the MTBF (Mean Time Between Failures).
Dynamic Cloud Radio Access Network (Dynamic C-RAN) is an architecture wireless that aims benefits... more Dynamic Cloud Radio Access Network (Dynamic C-RAN) is an architecture wireless that aims benefits such as flexibility and agility to new five generation (5G) network. In Dynamic C-RAN, the radio functions processing is distributed along of a hierarchical of clouds. Network Functions Virtualiza-tion has been investigated the facilities to employ this wireless functions. NFV offers orchestration of split of radio functions into Virtualized Network Functions (VNF). The orchestrator needs to consider strict requirements of C-RAN between distributed components of VNF to get real earnings. In this work, we propose a detailed evaluation of Maestro-an NFV orchestrator for wireless environments aware VNF composition. We evaluate Maestro through of linear model programming, considering the effectiveness and orchestration overhead for deciding the best place to VNF components. In addition, we evaluate the trade-off between network data rate and time to generate the placement of components .
Software-Defined Networks (SDN) based on Openflow protocol perform data forwarding through flow t... more Software-Defined Networks (SDN) based on Openflow protocol perform data forwarding through flow tables using match/action mechanisms. These tables have limited rules storage capacity, restricting network scalabi-lity and performance. Considering these restrictions, the main strategies for managing spatial domain rules, i.e., flow agregation and multiple flow tables, are promising to use the available storage space of the tables. These strategies impact packet processing in different ways, influencing the performance of the forwarding devices and the network. In spite of the impact, the comparison between flow aggregation and multiple flow tables is poorly exploited, leaving open the definition of which strategy is more appropriate for a network considering its topology and workload. In this article a quantitative characterization is proposed, defining the gains brought by these spatial domain strategies for forwarding devices and in different topologies.
—Datacenter operators are increasingly deploying vir-tualization platforms to improve resource us... more —Datacenter operators are increasingly deploying vir-tualization platforms to improve resource usage efficiency and to simplify the management of tenant applications. Although there are significant efficiency gains to be made, predicting performance becomes a major challenge, especially given the difficulty of allocating datacenter network bandwidth to multitier applications, which generate highly variable traffic flows between their constituent software components. Static bandwidth allocation based on peak traffic rates ensures SLA compliance at the cost of significant overprovisioning, while allocation based on mean traffic rates ensures efficient usage of bandwidth at the cost of QoS violations. We describe MAPLE, a network-aware VM ensemble placement system that uses empirical estimations of the effective bandwidth required between servers to ensure that QoS violations are within targets specified in the SLAs for tenant applications. Moreover, we describe an extended version of MAPLE, termed MAPLEx, which allows the specification of anticolocation constraints relating to the placement of application VMs. Experimental results, obtained using an emulated datacenter, show that, in contrast to the Oktopus network-aware VM placement system, MAPLE can allocate computing and network resources in a manner that balances efficiency of resource utilization with performance predictability.
— Power systems are undergoing an intense process of modernization, and becoming highly dependent... more — Power systems are undergoing an intense process of modernization, and becoming highly dependent on networked systems used to monitor and manage system components. These so-called Smart Grids comprise energy generation, transmission, and distribution subsystems, which are monitored and managed by Supervisory Control and Data Acquisition (SCADA) systems. In this paper, we discuss the benefits of using Software-Defined Networking (SDN) to assist in the deployment of next generation SCADA systems. We also present a specific Network-Based Intrusion Detection System (NIDS) for SDN-based SCADA systems, which uses SDN to capture network information and is responsible for monitoring the communication between power grid components. Our approach relies on SDN to periodically gather statistics from network devices, which are then processed by One-Class Classification (OCC) algorithms. Given that attack traces in SCADA networks are scarce and not publicly disclosed by utility companies, the main advantage of using OCC algorithms is that they do not depend on known attack signatures to detect possible malicious traffic. Our results indicate that OCC algorithms achieve an approximate accuracy of 98% and can be effectively used to detect cyber-attacks targeted against SCADA systems.
—Smart grids and smart homes improve energy management by coupling communication capabilities to ... more —Smart grids and smart homes improve energy management by coupling communication capabilities to their devices. Due to computational constraints of these devices, employment of simplified communication protocols is necessary. In this paper, we investigate the use of communication protocols based on CoAP and 6LoWPAN in smart home environments. Specifically, we analyze the vulnerabilities a smart home employing CoAP and 6LoWPAN may be susceptible to. We also present a performance analysis of the use of these protocols for ensuring secure communications in smart homes.
— Visualization means the use of Information Vi-sualization (InfoVis) techniques to augment human... more — Visualization means the use of Information Vi-sualization (InfoVis) techniques to augment human cognitive capacity to support users tasks more efficiently. According to the current literature, visualization is a relevant requirement to support the management of Software-Defined Networking (SDN). For example, visualization can help network administrators in everyday tasks such as in the identification of traffic patterns, or in the implementation and test of new networking services. However, in most cases, network administrators are unskilled on InfoVis, which makes them naturally reluctant in the use of visualizations. Also, building up visualizations from scratch can spend a significant amount of effort, which directly impacts on the increase of cost and the decrease of administrators' productivity. Thus, in this paper, we introduce a reuse-based approach to facilitating the employment of visualizations in the SDN context with the focus on improving productivity and reduce costs. We developed a prototype to evaluate and demonstrate the feasibility of our approach. The obtained results to one of the usage scenarios show, for example, that our solution can decrease in 264 hours the administrators' workload (i.e., around U$ 9,976.56) when employing visualizations in daily tasks.
— Software-Defined Networking (SDN) permits centralizing part of the decision-logic in controller... more — Software-Defined Networking (SDN) permits centralizing part of the decision-logic in controller devices. Thus, controllers can have an overall view of the network, assisting network programmers to configure network-wide services. Despite this, the behavior of network devices and their configurations are often written for specific situations directly in the controller. As an alternative, techniques such as Policy-Based Network Management (PBNM) can be used by business-level operators to write Service Level Agreements (SLAs) in a user-friendly interface without the need to change the code implemented in the controllers. In this paper, we introduce a framework for Policy Authoring to (i) facilitate the specification of business-level goals and (ii) automate the translation of these goals into the configuration of system-level components in an SDN. We use information from the network infrastructure obtained through SDN features and logic reasoning for analyzing policy objectives. As a result, experiments demonstrate that the framework performs well even when increasing the number of expressions in an SLA or increasing the size of the repository.
—Power grids are responsible for the transmission and distribution of electricity to end-users. T... more —Power grids are responsible for the transmission and distribution of electricity to end-users. These systems are undergoing a modernization process through the use of Information and Communication Technology (ICT), transforming the electric system into Smart Grids. In this context, Supervisory Control and Data Acquisition (SCADA) systems are responsible for the management and monitoring of substations and field devices. In this paper, we investigate the use of SDN as an approach to assist in the modernization of SCADA systems. We discuss its possible benefits, such as simplified management of power system resources. Moreover, SDN can facilitate the creation of new network applications that previously, with traditional networks, were more complex to be implemented. To illustrate the benefits of the use of SDN in SCADA, we designed a mechanism that aims to prevent a possible eavesdropper from fully capturing communication flows between SCADA components. The mechanism was implemented as an SDN-based application for SCADA systems that uses multipath routing, which relies on SDN features to frequently modify communication routes between SCADA devices. Further, we performed an experimental evaluation to verify the impact and performance of the mechanism in the SCADA network.
—Software-Defined Networking (SDN) is an emerging paradigm that arguably facilitates network inno... more —Software-Defined Networking (SDN) is an emerging paradigm that arguably facilitates network innovation and simplifies network management. However, in the context of SDN, management activities, such as monitoring, visualization, and configuration can be considerably different from traditional networks. An SDN controller, for example, can be customized by network administrators according to their needs. Such cus-tomizations might pose an impact on resource consumption and traffic forwarding performance, which is difficult to assess without an SDN-devoted management system. In this paper, we initially present an analysis of control traffic in SDN aiming to better understand the impact of the communication between the controller and forwarding devices. Afterwards, we propose an interactive approach to SDN management through monitoring, visualization, and configuration that includes the administrator in the management loop. To show the feasibility of our approach a prototype has been developed. The results obtained with this prototype show that our approach can help the administrator to better understand the impact of configuring SDN-related parameters on the overall network performance.
—In programmable virtual networks, simple tasks, like installing software, can be extremely compl... more —In programmable virtual networks, simple tasks, like installing software, can be extremely complex. This complexity occurs mainly because the code transfer and initial functional settings in network execution environments are not automated. In addition, the same tasks have different requirements in each service lifecycle stage. In this sense, we propose the App2net platform for enabling the transfer and configuration of network applications in programmable virtual networks that use heterogeneous execution environments. We also propose a taxonomy for grouping code transfer techniques and, based on such techniques, we develop models for code transfer. A prototype has been implemented and tested on realistic network topologies commonly found on the Internet. Results allow us to identify which models improve code transfer consuming fewer resources, regarding service lifecycle stages and network topologies.
—Software-Defined Networking (SDN) provides a sophisticated and accurate solution for managing ne... more —Software-Defined Networking (SDN) provides a sophisticated and accurate solution for managing network traffic. SDN logically centralizes, in devices called controllers, part of the decision-making logic of flow processing and packet routing. The whole network is controlled according to rules written and deployed in the controller device. However, the large amount of network devices, links, and services also gives rise to a large number of rules to be managed in the controller. Policy-Based Network Management (PBNM) can be used to manage complex network infrastructures through policies rather than specifying device-by-device configurations. Particularly, policy refinement techniques can be used to automatically translate high-level policies into a set of low-level ones. In this paper, we define a formal representation of high-level SLA policies using Event Calculus (EC) and apply logical reasoning to model both the system behavior and the policy refinement process for SDN management. We also describe the implementation of this formal model in Prolog, which enables the automatic inference of low-level policies from high-level ones, and present evaluation results.
The fifth generation (5G) cellular infrastructure is envisaged as a dense and heterogeneous deplo... more The fifth generation (5G) cellular infrastructure is envisaged as a dense and heterogeneous deployment of small cells overlapping with existing macrocells in the Radio Access Network (RAN). Densification and heterogeneity, however, pose new challenges such as dealing with interference, accommodating massive signaling traffic, and managing increased energy consumption. Heterogeneous Cloud Radio Access Networks (H-CRAN) emerges as a candidate architecture for a sustainable deployment of 5G. In addition, the application of SDN concepts to wireless environments motivated recent research in the so-called Software-Defined Wireless Networking (SDWN). In this article, we discuss how SDWN can support the development of a flexible, programmable, and sustainable infrastructure for 5G. We also present a case study based on SDWN to perform frequency assignment, interference, and handover control in an H-CRAN environment. Results allow the establishment of a tradeoff between wireless communication capacity gains and signaling overhead added by the employment of SDWN concepts to H-CRAN.
Abstract Planning is a fundamental sub-process of the overarching Information Technology (IT) cha... more Abstract Planning is a fundamental sub-process of the overarching Information Technology (IT) change management process, proposed by the Information Technology Infrastructure Library to help organizations to deploy and maintain IT services in an effective and efficient way. A major issue behind IT change planning and of special importance for the alignment of changes with business objectives/constraints-the adequate projection of which human resources to assign to change activities-has not been properly addressed in previous ...
12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, 2011
ABSTRACT There is an intuitive notion that the costs associated with project support actions, cur... more ABSTRACT There is an intuitive notion that the costs associated with project support actions, currently deemed too high and increasing, are directly related to the effort spent during their development and test phases. Despite the importance of systematically characterizing and understanding this relationship, little has been done in this realm mainly due to the lack of proper tooling for both sharing information between IT project phases and learning from past experiences. To tackle this issue, in this paper we propose a solution that, leveraging existing IT project lifecycle data, is able to predict support costs. The solution has been evaluated through a case study based on the ISBSG dataset, producing correct estimates for more than 80% of the assessed scenarios.
Quality of Experience (QoE) should be the driver for network orchestration in 4G networks. At the... more Quality of Experience (QoE) should be the driver for network orchestration in 4G networks. At the same time, the network must be able to cope with high bandwidth requirements from applications such as video streaming, while dealing with a large number of users. This paper proposes a network orchestrator that adjusts network parameters to improve QoE of video streaming. The orchestrator uses Device-to-Device (D2D) communication to improve user’s QoE, also reducing the demand on 4G network. The use of D2D is triggered by a machine learning engine. Experiments made in a physical testbed show an improvement on the mean horizontal video resolution from 768 to 1280 pixels, as well as a decrease of around 90% at the impact on the QoE, considering the number of video resolution changes. Finally, the demand on the network backhaul is decreased by around 38%.
The use of IoT-related technologies is growing in several areas. Applications of environmental mo... more The use of IoT-related technologies is growing in several areas. Applications of environmental monitoring, logistics, smart cities are examples of applications that benefit from advances in IoT. In the military context, IoT applications can support the decision-making process by delivering information collected directly from the battlefield to Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance (C4ISR) systems. Taking the benefit of the installed IoT network in the battlefield, the use of the data collected by the IoT nodes is a way to improve resiliency and increase the survivability of networks, as well as to optimize the use of available resources. Towards improving the communication network present on the battlefield, this work presents a contextaware environmental monitoring system that uses real-time battlefield information to increase military networks’ resilience and survivability. The proposed approach is validated by a proof-of-concep...
Currently, many investigations addressed SDN management
considering using monitoring information ... more Currently, many investigations addressed SDN management considering using monitoring information for different purposes. Zhang [1] used monitoring information to develop algorithms for anomaly detection and traffic engineering. Jose et al. [2] used the same monitoring information to propose mechanisms for online measurement of large traffic aggregates. Yu et al. [3] proposed FlowSense, which is aimed to keep the lowest control channel overhead and the highest information accuracy as possible in OpenFlow monitoring. Chowdhury et al. addressed SDN monitoring from a different perspective. The authors proposed Payless [4] framework that is able to deal with monitoring considering the polling frequency and data granularity. Payless relies on OpenTM [5] to select only important switches to be monitored, also aiming to reduce the overhead imposed in the control channel. Thus, this framework allows to adjust the polling frequency parameter to balance the control channel overhead, imposed by monitoring messages, and accuracy of monitored information. The aforementioned proposals are focused on the use of monitoring information to automate tasks, such as reducing control traffic overhead and protecting the network. No previous investigation aims to employ monitoring information to help the administrator understanding the network behavior nor interact with it. To the best of our knowledge, there are no solutions that leverage OpenFlow monitoring messages to create network visualizations and address the interactive configuration of SDN-related parameters. Before presenting how we approached such a problem, we present our motivation and all objectives to archieve with our propototype, focusing on didactly detach important central points of our solution.
In this work we report the experience of adding a high availability solution to an IaaS (Infrastr... more In this work we report the experience of adding a high availability solution to an IaaS (Infrastructure as a Service) cloud platform called Aurora. The proposed solution is based on the multi-master replication of the cloud manager, replicas form a cluster of cloud managers running on multiple datacenters. The implementation also includes a monitoring service for the replicas. The high availability solution is fully integrated to the cloud platform so that activation is done directly by pushing a button of the Graphical User Interface. The performance and robustness of the proposed solution were evaluated experimentally. The time to (1) incorporate a new manager instance to a cluster; (2) recover an instance after a failure and (3) replicate data in different scenarios were measured and are reported in this paper. The impact of the proposed solution cost is evaluated by measuring CPU and network usage. A stress test in which the link delay between two datacenters grows up to the operating limit of the replication solution is also reported. Finally, we present a table for the system availability as a function of the MTBF (Mean Time Between Failures).
Dynamic Cloud Radio Access Network (Dynamic C-RAN) is an architecture wireless that aims benefits... more Dynamic Cloud Radio Access Network (Dynamic C-RAN) is an architecture wireless that aims benefits such as flexibility and agility to new five generation (5G) network. In Dynamic C-RAN, the radio functions processing is distributed along of a hierarchical of clouds. Network Functions Virtualiza-tion has been investigated the facilities to employ this wireless functions. NFV offers orchestration of split of radio functions into Virtualized Network Functions (VNF). The orchestrator needs to consider strict requirements of C-RAN between distributed components of VNF to get real earnings. In this work, we propose a detailed evaluation of Maestro-an NFV orchestrator for wireless environments aware VNF composition. We evaluate Maestro through of linear model programming, considering the effectiveness and orchestration overhead for deciding the best place to VNF components. In addition, we evaluate the trade-off between network data rate and time to generate the placement of components .
Software-Defined Networks (SDN) based on Openflow protocol perform data forwarding through flow t... more Software-Defined Networks (SDN) based on Openflow protocol perform data forwarding through flow tables using match/action mechanisms. These tables have limited rules storage capacity, restricting network scalabi-lity and performance. Considering these restrictions, the main strategies for managing spatial domain rules, i.e., flow agregation and multiple flow tables, are promising to use the available storage space of the tables. These strategies impact packet processing in different ways, influencing the performance of the forwarding devices and the network. In spite of the impact, the comparison between flow aggregation and multiple flow tables is poorly exploited, leaving open the definition of which strategy is more appropriate for a network considering its topology and workload. In this article a quantitative characterization is proposed, defining the gains brought by these spatial domain strategies for forwarding devices and in different topologies.
—Datacenter operators are increasingly deploying vir-tualization platforms to improve resource us... more —Datacenter operators are increasingly deploying vir-tualization platforms to improve resource usage efficiency and to simplify the management of tenant applications. Although there are significant efficiency gains to be made, predicting performance becomes a major challenge, especially given the difficulty of allocating datacenter network bandwidth to multitier applications, which generate highly variable traffic flows between their constituent software components. Static bandwidth allocation based on peak traffic rates ensures SLA compliance at the cost of significant overprovisioning, while allocation based on mean traffic rates ensures efficient usage of bandwidth at the cost of QoS violations. We describe MAPLE, a network-aware VM ensemble placement system that uses empirical estimations of the effective bandwidth required between servers to ensure that QoS violations are within targets specified in the SLAs for tenant applications. Moreover, we describe an extended version of MAPLE, termed MAPLEx, which allows the specification of anticolocation constraints relating to the placement of application VMs. Experimental results, obtained using an emulated datacenter, show that, in contrast to the Oktopus network-aware VM placement system, MAPLE can allocate computing and network resources in a manner that balances efficiency of resource utilization with performance predictability.
— Power systems are undergoing an intense process of modernization, and becoming highly dependent... more — Power systems are undergoing an intense process of modernization, and becoming highly dependent on networked systems used to monitor and manage system components. These so-called Smart Grids comprise energy generation, transmission, and distribution subsystems, which are monitored and managed by Supervisory Control and Data Acquisition (SCADA) systems. In this paper, we discuss the benefits of using Software-Defined Networking (SDN) to assist in the deployment of next generation SCADA systems. We also present a specific Network-Based Intrusion Detection System (NIDS) for SDN-based SCADA systems, which uses SDN to capture network information and is responsible for monitoring the communication between power grid components. Our approach relies on SDN to periodically gather statistics from network devices, which are then processed by One-Class Classification (OCC) algorithms. Given that attack traces in SCADA networks are scarce and not publicly disclosed by utility companies, the main advantage of using OCC algorithms is that they do not depend on known attack signatures to detect possible malicious traffic. Our results indicate that OCC algorithms achieve an approximate accuracy of 98% and can be effectively used to detect cyber-attacks targeted against SCADA systems.
—Smart grids and smart homes improve energy management by coupling communication capabilities to ... more —Smart grids and smart homes improve energy management by coupling communication capabilities to their devices. Due to computational constraints of these devices, employment of simplified communication protocols is necessary. In this paper, we investigate the use of communication protocols based on CoAP and 6LoWPAN in smart home environments. Specifically, we analyze the vulnerabilities a smart home employing CoAP and 6LoWPAN may be susceptible to. We also present a performance analysis of the use of these protocols for ensuring secure communications in smart homes.
— Visualization means the use of Information Vi-sualization (InfoVis) techniques to augment human... more — Visualization means the use of Information Vi-sualization (InfoVis) techniques to augment human cognitive capacity to support users tasks more efficiently. According to the current literature, visualization is a relevant requirement to support the management of Software-Defined Networking (SDN). For example, visualization can help network administrators in everyday tasks such as in the identification of traffic patterns, or in the implementation and test of new networking services. However, in most cases, network administrators are unskilled on InfoVis, which makes them naturally reluctant in the use of visualizations. Also, building up visualizations from scratch can spend a significant amount of effort, which directly impacts on the increase of cost and the decrease of administrators' productivity. Thus, in this paper, we introduce a reuse-based approach to facilitating the employment of visualizations in the SDN context with the focus on improving productivity and reduce costs. We developed a prototype to evaluate and demonstrate the feasibility of our approach. The obtained results to one of the usage scenarios show, for example, that our solution can decrease in 264 hours the administrators' workload (i.e., around U$ 9,976.56) when employing visualizations in daily tasks.
— Software-Defined Networking (SDN) permits centralizing part of the decision-logic in controller... more — Software-Defined Networking (SDN) permits centralizing part of the decision-logic in controller devices. Thus, controllers can have an overall view of the network, assisting network programmers to configure network-wide services. Despite this, the behavior of network devices and their configurations are often written for specific situations directly in the controller. As an alternative, techniques such as Policy-Based Network Management (PBNM) can be used by business-level operators to write Service Level Agreements (SLAs) in a user-friendly interface without the need to change the code implemented in the controllers. In this paper, we introduce a framework for Policy Authoring to (i) facilitate the specification of business-level goals and (ii) automate the translation of these goals into the configuration of system-level components in an SDN. We use information from the network infrastructure obtained through SDN features and logic reasoning for analyzing policy objectives. As a result, experiments demonstrate that the framework performs well even when increasing the number of expressions in an SLA or increasing the size of the repository.
—Power grids are responsible for the transmission and distribution of electricity to end-users. T... more —Power grids are responsible for the transmission and distribution of electricity to end-users. These systems are undergoing a modernization process through the use of Information and Communication Technology (ICT), transforming the electric system into Smart Grids. In this context, Supervisory Control and Data Acquisition (SCADA) systems are responsible for the management and monitoring of substations and field devices. In this paper, we investigate the use of SDN as an approach to assist in the modernization of SCADA systems. We discuss its possible benefits, such as simplified management of power system resources. Moreover, SDN can facilitate the creation of new network applications that previously, with traditional networks, were more complex to be implemented. To illustrate the benefits of the use of SDN in SCADA, we designed a mechanism that aims to prevent a possible eavesdropper from fully capturing communication flows between SCADA components. The mechanism was implemented as an SDN-based application for SCADA systems that uses multipath routing, which relies on SDN features to frequently modify communication routes between SCADA devices. Further, we performed an experimental evaluation to verify the impact and performance of the mechanism in the SCADA network.
—Software-Defined Networking (SDN) is an emerging paradigm that arguably facilitates network inno... more —Software-Defined Networking (SDN) is an emerging paradigm that arguably facilitates network innovation and simplifies network management. However, in the context of SDN, management activities, such as monitoring, visualization, and configuration can be considerably different from traditional networks. An SDN controller, for example, can be customized by network administrators according to their needs. Such cus-tomizations might pose an impact on resource consumption and traffic forwarding performance, which is difficult to assess without an SDN-devoted management system. In this paper, we initially present an analysis of control traffic in SDN aiming to better understand the impact of the communication between the controller and forwarding devices. Afterwards, we propose an interactive approach to SDN management through monitoring, visualization, and configuration that includes the administrator in the management loop. To show the feasibility of our approach a prototype has been developed. The results obtained with this prototype show that our approach can help the administrator to better understand the impact of configuring SDN-related parameters on the overall network performance.
—In programmable virtual networks, simple tasks, like installing software, can be extremely compl... more —In programmable virtual networks, simple tasks, like installing software, can be extremely complex. This complexity occurs mainly because the code transfer and initial functional settings in network execution environments are not automated. In addition, the same tasks have different requirements in each service lifecycle stage. In this sense, we propose the App2net platform for enabling the transfer and configuration of network applications in programmable virtual networks that use heterogeneous execution environments. We also propose a taxonomy for grouping code transfer techniques and, based on such techniques, we develop models for code transfer. A prototype has been implemented and tested on realistic network topologies commonly found on the Internet. Results allow us to identify which models improve code transfer consuming fewer resources, regarding service lifecycle stages and network topologies.
—Software-Defined Networking (SDN) provides a sophisticated and accurate solution for managing ne... more —Software-Defined Networking (SDN) provides a sophisticated and accurate solution for managing network traffic. SDN logically centralizes, in devices called controllers, part of the decision-making logic of flow processing and packet routing. The whole network is controlled according to rules written and deployed in the controller device. However, the large amount of network devices, links, and services also gives rise to a large number of rules to be managed in the controller. Policy-Based Network Management (PBNM) can be used to manage complex network infrastructures through policies rather than specifying device-by-device configurations. Particularly, policy refinement techniques can be used to automatically translate high-level policies into a set of low-level ones. In this paper, we define a formal representation of high-level SLA policies using Event Calculus (EC) and apply logical reasoning to model both the system behavior and the policy refinement process for SDN management. We also describe the implementation of this formal model in Prolog, which enables the automatic inference of low-level policies from high-level ones, and present evaluation results.
The fifth generation (5G) cellular infrastructure is envisaged as a dense and heterogeneous deplo... more The fifth generation (5G) cellular infrastructure is envisaged as a dense and heterogeneous deployment of small cells overlapping with existing macrocells in the Radio Access Network (RAN). Densification and heterogeneity, however, pose new challenges such as dealing with interference, accommodating massive signaling traffic, and managing increased energy consumption. Heterogeneous Cloud Radio Access Networks (H-CRAN) emerges as a candidate architecture for a sustainable deployment of 5G. In addition, the application of SDN concepts to wireless environments motivated recent research in the so-called Software-Defined Wireless Networking (SDWN). In this article, we discuss how SDWN can support the development of a flexible, programmable, and sustainable infrastructure for 5G. We also present a case study based on SDWN to perform frequency assignment, interference, and handover control in an H-CRAN environment. Results allow the establishment of a tradeoff between wireless communication capacity gains and signaling overhead added by the employment of SDWN concepts to H-CRAN.
Abstract Planning is a fundamental sub-process of the overarching Information Technology (IT) cha... more Abstract Planning is a fundamental sub-process of the overarching Information Technology (IT) change management process, proposed by the Information Technology Infrastructure Library to help organizations to deploy and maintain IT services in an effective and efficient way. A major issue behind IT change planning and of special importance for the alignment of changes with business objectives/constraints-the adequate projection of which human resources to assign to change activities-has not been properly addressed in previous ...
12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, 2011
ABSTRACT There is an intuitive notion that the costs associated with project support actions, cur... more ABSTRACT There is an intuitive notion that the costs associated with project support actions, currently deemed too high and increasing, are directly related to the effort spent during their development and test phases. Despite the importance of systematically characterizing and understanding this relationship, little has been done in this realm mainly due to the lack of proper tooling for both sharing information between IT project phases and learning from past experiences. To tackle this issue, in this paper we propose a solution that, leveraging existing IT project lifecycle data, is able to predict support costs. The solution has been evaluated through a case study based on the ISBSG dataset, producing correct estimates for more than 80% of the assessed scenarios.
Software-Defined Networking (SDN) provides a more sophisticated and
flexible architecture for man... more Software-Defined Networking (SDN) provides a more sophisticated and flexible architecture for managing andmonitoring network traffic. SDN moves part of the decision-making logic (i.e., flow processing and packetrouting) from network devices into a logically centralized controller. However, the expected behavior andconfiguration of network devices are often defined directly in the controller as static rules for specific situations. This approach becomes an issue when associated with an increasing number of network elements, links, and services, resulting in a large amount of rules and a high overhead related to network configuration. As an alternative, techniques such as Policy-Based Network Management (PBNM) and more specifically policy refinement can be used by operators to write Service Level Agreements (SLAs) in a user-friendly interfacewithout the need to manually reconfigure each network device. To address these issues, we specifically introduce ARKHAM: an Advanced Refinement Toolkit for Handling SLAs in SDN. In this article, we present (i) a policy authoring framework that uses logical reasoning for the specification of business-level goals and to automate their refinement; (ii) an OpenFlow controller which performs information gathering and configuration deployment; (iii) a policy repository that stores information about the behavior of the infrastructure, which is obtained by the OpenFlow Controller, and policy authoring operations; and (iv) a formal representation using event calculusthat describes our solution. The main contributions of this work are (i) the capacity to deploy refined policies with minimal human intervention; (ii) analysis of the infrastructure's ability to fulfill there requirements of high-level policies; (iii), decreased amount of network rules coded into the controller; and (iv) management and deployment of new rules with minimal disruption to the network. The experimental results demonstrate that the refinement toolkit achieves the expected results within acceptable performance bounds, even with the increasing complexity and size of SLAs, network topologies, and repositories
—Dynamic Cloud Radio Access Network (Dynamic C-RAN) is an emerging wireless architecture that aim... more —Dynamic Cloud Radio Access Network (Dynamic C-RAN) is an emerging wireless architecture that aims for flexibility, business agility, adaptability, among other benefits. In a Dynamic C-RAN, wireless functionalities can be split into smaller components and distributed along a hierarchical cloud infrastructure. Network Functions Virtualization (NFV) concepts have been recently investigated to facilitate management-related operations of these wireless functionalities. Despite the many advocated advantages of the function's splitting and the effectiveness of NFV orchestration solutions, both academia and industry are considering Virtualized Network Functions (VNF)s as atomic elements, disregarding the potential advantages of splitting VNFs into several different components. Aiming to improve VNF orchestration in Dynamic C-RAN scenarios, in this paper we propose Maestro: an NFV orchestrator for wireless environments that is able to decide among several possible VNF compositions which are more suitable for each situation. Maestro is designed to operate using different decision mechanisms that can be defined based on network operators' needs. We evaluate the effectiveness of our proposal by modeling the orchestrator's decision mechanism as a linear programming problem. Thus, we show how fronthaul bandwidth consumption can be reduced threefold considering different VNF compositions against atomic VNF placement.
Uploads
Papers by Juliano Wickboldt
considering using monitoring information for different
purposes. Zhang [1] used monitoring information to develop
algorithms for anomaly detection and traffic engineering. Jose
et al. [2] used the same monitoring information to propose
mechanisms for online measurement of large traffic aggregates.
Yu et al. [3] proposed FlowSense, which is aimed to keep the
lowest control channel overhead and the highest information
accuracy as possible in OpenFlow monitoring. Chowdhury et
al. addressed SDN monitoring from a different perspective.
The authors proposed Payless [4] framework that is able to
deal with monitoring considering the polling frequency and
data granularity. Payless relies on OpenTM [5] to select only
important switches to be monitored, also aiming to reduce the
overhead imposed in the control channel. Thus, this framework
allows to adjust the polling frequency parameter to balance the
control channel overhead, imposed by monitoring messages,
and accuracy of monitored information.
The aforementioned proposals are focused on the use of
monitoring information to automate tasks, such as reducing
control traffic overhead and protecting the network. No previous
investigation aims to employ monitoring information
to help the administrator understanding the network behavior
nor interact with it. To the best of our knowledge, there are
no solutions that leverage OpenFlow monitoring messages
to create network visualizations and address the interactive
configuration of SDN-related parameters. Before presenting
how we approached such a problem, we present our motivation
and all objectives to archieve with our propototype, focusing
on didactly detach important central points of our solution.
considering using monitoring information for different
purposes. Zhang [1] used monitoring information to develop
algorithms for anomaly detection and traffic engineering. Jose
et al. [2] used the same monitoring information to propose
mechanisms for online measurement of large traffic aggregates.
Yu et al. [3] proposed FlowSense, which is aimed to keep the
lowest control channel overhead and the highest information
accuracy as possible in OpenFlow monitoring. Chowdhury et
al. addressed SDN monitoring from a different perspective.
The authors proposed Payless [4] framework that is able to
deal with monitoring considering the polling frequency and
data granularity. Payless relies on OpenTM [5] to select only
important switches to be monitored, also aiming to reduce the
overhead imposed in the control channel. Thus, this framework
allows to adjust the polling frequency parameter to balance the
control channel overhead, imposed by monitoring messages,
and accuracy of monitored information.
The aforementioned proposals are focused on the use of
monitoring information to automate tasks, such as reducing
control traffic overhead and protecting the network. No previous
investigation aims to employ monitoring information
to help the administrator understanding the network behavior
nor interact with it. To the best of our knowledge, there are
no solutions that leverage OpenFlow monitoring messages
to create network visualizations and address the interactive
configuration of SDN-related parameters. Before presenting
how we approached such a problem, we present our motivation
and all objectives to archieve with our propototype, focusing
on didactly detach important central points of our solution.
flexible architecture for managing andmonitoring network traffic. SDN moves part of the decision-making logic (i.e.,
flow processing and packetrouting) from network devices into a logically centralized controller. However, the expected behavior andconfiguration of network devices are often defined directly in the controller as static rules for specific situations.
This approach becomes an issue when associated with an increasing number of network elements, links, and
services, resulting in a large amount of rules and a high overhead related to network configuration. As an
alternative, techniques such as Policy-Based Network Management (PBNM) and more specifically policy refinement can be used by operators to write Service Level Agreements (SLAs) in a user-friendly interfacewithout the need to manually reconfigure each network device. To address these issues, we specifically introduce ARKHAM: an Advanced Refinement Toolkit for Handling SLAs in SDN. In this article, we present (i) a policy
authoring framework that uses logical reasoning for the specification of business-level goals and to automate
their refinement; (ii) an OpenFlow controller which performs information gathering and configuration
deployment; (iii) a policy repository that stores information about the behavior of the infrastructure, which
is obtained by the OpenFlow Controller, and policy authoring operations; and (iv) a formal representation using
event calculusthat describes our solution. The main contributions of this work are (i) the capacity to deploy refined policies with minimal human intervention; (ii) analysis of the infrastructure's ability to fulfill there requirements of high-level policies; (iii), decreased amount of network rules coded into the controller; and (iv)
management and deployment of new rules with minimal disruption to the network. The experimental results
demonstrate that the refinement toolkit achieves the expected results within acceptable performance bounds,
even with the increasing complexity and size of SLAs, network topologies, and repositories