Search Results (86)

Virtualisation has received widespread adoption and deployment across a wide range of enterprises and industries throughout the years. Network Function Virtualisation (NFV) is a technical concept that presents a method for dynamically delivering virtualised network functions as virtualised or software components. Virtualised Network Function (VNF) has distinct advantages, but it also faces serious security challenges. Cyberattacks such as Denial of Service (DoS), malware/rootkit injection, port scanning, and so on can target VNF appliances just like any other network infrastructure. To create exceptional training exercises for machine or deep learning (ML/DL) models to combat cyberattacks in VNF, a suitable dataset (VNFCYBERDATA) exhibiting an actual reflection, or one that is reasonably close to an actual reflection, of the problem that the ML/DL model could address is required. This article describes a real VNF dataset that contains over seven million data points and twenty-five cyberattacks generated from five VNF appliances. To facilitate a realistic examination of VNF traffic, the dataset includes both benign and malicious traffic. Full article

Fifth Generation (5G) cellular networks have been adopted worldwide since the rollout began around 2019. It brought with it many innovations and new services, such as Enhanced Mobile Broadband (eMBB), Ultra Reliable and Low-Latency Communications (URLLC), and Massive Internet of Things (mIoT). Furthermore, 5G introduced a more scalable approach to network operations using fully software-based Virtualized Network Functions (VNF) in Core Networks (CN) rather than the prior hardware-based approach. However, while this shift towards a fully software-based system design provides numerous significant benefits, such as increased interoperability, scalability, and cost-effectiveness, it also brings with it an increased cybersecurity risk. Security is crucial to maintaining trust between vendors, operators, and consumers. Cyberattacks are rapidly increasing in number and sophistication, and we are seeing a shift towards zero-trust approaches. This means that even communications between VNFs inside a 5G core must be scrutinized and hardened against attacks, especially with the advent of quantum computers. The National Institute of Standards and Technology (NIST), over the past 10 years, has led efforts to standardize post-quantum cryptography (PQC) to protect against quantum attacks. This paper covers a custom implementation of the open-source free5GC CN, to expand its HTTPS capabilities for VNFs by introducing PQC Key Encapsulation Methods (KEM) for Transport Layer Security (TLS) v1.3. This paper provides the details of this integration with a focus on the latency of different PQC KEMs in initial handshakes between VNFs, on packet size, and the implications in a 5G environment. This work also conducts a security comparison between the PQC-equipped free5GC and other open-source 5G CNs. The presented results indicate a negligible increase in UE connection setup duration and a small increase in connection setup data requirements, strongly indicating that PQC KEM’s benefits far outweigh any downsides when integrated into 5G and 6G core services. To the best of our knowledge, this is the first work incorporating PQC into an open-source 5G core. Furthermore, the results from this effort demonstrate that employing PQC ciphers for securing VNF communications results in only a negligible impact on latency and bandwidth usage, thus demonstrating significant benefits to 5G cybersecurity. Full article

Future 6G networks will inherit and develop Network Function Virtualization (NFV) architecture. With the NFV-enabled network architecture, it becomes possible to establish different virtual networks within the same infrastructure, create different Virtual Network Functions (VNFs) in different virtual networks, and form Service Function Chains (SFCs) that meet different service requirements through the orderly combination of VNFs. These SFCs can be deployed to physical entities as needed to provide network functions that support different services. To meet the highly dynamic service requirements in the future 6G Internet of Things (IoT) scenario, the highly flexible and efficient SFC reconfiguration algorithm is the key research direction. Deep-learning-based algorithms have shown their advantages in solving this type of dynamic optimization problem. Considering that the efficiency of the traditional Actor Critic (AC) algorithm is limited, the policy does not directly participate in the value function update. In this paper, we use the Proximal Policy Optimization (PPO) clip function to restrict the difference between the new policy and the old policy, to ensure the stability of the updating process. We combine PPO with AC, and further bring the historical decision information as the network knowledge to offer better initial policies, to accelerate the training speed. We also propose the Knowledge = Assisted Actor Critic Proximal Policy Optimization (KA-ACPPO)-based SFC reconfiguration algorithm to ensure the Quality of Service (QoS) of end-to-end services. Simulation results show that the proposed KA-ACPPO algorithm can effectively reduce computing cost and power consumption. Full article

Network function virtualization (NFV) allows the dynamic configuration of virtualized network functions to adapt services to complex and real-time network environments to improve network performance. The dynamic nature of physical networks creates significant challenges for virtual network function (VNF) migration and energy consumption, especially in edge–cloud continuum networks. This challenge can be addressed by predicting network traffic and proactively migrating VNFs using the predicted values. However, historical network traffic data are held by network service providers, and different network service providers are reluctant to share historical data due to privacy concerns; in addition, network resource providers that own the underlying networks are unable to effectively predict network traffic. To address this challenge, we apply a federated learning (FL) framework to enable network resource providers to no longer need historical network traffic data to be able to effectively predict network traffic. Further, to enable the predicted network traffic to lead to better migration effects, such as reducing the number of migrations, decreasing energy consumption, and increasing the request acceptance rate, we apply the predicted values of the network traffic to the network environment and feed the migration results of the network environment on the multiple factors described above to the neural network model. To obtain the migration results of the network environment, we analyzed and developed mathematical models for edge–cloud continuum networks with multiple network service providers. The effectiveness of our algorithm is evaluated through extensive simulations, and the results show a significant reduction in the number of migrated nodes and energy consumption, as well as an increase in the acceptance rate of the service function chain (SFC), compared with the commonly used scheme that uses only the difference between the predicted and actual traffic to define the loss function. Full article

Mobile Edge Computing (MEC) is crucial for reducing latency by bringing computational resources closer to the network edge, thereby enhancing the quality of services (QoS). However, the broad deployment of cloudlets poses challenges in efficient network slicing, particularly when traffic distribution is uneven. Therefore, these challenges include managing diverse resource requirements across widely distributed cloudlets, minimizing resource conflicts and delays, and maintaining service quality amid fluctuating request rates. Addressing this requires intelligent strategies to predict request types (common or urgent), assess resource needs, and allocate resources efficiently. Emerging technologies like edge computing and 5G with network slicing can handle delay-sensitive IoT requests rapidly, but a robust mechanism for real-time resource and utility optimization remains necessary. To address these challenges, we designed an end-to-end network slicing approach that predicts common and urgent user requests through T distribution. We formulated our problem as a multi-agent Markov decision process (MDP) and introduced a multi-agent soft actor–critic (MAgSAC) algorithm. This algorithm prevents the wastage of scarce resources by intelligently activating and deactivating virtual network function (VNF) instances, thereby balancing the allocation process. Our approach aims to optimize overall utility, balancing trade-offs between revenue, energy consumption costs, and latency. We evaluated our method, MAgSAC, through simulations, comparing it with the following six benchmark schemes: MAA3C, SACT, DDPG, S2Vec, Random, and Greedy. The results demonstrate that our approach, MAgSAC, optimizes utility by 30%, minimizes energy consumption costs by 12.4%, and reduces execution time by 21.7% compared to the closest related multi-agent approach named MAA3C. Full article

The development of new technologies has significantly enhanced the monitoring and analysis of network traffic. Modern solutions like the Extended Berkeley Packet Filter (eBPF) demonstrate a clear advancement over traditional techniques, allowing for more customized and efficient filtering. These technologies are crucial for influencing system performance as they operate at the lowest layer of the operating system, such as the kernel. Network-based Intrusion Detection/Prevention Systems (IDPS), including Snort, Suricata, and Bro, passively monitor network traffic from terminal access points. However, most IDPS are signature-based and face challenges on large networks, where the drop rate increases due to limitations in capturing and processing packets. High throughput leads to overheads, causing IDPS buffers to drop packets, which can pose serious threats to network security. Typically, IDPS are targeted by volumetric and multi-vector attacks that overload the network beyond the reception and processing capacity of IDPS, resulting in packet loss due to buffer overflows. To address this issue, the proposed solution, iKern, utilizes eBPF and Virtual Network Functions (VNF) to examine and filter packets at the kernel level before forwarding them to user space. Packet stream inspection is performed within the iKern Engine at the kernel level to detect and mitigate volumetric floods and multi-vector attacks. The iKern detection engine, operating within the Linux kernel, is powered by eBPF bytecode injected from user space. This system effectively handles volumetric Distributed Denial of Service (DDoS) attacks. Real-time implementation of this scheme has been tested on a 1Gbps network and shows significant detection and reduction capabilities against volumetric and multi-vector floods. Full article

With the continuous development of the civil aviation industry toward digitalization and intelligence, the closed architecture of traditional air traffic information networks struggles to meet the rapidly growing demands for air traffic services. Network function virtualization (NFV) is one of the key technologies that can address the rigidity of traditional air traffic information networks. NFV technology has facilitated the flexible deployment of air traffic services, but it has also expanded the attack surface of the network. In addressing the network attack risks faced by service function chains (SFCs) in NFV environments, a SFC protection method based on honeypots and backup technology (PBHB) is proposed to reduce the resource cost of protecting air traffic information networks while enhancing network security. Initially, PBHB utilizes the TAPD algorithm to deploy the primary VNFs as closely as possible to the shortest path between the source and destination endpoints, thus aiming to reduce SFC latency and save bandwidth resource costs. Subsequently, the RAHDR algorithm is employed to install honeypot VNFs in each physical platform that is at risk of side-channel attacks, thus updating the deployment status of honeypot VNFs in real time based on the VNF lifecycle in order to offer primary protection for SFCs. Lastly, the BDMPE algorithm was used to calculate the backup scheme with the highest protection efficiency to implement secondary protection for the SFCs that still do not meet the security requirements. Through experiments, the maximum backup limit for SFCs in PBHB was determined, confirming its satisfactory performance across various SFC arrival rates. Furthermore, performance comparisons with other SFC protection methods revealed that PBHB achieves optimizations in resources cost while ensuring SFC security and latency. Full article

Network functions virtualization (NFV) has become the platform for decomposing the sequence of virtual network functions (VNFs), which can be grouped as a forwarding graph of service function chaining (SFC) to serve multi-service slice requirements. NFV-enabled SFC consists of several challenges in reaching the reliability and efficiency of key performance indicators (KPIs) in management and orchestration (MANO) decision-making control. The problem of SFC fault tolerance is one of the most critical challenges for provisioning service requests, and it needs resource availability. In this article, we proposed graph neural network (GNN)-based deep reinforcement learning (DRL) to enhance SFC fault tolerance (GRL-SFT), which targets the chain graph representation, long-term approximation, and self-organizing service orchestration for future massive Internet of Everything applications. We formulate the problem as the Markov decision process (MDP). DRL seeks to maximize the cumulative rewards by maximizing the service request acceptance ratios and minimizing the average completion delays. The proposed model solves the VNF management problem in a short time and configures the node allocation reliably for real-time restoration. Our simulation result demonstrates the effectiveness of the proposed scheme and indicates better performance in terms of total rewards, delays, acceptances, failures, and restoration ratios in different network topologies compared to reference schemes. Full article

Environmental mapping and robot navigation are the basis for realizing robot automation in modern agricultural production. This study proposes a new autonomous mapping and navigation method for gardening scene robots. First, a new LiDAR slam-based semantic mapping algorithm is proposed to enable the robots to analyze structural information from point cloud images and generate roadmaps from them. Secondly, a general robot navigation framework is proposed to enable the robot to generate the shortest global path according to the road map, and consider the local terrain information to find the optimal local path to achieve safe and efficient trajectory tracking; this method is equipped in apple orchards. The LiDAR was evaluated on a differential drive robotic platform. Experimental results show that this method can effectively process orchard environmental information. Compared with vnf and pointnet++, the semantic information extraction efficiency and time are greatly improved. The map feature extraction time can be reduced to 0.1681 s, and its MIoU is 0.812. The resulting global path planning achieved a 100% success rate, with an average run time of 4ms. At the same time, the local path planning algorithm can effectively generate safe and smooth trajectories to execute the global path, with an average running time of 36 ms. Full article

The introduction of fifth-generation (5G) mobile networks leads to an increase in energy consumption and higher operational costs for mobile network operators (MNOs). Consequently, the optimization of 5G networks’ energy efficiency is crucial, both in terms of reducing MNO costs and in terms of the negative environmental impact. However, many aspects of the 5G mobile network technology itself have been standardized, including the 5G network slicing concept. This enables the creation of multiple independent logical 5G networks within the same physical infrastructure. Since the only necessary resources in 5G networks need to be used for the realization of a specific 5G network slice, the question of whether the implementation of 5G network slicing can contribute to the improvement of 5G and future sixth-generation networks’ energy efficiency arises. To tackle this question, this review paper analyzes 5G network slicing and the energy demand of different network slicing use cases and mobile virtual network operator realizations based on network slicing. The paper also overviews standardized key performance indicators for the assessment of 5G network slices’ energy efficiency and discusses energy efficiency in 5G network slicing lifecycle management. In particular, to show how efficient network slicing can optimize the energy consumption of 5G networks, versatile 5G network slicing use case scenarios, approaches, and resource allocation concepts in the space, time, and frequency domains have been discussed, including artificial intelligence-based implementations of network slicing. The results of the comprehensive discussion indicate that the different implementations and approaches to network slicing pave the way for possible further reductions in 5G MNO energy costs and carbon dioxide emissions in the future. Full article

The multiple-unmanned-aerial-vehicle (multi-UAV) mobile edge network is a promising networking paradigm that uses multiple resource-limited and trajectory-planned unmanned aerial vehicles (UAVs) as edge servers, upon which on-demand virtual network functions (VNFs) are deployed to provide low-delay virtualized network services for the requests of ground users (GUs), who often move randomly and have difficulty accessing the Internet. However, VNF deployment and UAV trajectory planning are both typical NP-complete problems, and the two operations have a strong coupling effect: they affect each other. Achieving optimal virtualized service provision (i.e., maximizing the number of accepted GU requests under a given period T while minimizing the energy consumption and the cost of accepting the requests in all UAVs) is a challenging issue. In this paper, we propose an improved online deep reinforcement learning (DRL) scheme to tackle this issue. First, we formulate the joint optimization of the two operations as a nonconvex mixed-integer nonlinear programming problem, which can be viewed as a sequence of one-frame joint VNF deployment and UAV-trajectory-planning optimization subproblems. Second, we propose an online DRL based on jointly optimizing discrete (VNF deployment) and continuous (UAV trajectory planning) actions to solve each subproblem, whose key idea is establishing and achieving the coupled influence of discrete and continuous actions. Finally, we evaluate the proposed scheme through extensive simulations, and the results demonstrate its effectiveness. Full article

Tourist maps provide tourists with destination information that reflects their unique characteristics and cultural connotations and play an important role in attracting tourists and serving marketing purposes. However, existing designs of tourist maps often ignore the importance of cultural resource selection and the relationship between maps and structural linguistics, thereby affecting the narrative function and representativeness of tourist maps. This study utilizes the local chronicle as a data source and proposes a novel visual narrative framework (VNF) for tourist maps. The VNF combines Todorov’s narrative hierarchy and Roth’s visual storytelling tropes to establish a mapping between map elements and narrative elements. To demonstrate the effectiveness of the VNF, the Songshan Scenic Area was selected as a case study. By applying the VNF, highly characteristic and meaningful colors, figurative hand-painted symbols, and scene symbols are selected and integrated into the map design to enhance the artistic value and narrative of the map. This framework reveals the potential cultural value of local chronicles and can serve as a reference for other historical tourist cities, contributing to the preservation of local cultural heritage. Full article

Low-speed internet can negatively impact incident response by causing delayed detection, ineffective response, poor collaboration, inaccurate analysis, and increased risk. Slow internet speeds can delay the receipt and analysis of data, making it difficult for security teams to access the relevant information and take action, leading to a fragmented and inadequate response. All of these factors can increase the risk of data breaches and other security incidents and their impact on IoT-enabled communication. This study combines virtual network function (VNF) technology with software -defined networking (SDN) called virtual network function software-defined networking (VNFSDN). The adoption of the VNFSDN approach has the potential to enhance network security and efficiency while reducing the risk of cyberattacks. This approach supports IoT devices that can analyze large volumes of data in real time. The proposed VNFSDN can dynamically adapt to changing security requirements and network conditions for IoT devices. VNFSDN uses threat filtration and threat-capturing and decision-driven algorithms to minimize cyber risks for IoT devices and enhance network performance. Additionally, the integrity of IoT devices is safeguarded by addressing the three risk categories of data manipulation, insertion, and deletion. Furthermore, the prioritized delegated proof of stake (PDPoS) consensus variant is integrated with VNFSDN to combat attacks. This variant addresses the scalability issue of blockchain technology by providing a safe and adaptable environment for IoT devices that can quickly be scaled up and down to pull together the changing demands of the organization, allowing IoT devices to efficiently utilize resources. The PDPoS variant provides flexibility to IoT devices to proactively respond to potential security threats, preventing or mitigating the impact of cyberattacks. The proposed VNFSDN dynamically adapts to the changing security requirements and network conditions, improving network resiliency and enabling proactive threat detection. Finally, we compare the proposed VNFSDN to existing state-of-the-art approaches. According to the results, the proposed VNFSDN has a 0.08 ms minimum response time, a 2% packet loss rate, 99.5% network availability, a 99.36% threat detection rate, and a 99.77% detection accuracy with 1% malicious nodes. Full article

In the realm of Network Function Virtualization (NFV), Virtual Network Functions (VNFs) are crucial software entities that require execution on virtualized hardware infrastructure. Deploying a Service Function Chain (SFC) requires multiple steps for instantiating VNFs to analyze, request, deploy, and monitor resources. It is well recognized that the sharing of infrastructure resources among different VNFs will enhance resource utilization. However, conventional mechanisms for VNF sharing often neglect the interests of both VNF instances and infrastructure providers. In this context, this paper presents a blockchain-based framework that focuses on resource sharing and access control, with a particular emphasis on ensuring profitability during VNF instantiation. Additionally, a resource sharing game model and a novel greedy matching algorithm are introduced to optimize the benefits for both VNF instances and infrastructure resource providers. Furthermore, a blockchain-based access control mechanism is designed to securely store keys and provide fine-grained access control. The experimental results demonstrate that the proposed resource sharing game model and greedy matching algorithm promote healthy competition among resource owners and facilitate effective bargaining between resource owners and infrastructure providers. In comparison to the standard Stackelberg game solution, our proposed method achieves up to an 8.1 times performance improvement while sacrificing fewer optimal social utility values. Furthermore, compared to other CP-ABE methods, the proposed approach enhances security within a blockchain-based framework while maintaining an excellent encryption efficiency and a moderate decryption efficiency. Full article

The control of oxidative stress with natural active substances could limit the development of numerous pathologies. Our objective was to study the antiradical effects of resveratrol (RSV), ε-viniferin (VNF), and vitisin B (VB) alone or in combination, and those of a standardized stilbene-enriched vine extract (SSVE). In the DPPH-, FRAP-, and NO-scavenging assays, RSV presented the highest activity with an IC₅₀ of 81.92 ± 9.17, 13.36 ± 0.91, and 200.68 ± 15.40 µM, respectively. All binary combinations resulted in additive interactions in the DPPH- and NO-scavenging assays. In the FRAP assay, a synergic interaction for RSV + VNF, an additive for VNF + VB, and an antagonistic for RSV + VB were observed. The ternary combination of RSV + VNF + VB elicited an additive interaction in the DPPH assay and a synergic interaction in the FRAP- and NO-scavenging assays. There was no significant difference between the antioxidant activity of the SSVE and that of the combination of RSV + VNF. In conclusion, RSV presented the highest effects, followed by VNF and VB. The interactions revealed additive or synergistic effects, depending on the combination of the stilbenes and assay. Full article