Search Results (26)

Information-centric networking (ICN) is a promising approach to address the limitations of current host-centric IP-based networking. ICN models feature ubiquitous in-network caching to provide faster and more reliable content delivery, name-based routing to provide better scalability, and self-certifying contents to ensure better security. Due to the differences in the core architecture of ICN compared to existing IP-based networks, it requires special considerations to provide quality-of-service (QoS) or quality-of-experience (QoE) support for applications based on ICNs. This paper discusses the latest advances in QoS and QoE research for ICNs. First, an overview of ICN architectures is given, followed by a summary of different factors that influence QoS and QoE. Approaches for improving QoS and QoE in ICNs are then discussed in five main categories: in-network caching, name resolution and routing, transmission and flow control, software-defined networking, and media-streaming-based strategies. Finally, open research questions for providing QoS and QoE support in ICNs are outlined for future research. Full article

Information-Centric Networking (ICN) typically utilizes DRAM (Dynamic Random Access Memory) to build in-network cache components due to its high data transfer rate and low latency. However, DRAM faces significant limitations in terms of cost and capacity, making it challenging to meet the growing demands for cache scalability required by increasing Internet traffic. Combining high-speed but expensive memory (e.g., DRAM) with large-capacity, low-cost storage (e.g., SSD) to construct a hierarchical cache architecture has emerged as an effective solution to this problem. However, how to perform efficient cache management in such architectures to realize the expected cache performance remains challenging. This paper proposes a cache management scheme for hierarchical cache architectures in ICN, which introduces a differentiated replica replacement policy to accommodate the varying request access patterns at different cache layers, thereby enhancing overall cache performance. Additionally, a probabilistic insertion-based SSD cache admission filtering mechanism is designed to control the SSD write load, addressing the issue of balancing SSD lifespan and space utilization. Extensive simulation results demonstrate that the proposed scheme exhibits superior cache performance and lower SSD write load under various workloads and replica placement strategies, highlighting its broad applicability to different application scenarios. Additionally, it maintains stable performance improvements across different cache capacity settings, further reflecting its good scalability. Full article

Named data networking (NDN) is a novel networking paradigm characterized by in-network caching, receiver-driven communication, and multi-source, multi-path data retrieval, which poses new challenges for congestion control. Existing work has largely focused on receiver-driven mechanisms. Due to delays in obtaining network control information (timeouts, NACKs) within NDN, consumers are unable to access the network congestion status from this information in a timely manner. To address the issues above, this paper combines the Q-learning algorithm with the NDN architecture, proposing Q-NDN. In Q-NDN, consumers can dynamically adjust the congestion window (cwnd) through the real-time monitoring of network status, leveraging the Q-learning algorithm, achieving automatic congestion control for the NDN architecture. Additionally, this paper introduces content popularity-based traffic scheduling for multi-user scenarioswhich adjusts the transmission rates of content with different popularity levels to maintain a dynamic balance in the network. The experimental results show that Q-NDN can converge quickly, make full use of bandwidth resources, and keep the packet loss rate to 0 in the basic network topology. In competing network topologies, Q-NDN can rapidly address conflict issues, efficiently utilize bandwidth resources, and maintain a relatively low packet loss rate. Full article

How to maximize the advantages of in-network caching under limited cache space has always been a key issue in information-centric networking (ICN). Replica placement strategies aim to fully utilize cache resources by optimizing the location and quantity distribution of replicas in the network, thereby improving the performance of the cache system. However, existing research primarily focuses on optimizing the placement of replicas along the content delivery path, which cannot avoid the inherent drawback of not being able to leverage off-path cache resources. The proposals for off-path caching cannot effectively solve this problem as they introduce excessive complexity and cooperation costs. In this paper, we address the trade-off between cache resource utilization and cooperation costs by introducing a mechanism complementary to replica placement. Instead of redesigning a new caching strategy from scratch, we propose a proactive cooperative caching mechanism (called RMBCC) that involves an independent replica migration process, through which we proactively relocate replicas evicted from the local cache to neighboring nodes with sufficient cache resources. The cooperation costs are effectively controlled through migration replica filtering, migration distance limitation, as well as hop-by-hop migration request propagation. Extensive simulation experiments show that RMBCC can be efficiently integrated with different on-path caching strategies. Compared with representative caching schemes, RMBCC achieves significant improvements in evaluation metrics such as cache hit ratio and content retrieval time, while only introducing negligible cooperation overhead. Full article

5G cellular networks are already more than six times faster than 4G networks, and their packet loss rate, especially in the Internet of Vehicles (IoV), can reach 0.5% in many cases, such as when there is high-speed movement or obstacles nearby. In such high bandwidth and high packet loss network environments, traditional congestion control algorithms, such as CUBIC and bottleneck bandwidth and round-trip propagation time (BBR), have been unable to balance flow fairness and high performance, and their flow rate often takes a long time to converge. We propose a congestion control algorithm based on bottleneck routing feedback using an in-network control mode called bottleneck routing feedback (BRF). We use SDN technology (OpenFlow protocol) to collect network bandwidth information, and BRF controls the data transmission rate of the sender. By adding the bandwidth information of the bottleneck in the option field in the ACK packet, considering the flow fairness and the flow convergence rate, a bandwidth allocation scheme compatible with multiple congestion control algorithms is proposed to ensure the fairness of all flows and make them converge faster. The performance of BRF is evaluated via Mininet. The experimental results show that BRF provides higher bandwidth utilization, faster convergence rate, and fairer bandwidth allocation than existing congestion control algorithms in 5G cellular networks. Full article

The internet’s future architecture, known as Named Data Networking (NDN), is a creative way to offer content-based services. NDN is more appropriate for content distribution because of its special characteristics, such as naming conventions for packets and methods for in-network caching. Mobility is one of the main study areas for this innovative internet architecture. The software-defined networking (SDN) method, which is employed to provide mobility management in NDN, is one of the feasible strategies. Decoupling the network control plane from the data plane creates an improved programmable platform and makes it possible for outside applications to specify how a network behaves. The SDN is a straightforward and scalable network due to its key characteristics, including programmability, flexibility, and decentralized control. To address the problem of consumer mobility, we proposed an efficient SDPCACM (software-defined proactive caching architecture for consumer mobility) in NDN that extends the SDN model to allow mobility control for the NDN architecture (NDNA), through which the MC (mobile consumer) receives the data proactively after handover while the MC is moving. When an MC is watching a real-time video in a state of mobility and changing their position from one attachment point to another, the controllers in the SDN preserve the network layout and topology as well as link metrics to transfer updated routes with the occurrence of the handoff or handover scenario, and through the proactive caching mechanism, the previous access router proactively sends the desired packets to the new connected routers. Furthermore, the intra-domain and inter-domain handover processing situations in the SDPCACM for NDNA are described here in detail. Moreover, we conduct a simulation of the proposed SDPCACM for NDN that offers an illustrative methodology and parameter configuration for virtual machines (VMs), OpenFlow switches, and an ODL controller. The simulation result demonstrates that the proposed scheme has significant improvements in terms of CPU usage, reduced delay time, jitter, throughput, and packet loss ratio. Full article

Complex dynamic services and heterogeneous network environments make the asymmetrical control a curial issue to handle on the Internet. With the advent of the Internet of Things (IoT) and the fifth generation (5G), the emerging network applications lead to the explosive growth of mobile traffic while bringing forward more challenging service requirements to future radio access networks. Therefore, how to effectively allocate limited heterogeneous network resources to improve content delivery for massive application services to ensure network quality of service (QoS) becomes particularly urgent in heterogeneous network environments. To cope with the explosive mobile traffic caused by emerging Internet services, this paper designs an intelligent optimization strategy based on deep reinforcement learning (DRL) for resource allocation in heterogeneous cloud-edge-end collaboration environments. Meanwhile, the asymmetrical control problem caused by complex dynamic services and heterogeneous network environments is discussed and overcome by distributed cooperation among cloud-edge-end nodes in the system. Specifically, the multi-layer heterogeneous resource allocation problem is formulated as a maximal traffic offloading model, where content caching and request aggregation mechanisms are utilized. A novel DRL policy is proposed to improve content distribution by making cache replacement and task scheduling for arriving content requests in accordance with the information about users’ history requests, in-network cache capacity, available link bandwidth and topology structure. The performance of our proposed solution and its similar counterparts are analyzed in different network conditions. Full article

Named Data Networking (NDN) has been recognized as the most promising information-centric networking architecture that fits the application model of IoT systems. In-network caching is one of NDN’s most fundamental features for improving data availability and diversity and reducing the content retrieval delay and network traffic load. Several caching decision algorithms have been proposed; however, retrieving and delivering data content with minimal resource usage, reduced communication overhead, and a short retrieval time remains a great challenge. In this article, we propose an efficient popularity and freshness caching approach named PF-ClusterCache that efficiently aggregates the storage of different nodes within a given cluster as global shareable storage so that zero redundancy be obtained in any cluster of nodes. This increases the storage capacity for caching with no additional storage resource. PF-ClusterCache ensures that only the newest, most frequent data content is cached, and caching is only performed at the edge of the network, resulting in a wide diversity of cached data content across the entire network and much better overall performance. In-depth simulations using the ndnSIM simulator are performed using a large transit stub topology and various networking scenarios. The results show the effectiveness of PF-ClusterCache in sharing and controlling the local global storage, and in accounting for the popularity and freshness of data content. PF-ClusterCache clearly outperforms the benchmark caching schemes considered, especially in terms of the significantly greater server access reduction and much lower content retrieval time, while efficiently conserving network resources. Full article

In recent years, cyber attacks against critical infrastructure have been increasing and are becoming stealthy and persistent. Attackers or malware may be hiding in the system after penetration to collect system information. They would further make lateral and vertical movement to seek target devices under the radar of existing cybersecurity measures. In order to counter such emerging attack vectors, in-network deception technology is attracting attention. In-network deception technology utilizes an apparently real but dummy (often virtual) devices deployed throughout the infrastructure to capture the attackers’ reconnaissance activities. In this paper, we pick one concrete design and implementation of in-network deception technology for IEC 61850 standard compliant smart substation systems in smart grid, named DecIED, and discuss its effectiveness in countering high-profile attacks that were recently witnessed in the real world. The evaluation is conducted based on the MITRE ATT&CK Matrix for industrial control systems, which tabulates phases and tactics of cyberattack against industrial control systems. Full article

The Information-Centric Network (ICN), designed for efficient content acquisition and distribution, is a promising candidate architecture for the future Internet. In-network caching in ICN makes it possible to reuse contents and the Name Resolution System (NRS) makes cached contents better serve users. In this paper, we focused on the ICN caching scenario equipped with an NRS, which records the positions of contents cached in ICN. We propose a Popularity-based caching strategy with Number-of-Copies Control (PB-NCC) in this paper. PB-NCC is proposed to solve the problems of unreasonable content distribution and frequent cache replacement in traditional caching strategies in ICN. We examine PB-NCC with a large number of experiments in different topologies and workloads. The simulation results reveal that PB-NCC can improve the cache hit ratio by at least 8.85% and reduce the server load by at least 11.34% compared with other on-path caching strategies, meanwhile maintaining a low network latency. Full article

As one of the candidates for future network architecture, Information-Centric Networking (ICN) has revolutionized the manner of content retrieval by transforming the communication mode from host-centric to information-centric. Unlike a traditional TCP/IP network, ICN uses a location-independent name to identify content and takes a receiver-driven model to retrieve the content. Moreover, ICN routers not only perform a forwarding function but also act as content providers due to pervasive in-network caching. The network traffic is more complicated and routers are more prone to congestion. These distinguished characteristics pose new challenges to ICN transmission control mechanism. In this paper, we propose an effective transmission scheme by combining the receiver-driven transport protocol and the router-driven congestion detection mechanism. We first outline the process of content retrieval and transmission in an IP-compatible ICN architecture and propose a practical receiver-driven transport protocol. Then, we present an early congestion detection mechanism applied on ICN routers based on an improved Active Queue Management (AQM) algorithm and design a receiver-driven congestion control algorithm. Finally, experiment results show that the proposed transmission scheme can maintain high bandwidth utilization and significantly reduce transmission delay and packet loss rate. Full article

NDN is one of the new emerging future internet architectures which brings up new solutions over today’s internet architecture, facilitating content distribution, in-network caching, mobility support, and multicast forwarding. NDNs ubiquitous in-network caching allows consumers to access data directly from the intermediate router’s cache. However, it opens content privacy problems since data packets replicated in the router are always accessible by every consumer. Sensitive contents in the routers should be protected and accessed only by authorized consumers. Although the content protection problem can be solved by applying an encryption-based access control policy, it still needs an efficient content distribution scheme with lower computational overhead and content retrieval time. We propose an efficient and secure content distribution (ES_CD), by combining symmetric encryption and identity-based proxy re-encryption. The analysis shows that our proposed scheme achieves content retrieval time reduction up to 20% for the cached contents in our network simulation environment and a slight computational overhead of less than 19 ms at the content producer and 9 ms at the consumer for 2 KB content. ES_CD provides content confidentiality and ensures only legitimate consumers can access the contents during a predefined time without requiring a trusted third party and keeping the content producer always online. Full article

As an emerging network architecture, Information-Centric Networking (ICN) is considered to have the potential to meet the new requirements of the Fifth Generation (5G) networks. ICN uses a name decoupled from location to identify content, supports the in-network caching technology, and adopts a receiver-driven model for data transmission. Existing ICN congestion control mechanisms usually first select a nearby replica by opportunistic cache-hits and then insist on adjusting the transmission rate regardless of the congestion state, which cannot fully utilize the characteristics of ICN to improve the performance of data transmission. To solve this problem, this paper proposes a two-level congestion control mechanism, called 2LCCM. It switches the replica location based on a node state table to avoid congestion paths when heavy congestion happens. This 2LCCM mechanism also uses a receiver-driven congestion control algorithm to adjust the request sending rate, in order to avoid link congestion under light congestion. In this paper, the design and implementation of the proposed mechanism are described in detail, and the experimental results show that 2LCCM can effectively reduce the transmission delay when heavy congestion occurs, and the bandwidth-delay product-based congestion control algorithm has better transmission performance compared with a loss-based algorithm. Full article

The study of multi-agent systems such as drone swarms has been intensified due to their cooperative behavior. Nonetheless, automating the control of a swarm is challenging as each drone operates under fluctuating wireless, networking and environment constraints. To tackle these challenges, we consider drone swarms as Networked Control Systems (NCS), where the control of the overall system is done enclosed within a wireless communication network. This is based on a tight interconnection between the networking and computational systems, aiming to efficiently support the basic control functionality, namely data collection and exchanging, decision-making, and the distribution of actuation commands. Based on a literature analysis, we do not find revision papers about design of drone swarms as NCS. In this review, we introduce an overview of how to develop self-organized drone swarms as NCS via the integration of a networking system and a computational system. In this sense, we describe the properties of the proposed components of a drone swarm as an NCS in terms of networking and computational systems. We also analyze their integration to increase the performance of a drone swarm. Finally, we identify a potential design choice, and a set of open research challenges for the integration of network and computing in a drone swarm as an NCS. Full article

This paper aims to explore the cyber-deception-based approach and to design a novel conceptual model of hybrid threats that includes deception methods. Security programs primarily focus on prevention-based strategies aimed at stopping attackers from getting into the network. These programs attempt to use hardened perimeters and endpoint defenses by recognizing and blocking malicious activities to detect and stop attackers before they can get in. Most organizations implement such a strategy by fortifying their networks with defense-in-depth through layered prevention controls. Detection controls are usually placed to augment prevention at the perimeter, and not as consistently deployed for in-network threat detection. This architecture leaves detection gaps that are difficult to fill with existing security controls not specifically designed for that role. Rather than using prevention alone, a strategy that attackers have consistently succeeded against, defenders are adopting a more balanced strategy that includes detection and response. Most organizations deploy an intrusion detection system (IDS) or next-generation firewall that picks up known attacks or attempts to pattern match for identification. Other detection tools use monitoring, traffic, or behavioral analysis. These reactive defenses are designed to detect once they are attacked yet often fail. They also have some limitations because they are not designed to catch credential harvesting or attacks based on what appears as authorized access. They are also often seen as complex and prone to false positives, adding to analyst alert fatigue. The security industry has focused recent innovation on finding more accurate ways to recognize malicious activity with technologies such as user and entity behavioral analytics (UEBA), big data, artificial intelligence (AI), and deception. Full article