Distributed Denial of Service (DDoS) attacks are one the most harmful threats in today's Internet, disrupting availability essential services. The challenge DDoS detection is combination attack approaches coupled with volume live traffic to be analysed. In this paper, we present a practical, lightweight deep learning system called Lucid, which exploits properties Convolutional Neural Networks (CNNs) classify flows as either malicious or benign. We make four main contributions; (1) an...

Software-Defined Networking (SDN) is an evolutionary networking paradigm which has been adopted by large network and cloud providers, among are Tech Giants. However, embracing a new futuristic as alternative to well-established mature legacy requires lot of time along with considerable financial resources technical expertise. Consequently, many enterprises can not afford it. A compromise solution then hybrid environment (a.k.a. Hybrid SDN (hSDN)) in functionalities leveraged while existing...

In this paper we present Vertigo (Virtual Topologies Generalization in OpenFlow networks), a Software–defined networking platform designed for network virtualization. Based on the original slicing system Flow Visor, aims at covering all flavors of virtualization: particular, it is able to expose simple abstract node one extreme, and deliver logically fully connected very opposite end. work, first introduce architecture its design choices, then report prototypical implementation deployed over...

Network Virtualization (NV) is one of the most promising technique to enable innovation in today's network. A recent approach toward NV has been proposed through FlowVisor, whose aim leverage on specific features an OpenFlow-controlled network share same hardware forwarding plane among multiple logical networks. However, FlowVisor lacks some a full implementation architecture: virtual topologies that can be established are restricted subsets physical topology and it no way for two slices...

In the recent years, complexity of network data plane and their requirements in terms agility has increased significantly, with many functions now implemented software executed directly datacenter servers. To avoid bottlenecks to keep up ever increasing speeds, approaches propose move packet processing kernel space using technologies such as eBPF/XDP, or offload (part it) specialized hardware, so called SmartNICs. This paper aims at guiding reader through intricacies above mentioned...

Deep Learning is emerging as an effective technique to detect sophisticated cyber-attacks targeting Industrial Control Systems (ICSs). The conventional approach detection in literature learn the "normal" behaviour of system, be then able label noteworthy deviations from it anomalies. However, during operations, ICSs inevitably and continuously evolve their behaviour, due e.g., replacement devices, workflow modifications, or other reasons. As a consequence, accuracy anomaly process may...

Service providers, 5G network operators and, more generally, vertical industries face today a dangerous shortage of highly skilled cybersecurity experts. Along with the escalation and growing sophistication cyber-attacks, networks require training competent cyber forces. To meet these requirements, SPIDER range focuses specifically on 5G, is based three pillars, (i) security assessment, (ii) teams to defend against complex cyber-attack scenarios, (iii) evaluation risk. The replicates...

OpenFlow is a leading standard for Software-Defined Networking (SDN) and has already played significant role in reshaping network infrastructures. However, wide range of existing provider domains still not equipped with framework that supports wider deployment an OpenFlow-based control plane beyond Ethernet-dominated networks. We address this gap by introducing Hardware Abstraction Layer (HAL) which can transform legacy elements into capable devices. This paper details the functional...

OFELIA is an experimental network designed to offer a diverse OpenFlow-enabled infrastructure allow Software Defined Networking (SDN) experimentation. currently composed of ten sub–testbeds (called islands), most them in Europe and one Brazil. An experimenter get access so-called slice; subset the testbed resources like nodes links, including Openflow programmable switches carry on experiment. A new virtualization tool called VeRTIGO has been recently presented extend way isolation achieved...

Machine Learning (ML) has proven to be effective in many application domains. However, ML methods can vulnerable adversarial attacks, which an attacker tries fool the classification/prediction mechanism by crafting input data. In case of ML-based Network Intrusion Detection Systems (NIDSs), might use their knowledge intrusion detection logic generate malicious traffic that remains undetected. One way solve this issue is adopt training, training set augmented with samples. This paper presents...

A promising area of application for Network Function Virtualization is in network security, where chains Virtual Security Functions (VSNFs), i.e., security-specific virtual functions such as firewalls or Intrusion Prevention Systems, can be dynamically created and configured to inspect, filter monitor the traffic. However, traffic handled by VSNFs could sensitive specific requirements, minimum bandwidth maximum end-to-end latency. Therefore, decision on which should apply a given...

The adoption of a robust and scalable network virtualization framework is key requirement in order to make the vision shareable infrastructure reality. To this aim, one most suitable approaches which takes advantage emerging paradigm Software-Defined Networking (SDN) OpenFlow, its de-facto standard. Several frameworks have been proposed last few years, however, they are either based on proxy-based solutions that raises scalability robustness issues (FlowVisor), or rely simplified view data...

COVID-19 has underlined the importance of monitoring indoor air quality (IAQ) to guarantee safe conditions in enclosed environments. Due its strict correlation with human presence, carbon dioxide (CO2) represents one pollutants that most affects environmental health. Therefore, forecasting future CO2 plays a central role taking preventive measures keep level as low possible. Unlike other research aims maximize prediction accuracy, typically using data collected over many days, this work we...

Network Function Virtualization (NFV) enables flexible implementation and provisioning of network functions as virtual machines running on commodity servers. Due to the availability multiple hosting servers, such (also called Virtual Functions (VNFs)) can be placed where they are actually needed, dynamically migrated, duplicated, or deleted according current requirements. However, placement VNFs within physical is one main challenges in NFV domain it has a critical impact performance...

No abstract available.

While sharing some commonalities with a canonical computer network, Wireless Sensor Network (WSN) presents many aspects which are unique. Security mechanisms in WSN mainly devoted to protect both the resources from attacks and misbehavior of nodes information transferred throughout network itself. vast majority works on security for literature focusing novel or performance evaluation "protected" environment like simulators dedicated testbeds, best our knowledge there no existing describing...

Similarly to computer operating systems which guarantee safe access memory resources, Network Operating Systems shall grant SDN applications a reliable neatly organized flow table resources. This paper presents the architecture for controller-agnostic Memory Management System and some of its functionalities that aim at improving usage preventing network misconfigurations. From implementation perspective, this work discusses applicability proposed system, strategy evaluate it current open challenges.