Biblio

Proliferation of the Internet usage is rapidly increasing, and it is necessary to support the performance requirements for multimedia applications, including lower latency, improved security, faster content retrieval, and adjustability to the traffic load. Nevertheless, because the current Internet architecture is a host-oriented one, it often fails to support the necessary demands such as fast content delivery. A promising networking paradigm called Information-Centric Networking (ICN) focuses on the name of the content itself rather than the location of that content. A distinguished alternative to this ICN concept is Content-Centric Networking (CCN) that exploits more of the performance requirements by using in-network caching and outperforms the current Internet in terms of content transfer time, traffic load control, mobility support, and efficient network management. In this paper, instead of using the saturated method of validating a theory by simulation, we present a testbed-based performance evaluation of the ICN network. We used several new functions of the proposed testbed to improve the performance of the basic CCN. In this paper, we also show that the proposed testbed architecture performs better in terms of content delivery time compared to the basic CCN architecture through graphical results.

Named Data Networking (NDN) is a promising Internet architecture which is expected to solve some problems (e.g., security, mobility) of the current TCP/IP architecture. The basic concept of NDN is to use named data for routing instead of using location addresses like IP address. NDN natively supports consumer mobility, but producer mobility is still a challenge and there have been quite a few researches. Considering the Internet connection such as public transport vehicles, network mobility support in NDN is important, but it is still a challenge. That is the reason that this paper proposes an efficient network mobility support scheme in NDN in terms of signaling protocols and data retrieval.

Named Data Networking (NDN) is a new network architecture that has been projected as the future of internet architecture. Unlike the traditional internet approach which currently relies on client-server communication models to communicate each other, NDN relies on data as an entity. Hence the users only need the content and applications based on data naming, as there is no IP addresses needed. NDN is different than TCP/IP technology as NDN signs the data with Digital Signature to secure each data authenticity. Regarding huge number of uses on IP-based network, and the minimum number of NDN-based network implementation, the NDN-IP gateway are needed to map and forward the data from IP-based network to NDN-based network, and vice versa. These gateways are called Custom-Router Gateway in this study. The Custom-Router Gateway requires a new mechanism in conducting Digital Signature so that authenticity the data can be verified when it passes through the NDN-IP Custom-Router Gateway. This study propose a method to process the Digital Signature for the packet flows from IP-based network through NDN-based network. Future studies are needed to determine the impact of Digital Signature processing on the performance in forwarding the data from IP-based to NDN-based network and vice versa.

NDN has been widely regarded as a promising representation and implementation of information- centric networking (ICN) and serves as a potential candidate for the future Internet architecture. However, the security of NDN is threatened by a significant safety hazard known as an IFA, which is an evolution of DoS and distributed DoS attacks on IP-based networks. The IFA attackers can create numerous malicious interest packets into a named data network to quickly exhaust the bandwidth of communication channels and cache capacity of NDN routers, thereby seriously affecting the routers' ability to receive and forward packets for normal users. Accurate detection of the IFAs is the most critical issue in the design of a countermeasure. To the best of our knowledge, the existing IFA countermeasures still have limitations in terms of detection accuracy, especially for rapidly volatile attacks. This article proposes a TC to detect the distributions of normal and malicious interest packets in the NDN routers to further identify the IFA. The trace back method is used to prevent further attempts. The simulation results show the efficiency of the TC for mitigating the IFAs and its advantages over other typical IFA countermeasures.

Named Data Networking (or NDN) represents a potential new approach to the current host based Internet architecture which prioritize content over the communication between end nodes. NDN relies on caching functionalities and local data storage, such as a content request could be satisfied by any node holding a copy of the content in its storage. Due to the fact that users in the same network domain can share their cached content with each other and in order to reduce the transmission cost for obtaining the desired content, a cooperative network coding mechanism is proposed in this paper. We first formulate our optimal coding and homomorphic signature scheme as a MIP problem and we show how to leverage Software Defined Networking to provide seamless implementation of the proposed solution. Evaluation results demonstrate the efficiency of the proposed coding scheme which achieves better performance than conventional NDN with random coding especially in terms of transmission cost and security.

With software defined networking and network function virtualization technologies, networks can be programmed to have customized processing and paths for different traffic at manageable costs and for massive numbers of applications. Now, picture a future Internet where each entity - a person, an organization, or an autonomous system - has the ability to choose how traffic in their respective network sessions is routed and processed between itself and its counterparts. The network is, essentially, liberated from today's homogeneous IP-based routing and limited connection options. To realize such a network paradigm, we propose a software defined exchange architecture that can provide the needed network programmability, session-level customization, and scale. We present a case study for traffic-analysis-resistant communication among individuals, campuses, or web services, where IP addresses no longer need to have a one-to-one correspondence with service providers.

Named Data Networking (NDN) is a future Internet architecture, NDN forwarding strategy is a hot research topic in MANET. At present, there are two categories of forwarding strategies in NDN. One is the blind forwarding(BF), the other is the aware forwarding(AF). Data packet return by the way that one came forwarding strategy(DRF) as one of the BF strategy may fail for the interruptions of the path that are caused by the mobility of nodes. Consumer need to wait until the interest packet times out to request the data packet again. To solve the insufficient of DRF, in this paper a Forwarding Strategy, called FN based on Neighbor-aware is proposed for NDN MANET. The node maintains the neighbor information and the request information of neighbor nodes. In the phase of data packet response, in order to improve request satisfaction rate, node specifies the next hop node; Meanwhile, in order to reduce packet loss rate, node assists the last hop node to forward packet to the specific node. The simulation results show that compared with DRF and greedy forwarding(GF) strategy, FN can improve request satisfaction rate when node density is high.

Autonomous vehicles must communicate with each other effectively and securely to make robust decisions. However, today's Internet falls short in supporting efficient data delivery and strong data security, especially in a mobile ad-hoc environment. Named Data Networking (NDN), a new data-centric Internet architecture, provides a better foundation for secure data sharing among autonomous vehicles. We examine two potential threats, false data dissemination and vehicle tracking, in an NDN-based autonomous vehicular network. To detect false data, we propose a four-level hierarchical trust model and the associated naming scheme for vehicular data authentication. Moreover, we address vehicle tracking concerns using a pseudonym scheme to anonymize vehicle names and certificate issuing proxies to further protect vehicle identity. Finally, we implemented and evaluated our AutoNDN application on Raspberry Pi-based mini cars in a wireless environment.

Customer Edge Switching (CES) is an experimental Internet architecture that provides reliable and resilient multi-domain communications. It provides resilience against security threats because domains negotiate inbound and outbound policies before admitting new traffic. As CES and its signalling protocols are being prototyped, there is a need for independent testing of the CES architecture. Hence, our research goal is to develop an automated test framework that CES protocol designers and early adopters can use to improve the architecture. The test framework includes security, functional, and performance tests. Using the Robot Framework and STRIDE analysis, in this paper we present this automated security test framework. By evaluating sample test scenarios, we show that the Robot Framework and our CES test suite have provided productive discussions about this new architecture, in addition to serving as clear, easy-to-read documentation. Our research also confirms that test automation can be useful to improve new protocol architectures and validate their implementation.

We discuss a key engineering challenge in implementing the Identifier- Locator Network Protocol (ILNP), as described in IRTF Experimental RFCs 6740–6748: enabling legacy applications that use the C sockets API. We have built the first two OS kernel implementations of ILNPv6 (ILNP as a superset of IPv6), in both the Linux OS kernel and the FreeBSD OS kernel. Our evaluation is in comparison with IPv6, in the context of a topical and challenging scenario: host mobility implemented as a purely end-to-end function. Our experiments show that ILNPv6 has excellent potential for deployment using existing IPv6 infrastructure, whilst offering the new properties and functionality of ILNP.

Named Data Networking (NDN), a clean-slate data oriented Internet architecture targeting on replacing IP, brings many potential benefits for content distribution. Real deployment of NDN is crucial to verify this new architecture and promote academic research, but work in this field is at an early stage. Due to the fundamental design paradigm difference between NDN and IP, Deploying NDN as IP overlay causes high overhead and inefficient transmission, typically in streaming applications. Aiming at achieving efficient NDN streaming distribution, this paper proposes a transitional architecture of NDN/IP hybrid network dubbed Centaur, which embodies both NDN's smartness, scalability and IP's transmission efficiency and deployment feasibility. In Centaur, the upper NDN module acts as the smart head while the lower IP module functions as the powerful feet. The head is intelligent in content retrieval and self-control, while the IP feet are able to transport large amount of media data faster than that if NDN directly overlaying on IP. To evaluate the performance of our proposal, we implement a real streaming prototype in ndnSIM and compare it with both NDN-Hippo and P2P under various experiment scenarios. The result shows that Centaur can achieve better load balance with lower overhead, which is close to the performance that ideal NDN can achieve. All of these validate that our proposal is a promising choice for the incremental and compatible deployment of NDN.

With the growing number of proposed clean-slate redesigns of the Internet, the need for a medium that enables all stakeholders to participate in the realization, evaluation, and selection of these designs is increasing. We believe that the missing catalyst is a meta network architecture that welcomes most, if not all, clean-state designs on a level playing field, lowers deployment barriers, and leaves the final evaluation to the broader community. This paper presents Linux XIA, a native implementation of XIA in the Linux kernel, as a candidate. We first describe Linux XIA in terms of its architectural realizations and algorithmic contributions. We then demonstrate how to port several distinct and unrelated network architectures onto Linux XIA. Finally, we provide a hybrid evaluation of Linux XIA at three levels of abstraction in terms of its ability to: evolve and foster interoperation of new architectures, embed disparate architectures inside the implementation's framework, and maintain a comparable forwarding performance to that of the legacy TCP/IP implementation. Given this evaluation, we substantiate a previously unsupported claim of XIA: that it readily supports and enables network evolution, collaboration, and interoperability - traits we view as central to the success of any future Internet architecture.

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet, which began as a research experiment, was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, particularly for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification and to an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design-in particular, the software defined networking (SDN) paradigm-offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods and present a survey of its applications to networking.

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet, which began as a research experiment, was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, particularly for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification and to an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design-in particular, the software defined networking (SDN) paradigm-offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods and present a survey of its applications to networking.
 

The OpenFlow architecture is a proposal from the Clean Slate initiative to define a new Internet architecture where the network devices are simple, and the control and management plane is performed by a centralized controller. The simplicity and centralization architecture makes it reliable and inexpensive. However, this architecture does not provide mechanisms to detect conflicting in flows, allowing that unreachable flows can be configured in the network elements, and the network may not behave as expected. This paper proposes an approach to conflict detection using first-order logic to define possible antagonisms and employ an inference engine to detect conflicting flows before the OpenFlow controller implement in the network elements.
 

Traffic from mobile wireless networks has been growing at a fast pace in recent years and is expected to surpass wired traffic very soon. Service providers face significant challenges at such scales including providing seamless mobility, efficient data delivery, security, and provisioning capacity at the wireless edge. In the Mobility First project, we have been exploring clean slate enhancements to the network protocols that can inherently provide support for at-scale mobility and trustworthiness in the Internet. An extensible data plane using pluggable compute-layer services is a key component of this architecture. We believe these extensions can be used to implement in-network services to enhance mobile end-user experience by either off-loading work and/or traffic from mobile devices, or by enabling en-route service-adaptation through context-awareness (e.g., Knowing contemporary access bandwidth). In this work we present details of the architectural support for in-network services within Mobility First, and propose protocol and service-API extensions to flexibly address these pluggable services from end-points. As a demonstrative example, we implement an in network service that does rate adaptation when delivering video streams to mobile devices that experience variable connection quality. We present details of our deployment and evaluation of the non-IP protocols along with compute-layer extensions on the GENI test bed, where we used a set of programmable nodes across 7 distributed sites to configure a Mobility First network with hosts, routers, and in-network compute services.