2019
Nadig, Deepak; Ramamurthy, Byrav
Securing Large-scale Data Transfers in Campus Networks: Experiences, Issues, and Challenges Proceedings Article
In: Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 29–32, ACM, New York, NY, USA, 2019, ISBN: 978-1-4503-6179-8, (event-place: Richardson, Texas, USA).
Abstract | BibTeX | Tags: application-awareness, data-intensive science, network functions virtualization, security, software defined networks | Links:
@inproceedings{nadig_securing_2019,
title = {Securing Large-scale Data Transfers in Campus Networks: Experiences, Issues, and Challenges},
author = {Deepak Nadig and Byrav Ramamurthy},
url = {http://doi.acm.org/10.1145/3309194.3309444},
doi = {10.1145/3309194.3309444},
isbn = {978-1-4503-6179-8},
year = {2019},
date = {2019-01-01},
urldate = {2019-03-28},
booktitle = {Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization},
pages = {29--32},
publisher = {ACM},
address = {New York, NY, USA},
series = {SDN-NFVSec '19},
abstract = {Increasingly, campus networks manage a multitude of large-scale data transfers. Big data plays a pivotal role in university research and impacts domains such as engineering, agriculture, natural sciences, and humanities. Over the years, numerous solutions have been proposed to manage and secure large-scale data transfers efficiently. Examples consist of the inclusion of security policies at the network edge, optimized middlebox management, and the Science Demilitarized Zone (Science DMZ). These solutions either severely degrade data transfer performance or result in data flows completely bypassing the campus network security controls. In this paper, we present our experience with the design, development, and management of large-scale data transfers using software defined networking (SDN) and network functions virtualization (NFV). We also discuss the issues and challenges associated with securing large-scale data transfers in campus networks.},
note = {event-place: Richardson, Texas, USA},
keywords = {application-awareness, data-intensive science, network functions virtualization, security, software defined networks},
pubstate = {published},
tppubtype = {inproceedings}
}
2018
Nadig, D.; Ramamurthy, B.; Bockelman, B.; Swanson, D.
Optimized Service Chain Mapping and reduced flow processing with Application-Awareness Proceedings Article
In: 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft), pp. 303–307, 2018.
Abstract | BibTeX | Tags: AAFR algorithm, application-aware flow reduction algorithm, application-awareness, Bandwidth, capacitated-SFC mapping case, capacitated/uncapacitated flow, cloud computing, commercial-off-the-shelf hardware, computer centres, Conferences, cost gains, data center, Data centers, Data models, flow processing cost, flow-processing costs, flow-to-SFC mappings, integer linear programming formulation, integer programming, Internet, linear programming, multiple data centers, network function virtualization, network functions, network functions virtualization, optimally map service function chains, optimized service chain mapping, security, Service Chaining, service function chains, SFC mapping, SFC mapping problem, SFC-ILP, software defined networks, Substrates, virtualisation, virtualized services | Links:
@inproceedings{nadig_optimized_2018,
title = {Optimized Service Chain Mapping and reduced flow processing with Application-Awareness},
author = {D. Nadig and B. Ramamurthy and B. Bockelman and D. Swanson},
url = {https://deepaknadig.com/wp-content/uploads/2021/09/Nadig-et-al.-2018-Optimized-Service-Chain-Mapping-and-reduced-flow-p.pdf},
doi = {10.1109/NETSOFT.2018.8459912},
year = {2018},
date = {2018-06-01},
urldate = {2018-06-01},
booktitle = {2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft)},
pages = {303--307},
abstract = {Network Function Virtualization (NFV) brings a new set of challenges when deploying virtualized services on commercial-off-the-shelf (COTS) hardware. Network functions can be dynamically managed to provide the necessary services on-demand and further, services can be chained together to form a larger composite. In this paper, we address an important technical problem of mapping service function chains (SFCs) across different data centers with the objective of reducing the flow processing costs. We develop an integer linear programming (ILP) formulation to optimally map service function chains to multiple data centers while adhering to the data center's capacity constraints. We propose a novel application-aware flow reduction (AAFR) algorithm to simplify the SFC-ILP to significantly reduce the number of flows processed by the SFCs. We perform a thorough study of the SFC mapping problem for multiple data centers and evaluate the performance of our proposed approach with respect to three parameters: i) impact of number of SFCs and SFC length on flow processing cost, ii) capacitated/uncapacitated flow processing cost gains, and iii) balancing flow-to-SFC mappings across data centers. Our evaluations show that our proposed AAFR algorithm reduces flow-processing costs by 70% for the capacitated-SFC mapping case over the SFC-ILP. In addition, our uncapacitated AAFR (AAFR-U) algorithm provides a further 4.1% cost-gain over its capacitated counterpart (AAFR-C).},
keywords = {AAFR algorithm, application-aware flow reduction algorithm, application-awareness, Bandwidth, capacitated-SFC mapping case, capacitated/uncapacitated flow, cloud computing, commercial-off-the-shelf hardware, computer centres, Conferences, cost gains, data center, Data centers, Data models, flow processing cost, flow-processing costs, flow-to-SFC mappings, integer linear programming formulation, integer programming, Internet, linear programming, multiple data centers, network function virtualization, network functions, network functions virtualization, optimally map service function chains, optimized service chain mapping, security, Service Chaining, service function chains, SFC mapping, SFC mapping problem, SFC-ILP, software defined networks, Substrates, virtualisation, virtualized services},
pubstate = {published},
tppubtype = {inproceedings}
}