A Survey of Security in Software Defined Networks

The proposition of increased innovation in network applications and reduced cost for network operators has won over the networking world to the vision of Software-Defined Networking (SDN). With the excitement of holistic visibility across the network and the ability to program network devices, developers have rushed to present a range of new SDN-compliant hardware, software and services. However, amidst this frenzy of activity, one key element has only recently entered the debate: Network Security. In this article, security in SDN is surveyed presenting both the research community and industry advances in this area. The challenges to securing the network from the persistent attacker are discussed and the holistic approach to the security architecture that is required for SDN is described. Future research directions that will be key to providing network security in SDN are identified.

Modeling of titanium alloys by using artificial neural networks

Titanium alloy exhibits an excellent combination of bio-compatibility, corrosion resistance, strength and toughness. The microstructure of an alloy influences the properties. The microstructures depend mainly on alloying elements, method of production, mechanical, and thermal treatments. The relationships between these variables and final properties of the alloy are complex, non-linear in nature, which is the biggest hurdle in developing proper correlations between them by conventional methods. So, we developed artificial neural networks (ANN) models for solving these complex phenomena in titanium alloys.

In the present work, ANN models were used for the analysis and prediction of the correlation between the process parameters, the alloying elements, microstructural features, beta transus temperature and mechanical properties in titanium alloys. Sensitivity analysis of trained neural network models were studied which resulted a better understanding of relationships between inputs and outputs. The model predictions and the analysis are well in agreement with the experimental results. The simulation results show that the average output-prediction error by models are less than 5% of the prediction range in more than 95% of the cases, which is quite acceptable for all metallurgical purposes.

Asset Tracking in Critical Power Communications Infrastructures using Passive Techniques

Active network scanning injects traffic into a network and observes responses to draw conclusions about the network. Passive network analysis works by looking at network meta data or by analyzing traffic as it traverses a fixed point on the network. It may be infeasible or inappropriate to scan critical infrastructure networks. Techniques exist to uniquely map assets without resorting to active scanning. In many cases, it is possible to characterize and identify network nodes by passively analyzing traffic flows. These techniques are considered in particular with respect to their application to power industry critical infrastructure.

Two-Stage Orthogonal Least Squares Methods for Neural Network Construction

A number of neural networks can be formulated as the linear-in-the-parameters models. Training such networks can be transformed to a model selection problem where a compact model is selected from all the candidates using subset selection algorithms. Forward selection methods are popular fast subset selection approaches. However, they may only produce suboptimal models and can be trapped into a local minimum. More recently, a two-stage fast recursive algorithm (TSFRA) combining forward selection and backward model refinement has been proposed to improve the compactness and generalization performance of the model. This paper proposes unified two-stage orthogonal least squares methods instead of the fast recursive-based methods. In contrast to the TSFRA, this paper derives a new simplified relationship between the forward and the backward stages to avoid repetitive computations using the inherent orthogonal properties of the least squares methods. Furthermore, a new term exchanging scheme for backward model refinement is introduced to reduce computational demand. Finally, given the error reduction ratio criterion, effective and efficient forward and backward subset selection procedures are proposed. Extensive examples are presented to demonstrate the improved model compactness constructed by the proposed technique in comparison with some popular methods.

Secure data networks for electrical distribution applications

Smart Grids are characterized by the application of information communication technology (ICT) to solve electrical energy challenges. Electric power networks span large geographical areas, thus a necessary component of many Smart Grid applications is a wide area network (WAN). For the Smart Grid to be successful, utilities must be confident that the communications infrastructure is secure. This paper describes how a WAN can be deployed using WiMAX radio technology to provide high bandwidth communications to areas not commonly served by utility communications, such as generators embedded in the distribution network. A planning exercise is described, using Northern Ireland as a case study. The suitability of the technology for real-time applications is assessed using experimentally obtained latency data.

Ultra-Wideband Communications - An idea whose time has still yet to come? [Wireless Corner]

This paper presents a critical analysis of ultrawideband (UWB) and considers the turbulent journey it has had from the Federal Communications Commission's bandwidth allocation in 2002 to today. It analyzes the standards, the standoffs, and the stalemate in standardization activities and investigates the past and present research and commercial activities in realizing the UWB dream. In this paper, statistical evidence is presented to depict UWB's changing fortunes and is utilized as an indicator of future prominence. This paper reviews some of the opinions and remarks from commentators and analyzes predictions that were made. Finally, it presents possible ways forward to reignite the high-data-rate UWB standardization pursuit.

Per-Flow State Management Technique for High-Speed Networks

Flow processing is a fundamental element of stateful traffic classification and it has been recognized as an essential factor for delivering today’s application-aware network operations and security services. The basic function within a flow processing engine is to search and maintain a flow table, create new flow entries if no entry matches and associate each entry with flow states and actions for future queries. Network state information on a per-flow basis must be managed in an efficient way to enable Ethernet frame transmissions at 40 Gbit/s (Gbps) and 100 Gbps in the near future. This paper presents a hardware solution of flow state management for implementing large-scale flow tables on popular computer memories using DDR3 SDRAMs. Working with a dedicated flow lookup table at over 90 million lookups per second, the proposed system is able to manage 512-bit state information at run time.

Towards an Improved Phasor Measurement Unit Data Communications Framework

This paper discusses a proposed new communications framework for phasor measurement units (PMU) optimized for use on wide area networks. Traditional PMU telecoms have been optimized for use in environments where bandwidth is restricted. The new method takes the reliability of the telecommunications medium into account and provides guaranteed delivery of data whilst optimizing for realtime delivery of the most current data. Other important aspects, such as security, are also considered.

Enabling Robust and Efficient Distributed Computation in Dynamic Peer-to-Peer Networks

Motivated by the need for designing efficient and robust fully-distributed computation in highly dynamic networks such as Peer-to-Peer (P2P) networks, we study distributed protocols for constructing and maintaining dynamic network topologies with good expansion properties. Our goal is to maintain a sparse (bounded degree) expander topology despite heavy {\em churn} (i.e., nodes joining and leaving the network continuously over time). We assume that the churn is controlled by an adversary that has complete knowledge and control of what nodes join and leave and at what time and has unlimited computational power, but is oblivious to the random choices made by the algorithm. Our main contribution is a randomized distributed protocol that guarantees with high probability the maintenance of a {\em constant} degree graph with {\em high expansion} even under {\em continuous high adversarial} churn. Our protocol can tolerate a churn rate of up to $O(n/\poly\log(n))$ per round (where $n$ is the stable network size). Our protocol is efficient, lightweight, and scalable, and it incurs only $O(\poly\log(n))$ overhead for topology maintenance: only polylogarithmic (in $n$) bits needs to be processed and sent by each node per round and any node's computation cost per round is also polylogarithmic. The given protocol is a fundamental ingredient that is needed for the design of efficient fully-distributed algorithms for solving fundamental distributed computing problems such as agreement, leader election, search, and storage in highly dynamic P2P networks and enables fast and scalable algorithms for these problems that can tolerate a large amount of churn.

Fast Byzantine Leader Election in Dynamic Networks

We study the fundamental Byzantine leader election problem in dynamic networks where the topology can change from round to round and nodes can also experience heavy {\em churn} (i.e., nodes can join and leave the network continuously over time). We assume the full information model where the Byzantine nodes have complete knowledge about the entire state of the network at every round (including random choices made by all the nodes), have unbounded computational power and can deviate arbitrarily from the protocol. The churn is controlled by an adversary that has complete knowledge and control over which nodes join and leave and at what times and also may rewire the topology in every round and has unlimited computational power, but is oblivious to the random choices made by the algorithm. Our main contribution is an $O(\log^3 n)$ round algorithm that achieves Byzantine leader election under the presence of up to $O({n}^{1/2 - \epsilon})$ Byzantine nodes (for a small constant $\epsilon > 0$) and a churn of up to \\$O(\sqrt{n}/\poly\log(n))$ nodes per round (where $n$ is the stable network size).The algorithm elects a leader with probability at least $1-n^{-\Omega(1)}$ and guarantees that it is an honest node with probability at least $1-n^{-\Omega(1)}$; assuming the algorithm succeeds, the leader's identity will be known to a $1-o(1)$ fraction of the honest nodes. Our algorithm is fully-distributed, lightweight, and is simple to implement. It is also scalable, as it runs in polylogarithmic (in $n$) time and requires nodes to send and receive messages of only polylogarithmic size per round.To the best of our knowledge, our algorithm is the first scalable solution for Byzantine leader election in a dynamic network with a high rate of churn; our protocol can also be used to solve Byzantine agreement in a straightforward way.We also show how to implement an (almost-everywhere) public coin with constant bias in a dynamic network with Byzantine nodes and provide a mechanism for enabling honest nodes to store information reliably in the network, which might be of independent interest.

DEX: self-healing expanders

Dual-Hop Cognitive Amplify-and-Forward Relaying Networks over η− μ Fading Channels

This paper presents a thorough performance analysis of dual-hop cognitive amplify-and-forward (AF) relaying networks under spectrum-sharing mechanism over independent non-identically distributed (i.n.i.d.) 􀀀 fading channels. In order to guarantee the quality-of-service (QoS) of primary networks, both maximum tolerable peak interference power Q at the primary users (PUs) and maximum allowable transmit power P at secondary users (SUs) are considered to constrain transmit power at the cognitive transmitters. For integer-valued fading parameters, a closed-form lower bound for the outage probability (OP) of the considered networks is obtained. Moreover, assuming arbitrary-valued fading parameters, the lower bound in integral form for the OP is derived. In order to obtain further insights on the OP performance, asymptotic expressions for the OP at high SNRs are derived, from which the diversity/coding gains and the diversity-multiplexing gain tradeoff (DMT) of the secondary network can be readily deduced. It is shown that the diversity gain and also the DMT are solely determined by the fading parameters of the secondary network whereas the primary network only affects the coding gain. The derived results include several others available in previously published works as special cases, such as those for Nakagami-m fading channels. In addition, performance evaluation results have been obtained by Monte Carlo computer simulations which have verified the accuracy of the theoretical analysis.

Secure Switch-and-Stay Combining (SSSC) for Cognitive Relay Networks

In this paper, we study a two-phase underlay cognitive relay network, where there exists an eavesdropper who can overhear the message. The secure data transmission from the secondary source to secondary destination is assisted by two decode-and-forward (DF) relays. Although the traditional opportunistic relaying technique can choose one relay to provide the best secure performance, it needs to continuously have the channel state information (CSI) of both relays, and may result in a high relay switching rate. To overcome these limitations, a secure switch-and-stay combining (SSSC) protocol is proposed where only one out of the two relays is activated to assist the secure data transmission, and the secure relay switching occurs when the relay cannot support the secure communication any longer. This security switching is assisted by either instantaneous or statistical eavesdropping CSI. For these two cases, we study the system secure performance of SSSC protocol, by deriving the analytical secrecy outage probability as well as an asymptotic expression for the high main-to-eavesdropper ratio (MER) region. We show that SSSC can substantially reduce the system complexity while achieving or approaching the full diversity order of opportunistic relaying in the presence of the instantaneous or statistical eavesdropping CSI.

Statistical data correction for unreliable memories

In this paper, we introduce a statistical data-correction framework that aims at improving the DSP system performance in presence of unreliable memories. The proposed signal processing framework implements best-effort error mitigation for signals that are corrupted by defects in unreliable storage arrays using a statistical correction function extracted from the signal statistics, a data-corruption model, and an application-specific cost function. An application example to communication systems demonstrates the efficacy of the proposed approach.