-
QuIP: A P4 Quantum Internet Protocol Prototyping Framework
Authors:
Wojciech Kozlowski,
Fernando A. Kuipers,
Rob Smets,
Belma Turkovic
Abstract:
Quantum entanglement is so fundamentally different from a network packet that several quantum network stacks have been proposed; one of which has even been experimentally demonstrated. Several simulators have also been developed to make up for limited hardware availability, and which facilitate the design and evaluation of quantum network protocols. However, the lack of shared tooling and communit…
▽ More
Quantum entanglement is so fundamentally different from a network packet that several quantum network stacks have been proposed; one of which has even been experimentally demonstrated. Several simulators have also been developed to make up for limited hardware availability, and which facilitate the design and evaluation of quantum network protocols. However, the lack of shared tooling and community-agreed node architectures has resulted in protocol implementations that are tightly coupled to their simulators. Besides limiting their reusability between different simulators, it also makes building upon prior results and simulations difficult. To address this problem, we have developed QuIP: a P4-based Quantum Internet Protocol prototyping framework for quantum network protocol design. QuIP is a framework for designing and implementing quantum network protocols in a platform-agnostic fashion. It achieves this by providing the means to flexibly, but rigorously, define device architectures against which quantum network protocols can be implemented in the network programming language P4$_{16}$. QuIP also comes with the necessary tooling to enable their execution in existing quantum network simulators. We demonstrate its use by showcasing V1Quantum, a completely new device architecture, implementing a link- and network-layer protocol, and simulating it in the existing simulator NetSquid.
△ Less
Submitted 20 June, 2024;
originally announced June 2024.
-
Adaptive Resource Allocation for Virtualized Base Stations in O-RAN with Online Learning
Authors:
Michail Kalntis,
George Iosifidis,
Fernando A. Kuipers
Abstract:
Open Radio Access Network systems, with their virtualized base stations (vBSs), offer operators the benefits of increased flexibility, reduced costs, vendor diversity, and interoperability. Optimizing the allocation of resources in a vBS is challenging since it requires knowledge of the environment, (i.e., "external'' information), such as traffic demands and channel quality, which is difficult to…
▽ More
Open Radio Access Network systems, with their virtualized base stations (vBSs), offer operators the benefits of increased flexibility, reduced costs, vendor diversity, and interoperability. Optimizing the allocation of resources in a vBS is challenging since it requires knowledge of the environment, (i.e., "external'' information), such as traffic demands and channel quality, which is difficult to acquire precisely over short intervals of a few seconds. To tackle this problem, we propose an online learning algorithm that balances the effective throughput and vBS energy consumption, even under unforeseeable and "challenging'' environments; for instance, non-stationary or adversarial traffic demands. We also develop a meta-learning scheme, which leverages the power of other algorithmic approaches, tailored for more "easy'' environments, and dynamically chooses the best performing one, thus enhancing the overall system's versatility and effectiveness. We prove the proposed solutions achieve sub-linear regret, providing zero average optimality gap even in challenging environments. The performance of the algorithms is evaluated with real-world data and various trace-driven evaluations, indicating savings of up to 64.5% in the power consumption of a vBS compared with state-of-the-art benchmarks.
△ Less
Submitted 4 September, 2023;
originally announced September 2023.
-
Future Computer Systems and Networking Research in the Netherlands: A Manifesto
Authors:
Alexandru Iosup,
Fernando Kuipers,
Ana Lucia Varbanescu,
Paola Grosso,
Animesh Trivedi,
Jan Rellermeyer,
Lin Wang,
Alexandru Uta,
Francesco Regazzoni
Abstract:
Our modern society and competitive economy depend on a strong digital foundation and, in turn, on sustained research and innovation in computer systems and networks (CompSys). With this manifesto, we draw attention to CompSys as a vital part of ICT. Among ICT technologies, CompSys covers all the hardware and all the operational software layers that enable applications; only application-specific de…
▽ More
Our modern society and competitive economy depend on a strong digital foundation and, in turn, on sustained research and innovation in computer systems and networks (CompSys). With this manifesto, we draw attention to CompSys as a vital part of ICT. Among ICT technologies, CompSys covers all the hardware and all the operational software layers that enable applications; only application-specific details, and often only application-specific algorithms, are not part of CompSys. Each of the Top Sectors of the Dutch Economy, each route in the National Research Agenda, and each of the UN Sustainable Development Goals pose challenges that cannot be addressed without groundbreaking CompSys advances. Looking at the 2030-2035 horizon, important new applications will emerge only when enabled by CompSys developments. Triggered by the COVID-19 pandemic, millions moved abruptly online, raising infrastructure scalability and data sovereignty issues; but governments processing social data and responsible social networks still require a paradigm shift in data sovereignty and sharing. AI already requires massive computer systems which can cost millions per training task, but the current technology leaves an unsustainable energy footprint including large carbon emissions. Computational sciences such as bioinformatics, and "Humanities for all" and "citizen data science", cannot become affordable and efficient until computer systems take a generational leap. Similarly, the emerging quantum internet depends on (traditional) CompSys to bootstrap operation for the foreseeable future. Large commercial sectors, including finance and manufacturing, require specialized computing and networking or risk becoming uncompetitive. And, at the core of Dutch innovation, promising technology hubs, deltas, ports, and smart cities, could see their promise stagger due to critical dependency on non-European technology.
△ Less
Submitted 26 May, 2022;
originally announced June 2022.
-
Heads in the Clouds: Measuring the Implications of Universities Migrating to Public Clouds
Authors:
Tobias Fiebig,
Seda Gürses,
Carlos H. Gañán,
Erna Kotkamp,
Fernando Kuipers,
Martina Lindorfer,
Menghua Prisse,
Taritha Sari
Abstract:
With the emergence of remote education and work in universities due to COVID-19, the `zoomification' of higher education, i.e., the migration of universities to the clouds, reached the public discourse. Ongoing discussions reason about how this shift will take control over students' data away from universities, and may ultimately harm the privacy of researchers and students alike. However, there h…
▽ More
With the emergence of remote education and work in universities due to COVID-19, the `zoomification' of higher education, i.e., the migration of universities to the clouds, reached the public discourse. Ongoing discussions reason about how this shift will take control over students' data away from universities, and may ultimately harm the privacy of researchers and students alike. However, there has been no comprehensive measurement of universities' use of public clouds and reliance on Software-as-a-Service offerings to assess how far this migration has already progressed.
We perform a longitudinal study of the migration to public clouds among universities in the U.S. and Europe, as well as institutions listed in the Times Higher Education (THE) Top100 between January 2015 and October. We find that cloud adoption differs between countries, with one cluster (Germany, France, Austria, Switzerland) showing a limited move to clouds, while the other (U.S., U.K, the Netherlands, THE Top100) frequently outsources universities' core functions and services -- starting long before the COVID-19 pandemic. We attribute this clustering to several socio-economic factors in the respective countries, including the general culture of higher education and the administrative paradigm taken towards running universities. We then analyze and interpret our results, finding that the implications reach beyond individuals' privacy towards questions of academic independence and integrity.
△ Less
Submitted 23 August, 2023; v1 submitted 19 April, 2021;
originally announced April 2021.
-
A P4 Data Plane for the Quantum Internet
Authors:
Wojciech Kozlowski,
Fernando Kuipers,
Stephanie Wehner
Abstract:
The quantum technology revolution brings with it the promise of a quantum internet. A new -- quantum -- network stack will be needed to account for the fundamentally new properties of quantum entanglement. The first realisations of quantum networks are imminent and research interest in quantum network protocols has started growing. In the non-quantum world, programmable data planes have broken the…
▽ More
The quantum technology revolution brings with it the promise of a quantum internet. A new -- quantum -- network stack will be needed to account for the fundamentally new properties of quantum entanglement. The first realisations of quantum networks are imminent and research interest in quantum network protocols has started growing. In the non-quantum world, programmable data planes have broken the pattern of ossification of the protocol stack and enabled a new -- software-defined -- network software architecture. Similarly, a programmable quantum data plane could pave the way for a software-defined quantum network architecture. In this paper, we demonstrate how we use P4$_{16}$ to explore abstractions and device architectures for quantum networks.
△ Less
Submitted 21 October, 2020;
originally announced October 2020.
-
GP4P4: Enabling Self-Programming Networks
Authors:
Mohammad Riftadi,
Jorik Oostenbrink,
Fernando Kuipers
Abstract:
Recent advances in programmable switches have enabled network operators to build high-speed customized network functions. Although this is an important step towards self-* networks, operators are now faced with the burden of learning a new language and maintaining a repository of network function code. Inspired by the Intent-Based Networking paradigm, we propose a new framework, GP4P4: a genetic p…
▽ More
Recent advances in programmable switches have enabled network operators to build high-speed customized network functions. Although this is an important step towards self-* networks, operators are now faced with the burden of learning a new language and maintaining a repository of network function code. Inspired by the Intent-Based Networking paradigm, we propose a new framework, GP4P4: a genetic programming approach able to autonomously generate programs for P4-programmable switches directly from network intents. We demonstrate that GP4P4 is able to generate various small network functions in up to a few minutes; an important first step towards realizing the vision of `Self-Driving' networks.
△ Less
Submitted 2 October, 2019;
originally announced October 2019.
-
Fifty Shades of Congestion Control: A Performance and Interactions Evaluation
Authors:
Belma Turkovic,
Fernando A. Kuipers,
Steve Uhlig
Abstract:
Congestion control algorithms are crucial in achieving high utilization while preventing overloading the network. Over the years, many different congestion control algorithms have been developed, each trying to improve in specific situations. However, their interactions and co-existence has, to date, not been thoroughly evaluated, which is the focus of this paper. Through head-to-head comparisons…
▽ More
Congestion control algorithms are crucial in achieving high utilization while preventing overloading the network. Over the years, many different congestion control algorithms have been developed, each trying to improve in specific situations. However, their interactions and co-existence has, to date, not been thoroughly evaluated, which is the focus of this paper. Through head-to-head comparisons of representatives from loss-based, delay-based and hybrid types of congestion control algorithms, we reveal that fairness in resources claimed is often not attained, especially when flows sharing a link have different RTTs.
△ Less
Submitted 9 March, 2019;
originally announced March 2019.
-
Detecting Heavy Hitters in the Data-plane
Authors:
Belma Turkovic,
Jorik Oostenbrink,
Fernando Kuipers
Abstract:
The ability to detect, in real-time, heavy hitters is beneficial to many network applications, such as DoS and anomaly detection. Through programmable languages as P4, heavy hitter detection can be implemented directly in the data-plane, allowing custom actions to be applied to packets as they are processed at a network node. This enables networks to immediately respond to changes in network traff…
▽ More
The ability to detect, in real-time, heavy hitters is beneficial to many network applications, such as DoS and anomaly detection. Through programmable languages as P4, heavy hitter detection can be implemented directly in the data-plane, allowing custom actions to be applied to packets as they are processed at a network node. This enables networks to immediately respond to changes in network traffic in the data-plane itself and allows for different QoS profiles for heavy hitter and non-heavy hitter traffic.
Current interval-based methods that flush the whole counting structure are not well-suited for programmable hardware (the data-plane), because they either require more resources than available in that hardware, they do not provide good accuracy, or require too many actions from the control-plane. A sliding window approach that maintains accuracy over time would solve these issues. However, to the best of our knowledge, the concept of sliding windows in programmable hardware has not been studied yet.
In this paper, we develop streaming approaches to detect heavy hitters in the data-plane. We consider the problems of (1) adopting a sliding window and (2) identifying heavy hitters separately and propose multiple memory- and processing-efficient solutions for each of them. These solutions are suitable for P4 programmable hardware and can be combined at will to solve the streaming variant of the heavy hitter detection problem.
△ Less
Submitted 19 February, 2019;
originally announced February 2019.
-
ThingPot: an interactive Internet-of-Things honeypot
Authors:
Meng Wang,
Javier Santillan,
Fernando Kuipers
Abstract:
The Mirai Distributed Denial-of-Service (DDoS) attack exploited security vulnerabilities of Internet-of-Things (IoT) devices and thereby clearly signalled that attackers have IoT on their radar. Securing IoT is therefore imperative, but in order to do so it is crucial to understand the strategies of such attackers. For that purpose, in this paper, a novel IoT honeypot called ThingPot is proposed a…
▽ More
The Mirai Distributed Denial-of-Service (DDoS) attack exploited security vulnerabilities of Internet-of-Things (IoT) devices and thereby clearly signalled that attackers have IoT on their radar. Securing IoT is therefore imperative, but in order to do so it is crucial to understand the strategies of such attackers. For that purpose, in this paper, a novel IoT honeypot called ThingPot is proposed and deployed. Honeypot technology mimics devices that might be exploited by attackers and logs their behavior to detect and analyze the used attack vectors. ThingPot is the first of its kind, since it focuses not only on the IoT application protocols themselves, but on the whole IoT platform. A Proof-of-Concept is implemented with XMPP and a REST API, to mimic a Philips Hue smart lighting system. ThingPot has been deployed for 1.5 months and through the captured data we have found five types of attacks and attack vectors against smart devices. The ThingPot source code is made available as open source.
△ Less
Submitted 11 July, 2018;
originally announced July 2018.
-
Designing virus-resistant, high-performance networks: a game-formation approach
Authors:
Stojan Trajanovski,
Fernando A. Kuipers,
Yezekael Hayel,
Eitan Altman,
Piet Van Mieghem
Abstract:
Designing an optimal network topology while balancing multiple, possibly conflicting objectives like cost, performance, and resiliency to viruses is a challenging endeavor, let alone in the case of decentralized network formation. We therefore propose a game-formation technique where each player aims to minimize its cost in installing links, the probability of being infected by a virus and the sum…
▽ More
Designing an optimal network topology while balancing multiple, possibly conflicting objectives like cost, performance, and resiliency to viruses is a challenging endeavor, let alone in the case of decentralized network formation. We therefore propose a game-formation technique where each player aims to minimize its cost in installing links, the probability of being infected by a virus and the sum of hopcounts on its shortest paths to all other nodes.
In this article, we (1) determine the Nash Equilibria and the Price of Anarchy for our novel network formation game, (2) demonstrate that the Price of Anarchy (PoA) is usually low, which suggests that (near-)optimal topologies can be formed in a decentralized way, and (3) give suggestions for practitioners for those cases where the PoA is high and some centralized control/incentives are advisable.
△ Less
Submitted 1 October, 2017; v1 submitted 19 August, 2017;
originally announced August 2017.
-
LoRaWAN in the Wild: Measurements from The Things Network
Authors:
Norbert Blenn,
Fernando Kuipers
Abstract:
The Long-Range Wide-Area Network (LoRaWAN) specification was released in 2015, primarily to support the Internet-of-Things by facilitating wireless communication over long distances. Since 2015, the role-out and adoption of LoRaWAN has seen a steep growth. To the best of our knowledge, we are the first to have extensively measured, analyzed, and modeled the performance, features, and use cases of…
▽ More
The Long-Range Wide-Area Network (LoRaWAN) specification was released in 2015, primarily to support the Internet-of-Things by facilitating wireless communication over long distances. Since 2015, the role-out and adoption of LoRaWAN has seen a steep growth. To the best of our knowledge, we are the first to have extensively measured, analyzed, and modeled the performance, features, and use cases of an operational LoRaWAN, namely The Things Network. Our measurement data, as presented in this paper, cover the early stages up to the production-level deployment of LoRaWAN. In particular, we analyze packet payloads, radio-signal quality, and spatio-temporal aspects, to model and estimate the performance of LoRaWAN. We also use our empirical findings in simulations to estimate the packet-loss.
△ Less
Submitted 9 June, 2017;
originally announced June 2017.
-
Fast failover of multicast sessions in software-defined networks
Authors:
Jorik Oostenbrink,
Niels L. M. van Adrichem,
Fernando A. Kuipers
Abstract:
With the rapid growth of services that stream to groups of users comes an increased importance of and demand for reliable multicast. In this paper, we turn to software-defined networking and develop a novel general-purpose multi-failure protection algorithm to provide quick failure recovery, via Fast Failover (FF) groups, for dynamic multicast groups. This extends previous research, which either c…
▽ More
With the rapid growth of services that stream to groups of users comes an increased importance of and demand for reliable multicast. In this paper, we turn to software-defined networking and develop a novel general-purpose multi-failure protection algorithm to provide quick failure recovery, via Fast Failover (FF) groups, for dynamic multicast groups. This extends previous research, which either could not realize fast failover, worked only for single link failures, or was only applicable to static multicast groups. However, while FF is know to be fast, it requires pre-installing back-up rules. These additional memory requirements, which in a multicast setting are even more pronounced than for unicast, are often mentioned as a big disadvantage of using FF.
We develop an OpenFlow application for resilient multicast, with which we study FF resource usage, in an attempt to better understand the trade-off between recovery time and resource usage. Our tests on a realistic network suggest that using FF groups can reduce the recovery time of the network significantly compared to other methods, especially when the latency between the controller and the switches is relatively large.
△ Less
Submitted 27 January, 2017;
originally announced January 2017.
-
Computing backup forwarding rules in Software-Defined Networks
Authors:
Niels L. M. van Adrichem,
Farabi Iqbal,
Fernando A. Kuipers
Abstract:
The past century of telecommunications has shown that failures in networks are prevalent. Although much has been done to prevent failures, network nodes and links are bound to fail eventually. Failure recovery processes are therefore needed. Failure recovery is mainly influenced by (1) detection of the failure, and (2) circumvention of the detected failure. However, especially in SDNs where contro…
▽ More
The past century of telecommunications has shown that failures in networks are prevalent. Although much has been done to prevent failures, network nodes and links are bound to fail eventually. Failure recovery processes are therefore needed. Failure recovery is mainly influenced by (1) detection of the failure, and (2) circumvention of the detected failure. However, especially in SDNs where controllers recompute network state reactively, this leads to high delays. Hence, next to primary rules, backup rules should be installed in the switches to quickly detour traffic once a failure occurs. In this work, we propose algorithms for computing an all-to-all primary and backup network forwarding configuration that is capable of circumventing link and node failures. Omitting the high delay invoked by controller recomputation through preconfiguration, our proposal's recovery delay is close to the detection time which is significantly below the 50 ms rule of thumb. After initial recovery, we recompute network configuration to guarantee protection from future failures. Our algorithms use packet-labeling to guarantee correct and shortest detour forwarding. The algorithms and labeling technique allow packets to return to the primary path and are able to discriminate between link and node failures. The computational complexity of our solution is comparable to that of all-to-all-shortest paths computations. Our experimental evaluation on both real and generated networks shows that network configuration complexity highly decreases compared to classic disjoint paths computations. Finally, we provide a proof-of-concept OpenFlow controller in which our proposed configuration is implemented, demonstrating that it readily can be applied in production networks.
△ Less
Submitted 30 May, 2016;
originally announced May 2016.
-
Optimization Problems in Correlated Networks
Authors:
Song Yang,
Stojan Trajanovski,
Fernando A. Kuipers
Abstract:
Solving the shortest path and the min-cut problems are key in achieving high performance and robust communication networks. Those problems have often beeny studied in deterministic and independent networks both in their original formulations as well as in several constrained variants. However, in real-world networks, link weights (e.g., delay, bandwidth, failure probability) are often correlated d…
▽ More
Solving the shortest path and the min-cut problems are key in achieving high performance and robust communication networks. Those problems have often beeny studied in deterministic and independent networks both in their original formulations as well as in several constrained variants. However, in real-world networks, link weights (e.g., delay, bandwidth, failure probability) are often correlated due to spatial or temporal reasons, and these correlated link weights together behave in a different manner and are not always additive.
In this paper, we first propose two correlated link-weight models, namely (i) the deterministic correlated model and (ii) the (log-concave) stochastic correlated model. Subsequently, we study the shortest path problem and the min-cut problem under these two correlated models. We prove that these two problems are NP-hard under the deterministic correlated model, and even cannot be approximated to arbitrary degree in polynomial time. However, these two problems are polynomial-time solvable under the (constrained) nodal deterministic correlated model, and can be solved by convex optimization under the (log-concave) stochastic correlated model.
△ Less
Submitted 31 January, 2016; v1 submitted 24 February, 2015;
originally announced February 2015.
-
Scalability and Resilience of Software-Defined Networking: An Overview
Authors:
Benjamin J. van Asten,
Niels L. M. van Adrichem,
Fernando A. Kuipers
Abstract:
Software-Defined Networking (SDN) allows to control the available network resources by an intelligent and centralized authority in order to optimize traffic flows in a flexible manner. However, centralized control may face scalability issues when the network size or the number of traffic flows increases. Also, a centralized controller may form a single point of failure, thereby affecting the netwo…
▽ More
Software-Defined Networking (SDN) allows to control the available network resources by an intelligent and centralized authority in order to optimize traffic flows in a flexible manner. However, centralized control may face scalability issues when the network size or the number of traffic flows increases. Also, a centralized controller may form a single point of failure, thereby affecting the network resilience.
This article provides an overview of SDN that focuses on (1) scalability concerning the increased control overhead faced by a central controller, and (2) resiliency in terms of protection against controller failure, network topology failure and security in terms of malicious attacks.
△ Less
Submitted 28 August, 2014;
originally announced August 2014.