-
Secure and Efficient Group Handover Protocol in 5G Non-Terrestrial Networks
Authors:
Bohan Zhang,
Peng Hu,
Ahmad Akbari Azirani,
Mohammad A. Salahuddin,
Diogo Barradas,
Noura Limam,
Raouf Boutaba
Abstract:
The growing low-Earth orbit (LEO) satellite constellations have become an essential part of the fifth-generation (5G) non-terrestrial network (NTN) market. These satellites can enable direct-to-cell connectivity for mobile devices and support various applications with ubiquitous coverage for 5G and beyond networks. However, satellite-based NTNs bring several challenges to the 5G handover protocol…
▽ More
The growing low-Earth orbit (LEO) satellite constellations have become an essential part of the fifth-generation (5G) non-terrestrial network (NTN) market. These satellites can enable direct-to-cell connectivity for mobile devices and support various applications with ubiquitous coverage for 5G and beyond networks. However, satellite-based NTNs bring several challenges to the 5G handover protocol design. The high mobility of satellites can lead to signaling storms and security compromises during handovers. This paper addresses these challenges by proposing a secure and efficient group handover protocol. The protocol's effectiveness is evaluated on a custom discrete-event simulator and compared against the baseline 5G handover scheme. The simulator is made publicly available.
△ Less
Submitted 20 March, 2024;
originally announced March 2024.
-
AutoML4ETC: Automated Neural Architecture Search for Real-World Encrypted Traffic Classification
Authors:
Navid Malekghaini,
Elham Akbari,
Mohammad A. Salahuddin,
Noura Limam,
Raouf Boutaba,
Bertrand Mathieu,
Stephanie Moteau,
Stephane Tuffin
Abstract:
Deep learning (DL) has been successfully applied to encrypted network traffic classification in experimental settings. However, in production use, it has been shown that a DL classifier's performance inevitably decays over time. Re-training the model on newer datasets has been shown to only partially improve its performance. Manually re-tuning the model architecture to meet the performance expecta…
▽ More
Deep learning (DL) has been successfully applied to encrypted network traffic classification in experimental settings. However, in production use, it has been shown that a DL classifier's performance inevitably decays over time. Re-training the model on newer datasets has been shown to only partially improve its performance. Manually re-tuning the model architecture to meet the performance expectations on newer datasets is time-consuming and requires domain expertise. We propose AutoML4ETC, a novel tool to automatically design efficient and high-performing neural architectures for encrypted traffic classification. We define a novel, powerful search space tailored specifically for the early classification of encrypted traffic using packet header bytes. We show that with different search strategies over our search space, AutoML4ETC generates neural architectures that outperform the state-of-the-art encrypted traffic classifiers on several datasets, including public benchmark datasets and real-world TLS and QUIC traffic collected from the Orange mobile network. In addition to being more accurate, AutoML4ETC's architectures are significantly more efficient and lighter in terms of the number of parameters. Finally, we make AutoML4ETC publicly available for future research.
△ Less
Submitted 13 October, 2023; v1 submitted 4 August, 2023;
originally announced August 2023.
-
Generalizable Resource Scaling of 5G Slices using Constrained Reinforcement Learning
Authors:
Muhammad Sulaiman,
Mahdieh Ahmadi,
Mohammad A. Salahuddin,
Raouf Boutaba,
Aladdin Saleh
Abstract:
Network slicing is a key enabler for 5G to support various applications. Slices requested by service providers (SPs) have heterogeneous quality of service (QoS) requirements, such as latency, throughput, and jitter. It is imperative that the 5G infrastructure provider (InP) allocates the right amount of resources depending on the slice's traffic, such that the specified QoS levels are maintained d…
▽ More
Network slicing is a key enabler for 5G to support various applications. Slices requested by service providers (SPs) have heterogeneous quality of service (QoS) requirements, such as latency, throughput, and jitter. It is imperative that the 5G infrastructure provider (InP) allocates the right amount of resources depending on the slice's traffic, such that the specified QoS levels are maintained during the slice's lifetime while maximizing resource efficiency. However, there is a non-trivial relationship between the QoS and resource allocation. In this paper, this relationship is learned using a regression-based model. We also leverage a risk-constrained reinforcement learning agent that is trained offline using this model and domain randomization for dynamically scaling slice resources while maintaining the desired QoS level. Our novel approach reduces the effects of network modeling errors since it is model-free and does not require QoS metrics to be mathematically formulated in terms of traffic. In addition, it provides robustness against uncertain network conditions, generalizes to different real-world traffic patterns, and caters to various QoS metrics. The results show that the state-of-the-art approaches can lead to QoS degradation as high as 44.5% when tested on previously unseen traffic. On the other hand, our approach maintains the QoS degradation below a preset 10% threshold on such traffic, while minimizing the allocated resources. Additionally, we demonstrate that the proposed approach is robust against varying network conditions and inaccurate traffic predictions.
△ Less
Submitted 15 June, 2023;
originally announced June 2023.
-
A Graph-Based Machine Learning Approach for Bot Detection
Authors:
Abbas Abou Daya,
Mohammad A. Salahuddin,
Noura Limam,
Raouf Boutaba
Abstract:
Bot detection using machine learning (ML), with network flow-level features, has been extensively studied in the literature. However, existing flow-based approaches typically incur a high computational overhead and do not completely capture the network communication patterns, which can expose additional aspects of malicious hosts. Recently, bot detection systems which leverage communication graph…
▽ More
Bot detection using machine learning (ML), with network flow-level features, has been extensively studied in the literature. However, existing flow-based approaches typically incur a high computational overhead and do not completely capture the network communication patterns, which can expose additional aspects of malicious hosts. Recently, bot detection systems which leverage communication graph analysis using ML have gained attention to overcome these limitations. A graph-based approach is rather intuitive, as graphs are true representations of network communications. In this paper, we propose a two-phased, graph-based bot detection system which leverages both unsupervised and supervised ML. The first phase prunes presumable benign hosts, while the second phase achieves bot detection with high precision. Our system detects multiple types of bots and is robust to zero-day attacks. It also accommodates different network topologies and is suitable for large-scale data.
△ Less
Submitted 22 February, 2019;
originally announced February 2019.
-
Softwarization of Internet of Things Infrastructure for Secure and Smart Healthcare
Authors:
Mohammad A. Salahuddin,
Ala Al-Fuqaha,
Mohsen Guizani,
Khaled Shuaib,
Farag Sallabi
Abstract:
We propose an agile softwarized infrastructure for flexible, cost effective, secure and privacy preserving deployment of Internet of Things (IoT) for smart healthcare applications and services. It integrates state-of-the-art networking and virtualization techniques across IoT, fog and cloud domains, employing Blockchain, Tor and message brokers to provide security and privacy for patients and heal…
▽ More
We propose an agile softwarized infrastructure for flexible, cost effective, secure and privacy preserving deployment of Internet of Things (IoT) for smart healthcare applications and services. It integrates state-of-the-art networking and virtualization techniques across IoT, fog and cloud domains, employing Blockchain, Tor and message brokers to provide security and privacy for patients and healthcare providers. We propose a novel platform using Machine-to-Machine (M2M) messaging and rule-based beacons for seamless data management and discuss the role of data and decision fusion in the cloud and the fog, respectively, for smart healthcare applications and services.
△ Less
Submitted 28 May, 2018;
originally announced May 2018.
-
Reinforcement Learning for Resource Provisioning in Vehicular Cloud
Authors:
Mohammad A. Salahuddin,
Ala Al-Fuqaha,
Mohsen Guizani
Abstract:
This article presents a concise view of vehicular clouds that incorporates various vehicular cloud models, which have been proposed, to date. Essentially, they all extend the traditional cloud and its utility computing functionalities across the entities in the vehicular ad hoc network (VANET). These entities include fixed road-side units (RSUs), on-board units (OBUs) embedded in the vehicle and p…
▽ More
This article presents a concise view of vehicular clouds that incorporates various vehicular cloud models, which have been proposed, to date. Essentially, they all extend the traditional cloud and its utility computing functionalities across the entities in the vehicular ad hoc network (VANET). These entities include fixed road-side units (RSUs), on-board units (OBUs) embedded in the vehicle and personal smart devices of the driver and passengers. Cumulatively, these entities yield abundant processing, storage, sensing and communication resources. However, vehicular clouds require novel resource provisioning techniques, which can address the intrinsic challenges of (i) dynamic demands for the resources and (ii) stringent QoS requirements. In this article, we show the benefits of reinforcement learning based techniques for resource provisioning in the vehicular cloud. The learning techniques can perceive long term benefits and are ideal for minimizing the overhead of resource provisioning for vehicular clouds.
△ Less
Submitted 28 May, 2018;
originally announced May 2018.
-
ADS: Adaptive and Dynamic Scaling Mechanism for Multimedia Conferencing Services in the Cloud
Authors:
Abbas Soltanian,
Diala Naboulsi,
Mohammad A. Salahuddin,
Roch Glitho,
Halima Elbiaze,
Constant Wette
Abstract:
Multimedia conferencing is used extensively in a wide range of applications, such as online games and distance learning. These applications need to efficiently scale the conference size as the number of participants fluctuates. Cloud is a technology that addresses the scalability issue. However, the proposed cloud-based solutions have several shortcomings in considering the future demand of applic…
▽ More
Multimedia conferencing is used extensively in a wide range of applications, such as online games and distance learning. These applications need to efficiently scale the conference size as the number of participants fluctuates. Cloud is a technology that addresses the scalability issue. However, the proposed cloud-based solutions have several shortcomings in considering the future demand of applications while meeting both Quality of Service (QoS) requirements and efficiency in resource usage. In this paper, we propose an Adaptive and Dynamic Scaling mechanism (ADS) for multimedia conferencing services in the cloud. This mechanism enables scalable and elastic resource allocation with respect to the number of participants. ADS produces a cost-efficient scaling schedule while considering the QoS requirements and the future demand of the conferencing service. We formulate the problem using Integer Linear Programming (ILP) and design a heuristic for it. Simulation results show that ADS mechanism elastically scales conferencing services. Moreover, the ADS heuristic is shown to outperform a greedy algorithm from a resource-efficiency perspective.
△ Less
Submitted 6 November, 2017;
originally announced November 2017.
-
RSU Cloud and its Resource Management in support of Enhanced Vehicular Applications
Authors:
Mohammad A. Salahuddin,
Ala Al-Fuqaha,
Mohsen Guizani,
Soumaya Cherkaoui
Abstract:
We propose Roadside Unit (RSU) Clouds as a novel way to offer non-safety application with QoS for VANETs. The architecture of RSU Clouds is delineated, and consists of traditional RSUs and specialized micro-datacenters and virtual machines (VMs) using Software Defined Networking (SDN). SDN offers the flexibility to migrate or replicate virtual services and reconfigure the data forwarding rules dyn…
▽ More
We propose Roadside Unit (RSU) Clouds as a novel way to offer non-safety application with QoS for VANETs. The architecture of RSU Clouds is delineated, and consists of traditional RSUs and specialized micro-datacenters and virtual machines (VMs) using Software Defined Networking (SDN). SDN offers the flexibility to migrate or replicate virtual services and reconfigure the data forwarding rules dynamically. However, frequent changes to service hosts and data flows not only result in degradation of services, but are also costly for service providers. In this paper, we use Mininet to analyze and formally quantify the reconfiguration overhead. Our unique RSU Cloud Resource Management (CRM) model jointly minimizes reconfiguration overhead, cost of service deployment and infrastructure routing delay. To the best of our knowledge, we are the first to utilize this approach. We compare the performance of purist approach to our Integer Linear Programming (ILP) model and our innovative heuristic for the CRM technique and discuss the results. We will show the benefits of a holistic approach in Cloud Resource Management with SDN.
△ Less
Submitted 21 June, 2017;
originally announced June 2017.
-
A Survey on Replica Server Placement Algorithms for Content Delivery Networks
Authors:
Jagruti Sahoo,
Mohammad A. Salahuddin,
Roch Glitho,
Halima Elbiaze,
Wessam Ajib
Abstract:
Content Delivery Networks (CDNs) have gained immense popularity over the years. Replica server placement is a key design issue in CDNs. It entails placing replica servers at meticulous locations, such that cost is minimized and Quality of Service (QoS) of end-users is satisfied. Many replica server placement models have been proposed in the literature of traditional CDN. As the CDN architecture is…
▽ More
Content Delivery Networks (CDNs) have gained immense popularity over the years. Replica server placement is a key design issue in CDNs. It entails placing replica servers at meticulous locations, such that cost is minimized and Quality of Service (QoS) of end-users is satisfied. Many replica server placement models have been proposed in the literature of traditional CDN. As the CDN architecture is evolving through the adoption of emerging paradigms, such as, cloud computing and Network Functions Virtualization (NFV), new algorithms are being proposed. In this paper, we present a comprehensive survey of replica server placement algorithms in traditional and emerging paradigm based CDNs. We categorize the algorithms and provide a summary of their characteristics. Besides, we identify requirements for an efficient replica server placement algorithm and perform a comparison in the light of the requirements. Finally, we discuss potential avenues for further research in replica server placement in CDNs.
△ Less
Submitted 6 November, 2016;
originally announced November 2016.
-
A Cloud Platform-as-a-Service for Multimedia Conferencing Service Provisioning
Authors:
Ahmad F. B. Alam,
Abbas Soltanian,
Sami Yangui,
Mohammad A. Salahuddin,
Roch Glitho,
Halima Elbiaze
Abstract:
Multimedia conferencing is the real-time exchange of multimedia content between multiple parties. It is the basis of a wide range of applications (e.g., multimedia multiplayer game). Cloud-based provisioning of the conferencing services on which these applications rely will bring benefits, such as easy service provisioning and elastic scalability. However, it remains a big challenge. This paper pr…
▽ More
Multimedia conferencing is the real-time exchange of multimedia content between multiple parties. It is the basis of a wide range of applications (e.g., multimedia multiplayer game). Cloud-based provisioning of the conferencing services on which these applications rely will bring benefits, such as easy service provisioning and elastic scalability. However, it remains a big challenge. This paper proposes a PaaS for conferencing service provisioning. The proposed PaaS is based on a business model from the state of the art. It relies on conferencing IaaSs that, instead of VMs, offer conferencing substrates (e.g., dial-in signaling, video mixer and audio mixer). The PaaS enables composition of new conferences from substrates on the fly. This has been prototyped in this paper and, in order to evaluate it, a conferencing IaaS is also implemented. Performance measurements are also made.
△ Less
Submitted 1 May, 2016;
originally announced May 2016.
-
A Resource Allocation Mechanism for Video Mixing as a Cloud Computing Service in Multimedia Conferencing Applications
Authors:
Abbas Soltanian,
Mohammad A. Salahuddin,
Halima Elbiaze,
Roch Glitho
Abstract:
Multimedia conferencing is the conversational exchange of multimedia content between multiple parties. It has a wide range of applications (e.g. Massively Multiplayer Online Games (MMOGs) and distance learning). Many multimedia conferencing applications use video extensively, thus video mixing in conferencing settings is of critical importance. Cloud computing is a technology that can solve the sc…
▽ More
Multimedia conferencing is the conversational exchange of multimedia content between multiple parties. It has a wide range of applications (e.g. Massively Multiplayer Online Games (MMOGs) and distance learning). Many multimedia conferencing applications use video extensively, thus video mixing in conferencing settings is of critical importance. Cloud computing is a technology that can solve the scalability issue in multimedia conferencing, while bringing other benefits, such as, elasticity, efficient use of resources, rapid development, and introduction of new applications. However, proposed cloud-based multimedia conferencing approaches so far have several deficiencies when it comes to efficient resource usage while meeting Quality of Service (QoS) requirements. We propose a solution to optimize resource allocation for cloud-based video mixing service in multimedia conferencing applications, which can support scalability in terms of number of users, while guaranteeing QoS. We formulate the resource allocation problem mathematically as an Integer Linear Programming (ILP) problem and design a heuristic for it. Simulation results show that our resource allocation model can support more participants compared to the state-of-the-art, while honoring QoS, with respect to end-to-end delay.
△ Less
Submitted 22 September, 2015;
originally announced September 2015.
-
On Optimizing Replica Migration in Distributed Cloud Storage Systems
Authors:
Amina Mseddi,
Mohammad Ali Salahuddin,
Mohamed Faten Zhani,
Halima Elbiaze,
Roch H. Glitho
Abstract:
With the wide adoption of large-scale Internet services and big data, the cloud has become the ideal environment to satisfy the ever-growing storage demand, thanks to its seemingly limitless capacity, high availability and faster access time. In this context, data replication has been touted as the ultimate solution to improve data availability and reduce access time. However, replica placement sy…
▽ More
With the wide adoption of large-scale Internet services and big data, the cloud has become the ideal environment to satisfy the ever-growing storage demand, thanks to its seemingly limitless capacity, high availability and faster access time. In this context, data replication has been touted as the ultimate solution to improve data availability and reduce access time. However, replica placement systems usually need to migrate and create a large number of data replicas over time between and within data centers, incurring a large overhead in terms of network load and availability. In this paper, we propose CRANE, an effiCient Replica migrAtion scheme for distributed cloud Storage systEms. CRANE complements any replica placement algorithm by efficiently managing replica creation in geo-distributed infrastructures by (1) minimizing the time needed to copy the data to the new replica location, (2) avoiding network congestion, and (3) ensuring a minimal availability of the data. Our results show that, compared to swift (the OpenStack project for managing data storage), CRANE is able to minimize up to 30% of the replica creation time and 25% of inter-data center network traffic, while ensuring the minimum required availability of the data.
△ Less
Submitted 3 September, 2015;
originally announced September 2015.
-
Social Network Analysis Inspired Content Placement with QoS in Cloud-based Content Delivery Networks
Authors:
Mohammad A. Salahuddin,
Halima Elbiaze,
Wessam Ajib,
Roch Glitho
Abstract:
Content Placement (CP) problem in Cloud-based Content Delivery Networks (CCDNs) leverage resource elasticity to build cost effective CDNs that guarantee QoS. In this paper, we present our novel CP model, which optimally places content on surrogates in the cloud, to achieve (a) minimum cost of leasing storage and bandwidth resources for data coming into and going out of the cloud zones and regions,…
▽ More
Content Placement (CP) problem in Cloud-based Content Delivery Networks (CCDNs) leverage resource elasticity to build cost effective CDNs that guarantee QoS. In this paper, we present our novel CP model, which optimally places content on surrogates in the cloud, to achieve (a) minimum cost of leasing storage and bandwidth resources for data coming into and going out of the cloud zones and regions, (b) guarantee Service Level Agreement (SLA), and (c) minimize degree of QoS violations. The CP problem is NP-Hard, hence we design a unique push-based heuristic, called Weighted Social Network Analysis (W-SNA) for CCDN providers. W-SNA is based on Betweeness Centrality (BC) from SNA and prioritizes surrogates based on their relationship to the other vertices in the network graph. To achieve our unique objectives, we further prioritize surrogates based on weights derived from storage cost and content requests. We compare our heuristic to current state of the art Greedy Site (GS) and purely Social Network Analysis (SNA) heuristics, which are relevant to our work. We show that W-SNA outperforms GS and SNA in minimizing cost and QoS. Moreover, W-SNA guarantees SLA but also minimizes the degree of QoS violations. To the best of our knowledge, this is the first model and heuristic of its kind, which is timely and gives a fundamental pre-allocation scheme for future online and dynamic resource provision for CCDNs.
△ Less
Submitted 10 September, 2015; v1 submitted 27 June, 2015;
originally announced June 2015.