Table of Content

    25 October 2018, Volume 16 Issue 4
    Special Topic
    Security and Availability of SDN and NFV
    CHEN Yan
    2018, 16(4):  1-2.  doi:10.19729/j.cnki.1673-5188.2018.04.001
    Asbtract ( )   HTML ( )   PDF (223KB) ( )  
    References | Related Articles | Metrics
    Survey of Attacks and Countermeasures for SDN
    BAI Jiasong, ZHANG Menghao, BI Jun
    2018, 16(4):  3-8.  doi:10.19729/j.cnki.1673-5188.2018.04.002
    Asbtract ( )   HTML ( )   PDF (445KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    Software defined networking (SDN) has attracted significant attention from both academia and industry by its ability to reconfigure network devices with logically centralized applications. However, some critical security issues have also been introduced along with the benefits, which put an obstruction to the deployment of SDN. One root cause of these issues lies in the limited resources and capability of devices involved in the SDN architecture, especially the hardware switches lied in the data plane. In this paper, we analyze the vulnerability of SDN and present two kinds of SDN-targeted attacks: 1) data-to-control plane saturation attack which exhausts resources of all SDN components, including control plane, data plane, and the in-between downlink channel and 2) control plane reflection attack which only attacks the data plane and gets conducted in a more efficient and hidden way. Finally, we propose the corresponding defense frameworks to mitigate such attacks.

    SDN Based Security Services
    ZHANG Yunyong, XU Lei, TAO Ye
    2018, 16(4):  9-14.  doi:10.19729/j.cnki.1673-5188.2018.04.003
    Asbtract ( )   HTML ( )   PDF (407KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    With the development and revolution of network in recent years, the scale and complexity of network have become big issues. Traditional hardware based network security solution has shown some significant disadvantages in cloud computing based Internet data centers (IDC), such as high cost and lack of flexibility. With the implementation of software defined networking (SDN), network security solution could be more flexible and efficient, such as SDN based firewall service and SDN based DDoS-attack mitigation service. Moreover, combined with cloud computing and SDN technology, network security services could be lighter-weighted, more flexible, and on-demanded. This paper analyzes some typical SDN based network security services, and provide a research on SDN based cloud security service (network security service pool) and its implementation in IDCs.

    Optimization Framework for Minimizing Rule Update Latency in SDN Switches
    CHEN Yan, WEN Xitao, LENG Xue, YANG Bo, Li Erran Li, ZHENG Peng, HU Chengchen
    2018, 16(4):  15-29.  doi:10.19729/j.cnki.1673-5188.2018.04.004
    Asbtract ( )   HTML ( )   PDF (688KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    Benefited from the design of separating control plane and data plane, software defined networking (SDN) is widely concerned and applied. Its quick response capability to network events with changes in network policies enables more dynamic management of data center networks. Although the SDN controller architecture is increasingly optimized for swift policy updates, the data plane, especially the prevailing ternary content-addressable memory (TCAM) based flow tables on physical SDN switches, remains unoptimized for fast rule updates, and is gradually becoming the primary bottleneck along the policy update pipeline. In this paper, we present RuleTris, the first SDN update optimization framework that minimizes rule update latency for TCAM-based switches. RuleTris employs the dependency graph (DAG) as the key abstraction to minimize the update latency. RuleTris efficiently obtains the DAGs with novel dependency preserving algorithms that incrementally build rule dependency along with the compilation process. Then, in the guidance of the DAG, RuleTris calculates the TCAM update schedules that minimize TCAM entry moves, which are the main cause of TCAM update inefficiency. In evaluation, RuleTris achieves a median of <12 ms and 90-percentile of < 15ms the end-to-end perrule update latency on our hardware prototype, outperforming the state-of-the-art composition compiler CoVisor by ~ 20 times.

    Research Paper
    Antenna Mechanical Pose Measurement Based on Structure from Motion
    XU Kun, FAN Guotian, ZHOU Yi, ZHAN Haisheng, GUO Zongyi
    2018, 16(4):  38-45.  doi:10.19729/j.cnki.1673-5188.2018.04.006
    Asbtract ( )   HTML ( )   PDF (489KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    Antenna mechanical pose measurement has always been a crucial issue for radio frequency (RF) engineers, owning to the need for mechanical pose adjustment to satisfy the changing surroundings. Traditionally, the pose is estimated in the contact way with the help of many kinds of measuring equipment, but the measurement accuracy cannot be well assured in this way. We propose a non-contact measuring system based on Structure from Motion (SfM) in the field of photogrammetry. The accurate pose would be estimated by only taking several images of the antenna and after some easy interaction on the smartphone. Extensive experiments show that the error ranges of antenna’s downtilt and heading are within 2 degrees and 5 degrees respectively, with the shooting distance in 25 m. The GPS error is also under 5 meters with this shooting distance. We develop the measuring applications both in PC and android smartphones and the results can be computed within 3 minutes on both platforms. The proposed system is quite safe, convenient and efficient for engineers to use in their daily work. To the best of our knowledge, this is the first pipeline that solves the antenna pose measuring problem by the photogrammetry method on the mobile platform.

    Energy Efficiency for NPUSCH in NB-IoT with Guard Band
    ZHANG Shuang, ZHANG Ningbo, KANG Guixia
    2018, 16(4):  46-51.  doi:10.19729/j.cnki.1673-5188.2018.04.007
    Asbtract ( )   HTML ( )   PDF (501KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    Narrowband Internet of Things (NB-IoT) has been proposed to support deep coverage (in building) and extended geographic coverage of IoT. In this paper, a power control scheme for maximizing energy efficiency (EE) of narrowband physical uplink shared channel (NPUSCH) with the guard band is proposed. First, we form the optimization problem based on the signal model with the interferences of narrowband physical random access channel (NPRACH) which are caused by the non-orthogonality of NPUSCH and NPRACH. Then, a method of reserving guard bands is proposed to reduce these interferences. Based on it, an efficient iterative power control algorithm is derived to solve the optimization problem, which adopts fractional programming. Numerical simulation results show that NPUSCH with the guard band has better performance in EE than that without the guard band.

    Portable Atmospheric Transfer of Microwave Signal Using Diode Laser with Timing Fluctuation Suppression
    CHEN Shijun, BAI Qingsong, CHEN Dawei, SUN Fuyu, HOU Dong
    2018, 16(4):  52-56.  doi:10.19729/j.cnki.1673-5188.2018.04.008
    Asbtract ( )   HTML ( )   PDF (405KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    We demonstrate an atmospheric transfer of microwave signal over a 120 m outdoor free-space link using a compact diode laser with a timing fluctuation suppression technique. Timing fluctuation and Allan Deviation are both measured to characterize the instability of transferred frequency incurred during the transfer process. By transferring a 100 MHz microwave signal within 4500 s, the total root-mean-square (RMS) timing fluctuation was measured to be about 6 ps, with a fractional frequency instability on the order of 1 × 10-12 at 1 s, and order of 7 × 10-15 at 1000 s. This portable atmospheric frequency transfer scheme with timing fluctuation suppression can be used to distribute an atomic clock-based frequency over a free-space link.

    Time Sensitive Networking Technology Overview and Performance Analysis
    FU Shousai, ZHANG Hesheng, CHEN Jinghe
    2018, 16(4):  57-64.  doi:10.19729/j.cnki.1673-5188.2018.04.009
    Asbtract ( )   HTML ( )   PDF (519KB) ( )  
    Figures and Tables | References | Related Articles | Metrics

    Time sensitive networking (TSN) is a set of standards developed on the basis of audio video bridging (AVB). It has a promising future in the Industrial Internet of Things and vehicle-mounted multimedia, with such advantages as high bandwidth, interoperability and low cost. In this paper, the TSN protocol stack is described and key technologies of network operation are summarized, including time synchronization, scheduling and flow shaping, flow management and fault tolerant mechanism. The TSN network model is then established. Its performance is illustrated to show how the frame priority works and also show the influence of IEEE802.1Qbv time-aware shaper and IEEE802.1Qbu frame preemption on network and time-sensitive data. Finally, we briefly discuss the challenges faced by TSN and the focus of future research.