MCK Mini-Conference Keynote Managing Network Devices with Redfish and YANG John Leung (Intel) and Matsuki Yoshino (Hitachi) https://www.cnsm-conf.org/2017/keynotes.html 27 November 2017 09:30-10:30 2017-11-27T09:30:00+09:00 2017-11-27T10:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Shingo Ata (Osaka City University, Japan) CB Coffee break 10:30-11:00 Room: Lobby, B1F, Bldg.27 MC1 Mini-Conference Session 1 11:00-12:30 2017-11-27T11:00:00+09:00 2017-11-27T12:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Takuya Asaka (Tokyo Metropolitan University, Japan) 11:00 11:18 1570375159 MC1.1 Applicability and Limitations of a Simple WiFi Hotspot Model for Cities 13th International Conference on Network and Service Management 2017 - Full papers Offloading mobile Internet data via WiFi has emerged as an omnipresent trend. WiFi networks are already widely deployed by many private and public institutions (e.g., libraries, cafes, restaurants) but also by commercial services to provide alternative Internet access for their customers and to mitigate the load on mobile networks. Moreover, smart cities start to install WiFi infrastructure for current and future civic services, e.g., based on sensor networks or the Internet of Things. A simple model for the distribution of WiFi hotspots in an urban environment is presented. The hotspot locations are modeled with a uniform distribution of the angle and an exponential distribution of the distance, which is truncated to the city limits. We compare the characteristics of this model in detail to the real distributions. Moreover, we show the applicability and the limitations of this model, and the results suggest that the model can be used in scenarios, which do not require an accurate spatial collocation of the hotspots, such as offloading potential, coverage, or signal strength. Finally, the applicability of the model is studied in a performance evaluation of public WiFi offloading for HTTP adaptive video streaming. Michael Seufert 857079 University of Würzburg Germany 1 Christian Moldovan 1222927 University of Duisburg-Essen Germany 0 Valentin Burger 505861 University of Wuerzburg Germany 0 Tobias Hoßfeld 118152 University of Duisburg-Essen Germany 0 11:18 11:36 1570378350 MC1.2 Wireless LAN Access Point Deployment and Pricing with Location-Based Advertising 13th International Conference on Network and Service Management 2017 - Full papers In order to improve the quality of service (QoS) for mobile users (MUs) and save investment cost for deploying new cellular base station, mobile network operators (MNOs) are deploying wireless local area network (LAN) access points (APs) to offload MU's traffic from cellular network to wireless LAN. However, offloading too much traffic from cellular network may impair MNO's profit since the cellular network price is higher than that of wireless LAN, whose price is low or even zero. Therefore, how to deploy wireless LAN APs to offload traffic without impairing MNO's profit is a critical problem for MNOs. As far as the authors understand, existing studies about deployment of wireless LAN APs do not consider MNO's profit and are usually in a heuristic manner. In this paper, we study the location-based advertising (LBA) leveraged wireless LAN deployment, where MNO may also collect revenue by selling LBA service in different locations to advertisers. We formulate MNO's profit maximization problem by considering different MU's demand in different locations, wireless LAN price for MUs, and revenue from LBA service. Extensive simulations are conducted to validate our analytical results. Cheng Zhang 524025 Waseda University Japan 0 Zhi Liu 533679 Shizuoka University Japan 1 Bo Gu 827267 Kogakuin University Japan 0 Kyoko Yamori 166307 Asahi University Japan 0 Yoshiaki Tanaka 92747 Waseda University Japan 0 11:36 11:54 1570378445 MC1.3 Two-way Communication with Wait-slot Scheme for Neighbor Discovery Process in Dense Bluetooth Low Energy Networks 13th International Conference on Network and Service Management 2017 - Full papers Bluetooth Low Energy (BLE) Beacon technology is well on the way to becoming the future of business due to its inexpensive and low-power properties. All communications in BLE networks must involve neighbor discovery process (NDP) in the first place since a BLE device needs to create a connection or exchange information with its neighbors. Thus, the performance of the discovery latency is a challenging issue to be addressed for integrating BLE into the Beacon application development as the number of BLE devices increases. In this paper, we propose a two-way communication with wait-slot scheme (TCWS) to minimize the probability of collision occurring on the response frames of BLE devices and improve the latency of NDP. We formulate the state transition diagram for analyzing the performance of our proposed scheme. The results show that TCWS provides much better performance in terms of the probability of collision and the discovery latency in dense BLE networks. Ting-Ting Yang 1499473 National Chung-Hsing University Taiwan 0 Tseng Hsueh-Wen 12901 National Chung-Hsing University Taiwan 0 11:54 12:12 1570382487 MC1.4 High-end LTE Service Evolution in Korea: 4 Years of Nationwide Mobile Network Measurements 13th International Conference on Network and Service Management 2017 - Full papers This paper provides a temporal cellular and WiFi networks analysis from a nationwide crowdsourcing measurement study. Our dataset consists of 2.98M user-initiated quality tests on 3G/LTE/WiFi involving 157K mobile devices from Nov. 2012 to July 2016 (187 weeks) in South Korea. Our analysis explains changes in QoS from the user perspective, not Mobile Network Operators (MNO). We revealed that WiFi shows twice higher compounded quarterly growth rate for download throughput against LTE. Yet, LTE and WiFi show almost no difference in absolute download throughput value as of mid 2016. Second, LTE delivers relatively low latency, less-varying loss rate, and higher throughput in overall. Finally, the result shows that the evolution for the high-end LTE services has been faster than user adoption, where the majority of the LTE users stays below 75 Mbps of throughput. Jonghwan Hyun 868609 POSTECH Korea 0 Youngjoon Won 118053 Hanyang University Korea 0 Kenjiro Cho 15696 IIJ Japan 0 Romain Fontugne 286137 Internet Initiative Japan Inc. Japan 0 Jaeyoon Chung 558361 Princeton University USA 0 James W. Hong 2797 POSTECH Korea 0 Lunch Lunch 12:30-14:00 Restaurant Mori-no-Kaze, 15F, Bldg.26 MC2 Mini-Conference Session 2 14:00-15:30 2017-11-27T14:00:00+09:00 2017-11-27T15:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Kazuhiko Kinoshita (Tokushima University, Japan) 14:00 14:18 1570375144 MC2.1 An Adaptive Scaling Mechanism for Managing Performance Variations in Network Functions Virtualization: A Case Study in an NFV-based EPC 13th International Conference on Network and Service Management 2017 - Full papers The scaling is a fundamental task that allows addressing performance variations in Network Functions Virtualization (NFV). In the literature, several approaches propose scaling mechanisms that differ in the utilized technique (e.g., reactive, predictive and machine learning-based). The scaling in NFV must be accurate both at the time and the number of instances to be scaled, aiming at avoiding unnecessary procedures of provisioning and releasing of resources; however, achieving a high accuracy is a non-trivial task. In this paper, we propose for NFV an adaptive scaling mechanism based on Q-Learning and Gaussian Processes that are utilized by an agent to carry out an improvement strategy of a scaling policy, and therefore, to make better decisions for managing performance variations. We evaluate our mechanism by simulations, in a case study in a virtualized Evolved Packet Core, corroborating that it is more accurate than approaches based on static threshold rules and Q-Learning without a policy improvement strategy. Carlos Hernán Tobar Arteaga 1507099 University of Cauca Colombia 1 Fulvio Risso 3211 Politecnico di Torino Italy 0 Oscar Mauricio Caicedo Rendon 655707 University of Cauca Colombia 0 14:18 14:36 1570375262 MC2.2 Delay-aware VNF Placement and Chaining based on a Flexible Resource Allocation Approach 13th International Conference on Network and Service Management 2017 - Full papers Network Function Virtualization (NFV) is a promising technology that is receiving significant attention in both academic and the industry. NFV paradigm proposes to decouple Network Functions (NFs) from dedicated hardware equipment, offering a better sharing of physical resources and providing more flexibility to network operators. However, in such environment, efficient management mechanisms are crucial to address the problem of Placement and Chaining of Virtual Network Functions (PC-VNF). In this paper, we introduce a PC-VNF model based on a flexible resource allocation approach that takes into account service requirements. Thus, beyond connectivity and resource utilization, specific requirements in terms of latency, throughput, and errors must be respected when deploying network services such as 5G services (broadband communication, mission critical communications, massive IoT, etc.). The end-to-end performance needs to meet the user expectations as well as service requirements to provide the desired QoS/QoE. Our main goal is to determine the optimal VNF placement minimizing resource consumption while providing specific latency (i.e., end-to-end delay) and avoiding violation of Service Level Agreements (SLA) by constraining allocated resources to a given VNF to reach its required performance. Results show that our approach achieves the required latency with better resources utilization compared to the classical approaches, with a reduction of up to 40% of resources consumption and a higher rate of accepted requests by recovering 15 to 60 % of the rejected requests. Abdelhamid Alleg 1454447 CNRS-LaBRI UMR 5800, University Bordeaux, Bordeaux-INP France 1 Toufik Ahmed 12447 CNRS-LaBRI UMR 5800, University Bordeaux, Bordeaux-INP France 0 Mohamed Mosbah 1529319 LaBRI/ Bordeaux University & LaBRI France 0 Roberto Riggio 146926 FBK CREATE-NET Italy 0 Raouf Boutaba 5035 University of Waterloo Canada 0 14:36 14:54 1570378939 MC2.3 MD-IDN: Multi-Domain Intent-Driven Networking in Software-Defined Infrastructures 13th International Conference on Network and Service Management 2017 - Full papers Intent-Driven Networking is recently gaining interest, with all major SDN control platforms now providing an intent Northbound Interface (NBI) as a high-level abstraction for network management. With these frameworks network operators can conveniently define ``what needs to be done'', rather than ``how it should be done''. Current IDN frameworks pose two main limitations that affect deployment in production grade and multi-domain networks. They are mainly concerned with a single network domain, and thus enabling end-to-end network intents over a multi-domain and large-scale setup is still a challenge. Furthermore, these frameworks do not consider any differentiation between user intents and provider intents, and a limited set of intent classes are available for both. In this paper we present MD-IDN, which provides an intent framework for the users of multi-domain cloud infrastructures. We first propose a graph-based abstraction model for user-defined intents and a generic intent compilation process. Then, we propose compilation algorithms to achieve scalability in multi-domain networks: First, user-defined intents get processed over an abstracted multi-graph of network domains and their interconnections, and a set of local intents will be generated for each of the involved domains. Afterwards, the local intents will be compiled and installed in local regions in parallel. MD-IDN is deployed as a public service in the SAVI Testbed over more than ten data centers spanning across Canada. In multi-domain environments, our experiments show that MD-IDN outperforms current practices that compile intents over a flat network topology. Saeed Arezoumand 1485254 University of Toronto Canada 1 Kristina Dzeparoska 1511216 University of Toronto Canada 0 Hadi Bannazadeh 869349 University of Toronto Canada 0 Alberto Leon-Garcia 393083 University of Toronto Canada 0 14:54 15:12 1570381680 MC2.4 Efficient Big Link Allocation Scheme in Virtualized Software-defined Networking 13th International Conference on Network and Service Management 2017 - Full papers We propose an efficient resource allocation scheme for big links in virtualized software-defined networking. Network virtualization based on software-defined networking provides big link concept to facilitate simple network management - big link maps a set of switches and links into a single virtual link. However, this paper reports an issue of the big link in that there is severe performance degradation in virtualized SDN environments. We find the cause: the existing network hypervisors do not consider the network traffic when allocating physical resources to a big link. To address this issue, we design big link allocation scheme (BAS) that considers network traffic when allocating and reallocating resources to a big link. A prototype implementation is done with OpenVirteX, and experiments demonstrate that big link with BAS achieves four times greater throughput than that of the big link without BAS. Moreover, by including a timer in OpenVirteX, the BAS decreases unnecessary resource reallocations, which reduces overhead. Wontae Jeong 1513835 Korea University Korea 0 Gyeongsik Yang 1508888 Korea University Korea 0 Seong-Mun Kim 793849 Korea University Korea 0 Chuck Yoo 1151361 Korea University Korea 0 15:12 15:30 1570382322 MC2.5 BFD-based Link Latency Measurement in Software Defined Networking 13th International Conference on Network and Service Management 2017 - Full papers 5G networks offer various network services based on software-defined networking and network function virtualization. However, certain services are sensitive to link latency which is why it is consistently observed to provide high-quality services. Previous studies have proposed two approaches to this task: measuring latency using probe packets and link-layer discovery protocol (LLDP) packets. However, these are subject to several limitations such as flow rule pre-configuration, influence of control plane traffic, and need for calibration. In this study, a bidirectional forwarding detection-based (BFD) approach is proposed. This measures latency at the data plane with a simply implemented echo mode in Open vSwitch. We evaluate and compare the proposed approach to that of the LLDP-based method in terms of single link latency, path latency, and error rate. In addition, we verify that the control plane throughput affects link latency according to the increased number of switches. As a result, the proposed approach is able to resolve these limitations and provide accurate link latency measurement. Seong-Mun Kim 793849 Korea University Korea 1 Gyeongsik Yang 1508888 Korea University Korea 0 Chuck Yoo 1151361 Korea University Korea 0 Sung-Gi Min 161085 Korea University Korea 0 MC3 Mini-Conference Session 3 16:00-17:30 2017-11-27T16:00:00+09:00 2017-11-27T17:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Yehia Elkhatib (Lancaster University, United Kingdom (Great Britain)) 16:00 16:18 1570373793 MC3.1 Can MPTCP Secure Internet Communications from Man-in-the-Middle Attacks? 13th International Conference on Network and Service Management 2017 - Full papers Multipath communications at the Internet scale have been a myth for a long time, with no actual protocol being deployed so that multiple paths could be taken by a same connection on the way towards an Internet destination. Recently, the Multipath Transmission Control Protocol (MPTCP) extension has been standardized and is undergoing rapid adoption in many different use-cases, from mobile to fixed access networks, from data-centers to core networks. Among its major benefits - i.e., reliability thanks to backup path rerouting; and throughput increase thanks to link aggregation and confidentiality being more difficult to intercept a full connection - the latter has attracted lower attention. How effective would be to use MPTCP to exploit multiple Internet-scale paths and decrease the probability of Man-in-the-Middle (MITM) attacks is a question which we try to answer. By analyzing the Autonomous System (AS) level graph, we identify which countries and regions show a higher level of robustness against MITM AS-level attacks, for example due to core cable tapping or route hijacking practices. Duy Nguyen 1211913 UPMC France 1 Dung Chi Phung 1403357 LIP6 France 0 Stefano Secci 154796 University Pierre et Marie Curie - Paris 6 France 0 Benevid Felix 1337637 UFPR Brazil 0 Michele Nogueira 185036 Federal University of Parana (UFPR) Brazil 0 16:18 16:36 1570378921 MC3.2 A lightweight snapshot-based DDoS detector 13th International Conference on Network and Service Management 2017 - Full papers Despite the efforts made from both the research community and the industry in inventing new methods to deal with distributed denial of service attacks, they stay a major threat in the Internet network. Those attacks are numerous, and can prevent, in most serious cases, the targeted system from answering any request from its clients. Detecting such attacks means dealing with several difficulties, such as their distributed nature or the several evasions techniques available to the attackers. The detection process has also a cost, which includes both the resources needed to perform the detection and the work of the network administrator. In this paper we introduce AATAC, an unsupervised DDoS detector that focuses on reducing the computational resources needed to process the traffic. It models the traffic using a set of regularly created snapshots. Each new snapshot is compared to this model using a k-NN based measure to detect significant deviations toward the usual traffic profile. Those snapshots are also used to provide the network administrator with an explicit and dynamic view of the traffic when an anomaly occurs. Our evaluation shows that AATAC is able to efficiently process real traces with low computational resources requirements, while achieving an efficient detection producing a low number of false- positive. Gilles Roudière 1155545 LAAS-CNRS France 0 Philippe Owezarski 1601 LAAS-CNRS France 0 16:36 16:54 1570382393 MC3.3 Assessing the Value of Containers for NFVs: A Detailed Network Performance Study 13th International Conference on Network and Service Management 2017 - Full papers Since its introduction in 2012, telecommunications operators have been applying the Network Function Virtualization principle to their core infrastructure, leading to more agile and cost-efficient deployments. While these Virtualized Network Functions (VNFs) are traditionally implemented using Virtual Machines (VMs), efforts are starting to shift to containerized VNF implementations, further improving agility and cost-efficiency. Furthermore, telecom applications often require extreme networking performance in terms of throughput and latency. While research has shown that containers outperform VMs on this front, it is currently unclear how the choice of container provider influences network performance. In this paper we compare the networking performance of Linux container implementations Docker, rkt and LXC. Throughput and latency are evaluated for single-host host, bridge (or NAT) and macvlan network configurations. This is, to the best of our knowledge, the first comparison featuring all three major Linux container implementations. We show that LXC performs best, with Docker and rkt showing throughputs of respectively up to 35% and 58% lower. Of the considered networking implementations, the macvlan network performs best. While it experiences a significant performance degradation when many containers are chained together, a single container using macvlan can outperform even a bare metal implementation when enough CPU resources are available. Jakob Struye 1514231 University of Antwerp Belgium 1 Bart Spinnewyn 1293425 University of Antwerp & iMinds Belgium 0 Kathleen Spaey 1085569 iMinds / University of Antwerp Belgium 0 Kristiaan Bonjean 1514720 Newtec Belgium 0 Steven Latré 1059359 University of Antwerp - imec Belgium 0 16:54 17:12 1570382779 MC3.4 Modeling and Analyzing Power System Failures on Cloud Services 13th International Conference on Network and Service Management 2017 - Full papers Many enterprises rely on cloud infrastructure to host their critical applications (such as trading, banking transaction, airline reservation system, and credit card authorization). The unavailability of these applications may lead to severe consequences that go beyond the financial losses, reaching the cloud provider reputation too. However, to maintain high availability in a cloud data center is a difficult task due to its complexity. The power subsystem is crucial for the entire operation of the data center because it supplies power for all other subsystems, including IT components and cooling equipment. Some studies have already proposed models to evaluate the availability of the power subsystem, but none of them are based on standard redundancy models. Standards guide cloud providers regarding availability, points of failure, and watts per square foot based on components' redundancy. This paper proposes RBD and Petri Net models based on the TIA-942 standard to estimate the availability of the data center power subsystem and analyze how failures on power subsystem impact the availability of critical applications. These models are important to resource planning and decision making by the cloud providers, because they may identify which components they ought to invest in order to improve the availability level. Daniel Rosendo 1463169 Federal University of Pernambuco Brazil 0 Patricia Takako Endo 658125 University of Pernambuco Brazil 0 Guto Leoni 1470597 Federal University of Pernambuco Brazil 0 Demis Gomes 1470594 Federal University of Pernambuco Brazil 0 Glauco Estácio Gonçalves 204160 Federal Rural University of Pernambuco Brazil 0 André L. C. Moreira 243281 Federal University of Pernambuco Brazil 0 Judith Kelner 85367 Federal University of Pernambuco Brazil 0 Djamel Hadj Sadok 85365 Federal University of Pernambuco Brazil 1 Mozhgan Mahloo 1470596 Ericsson Research Sweden 0 17:12 17:30 1570382822 MC3.5 Tracking the Bad Guys: An Efficient Forensic Methodology To Trace Multi-step Attacks Using Core Attack Graphs 13th International Conference on Network and Service Management 2017 - Full papers In this paper, we describe an efficient methodology to guide investigators during network forensic analysis. To this end, we introduce the concept of core attack graph, a compact representation of the main routes an attacker can take towards specific network targets. Such compactness allows forensic investigators to focus their efforts on critical nodes that are more likely to be part of attack paths, thus reducing the overall number of nodes (devices, network privileges) that need to be examined. Nevertheless, core graphs also allow investigators to hierarchically explore the graph in order to retrieve different levels of summarised information. We have evaluated our approach over different network topologies varying parameters such as network size, density, and forensic evaluation threshold. Our results demonstrate that we can achieve the same level of accuracy provided by standard logical attack graphs while significantly reducing the exploration rate of the network. Martín Barrère 690221 Imperial College London United Kingdom (Great Britain) 1 Rodrigo Vieira Steiner 511869 Imperial College London United Kingdom (Great Britain) 0 Rabih Mohsen 1514785 Imperial College London United Kingdom (Great Britain) 0 Emil Lupu 130674 Imperial College United Kingdom (Great Britain) 0 Opeing Opening Ceremony 09:25-09:30 Ono Memorial Hall, B2F, Bldg.27 28 November 2017 09:30-10:30 2017-11-28T09:30:00+09:00 2017-11-28T10:30:00+09:00 K1 Keynote Session 1 Data-driven Network Engineering and Management Prof. Rolf Stadler, KTH Royal Institute of Technology, Sweden https://www.cnsm-conf.org/2017/keynotes.html Rolf Stadler is a professor with the Department of Network and Systems Engineering at KTH Royal Institute of Technology in Stockholm, Sweden. He holds an M.Sc. degree in mathematics and a Ph.D. in computer science from the University of Zurich. Before joining KTH in 2001, he held positions at the IBM Zurich Research Laboratory, Columbia University, and ETH Zürich. His group has made contributions to real-time monitoring, resource management, and self-management for large-scale networks and clouds. His current interests include advanced monitoring techniques, as well as data-driven methods for network engineering and management. Rolf Stadler is currently Editor-in-Chief of IEEE Transactions on Network and Service Management (TNSM). 09:30-10:30 Ono Memorial Hall, B2F, Bldg.27 Yoshiaki Kiriha (The University of Tokyo, Japan) PS1 Poster Session 1 and Coffee Break 10:30-11:30 2017-11-28T10:30:00+09:00 2017-11-28T11:30:00+09:00 Lobby, B1F, Bldg.27 10:30 10:30 1570368170 PS1.1 Enforcing free roaming among EU countries: an economic analysis 13th International Conference on Network and Service Management 2017 - Short Papers In October 2015, the European parliament has decided to forbid roaming charges among EU mobile phone users, starting June 2017, as a first step toward the unification of the European digital market. In this paper, we aim at investigating the consequences of such a measure from an economic perspective. In particular, we analyze the effect of the willingness-to-pay heterogeneity among users (also due to wealth heterogeneity), and the fact that the roaming behavior is positively correlated with wealth. Considering a monopolistic operator, we compare the paid-roaming situation (with usage-based pricing) to the envisioned free-roaming from the point of view of the operator and of users. Our analysis suggests that imposing free roaming degrades the revenues of the operator but can also deter some users from subscribing. This is because paid roaming allows some partial market segmentation; hence we conclude that such (apparently beneficial) regulatory decisions must be taken with care. Patrick Maillé 94224 IMT Atlantique France 0 Bruno Tuffin 9844 Inria Rennes - Bretagne Atlantique France 0 10:30 10:30 1570374552 PS1.2 Resource-Aware Placement of Softwarised Security Services in Cloud Data Centers 13th International Conference on Network and Service Management 2017 - Full papers Virtualizing middleboxes as software for Cloud tenants can eliminate the monolithic processing and static deployment of legacy middleboxes and provide an efficient provisioning for security services. However, inefficient managing of the virtualized security services can reduce the gains of Cloud deployment. We propose a resources-efficient placement of the security functions in the infrastructure of a three-tier Cloud DC by modifying the Best-Fit Decreasing algorithm to solve the problem while satisfying the placement resources and traffic constraints. Abeer Ali 1369302 University of Glasgow United Kingdom (Great Britain) 0 Christos Anagnostopoulos 135768 University of Glasgow United Kingdom (Great Britain) 0 Dimitrios P Pezaros 13367 University of Glasgow United Kingdom (Great Britain) 0 10:30 10:30 1570375153 PS1.3 A Path Planning Method of Wireless Sensor Networks Based on Service Priority 13th International Conference on Network and Service Management 2017 - Full papers Life-time represents the effective survival time of network, which is significant when measuring the performance of wireless sensor networks (WSNs). Therefore, it is so important to extend network life-time by planning appropriate path based on energy consumption and remaining energy of wireless sensors. In this paper, a path planning method of WSNs based on service priority is proposed, and an improved Dijkstra algorithm is used to solve this problem. This method minimizes the total energy consumption of network while balancing remaining energy of all nodes in network, and through the sacrifice of network delay in exchange for extension of life-time. The simulation results show that our method not only prolongs network life-time compared to shortest-path algorithm but also improves network reliability. Peng Li 1507104 Beijing University of Posts and Telecommunications P.R. China 0 Siya Xu 1507126 Beijing University of Posts and Telecommunications P.R. China 0 Kang Sun 1510916 Beijing University of Posts and Telecommunications P.R. China 0 Qiu Xue-song 119912 Beijing University of Posts and Telecommunications P.R. China 0 Feng Qi 244407 Beijing University of Posts and Telecommunications P.R. China 0 10:30 10:30 1570375230 PS1.4 An Autonomic and Policy-based Authorization Framework for OpenFlow Networks 13th International Conference on Network and Service Management 2017 - Full papers The Network Access Control (NAC) management is a critical task, especially in current networks that are composed of many heterogeneous things (Internet of Things) connected to share data, resources and Internet access. The Software-Defined Networking (SDN) simplifies the network design and operation, and offers new opportunities (programmability, flexibility, dynamicity, and standardization) to manage the network. Despite this, the access control management remains a challenge, once managing security policies involves dealing with a large set of access control rules, detecting conflicting policies, defining priorities, delegating rights, and reacting against network state changes and events. This work presents the HACFlow, a novel, autonomic, and policy-based framework for access control management in OpenFlow networks. HACFlow aims to simplify and automate the network management allowing network operators to govern rights of network entities by defining dynamic, fine-grained, and high-level access control policies. We analyzed the performance of HACFlow and compared it against related approaches. Daniel Rosendo 1463169 Federal University of Pernambuco Brazil 0 Patricia Takako Endo 658125 University of Pernambuco Brazil 0 Djamel Hadj Sadok 85365 Federal University of Pernambuco Brazil 1 Judith Kelner 85367 Federal University of Pernambuco Brazil 0 TS1 Technical Session 1 11:00-12:30 2017-11-28T11:00:00+09:00 2017-11-28T12:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Joan Serrat (Universitat Politécnica de Catalunya, Spain) 11:00 11:30 1570374275 TS1.1 Data Driven Selection of DRX for Energy Efficient 5G RAN 13th International Conference on Network and Service Management 2017 - Full papers The number of connected mobile devices is increasing rapidly with more than 10 billion expected by 2022. Their total aggregate energy consumption poses a significant concern to society. The current 3gpp (3rd Generation Partnership Project) LTE/LTE-Advanced standard incorporates an energy saving technique called discontinuous reception (DRX). It is expected that 5G will use an evolved variant of this scheme. In general, the single selection of DRX parameters per device is non trivial. This paper describes how to improve energy efficiency of mobile devices by selecting DRX based on the traffic profile per device. Our particular approach uses a two phase data-driven strategy which tunes the selection of DRX parameters based on a smart fast energy model. The first phase involves the off-line selection of viable DRX combinations for a particular traffic mix. The second phase involves an on-line selection of DRX from this viable list. The method attempts to guarantee that latency is not worse than a chosen threshold. Alternatively, longer battery life for a device can be traded against increased latency. We built a live prototype of the system in our lab in order to verify that the technique works and scales on a real LTE system. We also designed a sophisticated traffic generator based on actual user data traces. Complementary method verification has been made by exhaustive off-line simulations on recorded LTE network data. Finally we managed to show significant device energy saving using our approach, which has the aggregated potential over billions of devices, to make a real contribution to green, energy efficient networks. Diarmuid Corcoran 1503314 KTH Royal Institute of Technology Sweden 1 Loghman Andimeh 1506926 Ericsson AB Sweden 0 Andreas Ermedahl 1506924 Ericsson AB Sweden 0 Per Kreuger 275656 Swedish Institute of Computer Science (SICS) Sweden 0 Christian Schulte 547433 KTH Royal Institute of Technology Sweden 0 11:30 12:00 1570375242 TS1.2 Flexible Functional Split in 5G Networks 13th International Conference on Network and Service Management 2017 - Full papers 5G networks are expected to support various applications with diverse requirements in terms of latency, data rates and traffic volume. Cloud-RAN and densely deployed small cells are two of the tools at disposal of Mobile Network Operators to cope with such requirements. In order to mitigate the fronthaul requirements imposed by the Cloud-RAN architecture, several other functional splits, each characterized by a different demarcation point between the centralized and the distributed units, have emerged. However, the appropriate centralization level (i.e., the functional split) selection for the RAN still remains a challenging task, since a number of parameters have to be considered in order to make such a decision. In this paper, a dynamic virtual network embedding (VNE) algorithm is proposed with an approach to flexibly select the appropriate functional splits at RANs of SCs. Given the fronthaul network characteristics, the inter-cell interference is considered as the key performance indicator to BSs for selecting a functional split. The VNE is formulated as an ILP problem whose objective is to minimize the inter-cell interference and fronthaul bandwidth, therefore, energy consumption by dynamically selecting an appropriate functional split for each SC. Finally, a heuristic algorithm is proposed in order to tackle the scalability problem of the ILP algorithm, and the algorithms are compared using a numerical simulator Davit Harutyunyan 1413171 FBK CREATE-NET Italy 1 Roberto Riggio 146926 FBK CREATE-NET Italy 0 12:00 12:30 1570378555 TS1.3 ORCHESTRA: Virtualized and Programmable Orchestration of Heterogeneous WLANs 13th International Conference on Network and Service Management 2017 - Full papers LANs are employed by a plethora of heterogeneous consumer devices, equipped with the ability to connect to the Internet using a variety of different wireless network technologies. Existing solutions and the lower layers of the OSI stack are unfit to cope with this heterogeneity. For instance, dynamical inter-technology switching is user- of application-based We propose the ORCHESTRA framework to manage the different devices in heterogeneous WLANs and introduce capabilities such as packet-level dynamic and intelligent handovers (both inter- and intra-technology), load balancing, replication, and scheduling. The framework consists of a controller that is capable of communicating with both existing SDN and NFV controllers and with devices containing a newly introduced virtual MAC layer. We show that the virtual MAC enables transparent and real-time inter-technology handovers and that our solution scales up to two thousands of clients. Ensar Zeljkovic 1477722 University of Antwerp - imec & IDLab Belgium 0 Tom De Schepper 1322649 University of Antwerp - imec Belgium 1 Patrick Bosch 1308619 University of Antwerp - imec Belgium 0 Ian Vermeulen 1510680 University of Antwerp - imec Belgium 0 Jetmir Haxhibeqiri 1217833 Ghent University Belgium 0 Jeroen Hoebeke 96034 Ghent University - imec Belgium 0 Jeroen Famaey 508641 University of Antwerp & Imec Belgium 0 Steven Latré 1059359 University of Antwerp - imec Belgium 0 Lunch Lunch 12:30-14:00 Restaurant Mori-no-Kaze, 15F, Bldg.26 TS2 Technical Session 2 14:00-15:30 2017-11-28T14:00:00+09:00 2017-11-28T15:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Rolf Stadler (KTH Royal Institute of Technology, Sweden) 14:00 14:30 1570374339 TS2.1 A Path Layer for the Internet: Enabling Network Operations on Encrypted Protocols 13th International Conference on Network and Service Management 2017 - Full papers The deployment of encrypted transport protocols imposes new challenges for network management. Key in-network functions such as those implemented by firewalls and passive measurement devices currently rely on information exposed in the transport layer. Encryption, in addition to improving privacy, helps to address ossification of network protocols caused by middleboxes that assume certain information to be present in the clear. However, ``encrypting it all'' risks diminishing the utility of these middleboxes for the network management tasks for which they were designed. A middlebox cannot use what it cannot see. We propose an architectural solution to this issue, by introducing a new ``path layer'' for transport-independent, in-band signaling between endpoints and network elements on the paths, and using this layer to reinforce the boundary between the hop-by-hop network layer and the end-to-end transport layer. We define a path layer header on top of UDP to provide a common wire image for new, encrypted transports. This path layer header provides information to a transport-independent state machine that replaces stateful handling that today is mainly done based on exposed header flags and fields in TCP; it enables explicit measurability of transport layer performance; and offers extensibility by sender-to-path and path-to-receiver communications for diagnostics and management. This provides not only a replacement for signals that are not available with encrypted traffic, but also allows integrity-protected, enhanced signaling under endpoint control. We present an implementation of this wire image integrated with the QUIC protocol, as well as a basic stateful middlebox built on Vector Packet Processing (VPP) provided by FD.io. Mirja Kuehlewind 432855 ETH Zurich Switzerland 0 Tobias Buehler 1506268 ETH Zürich Switzerland 0 Brian Trammell 324181 ETH Zurich Switzerland 1 Stephan Neuhaus 1506269 ZHAW Switzerland 0 Roman Muentener 1506270 ZHAW Switzerland 0 Gorry Fairhurst 101005 University of Aberdeen United Kingdom (Great Britain) 0 14:30 15:00 1570382698 TS2.2 Real-Time Security Services for SDN-based Datacenters 13th International Conference on Network and Service Management 2017 - Full papers While the scale, frequency and impact of the recent cyber- and DoS-attacks have all increased, the traditional security management systems are still supervised by human operators in the decisional loop. To cope with the new breed of machine-driven attacks - particularly the ones designed to overload the humans in the loop - the next-generation anomaly detection and attack mitigation schema, i.e., the network security management, must improve in speed and accuracy by orders of magnitude, hence become machine-driven, too. As infrastructure we propose an FPGA-accelerated Network Function Virtualization that potentially enhances any current multi-Tbps network with SDN-based security capabilities of vastly higher performance and scalability. As key novelty, we contribute a real-time feedback loop between a distributed programmable data plane and a centralized SDN controller, coupled via a global N:1 mirror. We validate the concept in an actual datacenter network with a new security application that can detect and mitigate real-world dDoS attacks, with lags from 430 microseconds up to 3 milliseconds - orders of magnitude faster than before. Pál Varga 283895 Budapest University of Technology and Economics Hungary 0 Georgios Kathareios 1394680 IBM Research - Zurich Switzerland 0 Akos Mate 1478649 IBM Research - Zurich Switzerland 0 Rolf Clauberg 168740 IBM Research - Zurich Switzerland 0 Andreea Anghel 994491 IBM Research - Zurich Switzerland 0 Péter Orosz 1292951 Budapest University of Technology and Economics Hungary 0 Balazs Nagy 1514679 AITIA International Inc Hungary 0 Tamás Tóthfalusi 1292945 Budapest University of Technology and Economics Hungary 0 László Kovács 1234109 AITIA International Inc. Hungary 0 Mitchell Gusat 9291 IBM Research - Zurich Switzerland 0 15:00 15:30 1570382704 TS2.3 Arena: adaptive real-time update anomaly prediction in cloud systems 13th International Conference on Network and Service Management 2017 - Full papers In current cloud systems, their monitoring relies strongly on rule-based and supervised-learning-based detection methods for anomaly detection. These methods require either some knowledge provided by an expert system or monitoring data to be labeled as a training set. In practice, the system's behavior changes over time. It is difficult to adjust the rules or re-train detection model for these methods. In this paper, we present an Adaptive REal-time update uNsupervised Anomaly prediction system (Arena) for cloud systems. Arena uses a clustering technique based on a density spatial clustering algorithm to identify clusters and outliers. We propose two prediction strategies to improve the ability to predict anomaly and a real-time update strategy by adding new monitoring points into Arena's model. To improve the prediction efficiency and reduce the scale of the model, we adopt a pruning method to remove redundant points. The anomaly data used in the experiments was collected from the Yahoo Lab and the component based system of enterprise T. The experimental results show that our proposed methods can achieve high prediction accuracy compared to existing methods. Real-time update strategy can improve the prediction performance. The pruning method can further reduce the scale of the model and demonstrates the prediction efficiency. Shaohan Huang 1228097 Beihang University P.R. China 0 Carol J Fung 150276 Virginia Commonwealth University USA 0 Shupeng Zhang 1470762 Beihang University P.R. China 0 Guang Wei 1377726 Beihang University P.R. China 0 Zhongzhi Luan 119949 Beihang University P.R. China 0 Depei Qian 514789 Beihang University P.R. China 0 PS2 Poster Session 2 and Coffee Break 15:30-16:00 2017-11-28T15:30:00+09:00 2017-11-28T16:00:00+09:00 Lobby, B1F, Bldg.27 15:30 15:30 1570374746 PS2.1 Traffic Optimization in Anonymous Networks 13th International Conference on Network and Service Management 2017 - Short Papers Anonymous communication networks, such as Tor, are facing big challenge how to deliver content to user in low latency and with no interruption. The issues were caused by increased amount of traffic passing by Internet last couple of years. Tor network was originate created mainly to protect users by Traffic Analysis Against. Increasing amount of users and amount of transferred data by Tor network causing latency problems. Also another problem are low-bandwidth nodes in Tor networks which are limiting overall circuit capacity. Conflux, the Tor plugin, is improving effort and decreasing latency time by creating multipaths within Tor circuits. Conflux is splitting traffic dynamically and it load balancing through multipaths to improve throughput and avoid bottlenecks in Tor circuits. Conflux measurement and evaluation proves approximately 30% improvement in expected download time. Based on this fact we can state, it significantly improves the experience of users who watch streaming videos online. This paper is focusing to analyze of network flow and sessions in anonymizing networks, mainly Tor anonymizing network. In part of problem's analyze we're discussing about Conflux tool. The Conflux tool is improving Tor network performance within anonymizing network flows. The problem's analyze discuss about several of methods to measure and verification how effective improve could be in the Tor network. As an output of problem's analyze we're proposing some possibilities to improve Conflux's performance and its deploy to the Tor network. The paper describe solution implementation, setup and configuration Tor client and Tor exit node. We're describing necessary modifications that need to be provided on Tor components. Patrik Kristel 1505959 Slovak University of Technology in Bratislava & Faculty of Informatics and Information Technologies Slovakia 0 Jan Lucansky 1505967 Slovak University of Technology in Bratislava & Faculty of Informatics and Information Technologies Slovakia 0 Ivan Kotuliak 270680 Slovak University of Technology Slovakia 0 15:30 15:30 1570374867 PS2.2 Anomaly Detection for OpenStack Services with Process-Related Topological Analysis 13th International Conference on Network and Service Management 2017 - Short Papers OpenStack has become the de-facto standard open source software for managing virtualized infrastructure for NFV, however, operators are facing increased complexity of fault management for OpenStack due to its black-box modular architecture and half-yearly version updates. This hinders operators from promptly identifying the root cause of failure or anomalies in OpenStack services. In this paper, we propose an anomaly detection framework for OpenStack in order to identify the root process of anomalies underlying OpenStack services. The framework utilizes a process relational graph and an anomaly detection technique with a centroid-based clustering algorithm. We demonstrate experiments with regards to two use cases and prove the framework to enable discovery of the root process that is responsible for the anomalous situation. Tomonobu Niwa 1506835 KDDI Research, Inc. Japan 1 Yuki Kasuya 1507230 KDDI Research, Inc. Japan 0 Takeshi Kitahara 141616 KDDI Research, Inc. Japan 0 15:30 15:30 1570375143 PS2.3 Charting an Intent Driven Network 13th International Conference on Network and Service Management 2017 - Full papers The strong divide between applications and the network control plane is desirable for many reasons; but a downside is that the network is kept in the dark regarding the ultimate purpose(s) of applications and, as a result, is unable to optimise for these. An alternative approach is for applications to declare to the network their abstract intents and assumptions; e.g. "this application requires group multicast", or "this application will run within a local domain and is latency sensitive". Such an enriched semantic has the potential to enable the network better to fulfil application intent, while also helping optimise network resource usage across applications. We refer to this approach as intent driven networking (IDN). We sketch an incrementally-deployable design to serve as a stepping stone towards a practical realisation of IDN within today's Internet. Yehia Elkhatib 351087 Lancaster University United Kingdom (Great Britain) 0 Geoff Coulson 8440 Lancaster University United Kingdom (Great Britain) 0 Gareth Tyson 830909 Queen Mary, University of London United Kingdom (Great Britain) 0 15:30 15:30 1570378721 PS2.4 Adaptive and Distributed Monitoring Mechanism in Software-Defined Networks 13th International Conference on Network and Service Management 2017 - Full papers Network traffic monitoring is an important factor to ensure the controllability and manageability of software-defined network (SDN). The current monitoring mechanism of SDN requires switches to request the controller for instructions to install flow entries for every new incoming flow. For fine-grained monitoring, which requires many flow entries in switches' flow tables, this mechanism creates a non-trivial delay in the forwarding of switches and overhead in the control channel. Our previous work presented SDN-Mon, a monitoring framework that supports fine-grained monitoring for SDN. In this paper, we discuss the aspect of monitoring the flows in a distributed manner. We believe that a distributed monitoring capability enhances the monitoring scalability for SDN. We propose a mechanism that supports SDN to distribute the monitoring load over multiple switches in the network, in which it prevents flows monitoring duplication and balances the monitoring load over switches in the network. With the proposed mechanism, each switch handles much less monitoring load; and the overhead at switches, the control channel, and the controller caused by the monitoring duplication is eliminated. We implement the proposal and integrate it to SDN-Mon to enable a scalable and distributed monitoring capability in SDN. Experimental results show that the proposed mechanism significantly reduces the amount of monitoring load per switch, while the monitoring load is well balanced over switches in the network, with only an acceptable polling and processing overhead. Xuan Thien Phan 829675 The Graduate University for Advanced Studies Japan 0 Ignacio Dominguez Martinez-Casanueva 1485555 Technical University of Madrid Spain 0 Kensuke Fukuda 213299 National Institute of Informatics Japan 0 TS3 Technical Session 3 16:00-17:30 2017-11-28T16:00:00+09:00 2017-11-28T17:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Roberto Riggio (FBK CREATE-NET, Italy) 16:00 16:30 1570374149 TS3.1 A Software-Defined Firewall Bypass for Congestion Offloading 13th International Conference on Network and Service Management 2017 - Full papers With increasing network bandwidths, stateful firewalls are likely to become communication bottlenecks in networks. To mitigate this problem, we propose to bypass selected traffic around firewalls using software-defined networking (SDN). We discuss various approaches and elaborate the following concept. A controller samples outgoing packets at the firewall using sFlow to detect congestion. In case of congestion, flows already admitted by the firewall are identified and offloaded at an appropriate rate by installing flow-specific bypass rules on an OpenFlow-capable switch. We suggest two different algorithms to select appropriate flows and provide a proof-of-concept implementation in a network testbed using the Ryu controller framework. Experimental results illustrate the system behavior at different load levels with and without offloading. We provide an analytical system model to predict the offloading performance for other system parameters than experimentally evaluated and validate the model with our experimental results. A parameter study suggests that the offloaded traffic rate may be a multiple of the firewall's capacity if the switch supports sufficient flow rules or is able to match for TCP flags. Florian Heimgaertner 840687 University of Tuebingen Germany 0 Mark Schmidt 394439 University of Tuebingen Germany 0 David Morgenstern 1485424 University of Tuebingen Germany 1 Michael Menth 5478 University of Tuebingen Germany 0 16:30 17:00 1570378588 TS3.2 An adaptive mechanism for LTE P-GW virtualization using SDN and NFV 13th International Conference on Network and Service Management 2017 - Full papers Software Defined Networking (SDN) and Network Function Virtualization (NFV) paradigms have been widely used to redesign the traditional mobile networks. Despite several proposals on the literature, researchers have drawn limited attention to the virtualization of user-plane functions that demand high traffic volume processing, as the case of Long Term Evolution (LTE) mobile gateways. This paper introduces an adaptive mechanism for the user plane virtualization of the LTE Packet Data Network (PDN) GateWay (P-GW), running entirely on top of OpenFlow switches. Using both SDN and NFV concepts, the proposed mechanism employs elastic computing notions to dynamically activate or deactivate the infrastructure switches so the virtualized gateway can adjust to workload changes. This work addresses both software and hardware OpenFlow infrastructure platforms, and simulation results highlight the benefits that can be achieved by the presented mechanism. Luciano Jerez Chaves 351649 University of Campinas Brazil 1 Islene Calciolari Garcia 124166 Universidade Estadual de Campinas Brazil 0 Edmundo Madeira 105546 State University of Campinas Brazil 0 17:00 17:30 1570378701 TS3.3 An Empirical Study of Software Reliability in SDN Controllers 13th International Conference on Network and Service Management 2017 - Full papers Software Defined Networking (SDN) exposes critical networking decisions, such as traffic routing or enforcement of the critical security policies, to a software entity known as the SDN controller. Controller software, as written by humans, is intrinsically prone to bugs, which may impair the network performance as a whole, if activated. Software reliability growth models (SRGM) are often used to estimate and predict the reliability of the software in the operational phase based on the fault report data during the testing phase. These models can be used to predict the number of residual bugs in the software, as well as failure intensity, software reliability and optimal software release time. In this paper we analyze ten releases of ONOS open source controller, whose uncensored fault reports are available online. Petra Vizarreta 1345078 Technical University of Munich Germany 0 Kishor S. Trivedi 1141069 Duke University USA 0 Bjarne E. Helvik 127343 NTNU - Norwegian University of Science and Technology Norway 0 Poul E. Heegaard 6371 Norwegian University of Science and Technology & NTNU Norway 0 Wolfgang Kellerer 95259 Technische Universität München Germany 0 Carmen Mas Machuca 168744 Technical University of Munich Germany 0 WR Welcome Reception 18:00-19:30 Restaurant Mori-no-Kaze, 15F, Bldg.26 KS2 Keynote Session 2 Network Softwarization for Driving Data Analytics, In-Network Machine Learning and Edge Computing Prof. Akihiro NAKAO, The University of Tokyo https://www.cnsm-conf.org/2017/keynotes.html Akihiro Nakao received B.S.(1991) in Physics, M.E.(1994) in Information Engineering from the University of Tokyo. He was at IBM Yamato Laboratory, Tokyo Research Laboratory, and IBM Texas Austin from 1994 till 2005. He received M.S.(2001) and Ph.D.(2005) in Computer Science from Princeton University. He has been teaching as an associate professor (2005-2014) and as a professor (2014-present) in Applied Computer Science, at Interfaculty Initiative in Information Studies, Graduate School of Interdisciplinary Information Studies, the University of Tokyo. He has been contributing and leading many projects on Future Internet technologies; PlanetLab, GENI, Vnode, FLARE, and 5G!Pagoda as well as ITU-T FG-IMT2020 Standardization discussion. Moreover, he has been appointed as a chairman of the Network Architecture Committee of 5G Mobile Communication Promotion Forum (5GMF) since Sep., 2014. 29 November 2017 09:30-10:30 2017-11-29T09:30:00+09:00 2017-11-29T10:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Carol Fung (Virginia Commonwealth University, USA) PS3 Poster Session 3 and Coffee Break 10:30-11:30 2017-11-29T10:30:00+09:00 2017-11-29T11:30:00+09:00 Lobby, B1F, Bldg.27 10:30 10:30 1570375117 PS3.1 A Prediction-based Dynamic Resource Management Approach for Network Virtualization 13th International Conference on Network and Service Management 2017 - Full papers In network virtualization environment, multiple virtual networks share the same resource of a physical network. Since the physical resources of a substrate network is limited, it is necessary to improve the utilization of physical resources. Considering the resource requirement of a virtual network may change over its lifetime, we propose a prediction-based resource management mechanism. In order to increase the utilization of the substrate network, we can adjust the resource allocated to the virtual network based on the result of prediction. In our proposed method, the prediction algorithm is based on the double exponential smoothing (DES). Additionally, in order to avoid the result of prediction deviates from the real requirement, we compare our prediction result with the collection of the resource utilization at real time to ensure the correctness of our result. The simulation results show that our approach can increase the utilization of the physical resource and improve the virtual network acceptance ratio while ensuring the requirement of the virtual networks. Jiacong Li 1506995 Beijing University of Posts and Telecommunications P.R. China 0 Ying Wang 677393 Beijing University of Posts and Telecommunications P.R. China 0 Zhanwei Wu 1506913 Beijing University of Posts and Telecommunications & State Key Laboratory of Networking and Switching Technology P.R. China 0 Sixiang Feng 1506972 Beijing University of Posts and Telecommunications P.R. China 0 Qiu Xue-song 119912 Beijing University of Posts and Telecommunications P.R. China 0 10:30 10:30 1570375160 PS3.2 AutoFocus: Automatically Scoping the Impact of Anomalous Service Events 13th International Conference on Network and Service Management 2017 - Full papers Tracking down the root cause and impact scope of end-to-end network service anomalies is challenging. We present a generic approach to fully automate this process of localizing the service impact of a network event within a fine-grained multidimensional time series dataset. Our approach begins with a metric definition which models how well an anomaly fits across relevant dimensions. The metric guides AutoFocus, a greedy algorithm we designed to significantly reduce the search space. We evaluate AutoFocus on a real-world multidimensional datasets from a large network operator, using both synthetic event generation as well as case studies. Our evaluation shows that our approach results in accurate trouble isolation, thus helping to automate the process for network operators. Ren Quinn 1507141 University of Utah USA 1 Zihui Ge 118181 AT&T Labs - Research USA 0 He Yan 377870 AT&T Labs - Research USA 0 Jacobus Van der Merwe 818111 University of Utah USA 0 10:30 10:30 1570378691 PS3.3 Distributed-Collaborative Managed Dash Video Services 13th International Conference on Network and Service Management 2017 - Full papers We propose a new distributed-collaborative DASH video service architecture over software defined networks (SDN), where groups of DASH clients sharing a network slice with a reserved throughput collaborate with each other to compute their own fair-share bitrates. The proposed service is managed by the video service provider (VSP) in collaboration with the network service provider (NSP). We observe that quality of service (QoS) reservation alone is not sufficient to supply fair and steady video quality to heterogenous DASH clients sharing a network slice due to the nature of TCP congestion control methods. The proposed distributed-collaborative video streaming service enables each client to share its buffer status with other clients in the same group so that each client can estimate a group-buffer-status aware fair-share bitrate, enforce this rate by TCP receive-window size adaptation over a network slice with a reserved throughput for the group, and perform application-level DASH video rate adaptation that is consistent with this enforced fair bitrate. Experimental results show that the proposed collaborative video service outperforms the traditional competitive DASH clients in terms of (i) overcoming quality fluctuations per client, (ii) providing fairness among multiple DASH clients, and (iii) increasing the total goodput of the reserved slice. Kemal Sahin 1352163 Koc University Turkey 0 Kadir Tolga Bağcı 584047 Koc University Turkey 0 A. Murat Tekalp 137925 Koc University Turkey 0 10:30 10:30 1570378851 PS3.4 Network-Integrated Edge Computing Orchestrator for Application Placement 13th International Conference on Network and Service Management 2017 - Full papers In the effort to detach applications from centralized clouds with high latency responses, application providers turn their attention to edge computing solutions that offer low latency and improved user experience. Current application placement solutions use network-related information (e.g., available resources of the nodes, geographical location) as decision basis, but their design, their way of operation, and their placement logic are biased by the assumption that the network cannot be controlled. In this paper, we design an orchestrator that operates within the telecom infrastructure and assumes cooperation with access and core network controllers. As a result, network adjustments can now be requested which leads to an orchestrator that has interfaces to lower network layers, participates in the provisioning of network resources, and solves an optimization problem which, contrary to the state of the art, performs component-by-component placement and does not assume a known or fixed degree of replication of the applications. To solve this new problem, we develop appropriate heuristics, including one based on pre-computed shortest paths, which runs in polynomial time (i.e., much faster than the exponential time of an exhaustive search) and finds the optimal solution in more than 99% of the tested scenarios (i.e., significantly higher than the ca. 95% achieved by adaptations of known heuristics). Vasileios Karagiannis 1511102 NEC Laboratories Europe Germany 0 Apostolos Papageorgiou 544981 NEC Laboratories Europe Germany 1 10:30 10:30 1570378871 PS3.5 Large-scale Antennas Analysis of Untrusted Relay System with Cooperative Jamming 13th International Conference on Network and Service Management 2017 - Short Papers In Rayleigh fading channels, a novel full-duplex destination jamming with optimal antenna selection (FDJ-OAS) scheme is proposed to improve the secrecy performance of the untrusted relay system with multiple-antenna destination. The traditional half-duplex destination jamming scheme and the non-jamming scheme both combined with OAS are presented to compare with FDJ-OAS. The approximate closed-form expressions of ergodic achievable secrecy rate and optimal power allocation factor for FDJ-OAS are significantly derived in the large-scale antennas analysis. Furthermore, simulation results show that, the analytical curves match well with the simulation curves, and the FDJ-OAS is superior to the other two schemes. Xing Tan 1487264 Huaqiao University P.R. China 1 Rui Zhao 514126 Huaqiao University P.R. China 0 YuanJian Li 1487268 HuaQiao University P.R. China 0 TS4 Technical Session 4 11:00-12:30 2017-11-29T11:00:00+09:00 2017-11-29T12:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Kiyohito Yoshihara (KDDI Research Inc., Japan) 11:00 11:30 1570374541 TS4.1 Resource Provisioning for IoT application services in Smart Cities 13th International Conference on Network and Service Management 2017 - Full papers In the last years, traffic over wireless networks has been increasing exponentially, due to the impact of Internet of Things (IoT) and Smart Cities. Current networks must adapt to and cope with the specific requirements of IoT applications since resources can be requested on-demand simultaneously by multiple devices on different locations. One of these requirements is low latency, since even a small delay for an IoT application such as health monitoring or emergency service can drastically impact their performance. To deal with this limitation, the Fog computing paradigm has been introduced, placing cloud resources on the edges of the network to decrease the latency. However, deciding which edge cloud location and which physical hardware will be used to allocate a specific resource related to an IoT application is not an easy task. Therefore, in this paper, an Integer Linear Programming (ILP) formulation for the IoT application service placement problem is proposed, which considers multiple optimization objectives such as low latency and energy efficiency. Solutions for the resource provisioning of IoT applications within the scope of Antwerp's City of Things testbed have been obtained. The result of this work can serve as a benchmark in future research related to placement issues of IoT application services in Fog Computing environments since the model approach is generic and applies to a wide range of IoT use cases. José Santos 1500073 Ghent University - imec, IDLab Belgium 0 Tim Wauters 114405 Ghent University - iMinds Belgium 0 Bruno Volckaert 1503169 Ghent University-imec & IBBT Belgium 0 Filip De Turck 97039 Ghent University - imec Belgium 0 11:30 12:00 1570378855 TS4.2 vFetch: Video Prefetching using Pseudo Subscriptions and User Channel Affinity in YouTube 13th International Conference on Network and Service Management 2017 - Full papers Video streaming is responsible for the largest portion of traffic in fixed and mobile networks. Yet, forecasts expect this amount to grow further. Especially for mobile devices connected to cellular networks, high QoE video streaming can be a challenge as the user data volume is metered and limited and the connection quality may vary severely. A way to mitigate this issue is through prefetching videos that the user is likely to watch in advance on the user's smartphone, e.g., while he is connected to WiFi. However, this approach can only be efficient if only the videos that are interesting for the respective user are prefetched which constitutes a major estimation and prediction challenge. To this end, this paper presents three contributions: First, a user study was conducted to analyze the users' video request behavior and to draw valuable insights for prefetching. Second, we propose a novel privacy-preserving prefetching framework denoted vFetch that prefetches videos w.r.t. the user's affinity of YouTube channels. Third, a trace-based evaluation and parameter study is conducted, demonstrating vFetch's efficiency with a hit rate of ∼50% for a 50 GB cache. Christian Koch 1018155 Technische Universität Darmstadt Germany 1 Benedikt Lins 1511119 Technische Universität Darmstadt Germany 0 Amr Rizk 299472 Technische Universität Darmstadt Germany 0 Ralf Steinmetz 1894 Technische Universität Darmstadt Germany 0 David Hausheer 99597 OVGU Magdeburg Germany 0 12:00 12:30 1570378940 TS4.3 Scheduling Service Function Chains for Ultra-Low Latency Network Services 13th International Conference on Network and Service Management 2017 - Full papers The fifth generation (5G) of cellular networks is emerging as the key enabler of killer real-time applications, such as tactile Internet, augmented and virtual reality, tele-driving, autonomous driving, etc., providing them with the much needed ultra-reliable and ultra-low latency services. Such applications are expected to take full advantages of recent developments in the areas of cloud and edge computing, and exploit emerging industrial initiatives such as Software Defined Networks (SDN) and Network Function Virtualization (NFV). Often, these 5G applications require network functions (e.g., IDSs, load balancers, etc.) to cater for their end-to-end services. This paper focuses on chaining network functions and services for these applications, and in particular considers those delay sensitive ones. Here, we account for services with deadlines and formulate the joint problem of network function mapping, routing and scheduling mathematically and highlight its complexity. Then, we present an efficient method for solving these sub-problems sequentially and validate its performance numerically. We also propose and characterize the performance of a Tabu search-based approach that we design to solve the problem. Our numerical evaluation reveals the efficiency of our sequential method and the scalability of our Tabu-based algorithm. Hyame Alameddine 1352481 Concordia University Canada 0 Long Qu 920015 Ningbo University P.R. China 0 Chadi Assi 85439 Concordia University Canada 0 Lunch Lunch 12:30-14:00 Restaurant Mori-no-Kaze, 15F, Bldg.26 TS5 Technical Session 5 14:00-15:30 2017-11-29T14:00:00+09:00 2017-11-29T15:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Chadi Assi (Concordia University, Canada) 14:00 14:30 1570375233 TS5.1 Measuring Exposure in DDoS Protection Services 13th International Conference on Network and Service Management 2017 - Full papers Denial-of-Service attacks have rapidly gained in popularity over the last decade. The increase in frequency, size, and complexity of attacks has made DDoS Protection Services (DPS) an attractive mitigation solution to which the protection of services can be outsourced. Despite a thriving market and increasing adoption of DPS, protection services can be bypassed, and direct attacks can be launched against the origin of a target. Misconfigurations in the Domain Name System (DNS), one of the mechanisms on which many DPS are built, may actually leak the origin of a target, which defeats the purpose of outsourcing protection. We perform a large-scale analysis of this phenomenon by using three large data sets that cover a 16-month period: a data set of active DNS measurements; a DNS-based data set that focuses on DPS adoption; and a data set of DoS attacks inferred from backscatter traffic to a sizable darknet. We analyze nearly 11k protected Web sites on Alexa's top 1M, for eight leading DPS providers. Our results show that 40% of these Web sites expose the origin in the DNS. Moreover, we show that the origin of 19% of these Web sites is targeted after outsourcing protection. Mattijs Jonker 1205157 University of Twente The Netherlands 1 Anna Sperotto 237065 Twente University The Netherlands 0 14:30 15:00 1570382814 TS5.2 Android Malicious Application Detection Using Support Vector Machine and Active Learning 13th International Conference on Network and Service Management 2017 - Full papers The increasing popularity of Android phones and its open app market system have caused the proliferation of malicious Android apps. The increasing sophistication and diversity of the malicious Android apps render the conventional malware detection techniques ineffective, which results in a large number of malicious applications remaining undetected. This calls for more effective techniques for detection and classification of Android malware. Hence, in this paper, we present an Android malicious application detection framework based on the Support Vector Machine (SVM) and Active Learning technologies. In our approach, we extract applications' activities while in execution and map them into a feature set, we then attach timestamps to some features in the set. We show that our novel use of time-dependent behavior tracking can significantly improve the malware detection accuracy. In particular, we build an active learning model using Expected error reduction query strategy to integrate new informative instances of Android malware and retrain the model to be able to do adaptive online learning. We evaluate our model through a set of experiments on the DREBIN benchmark malware dataset. Our evaluation results show that the proposed approach can accurately detect malicious applications and improve updatability against new malware. Bahman Rashidi 1332073 Virginia Commonwealth University USA 0 Carol J Fung 150276 Virginia Commonwealth University USA 0 Elisa Bertino 925357 Purdue University USA 0 15:00 15:30 1570382923 TS5.3 Attacking Strategies and Temporal Analysis Involving Facebook Discussion Groups 13th International Conference on Network and Service Management 2017 - Full papers Online social network (OSN) discussion groups are exerting significant effects on political dialogue. In the absence of access control mechanisms, any user can contribute to any OSN thread. Individuals can exploit this characteristic to execute targeted attacks, which increases the potential for subsequent malicious behaviors such as phishing and malware distribution. These kinds of actions will also disrupt bridges among the media, politicians, and their constituencies. For the concern of Security Management, blending malicious cyber attacks with online social interactions has introduced a brand new challenge. In this paper we describe our proposal for a novel approach to studying and understanding the strategies that attackers use to spread malicious URLs across Facebook discussion groups. We define and analyze problems tied to predicting the potential for attacks focused on threads created by news media organizations. We use a mix of macro static features and the micro dynamic evolution of posts and threads to identify likely targets with greater than 90% accuracy. One of our secondary goals is to make such predictions within a short (10 minute) time frame. It is our hope that the data and analyses presented in this paper will support a better understanding of attacker strategies and footprints, thereby developing new system management methodologies in handing cyber attacks on social networks. Chun-Ming Lai 1514781 University of California, Davis USA 0 Xiaoyun Wang 1514900 University of California, Davis USA 0 Yunfeng Hong 963169 UC Davis, Davis California USA 0 Yu-Cheng Lin 1514901 University of California, Davis USA 0 Shyhtsun Felix Wu 96781 University of California, Davis USA 0 Patrick McDaniel 120041 Pennsylvania State University USA 0 Hasan Cam 14640 Army Research Laboratory USA 0 PS4 Poster Session 4 and Coffee Break 15:30-16:00 2017-11-29T15:30:00+09:00 2017-11-29T16:00:00+09:00 Lobby, B1F, Bldg.27 15:30 15:30 1570375312 PS4.1 A Model-based Application Autonomic Manager with Fine Granular Bandwidth Control 13th International Conference on Network and Service Management 2017 - Full papers Horizontal scaling is one of the common adaptation actions when an application on cloud is overloaded. However, this practice increases the operational cost and instability of applications degrading user experience due to reconfiguration. A faster and less costly approach for the application is to dynamically adjust the soft resources, such as bandwidth. In this paper, we propose and implement a machine learning based autonomic manager that controls the bandwidth rates allocated to each scenario of a web application on an overlay network to postpone scaling out for as long as possible. Through experiments on Amazon AWS cloud, the autonomic manager is able to quickly meet the Service level Agreement (SLA) and reduce the SLA violations by 56% compared to a previous heuristic-based approach. Nasim Beigi 1293261 York University Canada 0 Mark Shtern 918425 York University Canada 0 Marin Litoiu 430348 York University Canada 0 15:30 15:30 1570378730 PS4.2 Risk Prediction of the SCADA Communication Network Based on Entropy-Gray Model 13th International Conference on Network and Service Management 2017 - Full papers The power SCADA system is designed to ensure the safe operation of the power system. The SCADA communication network as an information exchange carrier between remote terminal units and master stations, is the key part of the SCADA system, and it has a high requirement for security. However, due to the wide distribution of the network and the interconnected network structure, it is susceptible to risks. So there is an urgent need for accurate and real-time risk prediction. In this paper, we propose a risk prediction model based on entropy-gray model, where the gray model is used to predict the values of the network risk indexes, and the entropy method is to determine the weight of those risk indexes. Finally, the overall risk value of the network is decided with analytic hierarchy process. Simulation results show that the proposed entropy-gray method can achieve accurate and timely risk prediction. Meng Li 1510773 Beijing University of Posts and Telecommunications P.R. China 0 Li Wenjing 558889 Beijing University of Posts and Telecommunications P.R. China 0 Peng Yu 534337 Beijing University of Posts and Telecommunications P.R. China 0 Fanqin Zhou 1075885 Beijing University of Posts and Telecommunications P.R. China 0 15:30 15:30 1570378854 PS4.3 Connectivity Extraction in Cloud Infrastructures 13th International Conference on Network and Service Management 2017 - Full papers For management and security purposes, cloud providers should know the connectivity graph between virtual machines. Since traditional methods used in physical networks produce incomplete results and are hardly usable in the Cloud, we propose to use information provided by a Cloud Management Software and an SDN controller, to compute the connectivity graph in those environments. Our approach shows an exact, complete and up-to-date connectivity graphs computation on a representative infrastructure, in reasonable time. Pernelle Mensah 1511099 Nokia Bell Labs & Centrale Supelec Rennes - Inria France 0 Eric Totel 1511105 Centrale Supelec Rennes France 0 Samuel Dubus 497903 Nokia Bell Labs France 0 Waël Kanoun 1511107 Nokia Bell Labs France 0 Christine Morin 118971 INRIA & IRISA France 0 Guillaume Piolle 1511109 Centralesupélec & Inria France 0 15:30 15:30 1570382645 PS4.4 Enhanced Fast BSS Transition on Enterprise WLAN with SDN-based Distribution System 13th International Conference on Network and Service Management 2017 - Full papers Currently, most mobile Internet devices are using WLANs as a primary broadband wireless access network for various broadband mobile Internet services, such as Video on Demand (VoD), webcasting, and on-line games. One of the challenges in QoS-aware realtime mobile multimedia service provisioning through WLANs is QoS-aware fast BSS (Basic Service Set) transition. Since most WiFi access points (APs) do not provide fast BSS transition (FT), changing currently connected AP to another takes several seconds during which mobile services are disrupted. Besides, as most mobile Internet devices are simply connecting to the access point (AP) of the strongest signal without consideration of the currently available resource at the target AP, WLANs are not providing optimal throughput with load balancing and efficient QoS provisioning. In this paper, we propose a enhanced fast BSS transition scheme for seamless mobile broadband multimedia service provisioning and load balancing. The proposed scheme is based on i) cognitive management of WLAN ESS with SDN-based distribution system to allow checking for resource availability before selecting a candidate target AP, ii) QoS-aware roaming/handover with resource request over distribution system(DS), and iii) proactive flow updates of SDN-based distribution system. The traffic loads of individual APs in the ESS (extended service set) are periodically measured and collected by ESS-CM (control and management) server. If a mobile station needs to transit to other AP, it provides the signal strengths of neighbor APs to the ESS-CM, obtains the traffic information of neighbor APs from ESS-CM, and performs the over-the-DS fast BSS transition request/response and the FT-Confirm/ACK handshaking with resource request in advance through the wired-DS. The proposed scheme had been implemented and evaluated in real IEEE 802.11n testbed environment, and the performance measurements showed enhanced QoS provisioning with minimized service disruption time and packet loss compared with existing approaches. Hyungdong Hwang 954201 Graduate School, Yeungnam University Korea 0 Young-Tak Kim 12366 Yeungnam University Korea 0 TS6 Technical Session 6 16:00-17:30 2017-11-29T16:00:00+09:00 2017-11-29T17:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Noriaki Kamiyama (Fukuoka University, Japan) 16:00 16:30 1570375147 TS6.1 Fill-in the Gaps: Spatial-Temporal Models for Missing Data 13th International Conference on Network and Service Management 2017 - Full papers Effective workload characterization and prediction are instrumental for efficiently and proactively managing large systems. System management primarily relies on the workload information provided by underlying system tracing mechanisms that record system-related events in log files. However, such tracing mechanisms may temporarily fail due to various reasons, yielding ``holes'' in data traces. This missing data phenomenon significantly impedes the effectiveness of data analysis. In this paper, we study real-world data traces collected from over 80K virtual machines (VMs) hosted on 6K physical boxes in the data centers of a service provider. We discover that the usage series of VMs co-located on the same physical box exhibit strong correlation with one another, and that most VM usage series show temporal patterns. By taking advantage of the observed spatial and temporal dependencies, we propose a data-filling method to predict the missing data in the VM usage series. Detailed evaluation using trace data in the wild shows that the proposed method is sufficiently accurate as it achieves an average of 20\% absolute percentage errors. We also illustrate its usefulness via a use case. Ji Xue 1236925 College of William and Mary, USA USA 0 Bin Nie 1507115 College of William and Mary USA 0 Evgenia Smirni 120686 College of William and Mary USA 0 16:30 17:00 1570375180 TS6.2 Programmable Residues Defined Networks for Edge Data Centres 13th International Conference on Network and Service Management 2017 - Full papers Edge Data Centres (EDC) are often managed by a single administrative entity with logically centralized control. The architectural split of control and data planes and the new control plane abstractions have been touted as Software-Defined Networking (SDN), where the OpenFlow protocol is one common choice for the standardized programmatic interface to data plane devices. However, in the design of an SDN architecture, there is no clear distinction between functional network parts such as core and edge elements. It means that all switches require to support lookups over hundreds of bits with complex actions that have to be specified by multiple tables. In this paper, we propose a new programmable architecture for EDC networks, named Residual Defined Networks (RDN). In RDN, a controller defines a network policy (e.g. connectivity protection) setting flow entries at the edges. The edge switches assign a route-ID to select any existing path. A route is defined as the remainder of the division (Residue) between a route-ID and a set of switch-IDs within RDN core. In case of failures, emergency routes are compactly encoded as programmable residues forwarding paths written into the packets. RDN scalability is evaluated considering 2-tier Clos topologies which cover mostly EDC deployments supporting up to 2304 servers. A RDN proof-of-concept prototype is implemented in Mininet for network emulation. Also, to increase the accuracy on latency measures, we implement RDN in NetFPGA that is validated in a testbed with 10Gbps Ethernet boards. RDN offers ultra-fast failure recovery (sub-milliseconds carrier grade), achieves low latency with RDN switching time per hop 0.6us and no jitter within the RDN core. Magnos Martinello 374881 Federal University of Espirito Santo Brazil 1 Alextian Liberato 1255975 Federal Institute of Science and Technology of Espírito Santo Brazil 0 Arash Beldachi 1454591 University of Bristol United Kingdom (Great Britain) 0 Koteswararao Kondepu 298532 Sculoa Superiore Sant'Anna Italy 0 Roberta Gomes 355177 UFES Brazil 0 Rodolfo S Villaca 115893 Federal University of Espirito Santo (UFES) Brazil 0 Moises R. N. Ribeiro 99456 Federal Universty of Espirito Santo Brazil 0 Yan Yan 1034879 University of Bristol United Kingdom (Great Britain) 0 Emilio Hugues-Salas 1060771 University of Bristol United Kingdom (Great Britain) 0 Dimitra Simeonidou 89127 University of Bristol United Kingdom (Great Britain) 0 17:00 17:30 1570381637 TS6.3 Cost-effective replica management in fault-tolerant cloud environments 13th International Conference on Network and Service Management 2017 - Full papers Cloud providers rely on fault-tolerance mechanisms to realize high-availability services on best-effort infrastructure. Service replication limits the data-loss caused by failure, at the expense of additional operational costs. Recently, cloud environments are becoming increasingly heterogeneous and dynamic, by the incorporation of (very) unreliable and resource-constrained devices. In this paper, we investigate how to devise an economically viable replication strategy, for a given service on a particular cloud environment. Previous work either focused on finding replication strategies for stateless services, ignoring recovery processes and correlated failures, or considered system dynamics, while lacking Service Level Agreement (SLA)-awareness. We approach the replica management problem as a run-time revenue maximization problem. Our proposed dynamic programming algorithm can generate the optimal replication strategy over the application's life-time. Through extensive simulations, we show that our algorithm significantly improves provider revenue over a wide range of cloud- and SLA-conditions, and adapt its strategy to evolving operating conditions. The results show that coupling dynamic failure models with SLA-awareness can lead to a significantly improved provider revenue. Bart Spinnewyn 1293425 University of Antwerp & iMinds Belgium 0 Juan Felipe Botero 323523 Universidad de Antioquia Colombia 0 Steven Latré 1059359 University of Antwerp - imec Belgium 1 OP Opera Evening https://www.cnsm-conf.org/2017/OperaEvening.pdf Baritone: Yuma Shimizu; Piano: Shiho Fujikawa 18:00-18:45 Ono Memorial Hall, B2F, Bldg.27 GD Gala Dinner 19:15-21:30 Diamond Room, 2F, Rihga Royal Hotel Tokyo KS3 Keynote Session 3 Networking Grand Challenges for 5G/IoT Advanced Applications and Platforms in US Ignite in 5G/IoT era Dr. Glenn Ricart, US Ignite, Founder and CTO https://www.cnsm-conf.org/2017/keynotes.html Glenn Ricart brings forty years of innovation in computer networking and related fields to US Ignite. Glenn is an Internet pioneer who implemented the first Inter-net interconnection point (the FIX in College Park, Maryland) and was recognized for this achievement by being inducted into the Internet Hall of Fame in August 2013. In one of his previous roles where he was academic CIO at the University of Maryland, his campus implemented the first institution-wide TCP/IP (Internet) network in 1983 using low-cost PDP-11 routers ("Fuzballs") with software devised at the University of Maryland. Glenn was principal investigator of SURAnet, the first regional TCP/IP (Internet) network of academic and commercial institutions. Glenn's formal education includes degrees from Case Institute of Technology and Case Western Reserve University, and his Ph.D. in Computer Science is from the University of Maryland, College Park. His inventions have resulted in more than a dozen patents. Dr. Ricart has served on the boards of three public companies, CACI, the SCO Organization, and First USA Financial Services, in addition to numerous non-profits 30 November 2017 09:30-10:30 2017-11-30T09:30:00+09:00 2017-11-30T10:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Steven Latré (University of Antwerp - imec, Belgium) PS5 Poster Session 5 and Coffee Break 10:30-11:30 2017-11-30T10:30:00+09:00 2017-11-30T11:30:00+09:00 Lobby, B1F, Bldg.27 10:30 10:30 1570382816 PS5.1 IPv6-specific Misconfigurations in the DNS 13th International Conference on Network and Service Management 2017 - Full papers With the Internet transitioning from IPv4 to IPv6, the number of IPv6-specific DNS records (AAAA) increases. Misconfigurations in these records often go unnoticed, as most systems are provided with connectivity over both IPv4 and IPv6, and automatically fall back to IPv4 in case of connection problems. With IPv6-only networks on the rise, such misconfigurations result in servers or services rendered unreachable. Using long-term active DNS measurements over multiple zones, we qualify and quantify these IPv6-specific misconfigurations. Applying pattern matching on AAAA records revealed which configuration mistakes occur most, the distribution of faulty records per DNS operator, and how these numbers evolved over time. We show that more than 97% of invalid records can be categorized into one of our ten defined main configuration mistakes. Furthermore, we show that while the number and ratio of invalid records decreased over the last two years, the number of DNS operators with at least one faulty AAAA record increased. This emphasizes the need for easily applicable checks in DNS management systems, for which we provide recommendations in the conclusions of this work. Luuk Hendriks 1122847 University of Twente The Netherlands 0 Pieter-Tjerk de Boer 139057 University of Twente The Netherlands 0 Aiko Pras 6777 University of Twente The Netherlands 0 10:30 10:30 1570378886 PS5.2 Control Plane Latency Reduction for Service Chaining in Mobile Edge Computing System 13th International Conference on Network and Service Management 2017 - Full papers Software-Defined Networking and Network Function Virtualization technologies are utilized to construct service chains cheaply and elastically. In Mobile Edge Computing platform, cloud servers can be deployed near to base stations. Migrating service functions of service chains to edge can reduce network latency or save unnecessary bandwidth consumption between edge and cloud datacenter. However, the control plane latency of SDN/NFV Mobile Edge Computing Platform is subject to the scalability of flow table in SDN switches due to flow table overflow problem. In this paper, we proposed Hash-based Group Management scheme to reduce the number of maintained flow entries by assigning users into groups and design a hash-based structure to efficiently maintain the group information. In our simulation results, the proposed scheme can reduce the number of maintain flow entries and table overflow ratio to improve the control plane latency. Chi-Hsiang Hung 1345844 National Chiao Tung University Taiwan 1 Yao-Chou Hsieh 1511127 National Chiao Tung University Taiwan 0 Li-Chun Wang 118401 National Chiao Tung University Taiwan 0 10:30 10:30 1570378961 PS5.3 Identification of Communication Devices from Analysis of Traffic Patterns 13th International Conference on Network and Service Management 2017 - Full papers Recently, variety of communication devices such as printers, IP telephones, network cameras are used widely, with the support of networking in consumer electronics. As a spread of IoT (Internet of Things), the number of embed devices are significantly increasing, however, such devices have lack of capability on security. It is therefore desirable that a network identifies these devices to take appropriate operations. In this paper, we propose an identification method of communication devices from monitoring patterns of traffic, here we use statistical metrics such as packet inter-arrival time or packet size, and we apply a machine learning for the identification. Through evaluations using real traffic, we show that our method can achieve over 90% of identification to 9 commiunication devices. Hiroki Kawai 1511238 OsakaCityUniversity Japan 0 Shingo Ata 14463 Osaka City University Japan 0 Ikuo Oka 14474 Osaka City University Japan 0 Nobuyuki Nakamura 15319 OKI Electric Industry Co., Ltd. Japan 0 10:30 10:30 1570382753 PS5.4 Automated Synthesis of NFV Topology: A Security Requirement-Oriented Design 13th International Conference on Network and Service Management 2017 - Full papers Cyber defense today heavily depends on expensive and proprietary hardware deployed at fixed locations. Network functions virtualization (NFV) reduces the limitations of these vendor specific hardware by allowing a flexible and dynamic implementation of virtual network functions in virtual machines running on commercial off-the-shelf servers. These network functions can work as a filter to distinguish between a legitimate packet and an attack packet, and can be deployed dynamically to balance the variable attack load. However, allocating resources to these virtual machines is an NP-hard problem. In this work, we propose a solution to this problem and determine the number and placement of the VMs. We design and implement NFVSynth, an automated framework that models the resource specifications, incoming packet processing requirements, and network bandwidth constraints. It uses satisfiability modulo theories (SMT) for modeling this synthesis problem and provides a satisfiable solution. We also present simulated experiments to demonstrate the scalability and usability of the solution. A h m Jakaria 1424987 Tennessee Technological University USA 0 Mohammad Ashiqur Rahman 157268 Tennessee Tech University USA 0 Carol J Fung 150276 Virginia Commonwealth University USA 0 10:30 10:30 1570382804 PS5.5 DPR-MAC: Dynamic Polling for Rare Events in Wireless Sensor Networks 13th International Conference on Network and Service Management 2017 - Full papers Energy efficiency is the most critical aspect of disaster management/rare event detection Wireless Sensor Networks due to the low probability of event occurrence. For such networks, it is essentially important to guarantee that the nodes be alive when the event occurs as the objective of WSN deployment would not be achieved otherwise. This paper evaluated the influence of using deterministic, exponential and dynamic polling intervals by developing an asynchronous MAC protocol DPR-MAC (Dynamic Polling for Rare events). DPR-MAC has been implemented in Tiny-OS and simulated using Avrora. It has been revealed that exponential and dynamically selected polling intervals can significantly improve the energy performance of DPR-MAC and hence the lifetime of the WSN dedicated for rare event detection applications. Similarly, the transmission delay for the event data is shown to be reduced for DPR-MAC with dynamically selected polling intervals. The results have been compared with SCP-MAC for performance improvement. Shama Siddiqui 467289 Institute of Business Administration Pakistan 0 Anwar Khan 1387091 Institute of Business Administration Pakistan 0 Muhammad Sayeed Ghani 97213 Institute of Business Administration Pakistan 0 TS7 Technical Session 7 11:00-12:30 2017-11-30T11:00:00+09:00 2017-11-30T12:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Pal Varga (Budapest University of Technology and Economics, Hungary) 11:00 11:30 1570375185 TS7.1 Adaptive Traffic Monitoring for Software Dataplanes 13th International Conference on Network and Service Management 2017 - Full papers Network operators have recently been developing multi-Gbps traffic monitoring tools that execute on commodity hardware and are part of the packet-processing pipelines realizing software dataplanes. These solutions allow sophisticated tasks to be performed on a per-packet basis, without relying on sampling or passive trace analysis, by leveraging the processing power available on servers. Although advances in packet capture have enabled intercepting packets from network cards at high rates, bottlenecks can still arise in the monitoring process as a result of concurrent access to shared processor resources, variations of the traffic skew, and unbalanced packet-rate spikes. In this paper we present an adaptive traffic monitoring approach that copes with emerging bottlenecks by timely detecting changes in the operational conditions and reconfiguring monitoring-related operations for subsets of traffic flows. Our solution performs responsive adaptations at the time scale of milliseconds and does not require a significant amount of resources. To demonstrate the capabilities of our approach we implemented it as part of a generic packet-processing pipeline and show that lossless traffic monitoring can be achieved for a wide range of conditions. Gioacchino Tangari 1411700 University College London United Kingdom (Great Britain) 0 Marinos Charalambides 830511 University College London United Kingdom (Great Britain) 0 Daphne Tuncer 854477 University College London United Kingdom (Great Britain) 0 George Pavlou 816589 University College London United Kingdom (Great Britain) 0 11:30 12:00 1570378519 TS7.2 GML Learning, A Generic Machine Learning Model for Network Measurements Analysis 13th International Conference on Network and Service Management 2017 - Full papers The application of machine learning models to the analysis of network measurement problems has largely increased in the last decade; however, there is still no clear best-practice or silver bullet approach to address these problems in a general context, and only adhoc and very tailored approaches have been evaluated so far. While deep-learning models have provided a major breakthrough in highly-dimensional problems such as image processing, it is difficult to say today which is the best model or most fitted category of models to address the analysis of large volumes of highly-dimensional data collected in operational networks. In this paper we present a potential solution to fill this gap, exploring the application of ensemble learning models to multiple network measurements analysis problems. Ensemble learning is the process by which multiple models, such as classifiers or experts, are strategically generated and combined to solve a particular problem. Ensemble methods use multiple learning algorithms to obtain better predictive performance than could be obtained from any of the constituent learning algorithms alone. We introduce GML Learning, a generic Machine Learning model for network measurements analysis. The GML model is a generalization of the well-known stacking approach to ensemble learning, and follows the concepts of the Super Learner model. The Super Learner performs asymptotically as well as the best possible weighted combination of the base learners, providing a very powerful approach to tackle multiple problems with the same technique. In addition, it defines an approach to minimize over-fitting likelihood during training, using a variant of cross-validation. We deploy the GML model on top of Big-DAMA, a big data analytics framework for network measurements analysis applications. We test the proposed solution in five different and assorted network measurements analysis problems, including detection of network attacks, detection of smartphone-apps anomalies, QoE prediction in cellular networks, QoE-modeling for video streaming, and Internet-paths dynamics tracking. Results confirm that the GML model provides better results than any of the single baseline models of the stack, as well as to both traditional bagging and boosting ensemble learning approaches. The GML Learning model opens the door for a generalization of a best-practice technique for the analysis of network measurements. Pedro Casas 244435 Austrian Institute of Technology (AIT) Austria 0 Juan Vanerio 1189751 Universidad de la República & ANTEL Uruguay 0 Kensuke Fukuda 213299 National Institute of Informatics Japan 1 12:00 12:30 1570382656 TS7.3 Accurate Delay Measurement for Parallel Monitoring of Probe Flows 13th International Conference on Network and Service Management 2017 - Full papers In this paper, we propose an accurate parallel flow monitoring method using active probe packets. Although multiple probe flows are monitored to measure delays on multiple paths in parallel for most measurement applications, information of only one probe flow of the multiple probe flows is utilized to measure an end-to-end delay on a path in conventional active measurement. In addition to information observed by the flow along the path, information of other flows is also utilized for the measurement in the proposed method. Delays on a flow are accurately measured by partially converting the observation results of a flow to those of another flow. Simulations are performed to confirm that the observation results of 72 parallel flows of active measurement are appropriately converted each other in the proposed method. When the 99th-percentile of an end-to-end delay for each flow are measured, the proposed method achieves up to 95% reduction of the error, and the error of the worst flow among all flows are reduced by 28%. Kohei Watabe 373971 Nagaoka University of Technology Japan 1 Shintaro Hirakawa 1514626 Nagaoka University of Technology Japan 0 Kenji Nakagawa 6981 Nagaoka University of Technology Japan 0 Lunch Lunch 12:30-14:00 Restaurant Mori-no-Kaze, 15F, Bldg.26 TS8 Technical Session 8 14:00-15:30 2017-11-30T14:00:00+09:00 2017-11-30T15:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 Felix Wu (University of Hong Kong, Hong Kong) 14:00 14:30 1570378776 TS8.1 MULE: Multi-Layer Virtual Network Embedding 13th International Conference on Network and Service Management 2017 - Full papers Network Virtualization (NV), considered as a key enabler for overcoming the ossification of the Internet allows multiple heterogeneous virtual networks to co-exist over the same substrate network. Resource allocation problems in NV have been extensively studied for single layer substrates such as IP or Optical networks. However, little effort has been put to address the same problem for multi-layer IP-over-Optical networks. The increasing popularity of multi-layer networks for deploying backbones combined with their unique characteristics (e.g., topological flexibility of the IP layer) calls for the need to carefully investigate the resource provisioning problems arising from their virtualization. In this paper, we address the problem of MUlti-Layer virtual network Embedding (MULE) on IP-over-Optical networks. We propose two solutions to MULE: an Integer Linear Program (ILP) formulation for the optimal solution and a heuristic to address the computational complexity of the optimal solution. We demonstrate through extensive simulations that on average our heuristic performs within ~1.47x of optimal solution and incurs ~66% less cost than the state-of-the-art heuristic. Shihabur Rahman Chowdhury 341839 University of Waterloo Canada 0 Sara Ayoubi 975433 Concordia University Canada 0 Reaz Ahmed 1294721 University of Waterloo Canada 0 Nashid Shahriar 325615 University of Waterloo Canada 0 Raouf Boutaba 5035 University of Waterloo Canada 0 Jeebak Mitra 152639 Huawei Technologies Canada Canada 0 Liu Liu 1426536 Huawei Technologies Co., Ltd. P.R. China 0 14:30 15:00 1570378924 TS8.2 Enabling Low Latency and High Reliability for IMS-NFV 13th International Conference on Network and Service Management 2017 - Full papers Network Functions Virtualization (NFV) allows service providers to deliver new services to their customers more quickly by adopting software centric network functions implementation over commercial, off-the-shelf hardwares. IP Multimedia Subsystem (IMS) which is one of the most complex NFV instances requires extremely low end-to-end latency (up to 40 msec), and demands system availability as high as five nines. We discover that highly modular 3GPP standardized IMS network functions implementation over virtualized platform (1) incurs latencies, and (2) does not tolerate faults. NFV-based IMS modules incur high latencies by creating a feedback loop among each other while executing delay sensitive data-plane traffic. These IMS modules are also susceptible to failure, causing the control-plane to terminate the application session while keeping the data-plane to forward data packets. To address these issues, we propose to refactor network function modules. We reduce latencies by pipelining the communication between IMS modules, and achieve fault tolerance by reconfiguring their neighboring modules. We build our system prototype of open source 3GPP compliant IMS over OpenStack platform. Our results show that our scheme reduces latencies and failure recovery time upto 12X and 10X, respectively, when compared to the stat-of-the-art 3GPP compliant virtualized IMS implementation. Muhammad Taqi Raza 260327 UCLA & Qualcomm USA 0 15:00 15:30 1570382299 TS8.3 Evaluating the Impact of SDN-Induced Frequent Route Changes on TCP Flows 13th International Conference on Network and Service Management 2017 - Full papers Traffic engineering technologies such as MPLS have been proposed to adjust the paths of data flows according to network availability. Although the time interval between traffic optimisations is often on the scale of hours or minutes, modern SDN techniques enable reconfiguring the network more frequently. It is argued, however, that changing the paths of TCP flows too often could severely impact their performance by incurring packet loss and reordering. This work analyses and evaluates the impact of frequent route changes on the performance of TCP flows. Experiments carried out on a network testbed show that rerouting a flow can affect its throughput when reassigning it a path either longer or shorter than the original path. Packet reordering has a negligible impact when compared to the increase of RTT. Moreover, constant rerouting influences the performance of the congestion control algorithm. Designed to assess the limits on SDN-induced reconfiguration, a scenario where the traffic is rerouted every 0.1s demonstrates that the throughput can be as low as 35% of that achieved without rerouting. Radu Carpa 1154787 ENS de Lyon France 0 Marcos Dias de Assunção 1211949 Inria France 0 Laurent Lefevre 11674 INRIA France 1 Olivier Gluck 393837 LIP, Ens Lyon France 0 Jean-Christophe Mignot 237991 ENS Lyon France 0 PS6 Poster Session 6 and Coffee Break 15:30-16:00 2017-11-30T15:30:00+09:00 2017-11-30T16:00:00+09:00 Lobby, B1F, Bldg.27 15:30 15:30 1570378853 PS6.1 Dynamic Algorithm Selection for the Logic of Tasks in IoT Stream Processing Systems 13th International Conference on Network and Service Management 2017 - Full papers Various Internet of Things and Industry 4.0 use cases such as city-wide monitoring, Smart Grid control, or machine control, require low-latency distributed processing of continuous data streams. This fact has boosted research on making Stream Processing Frameworks (SPFs) IoT-ready, meaning that their cloud and IoT service management mechanisms (e.g., task placement, load balancing, algorithm selection) need to consider new requirements derived from IoT-specific characteristics, i.e., ultra low latency due to physical interactions. Although various extensions have appeared to optimize such SPF-provided mechanisms, they still lack the modules, data models, and algorithms to properly handle algorithm selection in IoT deployments. The algorithm selection problem refers to selecting dynamically which internal logic a deployed streaming task should use in case of various alternatives. To the best of our knowledge, this work is the first solution that adds this capability to SPFs. Our solution is based on i) architectural extensions of typical SPF middleware, ii) a new schema for characterizing algorithmic performance in the targeted context, and iii) a streaming-specific optimization problem formulation. We implemented our solution as an extension to Apache Storm and demonstrate how it can reduce stream processing latency by up to a factor of 2.9 in the tested scenarios. Ehsan Poormohammady 1450633 RWTH Aachen University Germany 0 Jens Helge Reelfs 1450634 RWTH Aachen University Germany 0 Mirko Stoffers 903475 RWTH Aachen University Germany 0 Klaus Wehrle 1476937 RWTH Aachen Germany 0 Apostolos Papageorgiou 544981 NEC Laboratories Europe Germany 1 15:30 15:30 1570382817 PS6.2 Simulation Toolbox for Studying Energy Consumption in Wired Networks 13th International Conference on Network and Service Management 2017 - Full papers Networking infrastructures are considered to consume as much energy as terminal end-user equipment or data-centers. While energy consumption of wireless networks is a matter of concern since their beginning, it is not the case for wired networks as they do not rely on batteries, but on plugged equipment. Yet, facing growing consumption, energy-efficient techniques start to be implemented in wired networks. However, measuring the end-to-end energy consumption of wired networking infrastructures remains a real challenge for network operators and scientists. This article presents the ECOFEN (Energy Consumption mOdel For End-to-end Networks) framework which allows to support precise simulation of energy consumption of large-scale complex wired networks. The experimental validation shows that Ecofen provides accurate energy consumption values. Anne-Cécile Orgerie 342277 CNRS & IRISA France 1 Betsegaw Lemma Amersho 1514782 Université Rennes 1 France 0 Timothée Haudebourg 1452794 ENS de Rennes France 0 Martin Quinson 126594 ENS Rennes France 0 Myriana Rifai 1126541 I3S/CNRS UMR 7271 Sophia Antipolis France 0 Dino Lopez Pacheco 116270 University Nice Sophia Antipolis (UNS) France 0 Laurent Lefevre 11674 INRIA France 0 15:30 15:30 1570382601 PS6.3 Automated Selection of Offloadable Tasks for Mobile Computation Offloading in Edge Computing 13th International Conference on Network and Service Management 2017 - Full papers Mobile computation offloading has attracted much interest because of its potential to relieve mobile devices from heavy computation duties that conflict with their constrained and limited available resources, primarily in terms of battery power. While some offloading solutions have been recently proposed and developed, the relevant technical challenge of how to automatically determine the application tasks that are the best candidates for offloading has not been explored so far. This paper presents an innovative task selection algorithm able to identify the most suitable Android application methods to be dynamically offloaded, on either remote cloud resources or edge nodes with virtualization capabilities, thus providing a crucial support element to leverage the adoption of mobile offloading techniques for apps of industrial interest. In particular, the proposed solution can parse every kind of Android application, without a-priori knowledge and in a completely autonomous way, and can classify all the encountered Android methods depending on their probable suitability for offloading, by adopting a very fine-grained and multi-steps analyzer approach. The reported experimental results show the effectiveness of our novel task selection algorithm when applied to the top 250 most downloaded Android apps on Google Play Store: our algorithm has demonstrated an excellent capability to identify offloadable methods and a consequent significant saving for the execution of mobile apps in terms of cyclomatic complexity. Alessandro Zanni 1388648 University of Bologna Italy 0 Se-young Yu 903255 Université Pierre et Marie Curie France 0 Paolo Bellavista 431136 University of Bologna Italy 0 Rami Langar 109848 University Paris Est Marne-la-Vallée France 0 Stefano Secci 154796 University Pierre et Marie Curie - Paris 6 France 0 15:30 15:30 1570382829 PS6.4 Network Slice Embedding under Traffic Uncertainties - A Light Robust Approach 13th International Conference on Network and Service Management 2017 - Full papers 5G networks are conceived to be highly flexible and programmable end-to-end connect-and-compute infrastructures. In that context, the concept of network slicing is of particular importance. From a network infrastructure point of view, network slicing refers to the provisioning and assignment of physical substrate network resources to tenants. To enable an efficient resource allocation suitable optimization models are required. In our previous contributions, we presented a model that takes into account traffic uncertainty by using the well known concept of Gamma-robustness. We further extended this model to cope with general network slices and to consider also single substrate link and node failures. In this paper, we present a novel model applying the concept of light robustness to address scalability issues of our previous models and to get a deeper insight into the tradeoff between the price of robustness and the realized robustness. We compare our model with a nominal and $\Gamma$-robust approach for different scenarios using network topology examples taken from SNDlib. Andreas Baumgartner 799671 Chemnitz University of Technology & Chair of Communication Networks Germany 0 Thomas Bauschert 331369 Chemnitz University of Technology Germany 0 Abdulaziz Alghosh Blzarour 1511320 Technische Universität Chemnitz Germany 0 Varun S. Reddy 1166993 Technische Universität Chemnitz Germany 0 DEP Distinguished Experts Panel Dr. Katsumi Emura, NEC https://www.cnsm-conf.org/2017/dep.html 16:00-17:30 2017-11-30T16:00:00+09:00 2017-11-30T17:30:00+09:00 Ono Memorial Hall, B2F, Bldg.27 15:30 17:00 DEP 12th International Conference on Network and Service Management 2016 - DEP Glenn Ricart US Ignite, Founder and CTO US 0 Rolf Stalder KTH Royal Institute of Technology Sweden 0 Keisuke Ishibashi NTT Japan 0 Hideyuki Shimonishi NEC Japan 0 Closing Closing Ceremony 17:30-18:00 Ono Memorial Hall, B2F, Bldg.27