Your search keyword '"Zilong Ye"' showing total 3 results

1. A hybrid fog-cloud approach for securing the Internet of Things

Author

Zilong Ye, Prashant Iyer, and Rajaputhri Maharaja

Subjects

Authentication, Traffic analysis, Computer Networks and Communications, Computer science, business.industry, 020206 networking & telecommunications, Denial-of-service attack, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, Queuing delay, 020201 artificial intelligence & image processing, business, computer, Software, Protection mechanism, Private network

Abstract

As the Internet of Things (IoT) continues to grow, there arises concerns and challenges with regard to the security and privacy of the IoT. Malicious attacks such as man-in-the-middle and distributed denial of service (DDoS) are typical threats to the IoT systems. In this paper, we propose a FOg CompUting-based Security (FOCUS) system to provide security for IoT systems against those malicious attacks. The proposed FOCUS system applies a threefold protection mechanism: Firstly, it makes use of the virtual private network (VPN) to secure the communication channels for the IoT devices; Secondly, it applies machine learning-based traffic analysis unit to classify the traffic to be trusted, untrusted and suspicious; Thirdly, it adopts a challenge-response authentication to validate the suspicious traffic source so as to protect the VPN server against potential DDoS attacks. Such a threefold protection mechanism is effective in mitigating various malicious attacks and can provide a high standard security for the IoT system. Furthermore, to improve the system performance, FOCUS is implemented in a hybrid fog-cloud model that achieves a low latency and system response time. In the hybrid fog-cloud model, a selected amount of the protection and validation requests are addressed in the fog that is close to the end users, while the excessive requests are addressed in the cloud. Through this, FOCUS can effectively avoid the long queuing delay caused by the limited computational capacity in the fog implementation. The experimental results show that FOCUS can effectively filter out malicious attacks with low response time and small network cost (e.g., network bandwidth consumption).

Published

2019

2. Flow-aware explicit congestion notification for datacenter networks

Author

Gang Sun, Shouxi Luo, Zilong Ye, Pan Zhou, Long Luo, and Hongfang Yu

Subjects

Computer Networks and Communications, business.industry, Computer science, Network packet, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Flow (psychology), 020206 networking & telecommunications, Throughput, 02 engineering and technology, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, State (computer science), business, Queue, Software, Explicit Congestion Notification, Computer network

Abstract

Explicit congestion notification (ECN) has been widely adopted by recent proposals to build up high-throughput and low-latency datacenter network transport. In these ECN-based proposals, when the queue length of a switch exceeds a pre-defined threshold, the switch would mark all arriving packets with ECN to explicitly notify their senders to slow down the rates. Such a design enables the network to eliminate congestions quickly. However, it marks packets without considering the flow state, which may overkill flows, especially those only send a few packets, thus resulting in significant throughput loss and long flow completion times. In this paper, we propose a novel flow-aware ECN marking approach (FECN), which can improve the throughput and flow completion time by taking flow states into consideration. By selectively marking packets respecting to their flow rates, FECN enables the network to precisely slow down the high-speed flows to avoid congestions without killing low-speed short flows. Moreover, FECN does not require switches to maintain per-flow state, which yields low overhead and thus makes FECN to be easily implemented and deployed in commodity switches. Simulations show that FECN can shorten the flow completion time by up to 44.7% and reduce the throughput loss by up to 40.3%, compared with prior flow-agnostic ECN marking approach.

Published

2019

3. On efficient virtual network function chaining in NFV-based telecommunications networks

Author

Zilong Ye, Raj Pamula, and Carlos Galdamez

Subjects

Computer Networks and Communications, Computer science, Distributed computing, 020206 networking & telecommunications, 02 engineering and technology, Telecommunications network, Distributed algorithm, Network service, Chaining, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Virtual network, Integer programming, Software

Abstract

Network function virtualization enables the softwarization of network functions on standardized commodity hardware, which is promising to help the network carriers to achieve a lower investment cost, a shorter time to deployment, as well as a more flexible and dynamic way of network configuration and management. One of the key challenges is how to efficiently place and chain the software-based virtual network functions in the physical substrate to provision the requested network service while minimizing the physical network cost. In this paper, we mathematically formulate the virtual network function chaining problem using Integer Linear Programming (ILP), in order to facilitate an optimal solution. We propose a set of centralized algorithms to efficiently minimize the physical network cost. The proposed Close To Destination (CTD) algorithm can achieve a near-optimal physical network cost that is close to the optimal result obtained from the ILP solution, but with a very low computational complexity. In addition, we propose a distributed algorithm, called Look Ahead (LA), which plans ahead and jointly considers multiple next-hops VNF requirements to facilitate an efficient VNF chain forwarding decision. Comprehensive simulations are conducted to evaluate the proposed approaches, and the results demonstrate the effectiveness of the proposed CTD algorithm and the distributed LA algorithm.

Published

2018