BYZANTINE FAULT TOLERANT SOFTWARE- DEFINED NETWORKING (SDN) CONTROLLERS
|
|
- Arlene Andrews
- 5 years ago
- Views:
Transcription
1 BYZANTINE FAULT TOLERANT SOFTWARE- DEFINED NETWORKING (SDN) CONTROLLERS KARIM ELDEFRAWY* AND TYLER KACZMAREK** * INFORMATION AND SYSTEMS SCIENCES LAB (ISSL), HRL LABORATORIES ** UNIVERSITY OF CALIFORNIA IRVINE (UCI), WORK CONDUCTED WHILE AT HRL. KMELDEFRAWY@HRL.COM TKACZMAR@UCI.EDU 2016 HRL Laboratories, LLC. All Rights Reserved 1
2 Overview of Talk Introduction and Motivation SDN Tools BFT-SMaRT Consensus Protocol BFT SDN System Design BFT SDN Controller Prototype Performance Results Improvements and Future Direction 2016 HRL Laboratories, LLC. All Rights Reserved 2
3 Software-Defined Networking (SDN) Network Function Virtualization (NFV) Decouples Forwarding Operations from Control Decisions Introduces centralized controller Controller dictates forwarding rules Routers act as dumb switches Openflow emerged as de facto SDN protocol Typical SDN Architecture (Wikipedia, 2016) 2016 HRL Laboratories, LLC. All Rights Reserved 3
4 Openflow Protocol: Messages Openflow introduces unique message types for SDN control PACKET_IN Switch sends captured packet to controller on 2 occasions Miss in the flow table Explicitly specified as per match rule FLOW_MOD Controller modifies state of switch PACKET_OUT Controller directly injects packet into switch s data plane 2016 HRL Laboratories, LLC. All Rights Reserved 4
5 Openflow Protocol: Installing a Flow S1 s Flow Table Rule Action Rule S2 s Flow Table Action Ping H2 Dest = H1 FWD to H1 Dest = H2 FWD to H2 H1 S1 S2 H2 Controller 2016 HRL Laboratories, LLC. All Rights Reserved 5
6 Openflow Protocol: Installing a Flow S1 s Flow Table Rule Action Rule S2 s Flow Table Action Dest = H1 FWD to H1 Dest = H2 FWD to H2 H1 S1 PACKET_IN: no rule for destination H2 S2 H2 Controller 2016 HRL Laboratories, LLC. All Rights Reserved 6
7 Openflow Protocol: Installing a Flow S1 s Flow Table Rule Dest = H1 Action FWD to H1 Rule S2 s Flow Table Dest = H2 Action FWD to H2 H1 S1 FLOW_MOD: ADD Rule: Dest = H2, Action: FWD to S2 Control ler S2 H HRL Laboratories, LLC. All Rights Reserved 7
8 Openflow Protocol: Installing a Flow S1 s Flow Table Rule Action Rule S2 s Flow Table Action Dest = H1 FWD to H1 Dest = H2 FWD to H2 H1 S1 Rule established: forward to S2 S2 H2 Controller 2016 HRL Laboratories, LLC. All Rights Reserved 8
9 Openflow Protocol: Installing a Flow S1 s Flow Table Rule Action S2 s Flow Table Rule Action Dest = H1 FWD to H1 Dest = H2 FWD to H2 H1 S1 Rule established: forward to S2 S2 H2 Controller 2016 HRL Laboratories, LLC. All Rights Reserved 9
10 Our Motivation SDN architecture introduces single point of failure Unique threats facing SDN (Kreutz et. al 2013) Attacks on Control Plane Attacks on Controller Vulnerabilities Few mechanisms ensuring trust between controller and management applications Current implementations do not account for failing or corrupted controllers 2016 HRL Laboratories, LLC. All Rights Reserved 10
11 Our Contributions Designed and prototyped a Byzantine Fault Tolerant (BFT) SDN controller Able to handle f (1) corrupted controller out of 3f+1 (4) replica instances Integrated into both OpenFlowJ and Beacon SDN controllers Relies on BFT state machine replication (BFT-SMaRT) 2016 HRL Laboratories, LLC. All Rights Reserved 11
12 OpenflowJ and Beacon OpenflowJ Basic controller implementation Close implementation of Openflow SDN standard Java-based SDN controller Beacon Optimizations on top of OpenflowJ Leverages Parallelism Modular Extensible 2016 HRL Laboratories, LLC. All Rights Reserved 12
13 BFT-SMaRT Developed by Bessani et. al, (Technical Report, 2013) Implemented in Java ( Close implementation of Lamport s original schema Accepts f faults with 3f+1 total replicas Accepts batching Used for base-level implementation 2016 HRL Laboratories, LLC. All Rights Reserved 13
14 BFT-SMaRT Consensus Protocol 2016 HRL Laboratories, LLC. All Rights Reserved 14
15 BFT-SMaRT Consensus Protocol - Request Request Client multicasts request 2016 HRL Laboratories, LLC. All Rights Reserved 15
16 BFT-SMaRT Consensus Protocol Pre- Prepare Pre-prepare Primary orders request and multicasts unique number 2016 HRL Laboratories, LLC. All Rights Reserved 16
17 BFT-SMaRT Consensus Protocol - Prepare Prepare All replica multicast out Prepare 2016 HRL Laboratories, LLC. All Rights Reserved 17
18 BFT-SMaRT Consensus Protocol - Commit Commit Replicas multicast Commit; request added to committed certificate 2016 HRL Laboratories, LLC. All Rights Reserved 18
19 BFT-SMaRT Consensus Protocol - Reply Reply Replicas compute request and reply to client, result accepted once f+1 identical responses received 2016 HRL Laboratories, LLC. All Rights Reserved 19
20 BFT Switch Design Based on Open vswitch Same switch design used for both controller designs Introduced Client Proxy to interface with BFT Controllers Switch sends PACKET_IN requests to Proxy, which formats into REQUEST messages as per BFT-SMaRT Client Proxy formats RESPONSE messages from BFT controller into either PACKET_OUT or FLOW_MOD messages 2016 HRL Laboratories, LLC. All Rights Reserved 20
21 BFT Controller Design SimpleBFT Extension of OpenflowJ control logic Responds to individual PACKET_IN messages Issues identical PACKET_OUT and FLOW_MOD responses to OpenFlowJ Interfaces with Client Proxy instead of directly with switch Reaches consensus on each given message Primary changes after primary found faulty 2016 HRL Laboratories, LLC. All Rights Reserved 21
22 BFT Controller Design BeaconBFT Identical modifications made to Beacon as OpenflowJ Extension of Beacon control logic Responds to individual PACKET_IN messages Issues identical PACKET_OUT and FLOW_MOD responses to OpenFlowJ Interfaces with Client Proxy instead of directly with switch Reaches consensus on each given message Primary changes after primary found faulty 2016 HRL Laboratories, LLC. All Rights Reserved 22
23 BFT Controller Design - Architecture Changes Typical Architecture (2 switches, 2 hosts) H1 S1 S2 H2 Controller 2016 HRL Laboratories, LLC. All Rights Reserved 23
24 BFT Controller Design Architecture Changes Modified Architecture (2 switches, 2 hosts) H1 S1 Proxy 1 S2 Proxy 2 H2 Controller Replicas R1-R HRL Laboratories, LLC. All Rights Reserved 24
25 Performance Testing Tested in Cbench on an HP EliteBook 8560W Windows 7, 64 bit 4096MB RAM Intel Core i7 2.7GHz 4 CPUs Simulated binary tree network of depth 5 in mininet S1 S2 S3 S4 S5 S6 S7 H1 H2 H3 H4 H5 H6 H7 H8 Example Binary Tree topology of depth HRL Laboratories, LLC. All Rights Reserved 25
26 Performance Results Controller End-to-End Setup Duration Flow Setup Delay Flow Setup Rate (flow mods/second) OpenflowJ 376ms 9.44ms fm/sec SimpleBFT 775ms 31.7ms 59.3 fm/sec Beacon 77ms 0.5ms fm/sec BeaconBFT 475ms 14.5ms 87.0 fm/sec 2016 HRL Laboratories, LLC. All Rights Reserved 26
27 Performance Issues Slowdown for OpenFlowJ much smaller than for Beacon Beacon leverages parallelism for performance gains BeaconBFT unable to leverage parallelism Total ordering required for BFT operation 2016 HRL Laboratories, LLC. All Rights Reserved 27
28 Speeding up the Switch Batch Client requests Minimize overhead per PACKET_IN message Integrate BFT Switch with client Removes reliance on proxy for communication 1 less step in communication 2016 HRL Laboratories, LLC. All Rights Reserved 28
29 Speeding up the Controller Alternative BFT protocols Naïve implementation maximizes communication Spinning BFT Allows multiple views Greater parallelism support Speculative BFT f+1 replicas running until fault occurs Reduces messages needed by a factor of 3 in PREPARE and COMMIT steps 2016 HRL Laboratories, LLC. All Rights Reserved 29
30 Speeding up the Network Scalability issues even with non-bft SDN controllers in reactive mode Convert to proactive controller Greatest costs are in pre-computing many flows Minimize active PACKET_IN messages generated Less real-time computation 2016 HRL Laboratories, LLC. All Rights Reserved 30
31 Questions? 2016 HRL Laboratories, LLC. All Rights Reserved 31
Practical Byzantine Fault
Practical Byzantine Fault Tolerance Practical Byzantine Fault Tolerance Castro and Liskov, OSDI 1999 Nathan Baker, presenting on 23 September 2005 What is a Byzantine fault? Rationale for Byzantine Fault
More informationEvaluating BFT Protocols for Spire
Evaluating BFT Protocols for Spire Henry Schuh & Sam Beckley 600.667 Advanced Distributed Systems & Networks SCADA & Spire Overview High-Performance, Scalable Spire Trusted Platform Module Known Network
More informationSoftware Defined Networking Data centre perspective: Open Flow
Software Defined Networking Data centre perspective: Open Flow Seminar: Prof. Timothy Roscoe & Dr. Desislava Dimitrova D. Dimitrova, T. Roscoe 04.03.2016 1 OpenFlow Specification, protocol, architecture
More informationONOS Controller Performance Test Report
ONOS Controller Performance Test Report Global SDN Certified Testing Center,SDNCTC 216.7.4 w w w. s d n c t c. c o m ONOS Controller Performance Test Report CONTENTS 1. INTRODUCTION... 1 2. TEST ENVIRONMENT
More informationWhat is SDN, Current SDN projects and future of SDN VAHID NAZAKTABAR
What is SDN, Current SDN projects and future of SDN VAHID NAZAKTABAR Index What is SDN? How does it work? Advantages and Disadvantages SDN s Application Example 1, Internet Service Providers SDN s Application
More informationByzantine Fault Tolerance and Consensus. Adi Seredinschi Distributed Programming Laboratory
Byzantine Fault Tolerance and Consensus Adi Seredinschi Distributed Programming Laboratory 1 (Original) Problem Correct process General goal: Run a distributed algorithm 2 (Original) Problem Correct process
More informationLecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 14 SDN and NFV Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Traditional network vs SDN TRADITIONAL Closed equipment Software + hardware Cost Vendor-specific management.
More informationDetecting Suspicious Behavior of SDN Switches by Statistics Gathering with Time
Detecting Suspicious Behavior of SDN Switches by Statistics Gathering with Time Takahiro Shimizu, Naoya Kitagawa, Kohta Ohshima, Nariyoshi Yamai Tokyo University of Agriculture and Technology Tokyo University
More informationReducing the Costs of Large-Scale BFT Replication
Reducing the Costs of Large-Scale BFT Replication Marco Serafini & Neeraj Suri TU Darmstadt, Germany Neeraj Suri EU-NSF ICT March 2006 Dependable Embedded Systems & SW Group www.deeds.informatik.tu-darmstadt.de
More informationSoftware Defined Networking
Software Defined Networking Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 http://www.cs.princeton.edu/courses/archive/spr12/cos461/ The Internet: A Remarkable
More informationCS 138: Practical Byzantine Consensus. CS 138 XX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.
CS 138: Practical Byzantine Consensus CS 138 XX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Scenario Asynchronous system Signed messages s are state machines It has to be practical CS 138
More informationOutline. SDN Overview Mininet and Ryu Overview Mininet VM Setup Ryu Setup OpenFlow Protocol and Open vswitch Reference
1 Mininet and Ryu 2 Outline SDN Overview Mininet and Ryu Overview Mininet VM Setup Ryu Setup OpenFlow Protocol and Open vswitch Reference 3 SDN Overview Decoupling of control and data planes Directly Programmable
More informationFailure models. Byzantine Fault Tolerance. What can go wrong? Paxos is fail-stop tolerant. BFT model. BFT replication 5/25/18
Failure models Byzantine Fault Tolerance Fail-stop: nodes either execute the protocol correctly or just stop Byzantine failures: nodes can behave in any arbitrary way Send illegal messages, try to trick
More informationSecuring Network Application Deployment in Software Defined Networking 11/23/17
Securing Network Application Deployment in Software Defined Networking Yuchia Tseng, Farid Naıı t-abdesselam, and Ashfaq Khokhar 11/23/17 1 Outline Introduction to OpenFlow-based SDN Security issues of
More informationZyzzyva. Speculative Byzantine Fault Tolerance. Ramakrishna Kotla. L. Alvisi, M. Dahlin, A. Clement, E. Wong University of Texas at Austin
Zyzzyva Speculative Byzantine Fault Tolerance Ramakrishna Kotla L. Alvisi, M. Dahlin, A. Clement, E. Wong University of Texas at Austin The Goal Transform high-performance service into high-performance
More informationDesign and development of the reactive BGP peering in softwaredefined routing exchanges
Design and development of the reactive BGP peering in softwaredefined routing exchanges LECTURER: HAO-PING LIU ADVISOR: CHU-SING YANG (Email: alen6516@gmail.com) 1 Introduction Traditional network devices
More informationIsolating Compromised Routers. Alper Mizrak, Keith Marzullo and Stefan Savage UC San Diego Department of Computer Science and Engineering
Isolating Compromised Routers Alper Mizrak, Keith Marzullo and Stefan Savage UC San Diego Department of Computer Science and Engineering Problem Routers are vulnerable points in the Internet, especially
More informationByzantine fault tolerance. Jinyang Li With PBFT slides from Liskov
Byzantine fault tolerance Jinyang Li With PBFT slides from Liskov What we ve learnt so far: tolerate fail-stop failures Traditional RSM tolerates benign failures Node crashes Network partitions A RSM w/
More informationEXPERIMENTAL STUDY OF FLOOD TYPE DISTRIBUTED DENIAL-OF- SERVICE ATTACK IN SOFTWARE DEFINED NETWORKING (SDN) BASED ON FLOW BEHAVIORS
EXPERIMENTAL STUDY OF FLOOD TYPE DISTRIBUTED DENIAL-OF- SERVICE ATTACK IN SOFTWARE DEFINED NETWORKING (SDN) BASED ON FLOW BEHAVIORS Andry Putra Fajar and Tito Waluyo Purboyo Faculty of Electrical Engineering,
More informationDesign and Implementation of Virtual TAP for Software-Defined Networks
Design and Implementation of Virtual TAP for Software-Defined Networks - Master Thesis Defense - Seyeon Jeong Supervisor: Prof. James Won-Ki Hong Dept. of CSE, DPNM Lab., POSTECH, Korea jsy0906@postech.ac.kr
More informationTowards Recoverable Hybrid Byzantine Consensus
Towards Recoverable Hybrid Byzantine Consensus Hans P. Reiser 1, Rüdiger Kapitza 2 1 University of Lisboa, Portugal 2 University of Erlangen-Nürnberg, Germany September 22, 2009 Overview 1 Background Why?
More informationViewstamped Replication to Practical Byzantine Fault Tolerance. Pradipta De
Viewstamped Replication to Practical Byzantine Fault Tolerance Pradipta De pradipta.de@sunykorea.ac.kr ViewStamped Replication: Basics What does VR solve? VR supports replicated service Abstraction is
More informationTransactions Between Distributed Ledgers
Transactions Between Distributed Ledgers Ivan Klianev Transactum Pty Ltd High Performance Transaction Systems Asilomar, California, 8-11 October 2017 The Time for Distributed Transactions Has Come Thanks
More informationTOWARDS REMOTE ACCESS TO VIRTUALIZED TELECOM RESEARCH INFRASTRACTURS
TOWARDS REMOTE ACCESS TO VIRTUALIZED TELECOM RESEARCH INFRASTRACTURS By ABREHA, HAFTAY GEBRESLASIE Supervisor PROF. FABRIZIO GRANELLI University of Trento MOTIVATION SDN-NFV reinvents telecom network&
More informationTolerating Latency in Replicated State Machines through Client Speculation
Tolerating Latency in Replicated State Machines through Client Speculation April 22, 2009 1, James Cowling 2, Edmund B. Nightingale 3, Peter M. Chen 1, Jason Flinn 1, Barbara Liskov 2 University of Michigan
More informationDEPARTMENT OF INFORMATION TECHNOLOGY QUESTION BANK. UNIT I PART A (2 marks)
DEPARTMENT OF INFORMATION TECHNOLOGY QUESTION BANK Subject Code : IT1001 Subject Name : Distributed Systems Year / Sem : IV / VII UNIT I 1. Define distributed systems. 2. Give examples of distributed systems
More informationRavana: Controller Fault-Tolerance in SDN
Ravana: Controller Fault-Tolerance in SDN Software Defined Networking: The Data Centre Perspective Seminar Michel Kaporin (Mišels Kaporins) Michel Kaporin 13.05.2016 1 Agenda Introduction Controller Failures
More informationNetwork Layer: The Control Plane
Network Layer: The Control Plane 7 th Edition, Global Edition Jim Kurose, Keith Ross Pearson April 06 5- Software defined networking (SDN) Internet network layer: historically has been implemented via
More informationA Software-Defined Networking Security Controller Architecture. Fengjun Shang, Qiang Fu
4th International Conference on Machinery, Materials and Computing Technology (ICMMCT 2016) A Software-Defined Networking Security Controller Architecture Fengjun Shang, Qiang Fu College of Computer Science
More informationUNIVERSITY OF CAGLIARI
UNIVERSITY OF CAGLIARI DIEE - Department of Electrical and Electronic Engineering Infrastrutture ed Applicazioni Avanzate nell Internet SDN: Control Plane ACK: content taken from Foundations of Modern
More informationDistributed Systems 11. Consensus. Paul Krzyzanowski
Distributed Systems 11. Consensus Paul Krzyzanowski pxk@cs.rutgers.edu 1 Consensus Goal Allow a group of processes to agree on a result All processes must agree on the same value The value must be one
More informationOpenFlow Controller Benchmarking Methodologies
OpenFlow Controller Benchmarking Methodologies Version 1.0 November 2016 ONF TR-539 ONF Document Type: Technical Recommendations ONF Document Name: OpenFlow Controller Benchmarking Methodologies Disclaimer
More informationJust Say NO to Paxos Overhead: Replacing Consensus with Network Ordering
Just Say NO to Paxos Overhead: Replacing Consensus with Network Ordering Jialin Li, Ellis Michael, Naveen Kr. Sharma, Adriana Szekeres, Dan R. K. Ports Server failures are the common case in data centers
More informationDaoliNet A Simple and Smart Networking Technology for Docker Applications
DaoliNet A Simple and Smart Networking Technology for Docker Applications DaoliNet An Open Source Project www.daolinet.org May, 2016 Docker is Awesome! A Linux Container Engine Build, Ship and Run Any
More informationReplication in Distributed Systems
Replication in Distributed Systems Replication Basics Multiple copies of data kept in different nodes A set of replicas holding copies of a data Nodes can be physically very close or distributed all over
More informationA framework to evaluate 5G networks for smart and fail-safe communications
A framework to evaluate 5G networks for smart and fail-safe communications in ERTMS/ETCS Roberto Canonico (*), Stefano Marrone (**), Roberto Nardone (*), and Valeria Vittorini (*) (*) Università degli
More informationRobust BFT Protocols
Robust BFT Protocols Sonia Ben Mokhtar, LIRIS, CNRS, Lyon Joint work with Pierre Louis Aublin, Grenoble university Vivien Quéma, Grenoble INP 18/10/2013 Who am I? CNRS reseacher, LIRIS lab, DRIM research
More informationResearch Statement. Amy Babay December 2018
Research Statement Amy Babay December 2018 My research focuses on distributed systems and networks, with core goals spanning two domains: enabling new Internet services and building dependable infrastructure.
More informationA SCALABLE ARCHITECTURE FOR OPENFLOW CONTROLLERS
A SCALABLE ARCHITECTURE FOR OPENFLOW CONTROLLERS Filipe Azevedo Instituto Superior Técnico Universidade de Lisboa Email: filipe.azevedo@tecnico.ulisboa.pt Abstract The architectural principles of Software-Defined
More informationKey-value store with eventual consistency without trusting individual nodes
basementdb Key-value store with eventual consistency without trusting individual nodes https://github.com/spferical/basementdb 1. Abstract basementdb is an eventually-consistent key-value store, composed
More informationPractical Byzantine Fault Tolerance and Proactive Recovery
Practical Byzantine Fault Tolerance and Proactive Recovery MIGUEL CASTRO Microsoft Research and BARBARA LISKOV MIT Laboratory for Computer Science Our growing reliance on online services accessible on
More informationTyphoon: An SDN Enhanced Real-Time Big Data Streaming Framework
Typhoon: An SDN Enhanced Real-Time Big Data Streaming Framework Junguk Cho, Hyunseok Chang, Sarit Mukherjee, T.V. Lakshman, and Jacobus Van der Merwe 1 Big Data Era Big data analysis is increasingly common
More informationBuilding Security Services on top of SDN
Building Security Services on top of SDN Gregory Blanc Télécom SudParis, IMT 3rd FR-JP Meeting on Cybersecurity WG7 April 25th, 2017 Keio University Mita Campus, Tokyo Table of Contents 1 SDN and NFV as
More informationDistributed Systems Question Bank UNIT 1 Chapter 1 1. Define distributed systems. What are the significant issues of the distributed systems?
UNIT 1 Chapter 1 1. Define distributed systems. What are the significant issues of the distributed systems? 2. What are different application domains of distributed systems? Explain. 3. Discuss the different
More informationand controller independence with NetIDE
Supporting composed SDN applications and controller independence with NetIDE Alec Leckey Intel Labs SDN Application Development Java Python C/C++ Javascript Beacon Iris Pox Nox NodeFlow Jaxon Floodlight
More informationEnhancing Throughput of
Enhancing Throughput of NCA 2017 Zhongmiao Li, Peter Van Roy and Paolo Romano Enhancing Throughput of Partially Replicated State Machines via NCA 2017 Zhongmiao Li, Peter Van Roy and Paolo Romano Enhancing
More informationOn Denial of Service Attacks in Software Defined Networks
NETWORK FORENSICS AND SURVEILLANCE FOR EMERGING NETWORKS On Denial of Service Attacks in Software Defined Networks Peng Zhang, Huanzhao Wang, Chengchen Hu, and Chuang Lin Peng Zhang is with Xi an Jiaotong
More informationLab 3: Simple Firewall using OpenFlow
Lab 3: Simple Firewall using OpenFlow This lab builds on the knowledge acquired through Lab 1 where you were first introduced to the Mininet environment. It will also help you prepare for the class project.
More informationTransformation-free Data Pipelines by combining the Power of Apache Kafka and the Flexibility of the ESB's
Building Agile and Resilient Schema Transformations using Apache Kafka and ESB's Transformation-free Data Pipelines by combining the Power of Apache Kafka and the Flexibility of the ESB's Ricardo Ferreira
More informationOTSDN What is it? Does it help?
OTSDN What is it? Does it help? Dennis Gammel Schweitzer Engineering Laboratories, Inc. Funded by the U.S. Department of Energy and the U.S. Department of Homeland Security cred-c.org Important Aspects
More informationApplication of SDN: Load Balancing & Traffic Engineering
Application of SDN: Load Balancing & Traffic Engineering Outline 1 OpenFlow-Based Server Load Balancing Gone Wild Introduction OpenFlow Solution Partitioning the Client Traffic Transitioning With Connection
More informationAvailable online at ScienceDirect. Procedia Computer Science 34 (2014 )
Available online at www.sciencedirect.com ScienceDirect Procedia Computer Science 34 (2014 ) 680 685 International Workshop on Software Defined Networks for a New Generation of Applications and Services
More informationSoftware-Defined Networking (SDN)
EPFL Princeton University 2 5 A p r 12 Software-Defined Networking (SDN) Third-party Enables new functionality through mability 2 1 at the risk of bugs 3 Software Faults Will make communication unreliable
More informationA Routing Infrastructure for XIA
A Routing Infrastructure for XIA Aditya Akella and Peter Steenkiste Dave Andersen, John Byers, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Hui Zhang FIA PI Meeting,
More informationA Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform João Sousa, Alysson Bessani, Marko Vukolić* Faculdade de Ciências, Universidade de Lisboa *IBM Research Zurich
More informationPractical Byzantine Fault Tolerance
Practical Byzantine Fault Tolerance Robert Grimm New York University (Partially based on notes by Eric Brewer and David Mazières) The Three Questions What is the problem? What is new or different? What
More informationPractical Byzantine Fault Tolerance. Castro and Liskov SOSP 99
Practical Byzantine Fault Tolerance Castro and Liskov SOSP 99 Why this paper? Kind of incredible that it s even possible Let alone a practical NFS implementation with it So far we ve only considered fail-stop
More informationPractical Byzantine Fault Tolerance Consensus and A Simple Distributed Ledger Application Hao Xu Muyun Chen Xin Li
Practical Byzantine Fault Tolerance Consensus and A Simple Distributed Ledger Application Hao Xu Muyun Chen Xin Li Abstract Along with cryptocurrencies become a great success known to the world, how to
More informationMcAfee Network Security Platform
Revision B McAfee Network Security Platform (8.1.7.5-8.1.3.43 M-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product
More informationTowards an SDN-based Mobile Core Networks (MCN)
Towards an SDN-based Mobile Core Networks (MCN) Xueli An and Artur Hecker Huawei Technologies, European Research Center Munich Xueli.An@huawei.com and Artur.Hecker@huawei.com VDE/ITG-Fachgruppe 5.2.4,
More informationOvid A Software-Defined Distributed Systems Framework. Deniz Altinbuken, Robbert van Renesse Cornell University
Ovid A Software-Defined Distributed Systems Framework Deniz Altinbuken, Robbert van Renesse Cornell University Ovid Build distributed systems that are easy to evolve easy to reason about easy to compose
More informationPractical Byzantine Fault Tolerance Using Fewer than 3f+1 Active Replicas
Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems San Francisco, California, pp 241-247, September 24 Practical Byzantine Fault Tolerance Using Fewer than 3f+1
More informationA definition. Byzantine Generals Problem. Synchronous, Byzantine world
The Byzantine Generals Problem Leslie Lamport, Robert Shostak, and Marshall Pease ACM TOPLAS 1982 Practical Byzantine Fault Tolerance Miguel Castro and Barbara Liskov OSDI 1999 A definition Byzantine (www.m-w.com):
More information15-744: Computer Networking. Middleboxes and NFV
15-744: Computer Networking Middleboxes and NFV Middleboxes and NFV Overview of NFV Challenge of middleboxes Middlebox consolidation Outsourcing middlebox functionality Readings: Network Functions Virtualization
More informationDistributed Systems COMP 212. Lecture 19 Othon Michail
Distributed Systems COMP 212 Lecture 19 Othon Michail Fault Tolerance 2/31 What is a Distributed System? 3/31 Distributed vs Single-machine Systems A key difference: partial failures One component fails
More informationCommunication System Design Projects
Communication System Design Projects KUNGLIGA TEKNISKA HÖGSKOLAN PROFESSOR: DEJAN KOSTIC TEACHING ASSISTANT: GEORGIOS KATSIKAS Traditional Vs. Modern Network Management What is Network Management (NM)?
More informationSoftware-Defined Networking (SDN) Overview
Reti di Telecomunicazione a.y. 2015-2016 Software-Defined Networking (SDN) Overview Ing. Luca Davoli Ph.D. Student Network Security (NetSec) Laboratory davoli@ce.unipr.it Luca Davoli davoli@ce.unipr.it
More informationMaster s Thesis. A Flow-level Monitoring Middleware for Automatic Flow Categorization. Xuliang Wang
NAIST-IS-MT1451211 Master s Thesis A Flow-level Monitoring Middleware for Automatic Flow Categorization Xuliang Wang August 08, 2016 Department of Information Systems Graduate School of Information Science
More informationToward Intrusion Tolerant Clouds
Toward Intrusion Tolerant Clouds Prof. Yair Amir, Prof. Vladimir Braverman Daniel Obenshain, Tom Tantillo Department of Computer Science Johns Hopkins University Prof. Cristina Nita-Rotaru, Prof. Jennifer
More informationA Hybrid Hierarchical Control Plane for Software-Defined Network
A Hybrid Hierarchical Control Plane for Software-Defined Network Arpitha T 1, Usha K Patil 2 1* MTech Student, Computer Science & Engineering, GSSSIETW, Mysuru, India 2* Assistant Professor, Dept of CSE,
More informationByzantine Fault Tolerant Raft
Abstract Byzantine Fault Tolerant Raft Dennis Wang, Nina Tai, Yicheng An {dwang22, ninatai, yicheng} @stanford.edu https://github.com/g60726/zatt For this project, we modified the original Raft design
More informationScaling Byzantine Fault-tolerant Replication to Wide Area Networks
Scaling Byzantine Fault-tolerant Replication to Wide Area Networks Cristina Nita-Rotaru Dependable and Secure Distributed Systems Lab Department of Computer Science and CERIAS Purdue University Department
More informationSDN-based Defending against ARP Poisoning Attack
Journal of Advances in Computer Research Quarterly pissn: 2345-606x eissn: 2345-6078 Sari Branch, Islamic Azad University, Sari, I.R.Iran (Vol. 8, No. 2, May 2017), Pages: 95- www.jacr.iausari.ac.ir SDN-based
More informationRailCloud: A Reliable PaaS Cloud for Railway Applications
Platzhalter für Bild, Bild auf Titelfolie hinter das Logo einsetzen RailCloud: A Reliable PaaS Cloud for Railway Applications Bijun Li, Rüdiger Kapitza TU Braunschweig 06.10.2016 This work is supported
More informationImplementation of Virtualization in Software Defined Networking (SDN) for Data Center Networks
Implementation of Virtualization in Software Defined Networking (SDN) for Data Center Networks Nader F. Mir, Jayashree N. Kotte, and Gokul A. Pokuri nader.mir@sjsu.edu Department of Electrical Engineering
More informationPractical Byzantine Fault Tolerance. Miguel Castro and Barbara Liskov
Practical Byzantine Fault Tolerance Miguel Castro and Barbara Liskov Outline 1. Introduction to Byzantine Fault Tolerance Problem 2. PBFT Algorithm a. Models and overview b. Three-phase protocol c. View-change
More informationStateful Firewall Application on Software Defined Networking
1st International Conference on Advanced Information Technologies (ICAIT), Nov. 1-2, 2017, Yangon, Myanmar Stateful Firewall Application on Software Defined Networking Nan Haymarn Oo, Aung Htein Maw University
More informationAutomatic Test Packet Generation
Automatic Test Packet Generation Hongyi Zeng, Peyman Kazemian, Nick McKeown University, Stanford, CA, USA George Varghese UCSD, La Jolla Microsoft Research, Mountain View, CA, USA https://github.com/eastzone/atpg/wiki
More informationETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013
ETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013 Challenges and Opportunities Reduce Capex/Opex Challenges Innovation at devices and OTT side Number of devices explode
More informationCprE Fault Tolerance. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University
Fault Tolerance Dr. Yong Guan Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University Outline for Today s Talk Basic Concepts Process Resilience Reliable
More informationFault Tolerant and Secure Architectures for On Chip Networks With Emerging Interconnect Technologies. Mohsin Y Ahmed Conlan Wesson
Fault Tolerant and Secure Architectures for On Chip Networks With Emerging Interconnect Technologies Mohsin Y Ahmed Conlan Wesson Overview NoC: Future generation of many core processor on a single chip
More informationCourse Review. Hui Lu
Course Review Hui Lu Syllabus Cloud computing Server virtualization Network virtualization Storage virtualization Cloud operating system Object storage Syllabus Server Virtualization Network Virtualization
More informationDevoFlow: Scaling Flow Management for High Performance Networks
DevoFlow: Scaling Flow Management for High Performance Networks SDN Seminar David Sidler 08.04.2016 1 Smart, handles everything Controller Control plane Data plane Dump, forward based on rules Existing
More informationAdapting Byzantine Fault Tolerant Systems
Adapting Byzantine Fault Tolerant Systems Miguel Neves Pasadinhas miguel.pasadinhas@tecnico.ulisboa.pt Instituto Superior Técnico (Advisor: Professor Luís Rodrigues) Abstract. Malicious attacks, software
More informationDistributed Systems. Aleardo Manacero Jr.
Distributed Systems Aleardo Manacero Jr. Replication - part 1 Introduction Using multiple servers to attend client requests allow for a better performance in the system Unfortunately, as shown in the study
More informationSTATE Machine Replication (SMR) is a well-known approach
TO APPEAR IN IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS (MARCH 17) 1 Elastic State Machine Replication Andre Nogueira, Antonio Casimiro, Alysson Bessani State machine replication (SMR) is a
More informationDelay Controlled Elephant Flow Rerouting in Software Defined Network
1st International Conference on Advanced Information Technologies (ICAIT), Nov. 1-2, 2017, Yangon, Myanmar Delay Controlled Elephant Flow Rerouting in Software Defined Network Hnin Thiri Zaw, Aung Htein
More informationLeveraging SDN & NFV to Achieve Software-Defined Security
Leveraging SDN & NFV to Achieve Software-Defined Security Zonghua Zhang @imt-lille-douai.fr NEPS: NEtwork Performance and Security Group 2 Topics Anomaly detection, root cause analysis Security evaluation
More informationSecurity (and finale) Dan Ports, CSEP 552
Security (and finale) Dan Ports, CSEP 552 Today Security: what if parts of your distributed system are malicious? BFT: state machine replication Bitcoin: peer-to-peer currency Course wrap-up Security Too
More informationAnonymous Connections and Onion Routing
Anonymous Connections and Onion Routing David Goldschlag, Michael Reed, and Paul Syverson Center for High Assurance Computer Systems Naval Research Laboratory Washington, D.C. 1 Who is Talking to Whom?
More informationLecture 10.1 A real SDN implementation: the Google B4 case. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 10.1 A real SDN implementation: the Google B4 case Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it WAN WAN = Wide Area Network WAN features: Very expensive (specialized high-end
More informationInternational Journal of Advanced Research in Computer Science and Software Engineering
Volume 2, Issue 9, September 2012 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Backup Two
More informationToday: Fault Tolerance
Today: Fault Tolerance Agreement in presence of faults Two army problem Byzantine generals problem Reliable communication Distributed commit Two phase commit Three phase commit Paxos Failure recovery Checkpointing
More informationSecurity improvement in IOT based on Software
International Journal of Scientific & Engineering Research, Volume 8, Issue 4, April-2017 122 Security improvement in IOT based on Software Raghavendra Reddy, Manoj Kumar, Dr K K Sharma Abstract With the
More informationBuilding world-class security response and secure development processes
Building world-class security response and secure development processes David Jorm, Senior Manager of Product Security, IIX Outline Introduction SDN attack surface Recent OpenDaylight vulnerabilities Defensive
More informationDistributed Systems. 09. State Machine Replication & Virtual Synchrony. Paul Krzyzanowski. Rutgers University. Fall Paul Krzyzanowski
Distributed Systems 09. State Machine Replication & Virtual Synchrony Paul Krzyzanowski Rutgers University Fall 2016 1 State machine replication 2 State machine replication We want high scalability and
More informationNetwork Security Platform 8.1
8.1.7.5-8.1.3.43 M-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product documentation
More informationOn the State of the Inter-domain and Intra-domain Routing Security
On the State of the Inter-domain and Intra-domain Routing Security Mingwei Zhang April 19, 2016 Mingwei Zhang Internet Routing Security 1 / 54 Section Internet Routing Security Background Internet Routing
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationRule based Forwarding (RBF): improving the Internet s flexibility and security. Lucian Popa, Ion Stoica, Sylvia Ratnasamy UC Berkeley Intel Labs
Rule based Forwarding (RBF): improving the Internet s flexibility and security Lucian Popa, Ion Stoica, Sylvia Ratnasamy UC Berkeley Intel Labs Motivation Improve network s flexibility Middlebox support,
More information