Future Internet Initiatives Research Articles

Preventing DDoS Flooding Attacks With Cryptographic Path Identifiers in Future Internet

Distributed denial of service (DDoS) flooding attacks are very harmful and difficult to prevent due to the default-on nature of both inter-domain and intra-domain routing adopted by the current Internet. Accordingly, many future Internet initiatives try to eliminate DDoS attacks by design. Among these efforts, using path identifiers (PIDs) as inter-domain routing objects has attracted much research interest. However, existing approaches either advertise PIDs throughout the Internet or use secret but forgeable (whether static or dynamic) PIDs, which makes it easy to launch DDoS flooding attacks. To address this issue, in this paper we propose K-PID that uses cryptographic (thus unforgeable) PIDs as inter-domain routing objects. In particular, an <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">${N}$ </tex-math></inline-formula> -bit PID is comprised of an <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">${n}$ </tex-math></inline-formula> -bit prefix and ( <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">${N}\,\,-\,\,{n}$ </tex-math></inline-formula> ) bits that are cryptographic hash over per-flow/request information and a secret number. The prefix is used for inter-domain packet forwarding and the cryptographic hash is used as a token for allowing a data packet to enter into (or, pass through) a domain. We analyze K-PID’s performance in preventing DDoS flooding attacks and implement K-PID in a prototype to verify K-PID’s feasibility. The results show that K-PID can effectively prevent DDoS flooding attacks at a low cost of reducing the forwarding capability of routers.

Reconfigurable Computing and Future Internet: Considerations on Flexibility and Security

The Future Internet is expected to support services in both existing and new scenarios, in terms of mobility, quality, scalability and security, among other. In this work we present how Reconfigurable Computing (RC) may contribute to build Future Internet (FI) flexibility and security. Therefore, we discuss some aspects of FI initiatives which can be addressed by Reconfigurable Computing. Then we show some features of the Reconfigurable Computing enabling technology - the FPGA - which can help to build a more flexible and secure Future Internet. The concluding remarks concern the need of to bring together FI and RC researchers.

Future Internet and Reconfigurable Computing:Considerations on Flexibility and Security

&lt;div data-canvas-width="547.27795779347"&gt;The Future Internet is expected to support services in both existing and new scenarios, in terms of mobility, quality, scalability and security, among other. In this work we present how reconfigurable Computing (RC) may contribute to build Future Internet (FI) flexibility and security. Therefore, we discuss some aspects of FI initiatives that can be addressed by Reconfigurable Computing. Then we show some features of the Reconfigurable Computing enabling technology – FPGA – which can help to build a more flexible and secure Future Internet. The concluding remarks concern the need to bring together FI and RC researchers.&lt;/div&gt;

The EHU-OEF: An OpenFlow-based Layer-2 experimental facility

The current limitations of the Internet have prompted the appearance of the Future Internet initiative, which promotes the deployment of newly proposed infrastructures. In this context, experimental facilities emerge to provide realistic scenarios that allow the testing and advance the research of these novel approaches. From a technical standpoint, building a facility’s infrastructure is challenging and demanding because several requirements, such as its flexibility, support for multiple experiments, isolation and virtualisation, must be fulfilled. To investigate potential Future Internet initiatives, we designed, developed, and deployed our own experimental facility that addresses the aforementioned requirements: the EHU OpenFlow Enabled Facility (EHU-OEF). In this article, we present the EHU-OEF, which is a campus-wide facility based on OpenFlow that simultaneously supports both research and production traffic over the same infrastructure. Because this facility is based, in particular, on the OpenFlow technology and, more generally, follows the Software Defined Networking paradigm, the EHU-OEF provides researchers with the ability to programme the network. Thanks to this property, flexibility and isolation of both the control and the data planes among the experiments are addressed. This article also presents a novel method of network virtualisation at the link layer, the L2PNV approach, which ensures scalability by aggregating MAC addresses. This approach has been implemented with a modification of the FlowVisor controller originally developed at Stanford, which is a special-purpose OpenFlow controller that introduces a software slicing layer between OpenFlow switches and multiple OpenFlow controllers. This article also presents other contributions that have been developed through a successful deployment methodology in the facility, including an authentication and authorisation module, a MAC configuration module and a Prefix-Based Forwarding Decision module. In conclusion, the EHU-OEF facility possesses an excellent infrastructure designed to test and to validate novel proposals under real conditions, and this facility acts as a stepping stone for Future Internet testbeds.

Evaluation of tiered routing protocol in floating cloud tiered internet architecture

Clean slate future Internet initiatives have been ongoing for a few years. An important consideration in the eventual deployment of solutions for such Internet architectures is the testing and validation of the design and its scalability in realistic network environments. Large scale emulation and experimentation testbeds sponsored and funded by major research organizations worldwide provide a suitable platform for the purpose. In this article, we present the implementation details of a new network and routing protocol that entirely replaces IP and its routing protocols from the protocol stack to provide efficient routing and forwarding of packets in a clean slate Floating Cloud Tiered (FCT) Internet architecture. The FCT architecture leverages the tier structure existing among ISPs, and has a new addressing and routing schema based on tiers. In this article, the implementation and evaluation details of the network protocol with these two features, namely the tiered addressing and tier-based routing using the Global Environmental for Network Innovations (GENI) testbed are presented. The performance of the protocol is also compared with Open Shortest Path First (OSPF) implemented over the GENI testbed for identical network topologies.

Combining Cloud and sensors in a smart city environment

Abstract In the current worldwide ICT scenario, a constantly growing number of ever more powerful devices (smartphones, sensors, household appliances, RFID devices, etc.) join the Internet, significantly impacting the global traffic volume (data sharing, voice, multimedia, etc.) and foreshadowing a world of (more or less) smart devices, or “things” in the Internet of Things (IoT) perspective. Heterogeneous resources can be aggregated and abstracted according to tailored thing-like semantics, thus enabling Things as a Service paradigm, or better a “Cloud of Things”. In the Future Internet initiatives, sensor networks will assume even more of a crucial role, especially for making smarter cities. Smarter sensors will be the peripheral elements of a complex future ICT world. However, due to differences in the “appliances” being sensed, smart sensors are very heterogeneous in terms of communication technologies, sensing features and elaboration capabilities. This article intends to contribute to the design of a pervasive infrastructure where new generation services interact with the surrounding environment, thus creating new opportunities for contextualization and geo-awareness. The architecture proposal is based on Sensor Web Enablement standard specifications and makes use of the Contiki Operating System for accomplishing the IoT. Smart cities are assumed as the reference scenario.

Control framework design for Future Internet testbeds

The Future Internet initiatives such as FIRE (Europe), FIND/GENI (USA), and its related research projects rely on experimental facilities (testbeds) to test and validate their solutions. This article compares current approaches of Future Internet testbed control frameworks including a tabular overview. Furthermore, it proposes a new control framework architecture to integrate heterogeneous resources and provide them on demand in a service oriented manner.