Hands-on, Applied Research in Network Engineering
Collaborating with network service providers, hyperscale companies, and network equipment manufacturers, Dr. Levi Perigo’s research vision is to enhance networks by making them more programmable and scalable. Dr. Perigo’s network engineering research focuses on next generation networks: software-defined networking (SDN), network functions virtualization (NFV), and network programmability/automation. Current research publications and presentations by Dr. Perigo have been in the field of network engineering energy proportionality, open-source virtual network functions (VNFs), and network orchestration and automation for enterprise networks.
Recent Academic Honors and Awards:
Recent Research Publications from Network Engineering:
Abstract: Software-defined Networking (SDN) is a revolutionary network architecture whose benefits stem partly from separating the data plane and control plane. In this scheme, the control functionalities are relocated to a logically centralized SDN controller which makes efficient and globally optimal forwarding decisions for network devices. Despite the fact that network virtualization technologies enable elastic capacity engineering and seamless fault recovery of the SDN controller, an optimal controller placement strategy that can adapt to changes in networks is an important but underexplored research topic. This paper roposes a novel deep reinforcement learning-based model that dynamically and strategically adjusts the location of the controller to minimize the OpenFlow latency in a virtualized environment. The experimental results demonstrate that the proposed strategy out performs both a random strategy and a generic strategy. Furthermore, this paper provides detailed instructions on how to implement the proposed model in real-world software-defined networks.
Abstract: Advanced Persistent Threats are an emerging cyber threat to cyber-physical systems (CPS), especially those comprising mission-critical physical assets. However, defense against such attacks is challenging, due to their sophistication, stealthiness, and zero-day exploitation. Existing works in this area mainly focus on the detection of APT, but it might be too late or too costly to impede APT when it is detected with high confidence. Therefore, this work focuses on CPS intrusion detection and prevention against APT attacks, and aims at preventing such attacks in earlier stages through a strategic response policy to imperfect APT alerts by leveraging the multistage characteristic of APT and a deep reinforcement learning formulation. A novel host-based APT detection and response model called SR2APT is proposed which consists of a detection engine and a decision engine. The detection engine is based on graph convolutional network which classifies a stream of system log provenance subgraphs as an APT stage or benign. Then, the detection results are transmitted to the decision engine sequentially, which is trained based on deep reinforcement learning and outputs the optimal response actions to APT alerts. Experimental results show that the GCN-based detection engine obtains 94% classification accuracy on a semi-synthetic dataset of system logs, and outperforms classification models based on SVM, CNN and LSTM. The strategic alert response policy from the decision engine is compared with two baseline fixed response policies, and it achieves the best trade-off between preventing APT attacks and minimizing the impediments of mistaken active defense actions to benign activities that generate false alerts, thus obtaining the highest total rewards in the defense against APT attacks.
Abstract: Prior work identified that the Decision-Tree (DT) algorithm allocates the best placement location for a containerized software-defined networking controller virtual network function (SDN-VNF). However, this identification and placement criteria was restricted to OpenFlow network architectures. To address this limitation, this study enhances the DT algorithm to identify the optimal containerized VNF placement location for a Voice over Internet Protocol (VoIP) VNF, thus expanding the applicability of the DT algorithm to incorporate UDP networks carrying Session Initiation Protocol (SIP) packets. To validate the enhancement, this study compares two approaches for implementing the DT algorithm: first, using Netperf, and second, using a northbound Python application. The results indicate the DT algorithm offers significantly smaller and near-constant lead time (time required to identify the best placement location) when it is coupled with a northbound Python application compared to the Netperf approach. Furthermore, the second approach using the northbound Python application removes any Linux Operating System (OS) dependency (required with Netperf), which further benefits its adoption in multi-faceted VoIP networks. The outcome of this research enhances the body of knowledge on implementing optimal containerized VNF placement algorithms.
Abstract: The energy consumption of network infrastructures is increasing; therefore, research efforts designed to diminish this growing carbon footprint are necessary. Building on prior work, which determined a difference in the energy consumption of network hardware based on their forwarding configurations and developed a real-time network energy monitoring tool, this research proposes a novel technique to incorporate individual device energy efficiency into network routing decisions. A new routing metric and algorithm are presented to select the lowest-power, least-congested paths between destinations, known as Green Power Forwarding (GPF). In addition, a network dial is developed to enhance GPF by allowing network administrators to tune the network to optimally operate between energy savings and network performance. To ensure the scope of this research for industry adoption, implementation details for different generations of networking infrastructure (past, present, and future) are also discussed. The experiment results indicate that significant energy and, in turn, cost savings can be achieved by employing the proposed GPF technique without a reduction in network performance. The future directions for this research include developing dynamically-tuning network dial modes and extending the principles to inter-domain routing.
Abstract: Energy consumption by the network infrastructure is growing expeditiously with the rise of the Internet. Critical research efforts have been pursued by academia, industry and governments to make networks, such as the Internet, operate more energy efficiently and reduce their power consumption. This work presents an in-depth survey of the approaches to reduce energy consumption in wired networks by first categorizing existing research into broad categories and then presenting the specific techniques, research challenges, and important conclusions. At abroad level, we present five categories of approaches for energy efficiency in wired networks – (i) sleeping of network elements, (ii) link rate adaptation, (iii) proxying, (iv) store and forward, and (v) network traffic aggregation. Additionally, this survey reviews work in energy modeling and measurement, energy-related standards and metrics, and enumerates discussion points for future work and motivations.
Abstract: Software-defined networking (SDN) allows for the decoupling of the control and data planes, enabling more programmability and a global view of the network. Previous research indicates that traditional applications recreated using SDN principles allow for more granularity and customization. In this research, we extend the insights behind SDN to develop a Voice over Internet Protocol (VoIP) framework with the objective to enhance traditional Session Initiation Protocol (SIP) operation and quality of service (QoS) approaches. The contributions of this research are 2-fold: first, an SIP control application is implemented, which communicates with an SDN controller to provide VoIP call registration and call routing capabilities, thereby eliminating the need for specialized SIP proxy hardware devices; second, a dynamic QoS application is developed that provides the ability to make network-wide QoS decisions based on real-time network measurements of latency, bandwidth and packet loss. Functional validation of the framework is performed to verify its operation. The experiment results indicate that the proposed framework allows for enhancements to traditional QoS implementations.
Abstract: Discrete, non-virtualized network elements are characterized by large costs, limited functions, vendor lock-in, and limited orchestration. Virtualization technologies like virtual machines (VM) and containers have expanded the scope of virtual resource utilization through consolidation of workloads that were previously running on multiple servers by running them on a single server. With the advent of Network Functions Virtualization (NFV), industries are able to reduce the micro-economic factors associated with vendor proprietary model such as transaction costs and (physical and human) asset specificity to deal with vendor vulnerabilities in contractual relationships because Virtual Network Functions (VNFs) can virtualize dedicated networking functions that were traditionally performed by vendor appliances such as routers, switches, firewalls, and load balancers. Even though virtualization technologies (VMs and containers) and NFV have demonstrated their benefits in the market, little attention has been devoted to the development and adoption of containers to build VNFs. This research paper identifies micro-economic factors, such as transaction costs, associated with searching, buying, provisioning, and maintenance of vendor proprietary appliances and compares them with the coordination costs associated with the adoption of containerized VNFs. This comparative analysis could be used to identify the type of network operators that could serve as key organizers (the network operator who can benefit largely by adopting containerized VNFs) of an open source peer production model as well as other firms that could serve as individual contributors.
Abstract: The energy consumption of the information and communications technology (ICT) sector has been rising steadily and now it contributes to a sizeable portion of the global carbon emissions. The wired-network infrastructure is predicted to consume a significant portion of the total energy consumption in the coming decades, hence research efforts to reduce it are warranted. This research focuses on ascertaining the operational energy efficiency of network devices based on how they are configured. Software-defined networking (SDN)enables decoupling of the control and data planes and allows devices to make forwarding decisions based on simple, uniform forwarding entries. Therefore, SDN hardware is tested in order to normalize the network configurations which allows for a like to-like comparison of the hardware. The testing results indicate that different device configuration parameters, such as the number of forwarding entries, the type of forwarding entries,the location of forwarding entries (in hardware or software the number of parallel lookups of different forwarding entries, and the number of tables in which the forwarding entries are stored, have an impact on the Watt/Mbps value of the device.
Abstract: Network infrastructure operation and management are becoming increasingly complex. This complexity is a result of multi-vendor devices, distributed platforms, and the numerous protocols for control and management present in the network. Previous studies indicate that shifting network functions from the core network infrastructure to the end hosts offers network benefits and reduces the dependencies on the core infrastructure. In this research, we propose a novel framework to enable network functions on end hosts by utilizing container virtualization technologies. The lightweight and flexible nature of containers facilitates simple deployment and management while enabling application-specific intelligence to reside on the end host relieving the core network infrastructure of these complexities. To achieve this, we implement software-defined networking (SDN) concepts and technologies to enable centralized control of end host network functions. Functional validation of the proposed framework is performed using Voice over IP (VoIP), with the Session Initiation Protocol (SIP), as the network function and the experiment results indicate that the containerized VoIP functions can operate on the end host, simplifying network management and enabling a simple network core.
Abstract: The energy consumption of the information and communication technology sector has become a significant portion of the total global energy consumption, warranting research efforts to attempt to reduce it. The pre-requisite for effectual energy management is the availability of the current power consumption values from network devices. Previous works have attempted to estimate and model the consumption values or have measured it using intrusive approaches such as using an in-line power meter. Recent trends suggest that information models are being increasingly used in all aspects of network management. This paper presents a framework developed for enabling the collection of real-time power consumption information from the next generation of networking hardware non-intrusively by employing information models. The experiment results indicate that it is feasible to gather power consumption data using standardized IETF information models, or non-standard customized information models, or through abstracting and exposing the information in a uniform format when no support for the required information models exists. Functional validation of the proposed framework is performed and the results from this research could be leveraged to make energy-efficient network management decisions.
Abstract: The preliminary work conducted as a part of this research evaluated two virtualization technologies, virtual machines (VM) and containers, for a software-defined networking controller virtual network function (SDN-VNF) – per the NFV Research Group (NFVRG) testing guidelines. Although the VNF benchmarking experiment results have proved that container-based VNFs offer various performance advantages (memory/throughput) over VM-based VNFs, prior work lacks the development of optimal containerized VNF placement algorithms. The goal of this research is to further the preliminary work that presented a resilient SDN/NFV infrastructure per ETSI-NFV design considerations that actively orchestrates and monitors the network infrastructure comprising of SDN-VNF by designing a decision-tree (DT) algorithm to perform an optimal placement of containerized SDN-VNFs in an OpenFlow network architecture. The research compares two approaches for implementing the DT algorithm – first, using cbench as the OpenFlow statistics advisor and second, using a northbound application as the OpenFlow statistics advisor. The result indicates that the DT algorithm offers comparatively smaller and near-constant total placement time when it is coupled with a northbound application compared to the former approach that uses cbench. Moreover, the second approach removes any OpenFlow switch Operating System (OS) dependency (that is required in case of cbench) which further benefits its adoption in multi-faceted OpenFlow networks. The outcome of this research enhances the body of knowledge on implementing optimal containerized SDN-VNF placement algorithms that facilitate Internet Service Providers (ISPs) understanding of the benefits of containerized SDN-VNF adoption.
Abstract: Discrete non-virtualized network elements are characterized by large costs, limited functions, vendor lock-in, and limited orchestration. Network Function Virtualization (NFV) changes the way of creating, deploying, and operating networks by decomposing hardware elements into software components that run on virtualized servers. Two virtualization technologies – Virtual Machines (VM) and containers - have the capability to host Virtual Network Functions (VNFs). These virtualized solutions offer varying results when compared with VNF provisioning time, runtime performance, throughput, and portability depending on the VNF application. Although prior research has identified these results, they lack evaluation of a VNF serving as a Software Defined Network (SDN) controller. In SDN, these parameters serve as a vital criterion for selecting an optimum virtualized solution for hosting an SDN controller, which serves as the control plane for the underlying infrastructure layer. This research paper aims to evaluate an ONOS SDN controller application in a Docker container environment versus a VM environment per the NFV Research Group (NFVRG) testing guidelines. This will help an operator identify an optimum platform to host SDN-VNF micro-service.
Abstract: The rise in cloud-based service offerings has increased the scale and complexity of networks. Previous research indicates that network management tasks using the command-line interface (CLI) and primitive scripting do not scale, as they are complicated, slow, and inefficient. In this research, a software-defined networking (SDN) framework is developed to help solve these problems. Using the intent-based, voice-assisted, self-healing network framework, a proof of concept tool is developed which can make these tasks simple, fast, and efficient by providing an abstraction layer to the operator. The results of this research indicate that, by leveraging the concepts of SDN, it is possible to build a robust and scalable solution that provides the visibility and control needed to effectively achieve network administration, troubleshooting, and self-healing tasks by issuing verbal intents through a digital voice-assistant.
Abstract: Service Function Chaining (SFC) is a capability that links multiple network functions to deploy end-to-end network services. By virtualizing these network functions also known as Virtual Network Functions (VNFs), the dependency on traditional hardware can be removed, hence making it easier to deploy dynamic service chains over the cloud environment. Before implementing service chains over a large scale, it is necessary to understand the performance overhead created by each VNF owing to their varied characteristics. This research paper attempts to gain insights on the server and networking overhead encountered when a service chain is deployed on a cloud orchestration tool such as OpenStack. Specifically, this research will measure the CPU utilization, RAM usage and System Load of the server hosting OpenStack. Each VNF will be monitored for its varying performance parameters when subjected to different kinds of traffic. Our focus lies on acquiring performance parameters of the entire system for different service chains and compare throughput, latency, and VNF statistics of the virtual network. Insights obtained from this research can be used in the industry to achieve optimum performance of hardware and network resources while deploying service chains.
Abstract: Organizations face a challenge of accurately analyzing network data and providing automated action based on the observed trend. This trend-based analytics is beneficial to minimize the downtime and improve the performance of the network services, but organizations use different network management tools to understand and visualize the network traffic with limited abilities to dynamically optimize the network. This research focuses on the development of an intelligent system that leverages big data telemetry analysis in Platform for Network Data Analytics (PNDA) to enable comprehensive trend-based networking decisions. The results include a graphical user interface (GUI) done via a web application for effortless management of all subsystems, and the system and application developed in this research demonstrate the true potential for a scalable system capable of effectively benchmarking the network to set the expected behavior for comparison and trend analysis. Moreover, this research provides a proof of concept of how trend analysis results are actioned in both a traditional network and a software-defined network (SDN) to achieve dynamic, automated load balancing.