Publicado em: 22/03/2013

Dissertação de Mestrado em Redes de Computadores

UNIVERSIDADE FEDERAL DO RIO GRANDE DO SUL
INSTITUTO DE INFORMÁTICA
PROGRAMA DE POS-GRADUAÇÃO EM COMPUTAÇÃO
———————————————————
DEFESA DE DISSERTAÇÃO DE MESTRADO

Aluno: Rodrigo Ruas Oliveira
Orientador: Prof. Dr. Antonio Marinho Pilla Barcellos

Título: Toward Cost-efficient, DoS-resilient Virtual Networks with ORE: Opportunistic Resilience Embedding
Linha de Pesquisa: Redes de Computadores

Data: 28/03/2013
Hora: 16h30min
Local: Sala 215 Prédio 43412 – Instituto de Informática

Banca Examinadora:
Prof. Dr. Fernando Luis Dotti (PUCRS)
Prof. Dr. Lisandro Zambenedetti Granville (UFRGS)
Profa. Dra. Michele Nogueira Lima (UFPR) Por Videoconferência

Presidente da Banca: Prof. Dr. Antonio Marinho Pilla Barcellos

Resumo:

Recently, the Internet’s success has prevented the dissemination of novel networking architectures and protocols. Specifically, any modification to the core of the network requires agreement among many different parties. To address this situation, Network Virtualization has been proposed as a diversifying attribute for the Internet. This paradigm promotes the development of new architectures and protocols by enabling the creation of multiple virtual networks on top of a same physical substrate. In addition, applications running over the same physical network can be isolated from each other, thus allowing them to coexist independently.

One of the main advantages of this paradigm is the use of isolation to limit the scope of attacks. This can be achieved by creating different, isolated virtual networks for each task, so traffic from one virtual network does not interfere with the others. However, routers and links are still vulnerable to attacks and failures on the underlying network. Particularly, should a physical link be compromised, all embedded virtual links will be affected.

Previous work tackled this problem with two main strategies: using backup resources to protect against disruptions; or live migration to relocate a compromised virtual resource. Both strategies have drawbacks: backup resources tend to be expensive for the infrastructure provider, while live migration may leave virtual networks inoperable during the recovery period.

This dissertation presents ORE (Opportunistic Resilience Embedding), a novel embedding approach for protecting virtual links against substrate network disruptions. ORE’s design is two-folded: while a preventive strategy embeds virtual links into multiple substrate paths to mitigate the initial impact of a disruption, a reactive one attempts to recover any capacity affected by an underlying disruption. Both strategies are modeled as optimization problems. Additionally, since the embedding problem is NP-Hard, ORE uses a Simulated Annealing-based meta-heuristic to solve it efficiently. Numerical results show that ORE can provide resilience to disruptions at a lower cost.

Palavras-Chave: Network virtualization, virtual network embedding, resource allocation, optimization, algorithms, resilient, survivable, security.