Although SDN provides desirable characteristics such as the manageability, flexibility and extensibility of the networks, it has a considerable disadvantage in its reliability due to its centralized architecture. To protect SDN-enabled networks under large-scale, unexpected link failures, we propose ResilientFlow that deploys distributed modules called Control Channel Maintenance Module (CCMM) for every switch and controllers. The CCMMs makes switches able to maintain their own control channels, which are core and fundamental part of SDN. In this paper, we design, implement, and evaluate the ResilientFlow.

Network virtualization environments (NVEs) are emerging to meet the increasing diversity of demands by Internet users where a virtual network (VN) can be constructed to accommodate each specific application service. In the future Internet, diverse service providers (SPs) will provide application services on their own VNs running across diverse infrastructure providers (InPs) that provide physical resources in an NVE. To realize both efficient resource utilization and good QoS of each individual service in such environments, SPs should perform adaptive control on network and computational resources in dynamic and competitive resource sharing, instead of explicit and sufficient reservation of physical resources for their VNs. On the other hand, two novel concepts, software-defined networking (SDN) and network function virtualization (NFV), have emerged to facilitate the efficient use of network and computational resources, flexible provisioning, network programmability, unified management, etc., which enable us to implement adaptive resource control. In this paper, therefore, we propose an architectural design of network orchestration for enabling SPs to maintain QoS of their applications aggressively by means of resource control on their VNs efficiently, by introducing virtual network provider (VNP) between InPs and SPs as 3-tier model, and by integrating SDN and NFV functionalities into NVE framework. We define new north-bound interfaces (NBIs) for resource requests, resource upgrades, resource programming, and alert notifications while using the standard OpenFlow interfaces for resource control on users' traffic flows. The feasibility of the proposed architecture is demonstrated through network experiments using a prototype implementation and a sample application service on nation-wide testbed networks, the JGN-X and RISE.

The availability is an important issue of software-defined networking (SDN). In this paper, the experiments based on a SDN testbed showed that the resource utilization of the data plane and control plane changed drastically when DDoS attacks happened. This is mainly because the DDoS attacks send a large number of fake flows to network in a short time. Based on the observation and analysis, a DDoS defense mechanism based on legitimate source and destination IP address database is proposed in this paper. Firstly, each flow is abstracted as a source-destination IP address pair and a legitimate source-destination IP address pair database (LSDIAD) is established by historical normal traffic trace. Then the proportion of new source-destination IP address pair in the traffic per unit time is cumulated by non-parametric cumulative sum (CUSUM) algorithm to detect the DDoS attacks quickly and accurately. Based on the alarm from the non-parametric CUSUM, the attack flows will be filtered and redirected to a middle box network for deep analysis via south-bound API of SDN. An on-line updating policy is adopted to keep the LSDIAD timely and accurate. This mechanism is mainly implemented in the controller and the simulation results show that this mechanism can achieve a good performance in protecting SDN from DDoS attacks.

Software architecture recovery techniques are often adopted to derive a module view of software from its source code in case software architecture documents are unavailable or outdated. The module view is one of the most important perspectives of software architecture. In this paper, we propose a novel approach to derive a module view by adaptively integrating structural dependency and textual similarity. Our approach utilizes Newman modularity and Shannon information entropy to determine the appropriate weights of the dependencies during the integration. We apply our approach to various open-source projects and show the experimental results validating the effectiveness of the approach.

Change-aware development environments can automatically record fine-grained code changes on a program and allow programmers to replay the recorded changes in chronological order. However, since they do not always need to replay all the code changes to investigate how a particular entity of the program has been changed, they often eliminate several code changes of no interest by manually skipping them in replaying. This skipping action is an obstacle that makes many programmers hesitate when they use existing replaying tools. This paper proposes a slicing mechanism that automatically removes manually skipped code changes from the whole history of past code changes and extracts only those necessary to build a particular class member of a Java program. In this mechanism, fine-grained code changes are represented by edit operations recorded on the source code of a program and dependencies among edit operations are formalized. The paper also presents a running tool that slices the operation history and replays its resulting slices. With this tool, programmers can avoid replaying nonessential edit operations for the construction of class members that they want to understand. Experimental results show that the tool offered improvements over conventional replaying tools with respect to the reduction of the number of edit operations needed to be examined and over history filtering tools with respect to the accuracy of edit operations to be replayed.

Software peer review is regarded as one of the most important approaches to preserving software quality. Due to the distributed collaborations in Open Source Software (OSS) development, the review techniques and processes conducted in OSS environment differ from the traditional review method that based on formal face-to-face meetings. Unlike other related works, this study investigates peer review processes of OSS projects from the social perspective: communication and interaction in peer review by using social network analysis (SNA). Moreover, the relationship between peer review contributors and their activities is studied. We propose an approach to evaluating contributors' activeness and social relationship using SNA named Peer Review Social Network (PeRSoN). We evaluate our approach by empirical case study, 326,286 review comments and 1,745 contributors from three representative industrial OSS projects have been extracted and analyzed. The results indicate that the social network structure influences the realistic activeness of contributors significantly. Based on the results, we suggest our approach can support project leaders in assigning review tasks, appointing reviewers and other activities to improve current software processes.

Protecting control planes in networking hardware from high rate packets is a critical issue for networks under operation. One common approach for conventional networking hardware is to offload expensive functions onto hard-wired offload engines as ASICs. This approach is inadequate for OpenFlow networks because it restricts a certain amount of flexibility for network control that OpenFlow tries to provide. Therefore, we need a control plane protection mechanism in OpenFlow switches as a last resort, while preserving flexibility for network control. In this paper, we propose a mechanism to filter out Packet-In messages, which include packets handled by the control plane in OpenFlow networks, without dropping important ones for network control. Switches record values of packet header fields before sending Packet-In messages, and filter out packets that have the same values as the recorded ones. The controllers set the header fields in advance whose values must be recorded, and the header fields are selected based on controller design. We have implemented and evaluated the proposed mechanism on a prototype software switch, concluding that it dramatically reduces CPU loads on switches while passes important Packet-In messages for network control.

In our previous paper, we presented a concept of “Baseband Radio” as an ideal of future wireless communication scheme. Furthermore, for enhancing the adaptability of baseband radio, the adaptive baseband radio was discussed as the ultimate communication system; it integrates the functions of cognitive radio and software-defined radio. In this paper, two transmission schemes that take advantage of adaptive baseband radio are introduced and the results of a performance evaluation are presented. The first one is a scheme based on DSFBC for realizing higher reliability; it allows the flexible use of frequency bands over a wide range of white space. The second one is a low-power-density communication scheme with spectrum-spreading by means of frequency-domain differential coding so that the secondary system does not seriously interfere with primary-user systems that have been assigned the same frequency band.

The Lyapunov stability theory-based adaptive filter (LST-AF) is a robust filtering algorithm which the tracking error quickly converges to zero asymptotically. Recently, the software module of the LST-AF algorithm is effectively used in engineering applications such as tracking, prediction, noise cancellation and system identification problems. Therefore, hardware implementation becomes necessary in many cases where real time procedure is needed. In this paper, an implementation of the LST-AF algorithm on Field Programmable Gate Arrays (FPGA) is realized for the first time to our knowledge. The proposed hardware implementation on FPGA is performed for two main benchmark problems; i) tracking of an artificial signal and a Henon chaotic signal, ii) estimation of filter parameters using a system identification model. Experimental results are comparatively presented to test accuracy, performance and logic occupation. The results show that our proposed hardware implementation not only conserves the capabilities of software versions of the LST-AF algorithm but also achieves a better performance than them.

Analogy-based software effort estimation has gained a considerable amount of attention in current research and practice. Its excellent estimation accuracy relies on its solution adaptation stage, where an effort estimate is produced from similar past projects. This study proposes a solution adaptation technique named LSA-X that introduces an approach to exploit the potential of productivity factors, i.e., project variables with a high correlation with software productivity, in the solution adaptation stage. The LSA-X technique tailors the exploitation of the productivity factors with a procedure based on the Linear Size Adaptation (LSA) technique. The results, based on 19 datasets show that in circumstances where a dataset exhibits a high correlation coefficient between productivity and a related factor (r≥0.30), the proposed LSA-X technique statistically outperformed (95% confidence) the other 8 commonly used techniques compared in this study. In other circumstances, our results suggest using any linear adaptation technique based on software size to compensate for the limitations of the LSA-X technique.

Microkernel operating systems (OSes) use zero-copy communication to reduce the overhead of copying transfer data, because the communication between OS servers occurs frequently in the case of microkernel OSes. However, when a memory management unit manages the translation lookaside buffer (TLB) using software, TLB misses tend to increase the overhead of interprocess communication (IPC) between OS servers running on a microkernel OS. Thus, improving the control method of a software-managed TLB is important for microkernel OSes. This paper proposes a fast control method of software-managed TLB that manages page attachment in the area used for IPC by using TLB entries, instead of page tables. Consequently, TLB misses can be avoided in the area, and the performance of IPC improves. Thus, taking the SH-4 processor as an example of a processor having a software-managed TLB, this paper describes the design and the implementation of the proposed method for AnT operating system, and reports the evaluation results of the proposed method.

In this paper, we apply the concept of software-defined data plane to defining new services for Mobile Virtual Network Operators (MVNOs). Although there are a large number of MVNOs proliferating all over the world and most of them provide low bandwidth at low price, we propose a new business model for MVNOs and empower them with capability of tailoring fine-grained subscription plans that can meet users' demands. For example, abundant bandwidth can be allocated for some specific applications, while the rest of the applications are limited to low bandwidth. For this purpose, we have recently proposed the concept of application and/or device specific slicing that classifies application and/or device specific traffic into slices and applies fine-grained quality of services (QoS), introducing various applications of our proposed system [9]. This paper reports the prototype implementation of such proposal in the real MVNO connecting customized smartphones so that we can identify applications from the given traffic with 100% accuracy. In addition, we propose a new method of identifying applications from the traffic of unmodified smartphones by machine learning using the training data collected from the customized smartphones. We show that a simple machine learning technique such as random forest achives about 80% of accuracy in applicaton identification.

An L2-in-L3 tunneling technology plays an important role in network virtualization based on the concept of Software-Defined Networking (SDN). VXLAN (Virtual eXtensible LAN) and NVGRE (Network Virtualization using Generic Routing Encapsulation) protocols are being widely used in public cloud datacenters. These protocols resolve traditional VLAN problems such as a limitation of the number of virtual networks, however, their network performances are low without dedicated hardware acceleration. Although STT (Stateless Transport Tunneling) achieves far better performance, it has pragmatic problems in that STT packets can be dropped by network middleboxes like stateful firewalls because of modified TCP header semantics. In this paper, we propose yet another layer 4 protocol (Segment-oriented Connection-less Protocol, SCLP) for existing tunneling protocols. Our previous study revealed that the high-performance of STT mainly comes from 2-level software packet pre-reassembly before decapsulation. The SCLP header is designed to take advantage of such processing without modifying existing protocol semantics. We implement a VXLAN over SCLP tunneling and evaluate its performance by comparing with the original VXLAN (over UDP), NVGRE, Geneve, and STT. The results show that the throughput of the proposed method was comparable to STT and almost 70% higher than that of other protocols.

Many public cloud datacenters have adopted the Edge-Overlay model which supports virtual switch-based network virtualization using IP tunneling. However, software-implemented virtual switches can cause performance degradation because the packet processing load can concentrate on a particular CPU core. As a result, such load concentration decreases and destabilizes the performance of virtual networks. Although multi-queue functions like Receive Side Scaling (RSS) can distribute the load onto multiple CPU cores, they still have performance problems such as IRQ core collision between priority flows as well as competitive resource use between host and guest machines for received packet processing. In this paper, we propose Virtual Switch Extension (VSE) that adaptively determines CPU core assignment for SoftIRQ to prevent performance degradation. VSE supports two types of SoftIRQ core selection mechanisms, on-the-fly or predetermined. In the on-the-fly mode, VSE selects a SoftIRQ core based on current CPU load to exploit low-loaded CPU resources. In the predetermined mode, SoftIRQ cores are assigned in advance to differentiate the performance of priority flows. This paper describes a basic architecture and implementation of VSE and how VSE assigns a SoftIRQ cores. Moreover, we evaluate fundamental throughput of various CPU assignment models in the predetermined mode. Finally, we evaluate the performance of a priority VM in two VM usecases, the client-usecase which is receive-oriented and the router-usecase which performs bi-directional communications. In the client-usecase, the throughput of the priority VM was improved by 31% compared with RSS when the priority VM had one dedicated core. In the router-usecase, the throughput was improved by 29% when three dedicated cores were provided for the VM.

This paper considers how to evaluate the resiliency for virtualized system with software rejuvenation. The software rejuvenation is a proactive technique to prevent the failure caused by aging phenomenon such as resource exhaustion. In particular, according to Gohsh et al. (2010), we compute a quantitative criterion to evaluate resiliency of system by using continuous-time Markov chains (CTMC). In addition, in order to convert general state-based models to CTMCs, we employ PH (phase-type) expansion technique. In numerical examples, we investigate the resiliency of virtualized system with software rejuvenation under two different rejuvenation policies.

In this letter we develop a software reliability modeling framework by introducing the Burr XII distributions to software fault-detection time. An extension to deal with software metrics data characterizing the product size, program complexity or testing expenditure is also proposed. Finally, we investigate the goodness-of-fit performance and compare our new models with the existing ones through real data analyses.

OSEK/VDX, a standard for an automobile OS, has been widely adopted by many manufacturers to design and develop a vehicle-mounted OS. With the increasing functionalities in vehicles, more and more complex applications are be developed based on the OSEK/VDX OS. However, how to ensure the reliability of developed applications is becoming a challenge for developers. To ensure the reliability of developed applications, model checking as an exhaustive technique can be applied to discover subtle errors in the development process. Many model checkers have been successfully applied to verify sequential software and general multi-threaded software. However, it is hard to directly use existing model checkers to precisely verify OSEK/VDX applications, since the execution characteristics of OSEK/VDX applications are different from the sequential software and general multi-threaded software. In this paper, we describe and develop an approach to translate OSEK/VDX applications into sequential programs in order to employ existing model checkers to precisely verify OSEK/VDX applications. The value of our approach is that it can be considered as a front-end translator for enabling existing model checkers to verify OSEK/VDX applications.

We discuss software reliability assessment considering multiple changes of software fault-detection phenomenon. The testing-time when the characteristic of the software failure-occurrence or fault-detection phenomenon changes notably in the testing-phase of a software development process is called change-point. It is known that the occurrence of the change-point influences the accuracy for the software reliability assessment based on a software reliability growth models, which are mainly divided into software failure-occurrence time and fault counting models. This paper discusses software reliability growth modeling frameworks considering with the effect of the multiple change-point occurrence on the software reliability growth process in software failure-occurrence time and fault counting modeling. And we show numerical illustrations for the software reliability analyses based on our models by using actual data.

A new modeling approach for the non-homogeneous Poisson processes (NHPPs) based software reliability modeling is proposed to describe the stochastic behavior of software fault-detection processes, of which the failure rate is not monotonic. The fundamental idea is to apply the Marshall-Olkin distribution to the software fault-detection time distribution. The applicability of Marshall-Olkin distribution in software reliability modeling is studied. The data fitting abilities of the proposed NHPP-based software reliability model is compared with the existing typical ones through real software project data analysis.

Current software behavior models lack the ability to conduct semantic analysis. We propose a new model to detect abnormal behaviors based on a function semantic tree. First, a software behavior model in terms of state graph and software function is developed. Next, anomaly detection based on the model is conducted in two main steps: calculating deviation density of suspicious behaviors by comparison with state graph and detecting function sequence by function semantic rules. Deviation density can well detect control flow attacks by a deviation factor and a period division. In addition, with the help of semantic analysis, function semantic rules can accurately detect application layer attacks that fail in traditional approaches. Finally, a case study of RSS software illustrates how our approach works. Case study and a contrast experiment have shown that our model has strong expressivity and detection ability, which outperforms traditional behavior models.