Abstract-Modern SDN control stacks consist of multiple abstraction and virtualization layers to enable flexibility in the development of new control features. Rich data modeling frameworks are essential when sharing information across control layers. Unfortunately, existing NOS data modeling capabilities are limited to simple type-checking and code templating. We present an exploration of a more extreme point on SDN data modeling: ReasoNet. Developers can use semantic web technologies to enrich their data models with reasoning rules and integrity/consistency constraints, and automate state inference across layers. We demonstrate the ability of ReasoNet to automate state verification and cross-layer debugging, through the implementation of two popular control applications, a learning switch and a QoS policy engine.
Many problems are encountered in the construction of bifurcated tunnels due the abrupt change in section, small clear distance, and large section. Progress in the direction of tunnel construction is limited by the large-span section; therefore, a special method of construction that involves constructing a guiding tunnel first followed by reverse excavation was adopted to construct the large-span bifurcation section of the Liantang tunnel of Shenzhen Eastern Transit Expressway in China. The stability criterion of the surrounding rock of the middle wall in the section of multiple arch and small clear distance is studied by theoretical analysis, and the internal stress and corresponding ultimate strength of the middle wall under different buried depths and widths of the middle wall are calculated by the stability criterion. In this study, 3D finite-difference software was used to simulate the excavation process under forward and reverse excavation conditions. The results show that the displacement field and internal force field distribution are similar for both excavation methods, and the tunneling first and reverse excavation construction method is safe and reliable.
With network attacks becoming more sophisticated and unpredictable, detecting their onset and mitigating their effects in an automated manner become increasingly challenging. Lightweight and agile detection mechanisms that are able to detect zero-day attacks are in great need. High true-negative rate and low false-positive rate are the most important indicators for a intrusion detection system. In this paper, we exploit the logically-centralised view of Software-Defined Networking (SDN) to increase true-negative rate and lower false-positive rate in a intrusion detection system based on the Artificial Immune System (AIS). We propose the use of an antibody fuser in the controller to merge and fuse the mature antibody sets trained in the individual switches and turn the real intrusion records each switch has seen into antibodies. Our results show that both the false-positive rate and true-negative rate experience significant improvement with the number of local antibody sets fused grows, consuming less cpu usage overhead. A peak improvement can reach over 80% when antibody sets from all switches are taken into consideration.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.