CNSM 2012 Tutorials

On the use of Clustering Algorithms for Unsupervised Traffic Monitoring and Analysis

Speaker: Pedro Casas, Telecommunications Research Center FTW, Vienna, Austria

Friday, October 26, 2012, 8:30AM - 10:00AM

Abstract: The massive increase of network traffic transported in modern Internet scenarios has motivated a vast application of Machine Learning techniques in multiple network traffic management tasks. Modern network monitoring and traffic analysis systems rely strongly on signature- based and supervised-learning-based techniques to recognize specific traffic patterns, requiring the knowledge provided by an expert agent, either in terms of signatures or as specific traffic profiles. In this tutorial we explore a diametrically opposite perspective to discover hidden patterns in network traffic without the use of previous traffic knowledge, relying on Clustering techniques. The first part of the tutorial provides a general overview on the problem of Cluster Analysis, presenting the traditional clustering techniques and specifically addressing the problem of clustering on massive datasets. The second part of the tutorial presents and evaluates the application of clustering techniques to the problem of network traffic monitoring for anomaly detection and traffic characterization.

Bio: Pedro Casas is Senior Researcher at the Telecommunications Research Center FTW in Vienna, Austria, working in the Communication Networks area. Hereceived a Ph.D. degree in Computer Science from ENST Bretagne, France in2010. He held a Research and Teaching Assistant position in the Networkingarea at the Universidad de la Rep´ublica in Uruguay between 2003 and 2010. In2010 he joined the LAAS-CNRS research lab as a Postdoctoral Research Fellowin the field of Network Monitoring and Analysis. Dr. Casas has been involvedin multiple research and industrial Networking projects (EU FP7, AT COMET,FR ANR, ECOS-SUD, STIC-AmSud), he is currently WP leader on the FP7 IPproject mPlane (Internet measurements and intelligent network analysis) andWP leader on the COMET project ACE 2.0 (QoE in Mobile Networks). Hehas published more than 35 Networking research papers in major conferencesand journals, receiving 5 best conference paper awards for his work (IEEE,ACM, IFIP, EuroNGI). His research interests span the statistical characterization and analysis of network traffic, network security and anomaly detection,and QoS/QoE automatic assessment. In the last few years he got particularlyinvolved in the study of machine-learning and data mining based approaches forNetworking.

Enhancing Cloud Security Through Software Defined Networking Approaches

Speaker: Dijiang Huang, Arizona State University, USA

Friday, October 26, 2012, 10:30AM - Noon

Abstract: Software Defined Networking (SDN) is an emerging research area that has attracted a lot of attention from academia, industry, and government. SDN packs in itself immense possibilities form supporting the creation of consolidated datacenters and better load balancing, to seamless mobility and secure networks. It is an innovation that allows us to control and program the network in a way to make it responsive to networking events, for example, events caused by security breaches, in a more proactive fashion. SDN approach separates control and data planes which improves optimization of network policies and by providing easy access to flow tables, it gives a real-time control over the network switches, allowing administrators to monitor and control the route of packets flowing through the network. Thus the packets, which otherwise flow according to fixed and firmware defined rules, can now be analyzed and controlled according to dynamic user defined rules. This traffic reshaping capability of SDN promises further developments in networking and allows exploitation of a true control over the traffic. One of the many applications of SDN can be in improving the security by controlling traffic flow in the network by redirecting the packets from a suspicious node to an inspection node where in-depth examination of these packets can be performed. SDN can help in implementation of other techniques for improving security in a cloud environment such as reconfiguring the network dynamically to enforce packet forwarding, blocking, redirection, reflection, changing of MAC or IP address, limiting the packet flow rate etc. These solutions can be considered as less intrusive alternative to security countermeasures taken at the host level, and offer centralized control of the distributed network. Continuing with this notion of security with SDN, in this tutorial, we will introduce the basic features of SDN technologies and explain how to deploy a secure cloud computing system based on SDN solutions. The technical areas that will be presented include: (1) cloud computing and security issues; (2) cloud computing virtual networking systems and SDN management architecture; and (4) security mechanisms based on SDN and case studies. In addition to these technical areas, the tutorial will discuss the technology development path and the vision on how to evolve SDN technologies to support future secure cloud computing applications.

Bio: Dijiang Huang received his B.S. degree from Beijing University of Posts & Telecommunications, China 1995. He received his M.S., and Ph.D. degrees from the University of Missouri–Kansas City, in 2001 and 2004, respectively. He joined Arizona State University (ASU) in 2005 as an assistant professor. He is currently an Associate Professor in the School of Computing Informatics and Decision System Engineering at ASU. His current research interests are computer networking, security, and mobile cloud computing. Dr. Huang is currently leading a team to develop a secure mobile cloud computing infrastructure sponsored by ONR. His team is also working on a programmable network infrastructure for future Internet and developing a cloud platform for network security education that are sponsored by NSF.

Cloud Resource Management

Speaker: Danny Raz and David Breitgand, Technion, Israel Institute of Technology, Israel

Friday, October 26, 2012, 01:15PM - 02:45PM

Abstract: Cloud computing is rapidly gaining momentum as a preferred means of affordable IT outsourcing. Cloud providers are able to lower costs thanks to pooling resources and multiplexing them among many users. Consequently, on the provider side of the cloud business model, optimal resource management is a key ingredient of their ability to offer agile data centers and cloud computing services at a competitive cost. Efficient resource utilization also plays a major role at the customer side of the Cloud equation. Customers' management decisions regarding resource acquisition, elastic service provisioning, and load balancing have direct impact on the performance of their cloud based services. At the Cloud scale, human managers are overwhelmed and thus resource management decisions aiming at balancing the cost with the service QoS should be highly automated, which requires new efficient algorithms and tools. In this tutorial we address the core management topics in cloud computing from both provider and consumer perspectives. We start with a short overview of cloud computing, agile data centers, and virtualization, with an emphasis on the current state of art, major players, and economic and technological forces driving their progress. We then provide detailed description of several short terms resource allocation problems related to specific resources like networking resources, computational resources, and migration technology. Longer term resource management decisions deal with capacity planning, and we introduce different approaches to capacity planning and discuss optimization problems arising in this context. The tutorial is useful both to graduate students and professionals in the field as it presents both the knowledge front in the area of efficient management of cloud computing resources and useful ways to use these academic results in practical scenarios.

Bios: David Breitgand is a research staff member at IBM Haifa Research Lab. David received his Computer Science from the Hebrew University of Jerusalem in 2003. He has over fifteen years ofexperience in the areas of network, system, and services management, fault tolerant and distributedcomputing, and performance modeling and analysis. David joined IBM Haifa Research Lab in 2003where he is a technical leader of the Cloud Operating System Technologies group. David is an activecontributor to IBM Compute Cloud Reference Architecture, used as a foundation for IBM Cloudofferings. David was a visiting lecturer and adjunct faculty at the Hebrew University of Jerusalem,Ben-Gurion University in Beer-Sheva and Israeli Open University. Since January 2011 David serves asadjunct senior faculty at the computer science department, at the Technion, Israel.

Danny Raz received his doctoral degree from the Weizmann Institute of Science, Israel, in 1995.From 1995 to 1997 he was a post-doctoral fellow at the International Computer Science Institute,(ICSI) Berkeley, CA, and a visiting lecturer at the University of California, Berkeley. Between 1997and 2001 he was a Member of Technical Staff at the Networking Research Laboratory at Bell Labs,Lucent Technologies. In October 2000, Danny Raz joined the faculty of the computer sciencedepartment at the Technion, Israel. He served as the general chair of OpenArch 2000, TPC co-chair ofMMNS 2007, TPC co-chair of IM2009, and was an Editor of the IEEE/ACM Transactions onNetworking (ToN) and of JCN. His primary research interest is the theory and application ofmanagement related problems in IP networks and cloud computing.

Evolution of Service Control Platforms for Converging Communication Networks for Humans and Machines

Speaker: Julius Mueller and Thomas Magedanz, TU-Berlin, Germany

Friday, October 26, 2012, 03:15PM - 04:45PM

Abstract: Thanks to the on-going convergence of telecommunications, Internet and entertainment, and the increasing adoption of internet technologies in our daily lifes, we are moving rapidly into a world of total interconnection of humans and machines. This means that after fixed mobile convergence (FMC) and voice data integration which has coined the evolution of telecommunication infrastructures in the last decade, we are now witnessing the start of a much broader convergence of quite different application domains with different value chains and technologies. This convergence is driven by the adoption and extension of Internet technologies in various application domains under the banner of the Future Internet (FI), which today is getting a lot of attention by the increasing notion of Smart Cities, the Internet of services (IoS), Internet of Things (IoT) and Machine to Machine (M2M) communications. Thus different transport and control platforms need to be integrated into a future internet service platform enabling an open set of application domains by so-called common or generic enablers on top of different fixed and mobile network infrastructures. This tutorial will provide an overview of relevant control platforms and the related standards in the context of fixed and mobile Next Generation Network (NGN) evolution towards the Future Internet (FI). Starting form Intelligent Networks (IN) we will look at the 3GPP IP Multimedia Subsystem (IMS), the 3GPP Evolved Packet Core (EPC) and the emerging 3GPP Machine Type Communications (MTC) platform. In addition, we look at relevant Service Delivery Platform (SDP) concepts and related service enablers and Application Programming Interfaces (APIs) as defined by ETSI, 3GPP, GSMA and OMA for enabling seamlessly various applications on top of fixed and mobile networks. We also address the current state of the art in international Future Internet research performed in Germany, Europe, US, and Japan. We will illustrate that operators can play a dominant role in the future internet context when providing the right infrastructures and appropriate interfaces to the right partners in the future. Finally, the tutorial terminates with an introduction to relevant toolkits and laboratories from Fraunhofer FOKUS and Technical University Berlin, enabling rapid prototyping for academic and industry research in the context of NGN to FI evolution. Thus we will briefly introduce the Open IMS core, OpenEPC, and the upcoming OpenMTC toolkits, as well as the FUSECO-Playground and the NGN2FI evolution lab enabling comprehensive prototyping in the context of academic and industry research. The tutorial end with an introduction into toolkits and laboratories from Fraunhofer FOKUS and Technical University Berlin enabling rapid Next Generation Mobile Network prototyping for academic and industry research, namely the OpenEPC (, OpenMTC (, G-Lab DEEP (

Bio: Thomas Magedanz (PhD) is professor in the electrical engineering and computer sciences faculty at the Technical University of Berlin, Germany, leading the chair for nextgeneration networks (Architektur der Vermittlungsknoten – AV) supervising Master and PhD Students. In addition, he is director of the “NGNI” division at the Fraunhofer Institute FOKUS, which provides toolkits and open experimental platforms for fixed and mobile Next Generation Networks, service oriented architecture based Service Delivery Platforms, and the Future Internet for international operators and vendors. Prof. Magedanz is one of the founding members of FOKUS (1988) and member of the management team.Prof. Magedanz is a globally recognized technology expert, based on his 20 years of practical experiences gained by managing various research and development projects in the various fields of today's convergence landscape (namely IT, telecoms, internet and entertainment).Prof. Magedanz is senior member of the IEEE, editorial board member of several journals, and the author of more than 250 technical papers/articles. He is the author of two books on IN standards and IN evolution.Prof. Magedanz is a globally recognized tutorial and keynote speaker at major academic and industrial workshops, conferences and symposia around the world. Examples include: IEEE IN workshop, IEEE ISS, IEEE NOMS, IEEE IM, IEEE ICC, etc.More details:

Julius Mueller (Dipl. Inform.) studied computer science at the Freie Universität Berlin and obtained his diploma in 2009. In his university studies he concentrated on computer networks, distributed systems and mobile communications.He worked as student researcher at the Fraunhofer Institute FOKUS in the competence center Next Generation Network Infrastructures (NGNI) in the field of optimized service provision in Next Generation Networks (NGNs) and particularly the IP Multimedia Subsystem (IMS). Here he also worked in some European projects, such as the EU project Vital++.In this context he also wrote his diploma thesis about NGN/IMS and Peer to Peer (P2P) system integration.In 2009 he joined the chair "Architektur der Vermittlungsknoten (AV)" at the electrical engineering and computer sciences faculty within the Technische Universität Berlin as PhD researcher, where he is working within the German BMBF project G-Lab DEEP-G.His scientific work and PhD supervised by Prof. Thomas Magedanz focuses on the evolution of NGNs towards the Future Internet (FI). Particularly he is investigating Evolved Packet Core (EPC) optimization and Cross-Layer Composition within NGNs and the FI.Mr. Mueller has experiences in workshops and conferences. Examples include: ICIN, Marcus Evans, MobilWare, IEEE ICT, IEEE ICME, IEEE ICCCN etc.More details: