nach oben

The Journal of Supercomputing

Erschienen in:

23.04.2018

Learning-based dynamic scalable load-balanced firewall as a service in network function-virtualized cloud computing environments

verfasst von: Naghmeh Dezhabad, Saeed Sharifian

Erschienen in: The Journal of Supercomputing | Ausgabe 7/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Network function virtualization (NFV) is a network architecture which tries to provide communication services in clouds through virtualization techniques. Actually, NFV combines server and service and replaces a lot of network devices. NFV deploys software applications instead of hardware devices and therefore reduces network provider’s financial costs and facilities manageability. One of the services that NFVs present is virtualized firewalls in clouds. As other services in clouds, firewalls should be dynamically scaled to the needs of any business and adapt as demands increase. In this paper, a method is proposed for dynamic auto-scalability of the firewall service in cloud environments. The proposed method also balances incoming load among different virtualized firewalls which are installed as a software on virtual machines and are located in one pool. We consider a queuing model for each virtual machine. The goal here is to determine the number of active virtualized firewalls required in different time steps according to the intensity of incoming load and the proportion of total requests that goes to each firewall. Decisions are made regarding the utilization of firewall virtual machines so that QoS requirements can be met; at the same time, the resources will be saved in order to balance the performance with the cost of allocated firewall virtual machines. To solve the problem, we propose a hybrid genetic algorithm and reinforcement learning-based approach, namely GARLAS (genetic algorithm and reinforcement learning-based autonomic scaling), implemented in a cloud manager. The results of simulation with MATLAB on different realistic workloads demonstrate that the approach is able to find an optimal policy in both scalability and load balancing aspects. Also, it leads to 87.91 and 85.15% of lower average response time and 9.93 and 11.77% of improvement in utilization in comparison with static and threshold-based approaches, respectively.

Vorheriger Artikel Design and performance evaluation of mixed multicast architecture for internet of things environment

Nächster Artikel Brokerage-based dependability integration in cloud computing services

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Sosinsky B (2011) Cloud computing bible. Wiley, Indianapolis

Mell P, Grance T (2011) The NIST definition of cloud computing, National Institute of Standards and Technology

Martins J, Ahmed M, Raiciu C, Olteanu V, Honda M, Bifulco R, Huici F (2014) ClickOS and the art of network function virtualization. In: 11th USENIX Conference on Networked Systems Design and Implementation, Berkeley

Li Y, Chen M (2015) Software-defined network function virtualization: a survey. IEEE Access 3:2542–2553CrossRef

Sekar V, Egi N, Ratnasamy S, Reiter MK, Shi G (2012) Design and implementation of a consolidated middlebox architecture. In: 9th USENIX Conference on Networked Systems Design and Implementation, Berkeley

Khakpour AR, Liu AX (2012) First step toward cloud-based firewalling. In: IEEE 31st Symposium on Reliable Distributed Systems (SRDS), Irvine, CA, pp 8–11

AT&T-Network-Based Firewall. http://www.business.att.com/enterprise/Family/network-security/firewall-endpoint/. Accessed Nov 2016

Salah K, Elbadawi K, Boutaba R (2012) Performance modeling and analysis of network firewalls. IEEE Trans Netw Serv Manag 9(1):12–21CrossRef

Cheswick WR, Bellovin SM, Rubin AD (2003) Firewalls and internet security: repelling the wily hacker. Addison-Wesley, BostonMATH

10.

Fuchs C (2012) Implications of deep packet inspection (DPI) internet surveillance for society. The Privacy & Security Research Paper Series, Department of Informatics and Media, Uppsala University, Sweden

11.

Virtual firewall appliances: trust misplaced (2012). http://blog.cloudpassage.com/2012/01/24/virtual-firewall-appliances-trust-misplaced/. Accessed Nov 2016

12.

He X, Chomsiri T, Namda P, Tan Z (2014) Improving cloud network security using the tree-rule firewall. Future Gen Comput Syst J 30:116–126CrossRef

13.

Kang S, Yoon W (2016) SDN-based resource allocation for heterogeneous LTE and WLAN multi-radio networks. J Supercomput 72(4):1342–1362CrossRef

14.

Kim Y-h, Lim H-k, Kim K-h, Han Y-H (2017) A SDN-based distributed mobility management in LTE/EPC network. J Supercomput 73(7):2919–2933. https://doi.org/10.1007/s11227-016-1724-9

15.

Chen N, Rong B, Mouaki A, Li W (2015) Self-organizing scheme based on NFV and SDN architecture for future heterogeneous networks. Mobile Netw Appl 20(4):466–472CrossRef

16.

Li P, Lia J, Huang Z, Li T, Gao C-Z, Yiu S-M, Chen K (2017) Multi-key privacy-preserving deep learning in cloud computing. Future Gen Comput Syst 74:76–85CrossRef

17.

Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437MathSciNetCrossRefMATH

18.

Luo S, Lin Z, Chen X, Yang Z, Chen J (2011) Virtualization security for cloud computing service. In: IEEE International Conference on Cloud and Service Computing

19.

Berthelot C (2011) Evaluation of a virtual firewall in a cloud environment. MSc Thesis, Napier University, Edinburgh

20.

Antonescu AF, Braun T (2016) Simulation of SLA-based VM-scaling algorithms for cloud-distributed applications. Future Gen Comput Syst 54:260–273. https://doi.org/10.1016/j.future.2015.01.015 CrossRef

21.

Kaur PD, Chana I (2014) A resource elasticity framework for QoS-aware execution of cloud applications. Future Gen Comput Syst 37(1):14–25CrossRef

22.

Lin W, Wang JZ, Liang C, Qi D (2011) A threshold-based dynamic resource allocation scheme for cloud computing. Proc Eng 23:695–703CrossRef

23.

Beloglazov A, Buyya R (2010) Adaptive threshold-based approach for energy-efficient consolidation of virtual machines in cloud data centers. In: Proceedings of the 8th International Workshop on Middleware for Grids, Clouds and e-Science. ACM, p 4

24.

Dutreilh X, Rivierre N, Moreau A, Malenfant J, Truck I (2010) From data center resource allocation to control theory and back. In: Proceedings of the 3rd IEEE International Conference on Cloud Computing, CLOUD 2010, Application and Industry Track. IEEE, pp 410–417

25.

Rao J, Bu X, Xu C, Wang L, Yin G (2009) VCONF: a reinforcement learning approach to virtual machines auto-configuration. In: ICAC ‘09 Proceedings of the 6th International Conference on Autonomic Computing, pp 137–146

26.

Dutreilh X, Kirgizov S, Melekhova O, Malenfant J, Rivierre N, Truck I (2011) Using reinforcement learning for autonomic resource allocation in clouds: toward a fully automated workflow. In: ICAS 2011: The Seventh International Conference on Autonomic and Autonomous Systems

27.

Barret E, Howley E, Duggan J (2013) Applying reinforcement learning toward automating resource allocation and application scalability in the cloud. Concurr Comput Pract Exp 25(12):1656–1674CrossRef

28.

Yazdanov L, Fetzer C (2013) VScaler: autonomic virtual machine scaling. In: IEEE Sixth International Conference on Cloud Computing (CLOUD), CA, USA, pp 212–219

29.

Rashidi S, Sharifian S (2017) A hybrid heuristic queue based algorithm for task assignment in mobile cloud. Future Gen Comput Syst 68:31–345CrossRef

30.

Wu H, Kemme B (2009) A unified framework for load distribution and fault-tolerance of application servers. In: Euro-Par’09: Proceedings of the 15th International Euro-Par Conference on Parallel Processing. Springer, Berlin, pp 178–190

31.

Rashidi S, Sharifian S (2017) Cloudlet dynamic server selection policy for mobile task off-loading in mobile cloud computing using soft computing techniques. J Supercomput. https://doi.org/10.1007/s11227-017-1983-0

32.

Ajit M, Vidya G (2013) VM level load balancing in cloud environment. In: Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT)

33.

Geethu Gopinath PP, Vasudevan SK (2015) An in-depth analysis and study of load balancing techniques in the cloud computing environment. Big Data Cloud Comput Chall 50:427–432

34.

Fu H, Zhang M (2006) Online adaptive firewall allocation in internet data center. J Comput Commun 29(10):1858–1867CrossRef

35.

Trag D, Tran N, Nguyen G, Nguyen BM (2017) A proactive cloud scaling model based on fuzzy time series and SLA awareness. Proc Comput Sci 108:365–374CrossRef

36.

Salah K, Calyam P, Boutaba R (2017) Analytical model for elastic scaling of cloud-based firewalls. IEEE Trans Netw Serv Manag 14(1):136–146CrossRef

37.

Vondra T, Šedivý J (2017) Cloud autoscaling simulation based on queueing network model. Simul Model Pract Theory 70:83–100CrossRef

38.

Arlitt MF, Williamson CL (1996) Web server workload characterization: the search for invariants. ACM SIGMETRICS Perform Eval Rev 24(1):126–137CrossRef

39.

Downey AB (2001) Evidence for long-tailed distributions in the Internet. In 1st ACM SIGCOMM Workshop on Internet Measurement, NY, USA

40.

Jin X, Min G (2008) QoS analysis of queuing systems with self-similar traffic and heavy-tailed packet sizes. In: IEEE International Conference on Communications, Beijing

41.

Downey AB (2001) The structural cause of file size. In: Ninth International Symposium on Distributions, Modeling, Analysis and Simulation of Computer and Telecommunication Systems, Cincinnati, OH

42.

Johnson NL, Kotz S, Balakrishnan N (1994) Lognormal distributions. Continuous univariate distributions. Wiley series in probability and mathematical statistics: applied probability and statistics, 2nd edn. New York, USA

43.

Duda RO, Hart PE, Stork DG (2001) Pattern classification, 2nd edn. Wiley, HobokenMATH

44.

Sutton RS, Barto AG (1998) Reinforcement learning: an introduction. MIT Press, Cambridge

45.

Sigaud O, Buffet O (2010) Markov decision process in artificial intelligence. Wiley, HobokenMATH

46.

Littman ML (1996) Algorithms for sequential decision making. Ph.D. thesis, Department of Computer Science, Brown University, Rhode Island, USA

47.

Bolch G, Greiner S, de Meer H, Trivedi KS (2006) Queueing networks and markov chain, modeling and performance evaluation with computer science application. Wiley, HobokenCrossRefMATH

48.

Yegenoglu F, Faris F, Qadan O (2000) A model for representing wide area internet packet behavior. In: IEEE International Conference on Performance, Computing, and Communications

49.

Elbeltagi E, Hegazy T, Grierson D (2005) Comparison among five evolutionary-based optimization algorithms. J Adv Eng Inform 19(1):43–53CrossRef

50.

Goldberg D (1989) Genetic algorithms in search, optimization and machine learning. Addison-Wesley, BostonMATH

51.

Monge DA, Pacini E, Mateos C, Garino CG (2017) Meta-heuristic based autoscaling of cloud-based parameter sweep experiments with unreliable virtual machines instances. Comput Electr Eng. https://doi.org/10.1016/j.compeleceng.2017.12.007

Titel: Learning-based dynamic scalable load-balanced firewall as a service in network function-virtualized cloud computing environments
verfasst von: Naghmeh Dezhabad
Saeed Sharifian
Publikationsdatum: 23.04.2018
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 7/2018
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-018-2387-5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 7/2018

Correction to: Dependability enhancing mechanisms for integrated clinical environments

System-wide trade-off modeling of performance, power, and resilience on petascale systems

Load balancing in reducers for skewed data in MapReduce systems by using scalable simple random sampling

On benchmarking task scheduling algorithms for heterogeneous computing systems

Resource optimization of container orchestration: a case study in multi-cloud microservices-based applications

Balancing the learning ability and memory demand of a perceptron-based dynamically trainable neural network