M
FundingPartners
Brazilian program MCT/CNPq n° 066/2010 (Programa de Cooperação Brasil-União Europeia) - European Union's Seventh Framework Programme ([FP7/2007-2013]) ICT-288349
Experimentation with Future Internet Testbed with Security
Automatic Migration to Save Energy
Scalable Intrusion Detection and Prevention System
MigrationManager Physical
Node
VirtualNodes
VMs
Migration
Command
PM ShutdownCommand
Content Centric Network Experimentation
MigratedNodes
Physical Network
Isolation of Virtual Network
ResourcesVirtu
al Networks
Isolation of Virtual NetworkCommunication
Datain CS?
CS
Entryin PIT?
PIT
FIB
AddIface to
PIT entry
Add iface to PIT
InterestInterest Forwarding
ContentContent
forwarding Interestin PIT?Forward to
iface
ContentCache
Remove PIT entry
Drop
Yes
No
Path of Interest in CCN routing
Path of Content in CCN routing
Prefixin FIB?
CCN Routing Architecture
0 2 0 4 0 6 0 8 0 1 0 0 1 2 00
2
4
6
8
T im e ( s )
Th
ro
ug
htp
ut
(Mb
/s)
F IT S
k e e p s
f o r w a r d in g
X e n s to p s
fo r w a d in g
( ~ 5 0 s )
M ig r a t io n
( 3 0 s )
Virtual Network Isolation
0 1 0 2 0 3 0 4 0 5 0
2 0
4 0
6 0
8 0
1 0 0
T im e ( s )
CP
U U
sa
ge
(%
)
M a c h in e 1
M a c h in e 2
O v e r lo a d
C P U
B a la n c in g
D e te c t io n
0 10 20 30 40 500
50k
100k
150k
Time (s)
Ra
te (
By
tes
/s)
Malicious Flow
Legitimate Flow Block
0 2 0 4 0 6 00
2 0
4 0
6 0
8 0
1 0 0
Th
ro
ug
hp
ut
(Mb
/s)
T im e ( s )
M in im u m V N 2
( 4 0 M b /s )
M in im u m V N 1
( 2 0 M b /s )
O V S V N 2
O V S V N 1
F IT S V N 2
F IT S V N 1
S ta r t in g
C o n t r o l le r
( 3 0 s )
0 2 0 4 0 6 0 8 0 1 0 0 1 2 00
2 0
4 0
6 0
8 0
1 0 0
T im e ( s )
Cu
mu
lati
ve
Tra
ffic
(M
B)
C C N
T C P / IP
0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 8 00
2
4
6
8
1 0
U n lo a d T im e ( s )
Da
ta T
ra
ffic
(M
b)
3 .9 s
4 . 9 s
M o b i le C l ie n t
R e c o n n e c t io n t im e s
o f th e m o b i le c l ie n t
W ir e le s s N e tw o k 2
W ir e le s s
N e tw o r k 1
Network Controller
- Profiler- VM Orchestrator- POX Controller
Mirror Traffic to new IDPS VM3
Physical Node
Virtual NodesStart new
IDPS VM2
Detect IDPS VM Overload1
New IDPS VM
Overloaded IDPS VM
Physical Node CPUBefore Migrations
Physical Node CPUAfter Migrations
Beginning of VM migrations
Processing increase due to migration}
End of VM migrations
VM MigrationResource Isolation
Malicious Flow BlockingCPU Balancing
CCN MobilityTCP/IP vs. CCN