Change search
Link to record
Permanent link

Direct link
BETA
Ilie, Dragos
Publications (10 of 30) Show all publications
Mehri, V. A. A., Ilie, D. & Tutschku, K. (2019). Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab. In: : . Paper presented at Workshop on Decentralized IoT Systems and Security (DISS) 24 February 2019, San Diego, CA,.
Open this publication in new window or tab >>Designing a Secure IoT System Architecture from a Virtual Premise for a Collaborative AI Lab
2019 (English)Conference paper, Published paper (Refereed)
Abstract [en]

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user, host, and code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments. 

Keywords
IoT, AI, Security, Authentication, Collaboration
National Category
Telecommunications
Identifiers
urn:nbn:se:bth-17550 (URN)10.14722/diss.2019.23006 (DOI)1-891562-56-8 (ISBN)
Conference
Workshop on Decentralized IoT Systems and Security (DISS) 24 February 2019, San Diego, CA,
Funder
EU, Horizon 2020, 732204
Available from: 2019-01-30 Created: 2019-01-30 Last updated: 2019-08-09Bibliographically approved
Bergenholtz, E., Moss, A., Ilie, D. & Casalicchio, E. (2019). Finding a needle in a haystack -  A comparative study of IPv6 scanning methods. In: 6th IEEE Int. Symposium on Networks, Computer and Communication: . Paper presented at ISNCC 2019. Istanbul, Turkey
Open this publication in new window or tab >>Finding a needle in a haystack -  A comparative study of IPv6 scanning methods
2019 (English)In: 6th IEEE Int. Symposium on Networks, Computer and Communication, Istanbul, Turkey, 2019Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
Istanbul, Turkey: , 2019
National Category
Computer Systems
Identifiers
urn:nbn:se:bth-18901 (URN)
Conference
ISNCC 2019
Available from: 2019-11-12 Created: 2019-11-12 Last updated: 2019-11-12
Tkachuk, R.-V., Ilie, D. & Tutschku, K. (2019). Orchestrating Future Service Chains in the Next Generation of Clouds. In: Proceedings of SNCNW 2019: The 15th Swedish National Computer Networking Workshop. Paper presented at SNCNW 2019 (pp. 18-22). Luleå
Open this publication in new window or tab >>Orchestrating Future Service Chains in the Next Generation of Clouds
2019 (English)In: Proceedings of SNCNW 2019: The 15th Swedish National Computer Networking Workshop, Luleå, 2019, p. 18-22Conference paper, Published paper (Refereed)
Abstract [en]

Service Chains have developed into an important concept in service provisioning in today’s and future Clouds. Cloud systems, e.g., Amazon Web Services (AWS), permit the implementation and deployment of new applications, services and service chains rapidly and flexibly. They employ the idea of Infrastructure as Code (IaC), which is the process of managing and provisioning computing infrastructure and its configuration through machine-processable definition files.

In this paper, we first detail future service chains with particular focus on Network Function Virtualization (NFV) and machine learning in AI. Afterwards, we analyze and summarize the capabilities of today’s IaC tools for orchestrating Cloud infrastructures and service chains. We compare the functionality of the major five IaC tools: Puppet, Chef, SaltStack, Ansible, and Terraform. In addition, we demonstrate how to analyze the functional capabilities of one of the tools. Finally, we give an outlook on future research issues on using IaC tools across multiple operators, data center domains, and different stockholders that collaborate on service chains.

Place, publisher, year, edition, pages
Luleå: , 2019
Keywords
Cloud Infrastructures, Infrastructure as Code, Network Function Virtualization, Network Service Chains
National Category
Computer Systems
Identifiers
urn:nbn:se:bth-18785 (URN)
Conference
SNCNW 2019
Available from: 2019-10-25 Created: 2019-10-25 Last updated: 2019-10-29
Popescu, A., Yao, Y. & Ilie, D. (2018). Video Distribution Networks: Architectures and System Requirements. In: Adrian Popescu (Ed.), Greening Video Distribution Networks: Energy-Efficient Internet Video Delivery. Springer
Open this publication in new window or tab >>Video Distribution Networks: Architectures and System Requirements
2018 (English)In: Greening Video Distribution Networks: Energy-Efficient Internet Video Delivery / [ed] Adrian Popescu, Springer, 2018Chapter in book (Refereed)
Abstract [en]

The creation of video content and its distribution over the Internet Protocol (IP) are sophisticated processes that follow a chain model from the acquisition of the video source, production and packaging, transport, and finally distribution to viewers. Video distribution networks refer to several parts, namely content contribution, primary distribution, secondary distribution, and video consumers. The focus of the chapter is on the presentation of video distribution systems over IP, categories of architectural solutions as well as a short presentation of several important applications associated with video distribution networks.

Place, publisher, year, edition, pages
Springer, 2018
Series
Computer Communications and Networks, ISSN 1617-7975
National Category
Telecommunications
Identifiers
urn:nbn:se:bth-17223 (URN)10.1007/978-3-319-71718-0_1 (DOI)9783319717180 (ISBN)9783319717173 (ISBN)
Available from: 2018-11-05 Created: 2018-11-05 Last updated: 2018-11-07Bibliographically approved
Ilie, D. & Datta, V. V. (2016). On Designing a Cost-Aware Virtual CDN for the Federated Cloud. In: 2016 INTERNATIONAL CONFERENCE ON COMMUNICATIONS (COMM 2016): . Paper presented at IEEE 11th International Conference on Communications (COMM), JUN 09-11, 2016, Bucharest, ROMANIA (pp. 255-260). IEEE
Open this publication in new window or tab >>On Designing a Cost-Aware Virtual CDN for the Federated Cloud
2016 (English)In: 2016 INTERNATIONAL CONFERENCE ON COMMUNICATIONS (COMM 2016), IEEE, 2016, p. 255-260Conference paper, Published paper (Refereed)
Abstract [en]

We have developed a prototype for a cost-aware, cloud-based content delivery network (CDN) suitable for a federated cloud scenario. The virtual CDN controller spawns and releases virtual caching proxies according to variations in user demand. A cost-based heuristic algorithm is used for selecting data centers where proxies are spawned. The functionality and performance of our virtual CDN prototype were evaluated in the XIFI federated OpenStack cloud. Initial results indicate that the virtual CDN can offer reliable and prompt service. Multimedia providers can use this virtual CDN solution to regulate expenses and have greater freedom in choosing the placement of virtual proxies as well as more flexibility in configuring the hardware resources available to the proxy (e.g., CPU cores, memory and storage).

Place, publisher, year, edition, pages
IEEE, 2016
Series
International Conference on Communications (ICC)
Keywords
cloud, CDN, OpenStack, proxy, virtualization
National Category
Telecommunications Communication Systems
Identifiers
urn:nbn:se:bth-13303 (URN)000383221900054 ()978-1-4673-8197-0 (ISBN)
Conference
IEEE 11th International Conference on Communications (COMM), JUN 09-11, 2016, Bucharest, ROMANIA
Available from: 2016-11-01 Created: 2016-11-01 Last updated: 2016-11-08Bibliographically approved
Forsman, M., Glad, A., Lundberg, L. & Ilie, D. (2015). Algorithms for Automated Live Migration of Virtual Machines. Journal of Systems and Software, 101, 110-126
Open this publication in new window or tab >>Algorithms for Automated Live Migration of Virtual Machines
2015 (English)In: Journal of Systems and Software, ISSN 0164-1212, E-ISSN 1873-1228, Vol. 101, p. 110-126Article in journal (Refereed) Published
Abstract [en]

We present two strategies to balance the load in a system with multiple virtual machines (VMs) through automated live migration. When the push strategy is used, overloaded hosts try to migrate workload to less loaded nodes. On the other hand, when the pull strategy is employed, the light-loaded hosts take the initiative to offload overloaded nodes. The performance of the proposed strategies was evaluated through simulations. We have discovered that the strategies complement each other, in the sense that each strategy comes out as “best” under different types of workload. For example, the pull strategy is able to quickly re-distribute the load of the system when the load is in the range low-to-medium, while the push strategy is faster when the load is medium-to-high. Our evaluation shows that when adding or removing a large number of virtual machines in the system, the “best” strategy can re-balance the system in 4–15 minutes.

Place, publisher, year, edition, pages
Elsevier (ScienceDirect), 2015
Keywords
live migration, virtualization, load balancing
National Category
Computer Sciences
Identifiers
urn:nbn:se:bth-6331 (URN)10.1016/j.jss.2014.11.044 (DOI)000349507000009 ()oai:bth.se:forskinfoA5D9EA45DBF8369BC1257DAF007951D3 (Local ID)oai:bth.se:forskinfoA5D9EA45DBF8369BC1257DAF007951D3 (Archive number)oai:bth.se:forskinfoA5D9EA45DBF8369BC1257DAF007951D3 (OAI)
Available from: 2015-05-26 Created: 2014-12-15 Last updated: 2018-01-11Bibliographically approved
Lundberg, L., Grahn, H., Ilie, D. & Melander, C. (2015). Cache Support in a High Performance Fault-Tolerant Distributed Storage System for Cloud and Big Data. In: 2015 IEEE 29TH INTERNATIONAL PARALLEL AND DISTRIBUTED PROCESSING SYMPOSIUM WORKSHOPS: . Paper presented at IEEE International Parallel and Distributed Processing Symposium Workshop (IPDPSW), Hyderabad (pp. 537-546). IEEE Computer Society
Open this publication in new window or tab >>Cache Support in a High Performance Fault-Tolerant Distributed Storage System for Cloud and Big Data
2015 (English)In: 2015 IEEE 29TH INTERNATIONAL PARALLEL AND DISTRIBUTED PROCESSING SYMPOSIUM WORKSHOPS, IEEE Computer Society, 2015, p. 537-546Conference paper, Published paper (Refereed)
Abstract [en]

Due to the trends towards Big Data and Cloud Computing, one would like to provide large storage systems that are accessible by many servers. A shared storage can, however, become a performance bottleneck and a single-point of failure. Distributed storage systems provide a shared storage to the outside world, but internally they consist of a network of servers and disks, thus avoiding the performance bottleneck and single-point of failure problems. We introduce a cache in a distributed storage system. The cache system must be fault tolerant so that no data is lost in case of a hardware failure. This requirement excludes the use of the common write-invalidate cache consistency protocols. The cache is implemented and evaluated in two steps. The first step focuses on design decisions that improve the performance when only one server uses the same file. In the second step we extend the cache with features that focus on the case when more than one server access the same file. The cache improves the throughput significantly compared to having no cache. The two-step evaluation approach makes it possible to quantify how different design decisions affect the performance of different use cases.

Place, publisher, year, edition, pages
IEEE Computer Society, 2015
Keywords
big data; cloud; distributed storage systems; cache; performance evaluation
National Category
Computer Engineering
Identifiers
urn:nbn:se:bth-11411 (URN)10.1109/IPDPSW.2015.65 (DOI)000380446100062 ()978-1-4673-9739-1 (ISBN)
Conference
IEEE International Parallel and Distributed Processing Symposium Workshop (IPDPSW), Hyderabad
Projects
Bigdata@BTH - Scalable resource-efficient systems for big data analytics
Funder
Knowledge Foundation
Available from: 2016-01-14 Created: 2016-01-14 Last updated: 2018-02-02Bibliographically approved
Kassahun, S., Demessie, A. & Ilie, D. (2014). A PMIPv6 Approach to Maintain Network Connectivity During VM Live Migration Over the Internet. In: 2014 IEEE 3RD INTERNATIONAL CONFERENCE ON CLOUD NETWORKING (CLOUDNET): . Paper presented at International Conference on Cloud Networking (CloudNet),Luxembourg. Luxembourg: IEEE
Open this publication in new window or tab >>A PMIPv6 Approach to Maintain Network Connectivity During VM Live Migration Over the Internet
2014 (English)In: 2014 IEEE 3RD INTERNATIONAL CONFERENCE ON CLOUD NETWORKING (CLOUDNET), Luxembourg: IEEE , 2014Conference paper, Published paper (Refereed)
Abstract [en]

We present a live migration solution based on Proxy Mobile IPv6 (PMIPv6), a light-weight mobility protocol standardized by IETF. PMIPv6 handles node mobility without requiring any support from the moving nodes. In addition, PMIPv6 works with IPv4, IPv6 and dual-stack nodes. Our results from a real testbed show that network connectivity is successfully maintained with little signaling overhead and with short virtual machine (VM) downtime. As far as we know, this is the first time PMIPv6 is used to enable live migration beyond the scope of a LAN.

Place, publisher, year, edition, pages
Luxembourg: IEEE, 2014
Series
IEEE International Conference on Cloud Networking
Keywords
Protocols, computer network management, mobile nodes
National Category
Computer Sciences
Identifiers
urn:nbn:se:bth-6480 (URN)10.1109/CloudNet.2014.6968970 (DOI)000411486400011 ()oai:bth.se:forskinfo8EF7849F9F76227CC1257DAA005FE152 (Local ID)978-1-4799-2730-2 (ISBN)oai:bth.se:forskinfo8EF7849F9F76227CC1257DAA005FE152 (Archive number)oai:bth.se:forskinfo8EF7849F9F76227CC1257DAA005FE152 (OAI)
Conference
International Conference on Cloud Networking (CloudNet),Luxembourg
Available from: 2014-12-17 Created: 2014-12-10 Last updated: 2018-01-16Bibliographically approved
Mugga, C., Sun, D. & Ilie, D. (2014). Performance Comparison of IPv6 Multihoming and Mobility Protocols. Paper presented at Thirteenth International Conference on Networks (ICN). Paper presented at Thirteenth International Conference on Networks (ICN). Nice, France: IARIA XPS Press
Open this publication in new window or tab >>Performance Comparison of IPv6 Multihoming and Mobility Protocols
2014 (English)Conference paper, Published paper (Refereed) Published
Abstract [en]

Multihoming and mobility protocols enable computing devices to stay always best connected (ABC) to the Internet. The focus of our study is on handover latency and rehoming time required by such protocols. We used simulations in OMNeT++ to study the performance of the following protocols that support multihoming, mobility or a combination thereof: Mobile IPv6 (MIPv6), Multiple Care-of Address Registration (MCoA), Stream Control Transmission Protocol (SCTP), and Host Identity Proto- col (HIP). Our results indicate that HIP shows best performance in all scenarios considered.

Place, publisher, year, edition, pages
Nice, France: IARIA XPS Press, 2014
Keywords
IPv6, mobility. multihoming, performance
National Category
Computer Sciences
Identifiers
urn:nbn:se:bth-6746 (URN)oai:bth.se:forskinfo1A259ABB25BA05D3C1257CA7003B0D6D (Local ID)978-1-61208-318-6 (ISBN)oai:bth.se:forskinfo1A259ABB25BA05D3C1257CA7003B0D6D (Archive number)oai:bth.se:forskinfo1A259ABB25BA05D3C1257CA7003B0D6D (OAI)
Conference
Thirteenth International Conference on Networks (ICN)
Available from: 2014-04-04 Created: 2014-03-26 Last updated: 2018-01-11Bibliographically approved
Shirinbab, S., Lundberg, L. & Ilie, D. (2014). Performance Comparison of KVM, VMware and XenServer using a Large Telecommunication Application. Paper presented at Cloud Computing. Paper presented at Cloud Computing. Venice, Italy: IARIA XPS Press
Open this publication in new window or tab >>Performance Comparison of KVM, VMware and XenServer using a Large Telecommunication Application
2014 (English)Conference paper, Published paper (Refereed) Published
Abstract [en]

One of the most important technologies in cloud computing is virtualization. This paper presents the results from a performance comparison of three well-known virtualization hypervisors: KVM, VMware and XenServer. In this study, we measure performance in terms of CPU utilization, disk utilization and response time of a large industrial real-time application. The application is running inside a virtual machine (VM) controlled by the KVM, VMware and XenServer hypervisors, respectively. Furthermore, we compare the three hypervisors based on downtime and total migration time during live migration. The results show that the Xen hypervisor results in higher CPU utilization and thus also lower maximum performance compared to VMware and KVM. However, VMware causes more write operations to disk than KVM and Xen, and Xen causes less downtime than KVM and VMware during live migration. This means that no single hypervisor has the best performance for all aspects considered here.

Place, publisher, year, edition, pages
Venice, Italy: IARIA XPS Press, 2014
Keywords
Cloud Computing, KVM, Live Migration, VMware vMotion, XenMotion
National Category
Computer Sciences
Identifiers
urn:nbn:se:bth-6482 (URN)oai:bth.se:forskinfoC6FA88A0BAE3E5B5C1257DAA005E74D0 (Local ID)978-1-61208-338-4 (ISBN)oai:bth.se:forskinfoC6FA88A0BAE3E5B5C1257DAA005E74D0 (Archive number)oai:bth.se:forskinfoC6FA88A0BAE3E5B5C1257DAA005E74D0 (OAI)
Conference
Cloud Computing
Available from: 2014-12-11 Created: 2014-12-10 Last updated: 2018-11-06Bibliographically approved
Organisations

Search in DiVA

Show all publications