Abstract: Abstract Network Intrusion Detection Systems (NIDS) and firewalls are the de facto solutions in the modern cloud to detect cyberattacks and minimize potential hazards for tenant networks. Most of the existing firewalls, perimeter security, and middlebox solutions are built on static rules/signatures or simple rule matching, making them inflexible, susceptible to bugs, and difficult to introduce new services. This paper aims to improve network management in OpenStack Clouds by taking advantage of the combination of software-defined networking (SDN), Network Function Virtualization (NFV), and machine learning/artificial intelligence (ML/AI) and for making networks more predictable, reliable, and secure. Artificial intelligence is being used to monitor the behavior of the virtual machines and applications running in the OpenStack SDN cloud so that when any issues or degradations are noticed, the decision can be quickly made on how to handle that issue, being able to analyze data in motion, starting at the edge. The OpenStackDP framework comprises lightweight monitoring, anomaly-detecting intelligent sensors embedded in the data plane, a threat analytics engine based on ML/AI algorithms running inside switch hardware/network co-processor, and defensive actions deployed as virtual network functions (VNFs). This network data plane-based architecture makes high-speed threat detection and rapid response possible and enables a much higher degree of security. We have built the framework with advanced streaming analytics technologies, algorithms, and machine learning to draw knowledge from this data that is in motion before the malicious traffic goes to the tenant compute nodes or long-term data store. Cloud providers and users will benefit from improved Quality-of-Services (QoS) and faster recovery from cyber-attacks and compromised switches. The multi-phase collaborative anomaly detection scheme demonstrates an accuracy of 99.81%, average latencies of 0.27 ms, and response speed within 9 s. The simulations and analysis show that the OpenStackDP network analytics framework substantially secures and outperforms prior SDN-based OpenStack solutions for Cloud architectures.

Abstract: The information age, the impact of Covid-19 and the fourth industrial revolution have accelerated the processes of digitization and virtualization of society. Implemented in multiple scientific disciplines and social spaces, technological advances are projected towards increasingly immersive and interconnected scenarios. The study carried out allowed the review and produce a qualitative synthesis of the possibilities of exploiting the metaverse for educational purposes. The research was carried out based on a qualitative review design, using a predefined protocol and the use of a priori categories for the analysis of emerging codes and categories. The main results suggest that the metaverse presents various benefits, services and tools that can be applied to improve the quality and access in education. It is appreciated that the construction of an educational metaverse may be possible in the future.

Abstract: As an emerging technology, blockchain (BC) has been playing a promising role in today's software-defined networking (SDN)-enabled Internet of Things (IoT) applications. Because of the salient feature of the network function virtualization (NFV) techniques, SDN can ensure an IoT system runs efficiently and smoothly in a cloud-driven ecosystem. When cloud-enabled systems encounter immense security and operational challenges caused mainly by third-party dependency, large-scale data communication, and maintenance, BC offers effective and robust data transfer solutions without incorporating intermediaries over the distributed network. With the increased SDN-BC convergence in the IoT domain, the underlying challenges and perspectives deserve proper attention methodically and structurally. From the motivation of addressing such issues, this study provides necessary insights to combine those for successful plug-and-play. Therefore, the study includes purposefully investigating current state-of-the-art to extract the research trends, future directions, and perspectives in this domain. This study provides a comprehensive survey of IoT, SDN, NFV, and BC-enabled emerging technologies. More importantly, the authors intelligently integrated the four different technologies—IoT, SDN, BC, and NFV based on characteristics, scopes, challenges, taxonomies, and tables in numerous areas. Initially, the authors introduce the SDN-IoT ecosystem in brief and address the features and applications. We took a close look at the SDN's overall taxonomy based on security, environment, scopes, and challenges. We also briefly describe the integration of SDN-IoT with the NFV ecosystems. Moreover, we review the prospect of BC technology from security perspectives, its extent, challenges of practical implementation, and the possible integration of IoT regarding smart applications. Finally, this study highlights several future directions based on these technologies.

Abstract: One of the most difficult parts of Network Function Virtualization (NFV) installations is security. The NFV environment is a large-scale, software-driven one with a variety of components. Network topologies and traffic flows are continuously and managed to change. Such complexity necessitates a comprehensive security framework that permits automatic and to manage changeable network conditions, a quick response is required with the least amount of manual involvement. This paper introduced many solutions for securing the NFV environment from attacks such as (Specter and DoS) that attack parts of this architecture based on some experiments. Applied NFV on an operating system of smartphones (Android). We tested some attacks on the device and then on some of the layers in the architecture. We obtain new and obvious results, by comparison, to traditional and updated NFV architecture. Also, update the NFV architecture using vCenter/ESX and Hyper-V being two important terms in security After adding the necessary algorithms to protect the NFV architecture, we noticed about 128 hours to hack a 1.4 megabyte (WinRAR) file, while the same file and the same size needed 126 hours to reach the root without the algorithms used to protect the architecture.

Abstract: With the development of the sixth-generation (6G) network, virtualization remains critical. The key to future virtualization lies in the service provisioning capability of the network and the service requirements of end users, which will lead to virtualization of the network and end users. Therefore, this paper proposes a holistic network virtualization architecture that integrates digital twin (DT) and network slicing to achieve the network management of service-centric and user-centric. With the explosive growth of latency-sensitive and computing-intensive in-vehicle applications, limited in-vehicle computing resources are difficult to meet diverse network requirements, and vehicle edge computing (VEC) has become a potential solution. However, computation offloading may face the dilemma of excessive upload traffic and unbearable upload time. Therefore, in order to minimize the overall response time (ORT) of the system, this paper proposes a new environment aware offloading mechanism (EAOM) based on the integrated sensing and communication system (ISAC) to solve the joint optimization problem of task scheduling and resource allocation. Considering the mobility of vehicles and the time-varying of environment, the optimization problem is modeled as a Markov decision process, and an improved algorithm combining Shapley-Q value and deep deterministic policy gradient (DDPG) is used to solve it. The simulation results indicate the effectiveness and superiority of the scheme proposed in our work.

Abstract: With the growing demand for openness, scalability, and granularity, mobile network function virtualization (NFV) has emerged as a key enabler for the most of mobile network operators. NFV decouples network functions from hardware devices. This decoupling allows network services, called Virtualized Network Functions (VNFs), to be hosted on commodity hardware which simplifies and enhances service deployment and management for providers, improves flexibility, and leads to efficient and scalable resource usage, and lower costs. The proper placement of VNFs in the hosting infrastructures is one of the main technical challenges. This placement significantly influences the network’s performance, reliability, and operating costs. The VNF placement is NP-Hard. Therefore, there is a need for placement methods that can cope with the complexity of the problem and find appropriate solutions in a reasonable duration. The primary purpose of this study is to provide a taxonomy of optimization techniques used to tackle the VNF placement problems. We classify the studied papers based on performance metrics, methods, algorithms, and environment. Virtualization is not limited to simply replacing physical machines with virtual machines or VNFs, but may also include micro-services, containers, and cloud-native systems. In this context, the second part of our article focuses on the placement of Containers Network Functions (CNFs) in edge/fog computing. Many issues have been considered as traffic congestion, resource utilization, energy consumption, performance degradation, etc. For each matter, various solutions are proposed through different surveys and research papers in which each one addresses the placement problem in a specific manner by suggesting single objective or multi-objective methods based on different types of algorithms such as heuristic, meta-heuristic, and machine learning algorithms.

Abstract: The fast growth of the cloud computing technology has led to immense development in the public and private sectors. Cloud computing provides a high level of virtualization, massive scalability, multitenancy and elasticity. This has enabled organizations, academia, government departments and the public to move forward with this technology. However, they are unable to assuredly place their information over the clouds due to many security threats. Cloud security plays a vital role to establish a confidence between the cloud service providers, consumers and the multi-users to maintain the security levels of their data. This paper focuses the survey for cloud security issues, existing authentication schemes, data storage technologies and offers a glimpse of Artificial Neural Networks (ANNs) applied to the cloud security.

Abstract: Cloud-native computing principles such as virtualization and orchestration are key to transferring to the promising paradigm of edge computing. Challenges of containerization, operative models and scarce availability of established tools make a thorough review indispensable. Therefore, the authors have described the practical methods and tools found in the literature as well as in current community-led development projects, and have thoroughly exposed the future directions of the field. Container virtualization and its orchestration through Kubernetes have dominated the cloud computing domain, while major efforts have been recently recorded focused on the adaptation of these technologies to the edge. Such initiatives have addressed either the reduction of container engines and the development of specific tailored operating systems or the development of smaller K8s distributions and edge-focused adaptations (such as KubeEdge). Finally, new workload virtualization approaches, such as WebAssembly modules together with the joint orchestration of these heterogeneous workloads, seem to be the topics to pay attention to in the short to medium term.

Abstract: Containers improve the efficiency in application deployment and thus have been widely utilised on Cloud and lately in High Performance Computing (HPC) environments. Containers encapsulate complex programs with their dependencies in isolated environments making applications more compatible and portable. Often HPC systems have higher security levels compared to Cloud systems, which restrict users' ability to customise environments. Therefore, containers on HPC need to include a heavy package of libraries making their size relatively large. These libraries usually are specifically optimised for the hardware, which compromises portability of containers. Per contra, a Cloud container has smaller volume and is more portable. Furthermore, containers would benefit from orchestrators that facilitate deployment and management of containers at a large scale. Cloud systems in practice usually incorporate sophisticated container orchestration mechanisms as opposed to HPC systems. Nevertheless, some solutions to enable container orchestration on HPC systems have been proposed in state of the art. This paper gives a survey and taxonomy of efforts in both containerisation and its orchestration strategies on HPC systems. It highlights differences thereof between Cloud and HPC. Lastly, challenges are discussed and the potentials for research and engineering are envisioned.

Abstract: Fog computing is a paradigm that allows the provisioning of computational resources and services at the edge of the network, closer to the end devices and users, complementing cloud computing. The heterogeneity and large number of devices are challenges to obtaining optimized resource allocation in this environment. Over time, some surveys have been presented on resource management in fog computing. However, they now lack a broader and deeper view about this subject, considering the recent publications. This article presents a systematic literature review with a focus on resource allocation for fog computing, and in a more comprehensive way than the existing works. The survey is based on 108 selected publications from 2012 to 2022. The analysis have exposed their main techniques, metrics used, evaluation tools, virtualization methods, architecture, and domains where the proposed solutions were applied. The results show an updated and comprehensive view about resource allocation in fog computing. The main challenges and open research questions are discussed, and a new fog computing resource management cycle is proposed.

Abstract: This article investigates and discusses challenges in the telecommunication field from multiple perspectives, both academic and industry sides are catered for, surveying the main points of technological transformation toward edge-cloud continuum from the view of a telco operator to show the complete picture, including the evolution of cloud-native computing, Software-Defined Networking (SDN), and network automation platforms. The cultural shift in software development and management with DevOps enabled the development of significant technologies in the telecommunication world, including network equipment, application development, and system orchestration. The effect of the aforementioned cultural shift to the application area, especially from the IoT point of view, is investigated. The enormous change in service diversity and delivery capabilities to mass devices are also discussed. During the last two decades, desktop and server virtualization has played an active role in the Information Technology (IT) world. With the use of OpenFlow, SDN, and Network Functions Virtualization (NFV), the network revolution has got underway. The shift from monolithic application development and deployment to micro-services changed the whole picture. On the other hand, the data centers evolved in several generations where the control plane cannot cope with all the networks without an intelligent decision-making process, benefiting from the AI/ML techniques. AI also enables operators to forecast demand more accurately, anticipate network load, and adjust capacity and throughput automatically. Going one step further, zero-touch networking and service management (ZSM) is proposed to get high-level human intents to generate a low-level configuration for network elements with validated results, minimizing the ratio of faults caused by human intervention. Harmonizing all signs of progress in different communication technologies enabled the use of edge computing successfully. Low-powered (from both energy and processing perspectives) IoT networks have disrupted the customer and end-point demands within the sector, as such paved the path towards devising the edge computing concept, which finalized the whole picture of the edge-cloud continuum.

Abstract: DRAM is a key driver of performance and cost in public cloud servers. At the same time, a significant amount of DRAM is underutilized due to fragmented use across servers. Emerging interconnects such as CXL offer a path towards improving utilization through memory pooling. However, the design space of CXL-based memory systems is large, with key questions around the size, reach, and topology of the memory pool. At the same time, using pools requires navigating complex design constraints around performance, virtualization, and management. This paper discusses why cloud providers should deploy CXL memory pools, key design constraints, and observations in designing towards practical deployment. We identify configuration examples with significant positive return of investment.

Abstract: The internet of things (IoT) entails all devices that can get onto the internet. This is mainly because of the technological advancement. This exponential growth of IoT increases on the dense nodes with a huge data volume on the network that affect the collision and network congestion probabilities. This chapter presents a comprehensive description of the central and supporting innovations that are used to make cities smarter, focusing on the fifth generation (5G) IoT paradigm from a software-based network viewpoint. Furthermore, the main initiatives of international significance are discussed. Also, the chapter presents software-defined networking (SDN), IoT, and network function virtualization (NFV) challenges as it relates to the user privacy and security, IoT security, energy consumption, integration of IoT with subsystems, and architecture design. A segment of the top five future trends that are made and will make cities smarter is conclusively included.

Abstract: Cloud Computing is a paradigm allowing access to physical and application resources online via the Internet. These resources are virtualized using virtualization software to make them available to users as a service. Virtual machines (VMs) migration technique provided by virtualization technology impacts the performance of the cloud. It is a significant concern in this environment. When allocating resources, the distribution of VMs is unbalanced, and their movement from one server to another can increase energy consumption and network overhead, necessitating an improvement in VM migrations. This paper addresses the VMs migration issue by applying a machine learning model to reduce the VMs migration number and energy consumption. The proposed algorithm (named VMLM) is based on improving VM’s migration process and selection. It has been benchmarked with JVCMMD and EVSP solutions. The simulation results demonstrate the efficiency of our proposal, which includes two phases the machine learning preparing stage and the VMs migration stage.

Abstract: With an effective service provisioning strategy that relies on Network Function Virtualization (NFV), cloud-edge computing can enhance the Quality of Service (QoS) in Elastic Optical Networks (EONs). NFV emerges as a promising technology to provide flexible services by orchestrating different virtual Network Function Chains (vNFCs). However, the vNFC deployment process is complex and involves two stages, i.e., allocating diverse Virtual Network Functions (VNFs) onto different physical nodes and routing suitable paths for Virtual Links (VLs). How to coordinate the above two stages to deploy vNFCs efficiently in EONs for cloud-edge computing is extremely important. Previous vNFC deployment algorithms are heuristic policies that disregard heterogeneous characteristics in cloud-edge computing. Recently, single-agent Deep Reinforcement Learning (DRL) can provide adaptive allocation schemes by perceptual learning from the environment. Whereas, its performance is not as good as expected since it makes the process of VFNs deployment and VLs deployment independent. Therefore, we propose a Double-Agent Reinforced vNFC Deployment algorithm (DARD) to integrate the VNFs and VLs deployment stages by two cooperative DRL agents. Additionally, we formulate the vNFC deployment problem as a Mixed Integer Linear Programming (MILP) model to achieve optimal solutions. The performance of DARD is evaluated in both static and dynamic scenarios. Simulation results show that DARD can achieve approaching performance with the MILP model. Moreover, it performs better than the other five state-of-art algorithms.

Abstract: Abstract These days, colleges and universities have accumulated many resources in teaching and scientific research due to the acceleration of education information in China. However, many teaching resources are in short supply due to a lack of standardized resource construction and the closeness of management methods. Physical education significant teaching resources in Chinese colleges and universities must be utilized. If not integrated, it would seriously restrict the development of physical education in China. However, the traditional management of physical education teaching resources tends to worsen the data management, which is easy to cause the loss of physical education teaching resources data. With the development of the Internet of Things (IoT), cloud computing, and other technologies, intelligent edge cloud computing can ensure the integrity of physical education teaching resources and improve utilization. In this paper, cloud computing is used to manage physical education teaching resources in colleges and universities, and virtualization technology is used to research physical education teaching resources. Moreover, a resource scheduling method is proposed to ensure equal load distribution across various edge resources. The proposed strategy also provides increased utilization levels for computing resources. The comparison between the sports teaching resources under cloud computing and traditional sports teaching resources found that cloud resource management's sharing degree of teaching equipment has increased by 20.6% compared with conventional resource management. The sharing degree of courses has increased by 16.5%, and the utilization rate of sports venues has increased by 27.1% compared with traditional resource management. The utilization rate of sports film and television materials increased by 30.7%. Teachers and students benefit significantly from college and university teaching resources in the context of cloud computing. It demonstrates how cloud computing may assist colleges and universities in managing and integrating their teaching resources more effectively. The management and integration of college sports resources through cloud computing can promote the mutual exchange of college resources and have practical significance for the development of college education.

Abstract: The irruption of the Internet of Things (IoT) has attracted the interest of both the industry and academia for their application in intensive domains, such as healthcare. The strict Quality of Service (QoS) requirements of the next generation of intensive IoT applications require the QoS to be optimized considering the interplay of three key dimensions: 1) computing; 2) networking; and 3) application. This optimization requirement motivates the use of paradigms that provide virtualization, flexibility, and programmability to IoT applications. In the computing dimension, paradigms, such as edge or fog computing, software-defined networks in the networking dimension, along with micro-services architectures for the application dimension, are suitable for QoS-strict IoT scenarios. In this work, we present a framework, named Next-gen IoT Optimization (NIoTO), that considers these three dimensions and their interplay to place microservices and networking resources over an infrastructure, optimizing the deployment in terms of average response time and deployment cost. The evaluation of NIoTO in a healthcare case study reveals a response time speed up of up to 5.11 and a reduction in cost of up to 9% with respect to other state-of-the-art techniques.

Abstract: Network slicing allows heterogeneous applications can be launched across different domain using virtualized resources. The virtualized resources are created on the physical infrastructure. The orchestrator is essential for coordination of network slice management. The overhead in the slice orchestrator is reduced by distributed approach. The slice template act as a design specification template for the creation of network slices. This template can be predicted using federated learning, in which local models are trained with the generated data and global model is trained with local model parameters. Then the global parameters are updated in the local model for further learning. The federated model uses the Software Defined Networking (SDN) capability to learn the local model data distribution and hence enhance global SDN federated controller prediction accuracy for network slices. This process can be automated with the help of slice template with the predicted pattern. The parameters of the slice template are directly proportional to the performance of the slice orchestrator and prediction of future slice demands. The edge devices with its local model communicate with the global SDN federated model to satisfy the requirement of dynamic network slicing. The request on-demand services can be provided as virtual network function using network function virtualization.The optimal resource allocation for the requested slice can be done with statistical modeling of observed traffic and autoscaling can be carried out. Experimental studies reveal that the proposed network slicing with federated approach minimal response time with maximal orchestrator scalability.

Abstract: Context. WebAssembly (WASM) is a low-level bytecode format that is gaining traction among Internet of Things (IoT) devices. Because of IoT devices’ resources limitations, using WASM is becoming a popular technique for virtualization on IoT devices. However, it is unclear if the promises of WASM regarding its efficient use of energy and performance gains hold true. Goal. This study aims to determine how different source programming languages and runtime environments affect the energy consumption and performance of WASM binaries. Method. We perform a controlled experiment where we compile three benchmarking algorithms from four different programming languages (i.e., C, Rust, Go, and JavaScript) to WASM and run them using two different WASM runtimes on a Raspberry Pi 3B. Results. The source programming language significantly influences the performance and energy consumption of WASM binaries. We did not find evidence of the impact of the runtime environment. However, certain combinations of source programming language and runtime environment leads to a significant improvement of its energy consumption and performance. Conclusions. IoT developers should choose the source programming language wisely to benefit from better performance and a reduction in energy consumption. Specifically, Javy-compiled JavaScript should be avoided, while C and Rust are better options. We found no conclusive results for the choice of the WASM runtime.

Abstract: Cloud Computing is one of the revolutionized paradigms in the IT industry, which can provide wide variety of services pay-as-you go model to all the customers in different domains like IT industry, Health, education, entertainment etc. These services are provisioned to the user based on the SLA between cloud user and provider virtually. Hypervisors are used to enable the virtualization and to spin up VMs in the cloud paradigm. There are different levels at which virtualization can be implemented, In this book chapter, we are discussing about the overview of cloud computing, different service models, deployment models and different virtualization techniques used for cloud paradigm. For effectiveness of any cloud computing paradigm, a task scheduler is necessary to get seamless services from cloud paradigm. Therefore, in this chapter we have proposed a task scheduling algorithm which uses priorities of tasks and VMs. For this algorithm we have used a nature inspired algorithm chaotic social spider algorithm to model task scheduling algorithm and simulated on CloudSim simulator. Finally, it was compared with existing algorithms PSO and CS and proposed approach is outperformed over existing algorithms with respect to makespan and energy consumption.

Abstract: The Internet of Things (IoT) has undergone rapid popularization, reaching a wide range of application domains, such as manufactures. Hence, more and more heterogeneous IoT devices have been deployed in a variety of industrial environments, progressively becoming common objects to the supply chain. The physical infrastructure of manufacturing systems has become complex and requires efficient and dynamic solutions for managing network performance and security. Network Function Virtualization (NFV) has attracted attention when the intention is to respond to security threats on Industrial IoT (IIoT). Few works use NFV to detect and mitigate security threats on IIoT networks, but even less consider performance indicators of the network context when placing the Virtual Network Functions (VNFs). Thus, this work introduces a Machine Learning (ML) approach to place security VNFs based on NFV performance to mitigate Distributed Denial of Service (DDoS) attacks on IIoT. Experiments considering a new composed data set and diverse ML techniques show ML classification as an alternative for IIoT scenarios, achieving, according to the best-performing technique, 99.40% of accuracy in relation to the ideal placement. To facilitate the reproduction of the work, all the code and data produced are publicly available.