Network Slicing (NS) is an essential technique extensively used in 5G networks computing strategies, mobile edge computing, mobile cloud computing, and verticals like the Internet of Vehicles and industrial IoT, among others. NS is foreseen as one of the leading enablers for 6G futuristic and highly demanding applications since it allows the optimization and customization of scarce and disputed resources among dynamic, demanding clients with highly distinct application requirements. Various standardization organizations, like 3GPP's proposal for new generation networks and state-of-the-art 5G/6G research projects, are proposing new NS architectures. However, new NS architectures have to deal with an extensive range of requirements that inherently result in having NS architecture proposals typically fulfilling the needs of specific sets of domains with commonalities. The Slicing Future Internet Infrastructures (SFI2) architecture proposal explores the gap resulting from the diversity of NS architectures target domains by proposing a new NS reference architecture with a defined focus on integrating experimental networks and enhancing the NS architecture with Machine Learning (ML) native optimizations, energy-efficient slicing, and slicing-tailored security functionalities. The SFI2 architectural main contribution includes the utilization of the slice-as-a-service paradigm for endto-end orchestration of resources across multi-domains and multi-technology experimental networks. In addition, the SFI2 reference architecture instantiations will enhance the multi-domain and multi-technology integrated experimental network deployment with native ML optimization, energy-efficient aware slicing, and slicing-tailored security functionalities for the practical domain.
Resumo-Este artigo propõe um módulo para defesa de ataques de negação de serviço na camada de aplicação. O móduló e executado em um servidor Web Apache e apresenta vantagens entre outros existentes na literatura, além de resultados similares a outra estratégia utilizada para o mesmo fim, mas que opera como um proxy. Nos experimentos realizados mostrou-se que o módulo proposto apresenta bons resultados em termos de disponibilidade, TTS (time to service), consumo de memória e CPU da máquina em que está sendo executado.Palavras-Chave-Ataques de negação de serviço, Segurança na Internet, Redes de computadores.Abstract-This paper proposes a module that can be used as a defense against applications denial of service attacks. This module works in an Apache (Web) server and presents advantages when compared with others proposals in literature, as well as similar performance to another strategy that runs as a proxy. The experimental results show that the proposed module presents appropriated values for availability, TTS (time to service), and memory and CPU consumption.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.