Search for: All records

In this work, we examine the challenges that service providers encounter in managing complex service function graphs, while controlling service delivery latency. Based on the lessons we learn, we outline the design of a new system, Invenio, that empowers providers to effectively place microservices without prior knowledge of service functionality. Invenio correlates user actions with the messages they trigger seen in network traces, and computes procedural affinity for communication among microservices for each user action. The procedural affinity values can then be used to make placement decisions to meet latency constraints of individual user actions. Preliminary experiments with the Clearwater IP Multimedia Subsystem demonstrate that even a single high-latency link can result in significant performance degradation, and placement with Invenio can increase user quality of experience. 

Caller-ID spoofing deceives the callee into believing a call is originating from another user. Spoofing has been strategically used in the now-pervasive telephone fraud, causing substantial monetary loss and sensitive data leakage. Unfortunately, caller-ID spoofing is feasible even when user authentication is in place. State-of-the-art solutions either exhibit high overhead or require extensive upgrades, and thus are unlikely to be deployed in the near future. In this paper, we seek an effective and efficient solution for 4G (and conceptually 5G) carrier networks to detect (and block) caller-ID spoofing. Specifically, we propose Nascent, Network-assisted caller ID authentication, to validate the caller-ID used during call setup which may not match the previously-authenticated ID. Nascent functionality is split between data-plane gateways and call control session functions. By leveraging existing communication interfaces between the two and authentication data already available at the gateways, Nascent only requires small, standard-compatible patches to the existing 4G infrastructure. We prototype and experimentally evaluate three variants of Nascent in traditional and Network Functions Virtualization (NFV) deployments. We demonstrate that Nascent significantly reduces overhead compared to the state-of-the-art, without sacrificing effectiveness.