HotEdge '20 Workshop Program

Deep Convolutional Neural Networks (CNNs) have achieved remarkable progress in the field of face recognition (FR). However, developing a robust FR system in the real-world is still challenging due to vast variance of illumination, visual quality, and camera angles in different scenarios. These factors may result in significant accuracy drop, if the pretrained model doesn’t have perfect generalization ability. To mitigate this issue, we present a solution named SAFACE, which helps to improve FR accuracy through unsupervised online-learning in an edge computing system. Specifically, we propose a novel scenario-aware FR flow, then decouple the flow into different phases and map each of them to different levels of a three-layer edge computing system. For evaluation, we implement a prototype and demonstrate its advantages in both improving recognition accuracy and reducing processing latency.

Driven by the Internet-of-Things (IoT) and 5G, the growing size and complexity of smart home networks leads to an increased attack surface. Smart home IoT devices are typically online 24/7, have out-of-date firmware, are not regularly patched against the latest security vulnerabilities, and often collect sensitive data and send it to the cloud. In this work we propose microsegmentation as a mean to reduce the attack surface of smart home networks with the assistance of the edge cloud. We implement two network functions that cooperate to enforce fine-grained network security policies in smart homes. One function builds an inventory of all devices and their vulnerabilities. The second utilizes that information to dynamically allocate IoT devices to microsegments, and isolates them from one another using inter and intra-segment network-level security policies. We evaluated our approach using three different IoT network security metrics and IoT topologies. In the best case, microsegmentation reduces the attack surface exposed to a Mirai-infected IoT webcam by as much as 65.85% at the cost of preventing 2.16% of the otherwise-valid network flows between devices.

This paper proposes a framework for synthesizing infrastructure configurations for evaluating edge computing systems under different conditions. There are a number of tools to simulate or emulate edge systems, and while they typically provide ways of modeling infrastructure and network topologies, they lack reusable building blocks common to edge scenarios. Consequently, most edge computing systems evaluations to this date rely on either highly application-specific testbeds, or abstract scenarios and abstract infrastructure configurations. We analyze four existing or emerging edge infrastructure scenarios, from which we elicit common concepts. The scenarios serve as input to synthesize plausible infrastructure configurations, that are parameterizable in cluster density, device heterogeneity, and network topology. We demonstrate how our tool can generate synthetic infrastructure configurations for the reference scenarios, and how these configurations can be used to evaluate aspects of edge computing systems.

Motivated from Software Defined Networking (SDN), LTE standard body (3GPP) has recently proposed splitting monolithic LTE Network Functions (NFs) into their control-plane and data-plane modules for better performance, flexibility, and agility. The data-plane logic is pushed at the edge of the network while retaining control-plane functionality at the core. However, both network edge and the core modules involve in executing LTE control-plane procedures (e.g. device registration/deregistration, and mobility etc.) as well as LTE data-plane services (e.g. voice over LTE, and video streaming, etc.). We discover that these decoupled modules, being part of the same LTE network function, interact frequently and cause deadlocks and races. In this paper, we argue that SDN style approach may not work for LTE NFs due to their monolithic design. We reason to retain LTE legacy design by not splitting its NFs. Our idea is to keep all types of LTE control-plane procedures handling at the core; while moving the execution of LTE data-plane services to the edge as microservices. We propose FERRET that is inspired from the success of the Circuit Switch Fall Back (CSFB) procedure, and falls-back to specific LTE microservice for the user requesting a particular LTE service. It first records signaling messages exchange as part of LTE service establishment phase at the core and then replays these messages at dedicated microservice to enable that service handling. FERRET lets microservice to facilitate LTE service execution that provides data forwarding at the edge.

Traditional LTE networks route Internet traffic through a packet gateway. Enterprise LTE networks with a cloud-based core use a similarly faraway gateway. To provide low-latency services, such as accessing nearby mobile devices, fog services, or localized information, a "local-exit" to the Internet is needed to avoid traveling through the LTE core. To create a local-exit, we build P4EC, a terabit capable mobile edge cloud using a programmable switch to distinguish and reroute traffic. P4EC is placed physically near the cellular deployment and reroutes specifically identified traffic to and from the mobile device. The P4EC implements packet redirection using the P4 programmable switching hardware that supports terabit throughput in inexpensive equipment. P4EC operates without any modification to the LTE core. This work describes a working proof-of-concept operating in an actual LTE network.

Connected and Autonomous Vehicles (CAVs) is becoming more and more popular for automobile academic and industry community. Communication mechanisms play an important role in CAVs applications and services. However, lack of detailed comparison of different communication mechanisms is the main obstacle for the deployment of CAVs applications and services. In this paper, we set up an end-to-end prototype which supports WiFi, LTE, and DSRC based communications and evaluate the performance in latency, power dissipation, and system utilization. Three observations are summarized for the real deployment of VEC applications.