SHE Networks: Security, Health, and Emergency Networks Traffic Priority Management Based on ML and SDN

Recently, the increasing demand to transfer data through the Internet has pushed the Internet infrastructure to the final edge of the ability of these networks. This high demand causes a deficiency of rapid response to emergencies and disasters to control or reduce the devastating effects of these disasters. As one of the main cornerstones to address the data traffic forwarding issue, the Internet networks need to impose the highest priority on the special networks: Security, Health, and Emergency (SHE) data traffic. These networks work in closed and private domains to serve a group of users for specific tasks. Our novel proposed network flow priority management based on ML and SDN fulfills high control to give the required flow priority to SHE data traffic. The proposal relies on selected header bits from the traffic class field of a packet using the ML to prioritize traffic flows according to the precedence levels by governing the Differentiated Services Code Point (DSCP) bits in keeping with network administrator policies. The proposed network has been evaluated and performed utilizing the MATLAB platform and the Mininet simulator. The results of extensive testing show enhancement by applying our forcing priority algorithm obtained an efficient reduction in queuing delay and lost packets. The average waiting time in queue was reduced by around 61%, and the lost packets hit 0.005% when adopting the SDN-based ML network traffic priority management.

posed a deep-reinforcement algorithm that relies on history 98 traffic requests by interacting with the underlying network 99 circumstances and dynamically optimizing the routing guide-100 line [8]. The emergence of ML presents a modern method-101 ology for data traffic classification. The ML mechanism 102 requires extracting the features of the data. The processed 103 data compares to the earlier knowledge available to the 104 trainer, which usually considers the form of analyzing data 105 collected and transferred to the classifier to manage data 106 classification. The authors of [9] used different ML algo-107 rithms for the accurate traffic classification of mobile appli-108 cations. Also, the classified traffic flows of each application 109 were controlled by the QoS by applying the SDN controller. 110 In [10], They used Internet protocol autonomous system 111 inquiry based on deep packet inspection and ML technique 112 for traffic classification. They obtained a fast and acceptable 113 flow classification for diverse kinds of traffics. 114 The SDN technology emerged to overcome the diverse 115 kinds of network devices produced by many different com-116 panies. The SDN architecture relies on separation the data 117 layer from the control layer. In the SDN scene, the con-118 trol packets do not use the conventional IP routing alone, 119 but they could employ various mechanisms and algorithms 120 according to the task to be executed by the algorithm [11]. 121 Moeyersons et al., proposed an executable SDN to ensure the 122 bandwidth required for emergency traffic flows in online and 123 offline cases. The online model suggested repeated recalcula-124 tions as the best solution for all demanded flows. The offline 125 approach allows for problem optimization for a set of flows, 126 but it is computationally costly, particularly a variant where 127 the streams can be split across parallel paths [12]. Authors 128 in [13] presented a mechanism for bandwidth guaranteed by 129 applying a prioritization method to determine the absolute 130 packets flow priority. The geospatial streams are mapped into 131 segments with various QoS levels. 132 The rising of using AI in communication networks 133 transforms network management into a cognitive manner 134 to forward data packets. Where a network can self-react 135 and self-adapt to improving statuses with minimum man-136 work efforts. The QoS for traffic identification by Using 137 ML and DPI in SDN has been proposed by [4]. They sug-138 gested a design that combines semi-supervised ML and DPI 139 of multi-classifier in SDN to classify streams into various 140 QoS levels. The classifier can modify the fast emergence of 141 network utilization and changeable flow features of a current 142 network by repeating re-training based on the changing traffic 143 database. Chang et al. presented      subordinated to make a decision by the ADM according to 207 the administrator policy. Whilst, in the case of information 208 availability of the arrived traffic flow to the gateway and 209 analytic servers, it will assign the required priority and QoS 210 without asking the ML and ADM based on previous decisions 211 for that traffic flow.

213
Current traffic classification analysis relies on the packets 214 header content and payload to identify traffic flows. However, 215 the packet header involves sufficient information for traffic 216 flow classification. To perform our proposal for online and 217 offline traffic classification, we apply traffic flow statistical 218 set characteristics such as packet length, byte, bit accounts, 219 and packet direction. Modern applications aim to develop 220 encryption for higher privacy and security. These applica-221 tions use widely known secure protocols such as SSH, SSL, 222 HTTPS, etc. Therefore, traffic flow classifications necessitate 223 an intelligently and efficiently analysis based on the bits cho-224 sen from the packet headers rather than the entire field [16]. 225 Furthermore, the traffic subjects for examining can be treated 226 as a single packet or a flow (1 st packet as a guider) to be 227 categorized. Thus, this points to adaptability in choosing the 228 labeled features and controlling the number of these features. 229 In our previous proposed algorithm mechanism FDPHI [16], 230 we performed traffic classification based on the bit account 231 of the arrived packet. Due to the widespread deployment of 232 applying IPv6 in Internet infrastructure networks, we focused 233 on the IPv6 packet header. Consider packets, bytes, and bits 234 statistics of the header, which hold sufficient information 235 to identify packets as unique identifiers for the application, 236 in addition to sequence-dependent of arriving packets. This 237 VOLUME 10, 2022    vices Code Point (DSCP) bits. Algorithm 1 illustrates the 269 procedure that is adopted to prioritize packets based on DSCP 270 bits (DS5-DS3) and drop probability bits (DS2-DS1) in the 271 suggested system. The field of traffic class (8bits) indicates 272 IPv6 packet priority [17]. It supports routers to manage the 273 traffic flow according to the packet priority. As congestion 274 happens on a network device, the packets with the lowest 275 priority level consider ''routine traffic'' or discarded.

276
By performing DSCP on our proposal, the DSCP is a set 277 of End to End (E2E) QoS abilities. E2E QoS is the capability 278 of the network devices to fulfill the service expected by a 279 particular network traffic flow from one end to another. The 280 IPv6 header is a fixed size of 320 bits, as shown in Figure 3. 281 Our algorithm focuses on the 8 bits of the traffic class field 282 that consists of a (6 bits) DSCP to handle priority packet 283 classification. The remaining (2 bits) are Explicit Conges-284 tion Notification (ECN) precedence values divided into two 285 ranges: i) congestion control traffic and ii) non-congestion 286 control traffic [18].

287
To describe how to set the DSCP values in QoS and the 288 relation between DSCP and IPv6 precedence. Table 1 Table 2 represents the DSCP coding for setting the AF classes 307 alongside the probability of a packet. The AF is a means for 308 differentiating service levels for IP forwarding assurances.    to be met with those in the arrived packets header, 368 metadata, and ingress interface. The ADM sets the 369 DSCP bits to force the packet to get the required pri-370 ority, which is implemented by the SDN controller to 371 determine the E2E path with QoS that is defined by the 372 ADM. 373 2) The Actions field implements a set of directions and 374 instructions on the arrived packets through the OFSs to 375 manage how to reroute the matched data. These actions 376 are made by the SDN controller to order the OFS to 377 VOLUME 10, 2022   a network, when the first packet of every flow arrives at an 395 OFS, each OFS must ask for rules for packet forwarding. The 396 SDN controller provides and updates the rules according to 397 ADM decisions. Moreover, the SDN controller determines 398 the appropriate actions to forward packets depending on the 399 priority specified by the ADM, which is governed by the 400 network administrator. In the case of emergencies, the SDN 401 network administrator observes and manages the network 402 performance by giving the highest priority decision to one 403 type of SHE traffic to pass via the network. Figure 5 summa-404 rizes our algorithm steps to classify, force the traffic priority, 405 and forward the prioritized packets according to DSCP prece-406 dence levels.

408
To give the required priority to SHE traffic, we need to 409 understand the meaning of traffic priority in a network by 410 simple words is that jump the waiting queue. (λ + µ 2 )P 0j = µ 1 P 1,j + λ 2 P 0,j−1 + µ 2 P 0,j+1 where λ is the aggregation of λ 1 and λ 2 . The average number 458 of packets at the service facility (packet being served) repre-459 sents the server utilization which is denoted by the symbol 460 ρ. A good queuing system has a property that the service 461 rate (µ) is always greater than the number of packets arrival 462 rate (λ) and the ratio (λ/µ) must be less than 1 for the stable 463 system, that is, (ρ = λ/µ) ≤ 1 . Generally, if there are K 464 preemptive priorities, then there are 2 K classes of priority 465 equations. To measure the performance of such a system, 466 we should derive distinct 2 K steady-state partisan producing 467 functions from the equilibrium equations.

468
Since we have an M /M /1/∞ : SP queuing system, E (n) 469 expresses the average number of class-n packets in the system 470 in a steady-state. In our proposal, in the case of R packet 471 classes, the SDN controller will prioritize SHE traffic against 472 the routine traffic, which is resumed re-serving from the 473 breakpoints. The R packet classes can be expressed as: where σ n = n m=1 ρ n , ρ n = λ n E[S n ], and S m is a Poisson 476 service time of a class-m. 479 We performed and implemented our proposal by using the 480 Mininet simulator. Figure 7 illustrates the setup of our sug-481 gested SDN network. The simulation design consisted of one 482 main OFS (OFSm) and four OFSs representing four network 483 domains (Security, Health, Emergency, and Routine) traffics, 484 each OFS with three hosts. The SDN controller connects with 485 all OFSs as shown in Figure 7 via dotted lines as control links. 486 While the data traffic with green links that link the OFSs to the 487 (GW and Analytic Servers) which connect the proposed SDN 488 network to the Internet networks. We applied our algorithm 489 on three flows representing the SHE traffic to show how it 490 controls the priority according to classes level and implicit 491     total throughput, due to OFS m handles packets fairly in terms 515 of queuing and serving time. Figure 10 gives an example of forcing priority for selected 517 local flows of one network traffic (Security, Health, or Emer-518 gency). We selected a Health traffic network as local traffic 519 flows to perform forcing priority within this network that 520 consists of an OFS and three users (H7, H8, and H9). Ini-521 tially, OFS (OFS of Health) received the generated traffic by 522 H7 to be forwarded to H8 and H9 without forcing priority. 523 Then, we applied our proposed approach to force the OFS 524 to prioritize Class 1 traffic flow between H7 and H9 (High, 525 Medium, and Low) based on the DSCP bits. As can be seen 526 from Figure 10, the waiting time delay in the queue has been 527 reduced to around 55% by forcing the OFS to assign the 528 highest priority for selected traffic flow. This scenario can be 529 applied to the other local networks to prioritize their traffic as 530 desired. 531 Figure 11 compares the routing flows prioritizing based 532 on our proposed scheme, SDN routing rules, and standard 533

570
The SDN concept has provided exceptional features to the 571 Internet networks infrastructure, such as reducing manage-572 ment efforts, expediting flow forwarding, and facilitating the 573 amendment of forwarding tables. These features have led 574 to advancements in administrating networks performance. 575 Despite these techniques having been applied, the Internet 576 infrastructures still require imaginative thoughts to satisfy 577 the traffic demands of critical matters in disasters. In such 578 cases, the special network must have the highest priority to 579 forwarding data traffic to deal efficiently with emergencies 580 by forcing the highest precedence levels traffic flow for these 581 networks. Our proposal added a novel and creative touch to 582 the SDN network infrastructure by using ML and SDN to 583 achieve and control priority traffic flows management. The 584 ML classifies the income traffic depending on the selected 585 header bit statistics, which have sufficient information to 586 recognize packets as unique identifiers for a flow. Although 587 SDN provided acceptable performance compared to the tra-588 ditional network, it lacked optimization and prioritization of 589 scheduling forwarded packets in critical situations. Our sys-590 tem presented the ability to control and force traffic priority 591 as the network administrator policy. he was the Editor of White Paper in Communication and Networking, which 742 has been utilized by EU Commission for research. He has been invited 743 to give presentations at EU Workshop and delivered two presentations at 744 Networld2020, as well as being the Brunel representative for NetWorld2020 745 and WWRF for the last 15 years.