無線網路已經進入5G網路時代。5G網路中的應用情境可透過軟體定義網路（Software-Defined Networking，SDN）以及網路功能虛擬化（Network Function Virtualization，NFV）兩種技術來開發。舉例來說，雲端運算（cloud computing）就是其中一個重要的使用SDN/NFV方式來實作的應用情境。新興的容器（container）技術，例如Docker，可在雲環境中提供比虛擬機器（virtual machines）更有彈性、敏捷的服務供應方式。虛擬網路功能（Virtual Network Function）以容器的形式來部署則是一種趨勢。由雲所提供的服務可由服務功能鏈結（Service Function Chaining，SFC）所建構，而這些SFC又可以由容器化的VNFs組成。然而，關於SFC的議題已在其他的研究中被指出。一個值得注意的議題是服務功能鏈結完整性（SFC integrity）。簡而言之，SFC integrity關心的是實際上的通信流量（traffic flow）走的服務路徑（service path）是否與預先定義的服務路徑一致。為了要檢驗5G網路中雲端原生（cloud-native）環境的SFC integrity，我們提出一個可以與NFV管理與協調（NFV management and orchestration，NFV MANO）功能元件整合為一體的框架。該框架的核心部分是針對SFC integrity的異常偵測機制。而我們使用超限學習機（extreme learning machine，ELM）作為我們機制中的學習演算法（learning algorithm）。而我們提出的異常偵測機制將以ELM模型的準確度（accuracy）等測量方式來評估其表現。本論文最後以討論和未來可繼續研究的工作作結。

The age of the wireless network already advances to the fifth-generation (5G) era. With software-defined networking (SDN) and network function virtualization (NFV), a number of scenarios can be implemented in the 5G network. Cloud computing, for example, is one of the important application scenarios for implementing SDN/NFV solutions. The emerging container technologies, such as Docker, can provide more agile service provisioning than virtual machines can in cloud environments. It is a trend that virtual network functions (VNFs) tend to be deployed in the form of containers. The services provided by clouds can be formed by service function chaining (SFC) consisting of containerized VNFs. Nevertheless, the challenges and limitation regarding SFCs are indicated in some work. One noticeable issue is the SFC integrity. In brief, SFC integrity concerns whether the path that traffic flows really passes by is consistent with the predefined one. In order to examine SFC integrity in the cloud-native environment of 5G network, we propose a framework that can integrate with NFV management and orchestration (NFV MANO) in this work. The core of this framework is the anomaly detection mechanism for SFC integrity. The learning algorithm of our mechanism is based on extreme learning machine (ELM). The proposed mechanism is evaluated on its performance such as the accuracy of our ELM model. This work concludes with discussions and future research work.

[1] W. Stallings, F. Agboma, and S. Jelassi, Foundations of modern networking: SDN, NFV, QoE, IoT and cloud. Indianapolis: Pearson, 2016.
[2] J. Ordonez-Lucena, P. Ameigeiras, D. Lopez, J. J. Ramos-Munoz, J. Lorca, and J. Folgueira, "Network slicing for 5G with SDN/NFV: Concepts, architectures, and challenges," IEEE Communications Magazine, vol. 55, no. 5, pp. 80-87, 2017.
[3] M. S. Bonfim, K. L. Dias, and S. F. Fernandes, "Integrated NFV/SDN architectures: A systematic literature review," arXiv preprint arXiv:1801.01516, 2018.
[4] A. M. Medhat, T. Taleb, A. Elmangoush, G. A. Carella, S. Covaci, and T. Magedanz, "Service function chaining in next generation networks: State of the art and research challenges," IEEE Communications Magazine, vol. 55, no. 2, pp. 216-223, 2016.
[5] ETSI, "Network Functions Virtualisation (NFV); Management and Orchestration," [Online]. Available: https://www.etsi.org/deliver/etsi_gs/NFV-MAN/001_099/001/01.01.01_60/gs_nfv-man001v010101p.pdf
[6] J. Halpern and C. Pignataro, "Service Function Chaining (SFC) Architecture," RFC Editor, RFC. 7665, October 2015, [Online]. Available: https://tools.ietf.org/rfc/rfc7665.txt.
[7] ETSI, "Network Functions Virtualisation (NFV) Release 2;Management and Orchestration; Network Service Templates Specification," [Online]. Available: https://www.etsi.org/deliver/etsi_gs/nfv-ifa/001_099/014/02.05.01_60/gs_nfv-ifa014v020501p.pdf
[8] G.-B. Huang, Q.-Y. Zhu, and C.-K. Siew, "Extreme learning machine: theory and applications," Neurocomputing, vol. 70, no. 1-3, pp. 489-501, 2006.
[9] Y. Chen and A. Bernstein, "Bridging the Gap Between ETSI-NFV and Cloud Native Architecture," SCTE-ISBE and NCTA, 2017, [Online]. Available: https://www.nctatechnicalpapers.com/Paper/2017/2017-bridging-the-gap-between-etsi-nfv-and-cloud-native-architecture/download.
[10] CNCF. (2018). CNCF Cloud Native Definition v1.0 [Online]. Available: https://github.com/cncf/toc/blob/master/DEFINITION.md.
[11] Kubernetes. (2019). Production-Grade Container Orchestration - Kubernetes [Online]. Available: https://kubernetes.io/.
[12] S. Li. (2016). TOSCA Simple Profile for Network Functions Virtualization (NFV) Version 1.0 OASIS Committee Specification Draft 03 [Online]. Available: http://docs.oasis-open.org/tosca/tosca-nfv/v1.0/csd03/tosca-nfv-v1.0-csd03.html.
[13] S. Li and J. Crandall. (2017). TOSCA Simple Profile for Network Functions Virtualization (NFV) Version 1.0 OASIS Committee Specification Draft 04 [Online]. Available: http://docs.oasis-open.org/tosca/tosca-nfv/v1.0/csd04/tosca-nfv-v1.0-csd04.html.
[14] A. Brogi, D. Neri, L. Rinaldi, and J. Soldani, "Orchestrating incomplete TOSCA applications with Docker," Science of Computer Programming, vol. 166, pp. 194-213, 2018/11/15/ 2018.
[15] M. Haider, "Deployment of TOSCA cloud services archives using Kubernetes," 2017.
[16] M. Šuňal, "Container Service Chaining," FRINX network automation software, Santa Clara, CA, 2017, [Online]. Available: http://events17.linuxfoundation.org/sites/events/files/slides/ContainerServiceChaining_MartinSunal.pdf.
[17] B. Yi, X. Wang, K. Li, and M. Huang, "A comprehensive survey of network function virtualization," Computer Networks, vol. 133, pp. 212-262, 2018.
[18] L. Bondan, T. Wauters, B. Volckaert, F. D. Turck, and L. Z. Granville, "Anomaly detection framework for SFC integrity in NFV environments," in 2017 IEEE Conference on Network Softwarization (NetSoft), 2017, pp. 1-5.
[19] V. Chandola, A. Banerjee, and V. Kumar, "Anomaly detection: A survey," ACM computing surveys (CSUR), vol. 41, no. 3, p. 15, 2009.
[20] Y. Imamverdiyev and L. Sukhostat, "Anomaly detection in network traffic using extreme learning machine," in 2016 IEEE 10th International Conference on Application of Information and Communication Technologies (AICT), 2016: IEEE, pp. 1-4.
[21] A. Pastor, A. Mozo, D. R. Lopez, J. Folgueira, and A. Kapodistria, "The Mouseworld, a security traffic analysis lab based on NFV/SDN," in Proceedings of the 13th International Conference on Availability, Reliability and Security, 2018: ACM, p. 57.
[22] J. Ohlsson, "Anomaly Detection in Microservice Infrastructures," ed, 2018.
[23] Q. Du, T. Xie, and Y. He, "Anomaly Detection and Diagnosis for Container-Based Microservices with Performance Monitoring," in International Conference on Algorithms and Architectures for Parallel Processing, 2018: Springer, pp. 560-572.
[24] Tacker. (2019). Welcome to Tacker Documentation - OpenStack Docs [Online]. Available: https://docs.openstack.org/tacker/latest/.
[25] W. Rankothge, F. Le, A. Russo, and J. Lobo, "Data modelling for the evaluation of virtualized network functions resource allocation algorithms," arXiv preprint arXiv:1702.00369, 2017.
[26] OpenStack. (2017). OpenStack Dosc: Experimenting containerized VNFs with Kubernetes VIM [Online]. Available: https://docs.openstack.org/tacker/latest/user/containerized_vnf_usage_guide.html.
[27] Kubernetes. (2019). Pod Overview - Kubernetes [Online]. Available: https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/.
[28] OpenStack. (2019). OpenStack Docs: Install via Devstack [Online]. Available: https://docs.openstack.org/tacker/latest/install/devstack.html.
[29] OPNFV. (2019). Downloads - OPNFV [Online]. Available: https://www.opnfv.org/software/downloads.
[30] OpenStackWiki. (2019). Tacker - OpenStack [Online]. Available: https://wiki.openstack.org/wiki/Tacker.
[31] A. Akusok, K.-M. Björk, Y. Miche, and A. Lendasse, "High-performance extreme learning machines: a complete toolbox for big data applications," IEEE Access, vol. 3, pp. 1011-1025, 2015.