Bruno Volckaert

• Professor
• Professor at Ghent University

Continuum computing has emerged as a paradigm to improve various aspects of service orchestration by offloading computation from the cloud to the network edge. However, edge orchestration poses two significant challenges compared to cloud computing. On one hand, cloud software scheduling algorithms make suboptimal decisions when applied to the netw...

In recent years, microservice-based applications have shifted towards cloud-edge computing, taking advantage of green energy, lower latencies, and local computational resources. Simultaneously, various alternatives to containers, such as unikernels and WebAssembly, have emerged and are gradually being adopted by container-based orchestration softwa...

Resilient operation of cloud-native applications is a critical requirement to service continuity, and to fostering trust in the cloud paradigm. So far, service meshes have been offering resiliency to a subset of failures. But, they fall short in achieving idempotency for HTTP POST requests. In fact, their current resiliency measures may escalate th...

Anatomy learning has traditionally relied on drawings, plastic models, and cadaver dissections/ prosections to help students understand the three-dimensional (3D) relationships within the human body. however, the landscape of anatomy education has been transformed with the introduction of digital media. in this light, the Open anatomy explorer (OPA...

The rapid expansion of Internet of Things (IoT), edge, and embedded devices in the past decade has introduced numerous challenges in terms of security and configuration management. Simultaneously, advances in cloud-native development practices have greatly enhanced the development experience and facilitated quicker updates, thereby enhancing applic...

In recent years, workload containerisation has been extended to the edge, bringing with it the need for flexible overlay networking. However, current container networking solutions are generally designed for the cloud, aimed at relatively static clusters with centralized generation of container subnet addresses and assigning them to nodes. Added to...

This work describes an approach to enhance container orchestration platforms with an autonomous and dynamic rescheduling system that aims at improving application service time by co-locating highly interdependent containers for network delay reduction. Unreasonable container consolidation may however lead to host CPU saturation, in turn impairing t...

Data visualization recommendation aims to assist the user in creating visualizations from a given dataset. The process of creating appropriate visualizations requires expert knowledge of the available data model as well as the dashboard application that is used. To relieve the user from requiring this knowledge and from the manual process of creati...

A Kubernetes cluster typically consists of trusted nodes, running within the confines of a physically secure datacenter. With recent advances in edge orchestration, this is no longer the case. This poses a new challenge: how can we trust a device that an attacker has physical access to? This paper presents an architecture and open-source implementa...

Recent years have seen the adoption of workload orchestration into the network edge. Cloud orchestrators such as Kubernetes have been extended to edge computing, providing the virtual infrastructure to efficiently manage containerized workloads across the edge-cloud continuum. However, cloud-based orchestrators are resource intensive, sometimes occ...

Recent years have seen the adoption of workload orchestration into the network edge. Cloud orchestrators such as Kubernetes have been extended to edge computing, providing the virtual infrastructure to efficiently manage containerized workloads across the edge-cloud continuum. However, cloud-based orchestrators are resource intensive, sometimes occ...

During the past 10 years, researchers have extensively explored the use of machine learning (ML) in enhancing network intrusion detection systems (IDS). While many studies focused on improving accuracy of ML-based IDS, true effectiveness lies in robust generalization: the ability to classify unseen data accurately. Many existing models train and te...

This work describes an approach to enhance container orchestration platforms with an autonomous and dynamic rescheduling system that aims at improving application service time by co-locating highly interdependent containers for network delay reduction. Unreasonable container consolidation may however lead to host CPU saturation, in turn impairing t...

Fog computing is emerging as geo-distributed and connected edge-to-cloud ecosystems, spanning multiple domains operated by different entities. Consequently, fog-compatible applications need to support distributed operations and decentralized management. This promoted the adoption of the mi-croservices architecture, to facilitate application modular...

An intrusion detection system (IDS), traditionally an example of an effective security monitoring system, is facing significant challenges due to the ongoing digitization of our modern society. The growing number and variety of connected devices are not only causing a continuous emergence of new threats that are not recognized by existing systems,...

Despite their maturity and robustness, container orchestration platforms still suffer from some limitations. One of those concerns the lack of runtime adaptability of the scheduler to the overall cluster status as (i) it instantiates containers with local optimization in mind i.e. it only considers the container-specific predefined requirements whi...

The diversity of services and infrastructure in metropolitan edge-to-cloud network(s) is rising to unprecedented levels. This is causing a rising threat of a wider range of cyber attacks coupled with a growing integration of a constrained range of infrastructure, particularly seen at the network edge. Deep reinforcement-based learning is an attract...

In case of an emergency situation, it is required to come up with solutions quickly. The supporting decision-making process should therefore be based on relevant data sources which are fed to data processing pipelines. These data sources may however be located in different domains of distinct organizations. Although the technical realisation of cro...

Generalization is a longstanding assumption in articles concerning network intrusion detection through machine learning. Novel techniques are frequently proposed and validated based on the improvement they attain when classifying one or more of the existing datasets. The necessary follow-up question of whether this increased performance in classifi...

New proposals for intrusion detection systems (IDS) are consistently choosing to use machine learning (ML) to model the difference between benign and malicious traffic. However, much more than the signature-based IDS researchers, they disregard the cost of computation for their proposed methods. This is a mistake, because these proposals should be...

A healthy and safe indoor environment is an important part of containing the coronavirus disease 2019 (COVID-19) pandemic. Therefore, this work presents a real-time Internet of things (IoT) software architecture to automatically calculate and visualize a COVID-19 aerosol transmission risk estimation. This risk estimation is based on indoor climate...

Recently proposed methods in intrusion detection are iterating on machine learning methods as a potential solution. These novel methods are validated on one or more datasets from a sparse collection of academic intrusion detection datasets. Their recognition as improvements to the state-of-the-art is largely dependent on whether they can demonstrat...

With Digital transformation, the diversity of services and infrastructure in backhaul fog network(s) is rising to unprecedented levels. This is causing a rising threat of a wider range of cyber attacks coupled with a growing integration of constrained range of infrastructure, particularly seen at the network edge. Deep reinforcement-based learning...

New models are frequently proposed to classify academic intrusion and malware detection datasets. However, the exorbitant complexity of many of these models is not warranted at all, because extremely simple ML models perform very similarly. The work for this article has been done in the public domain on Kaggle: https://www.kaggle.com/dhoogla/datase...

Despite their maturity and robustness, container orchestration platforms still suffer from some limitations. One of those concerns the lack of runtime adaptability of the scheduler to the overall cluster status as i) it instantiates containers with local optimization in mind i.e. it only considers the container-specific predefined requirements whic...

Despite their maturity and robustness, container orchestration platforms still suffer from some limitations. One of those concerns the lack of runtime adaptability of the scheduler to the overall cluster status as i) it instantiates containers with local optimization in mind i.e. it only considers the container-specific predefined requirements whic...

Machine learning (ML) has been a staple of academic research into pattern recognition in many fields, including cybersecurity. The momentum of ML continues to speed up alongside the advances in hardware capabilities and the methods they unlock, primarily (deep) neural networks. However, this article aims to demonstrate that the non-judicious use of...

Academic ML-NIDS systems report excellent performance metrics, yet they have to break through to the real world. This article is a continuation of earlier work which demonstrates the lack of generalization of ML-NIDS systems. No need for specifically crafted adversarial attacks, just testing models trained on one SoTA IDS dataset and testing on a s...

Background The diagnosis of headache disorders relies on the correct classification of individual headache attacks. Currently, this is mainly done by clinicians in a clinical setting, which is dependent on subjective self-reported input from patients. Existing classification apps also rely on self-reported information and lack validation. Therefore...

In recent years, the continuing growth of the network edge, along with increasing user demands, has led to the need for increasingly complex and responsive management strategies for edge services. Many of these strategies are cloud-based, offering near-perfect solutions at the cost of requiring massive computational power, or edge-based, offering r...

The cloud native paradigm is emerging as a pathway to developing applications for intrinsic operation on the cloud. This prompted application modularity, leveraging the adoption of the microservices architecture. Meanwhile, fog computing is emerging as a geo-dispersed cloud, bringing services closer to the end-user for localization and improved res...

A group of organizations wishing to collaborate urgently, for example in case of a crisis, need to have a way to quickly deploy applications which enable them to speed up a potentially crisis-resolving decision-making process. A cross-organizational Kubernetes cluster, which is orchestrated by a central operator, allows to initiate these deployment...

Digital transformation is increasingly reliant on service-based operations in fog networks. The latter is a geo-dispersed form of the cloud, extending resources closer to end-users for improved privacy and reduced latency. The dispersion leverages diversity of compute-network capacities and energy prices, while promotes the coexistence of multiple...

Kubernetes' high resource requirements hamper its adoption in constrained environments such as the edge and fog. Its extensible control plane is a significant contributor to this, consisting of long-lived processes called "controllers" that constantly listen for state changes and use resources even when they are not needed. This paper presents a We...

This article uses a straight-forward methodology to find features in ML-IDS datasets which yield excellent models without being related to the actual attack patterns in the datasets. Before reading the published article, you should view the presentation I gave at UNB-PST2022 in which more experimental results have confirmed the effect. The additi...

Modern datasets in intrusion detection are designed to be evaluated by machine learning techniques and often contain metadata features which ought to be removed prior to training. Unfortunately many published articles include (at least) one such metadata feature in their models, namely destination port. In this article, it is shown experimentally t...

The cloud native approach is rapidly transforming how applications are developed and operated, turning monolithic applications into microservice applications, allowing teams to release faster, increase reliability, and expedite operations by taking full advantage of cloud resources and their elasticity. At the same time, "fog computing" is emerging...

This chapter presents the advanced manufacturing processes and big data-driven algorithms and platforms leveraged by the Boost 4.0 big data lighthouse project that allows improved digital operations within increasingly automated and intelligent shopfloors. The chapter illustrates how three different companies have been able to implement three disti...

Despite the growing popularity of immersive video applications during the last few years, the stringent low latency requirements of this kind of services remain a major challenge for the existing network infrastructure. Edge-assisted solutions compensate for network latency by relying on cache-enabled edge servers to bring frequently accessed video...

Network function virtualization (NFV) is a key networking concept whose benefits include scalability, flexibility, and cost-effective service provisioning. In NFV, service function chains (SFCs) adaptable to customers' needs are created by chaining virtualized network functions (VNFs). VNFs and SFCs are sensitive elements that, if compromised, woul...

The Solid decentralization effort decouples data from services, so that users are in full control over their personal data. In this light, Web Monetization has been proposed as an alternative business model for web services that does not depend on data collection anymore. Integrating Web Monetization with Solid, however, remains difficult because o...

Intrusion Detection Systems (IDS) play an important role in detecting network intrusions. Because intrusions have many variants and zero-day attacks, traditional signature-and anomaly-based IDS often fail to detect them. On the other hand, solutions based on Machine Learning (ML), have better capabilities for detecting variants. In this work, we ad...

When organizations need to collaborate urgently, for example, in the case of an emergency situation, it is needed to deploy software components into the different domains in order to allow crucial data to be exchanged. The ad hoc aspect is important as it does not allow the participating organizations to negotiate entire workflows and/or contracts...

Companies are increasingly gathering and analyzing time-series data, driven by the rising number of IoT devices. Many works in literature describe analysis systems built using either data-driven or semantic (knowledge-driven) techniques. However, little to no works describe hybrid combinations of these two. Dyversify, a collaborative project betwee...

The intrusion detection field has been increasing the adoption of newer datasets after relying mainly on KDD99 and NSL-KDD. Both the height and the width of the newer datasets have increased substantially since they are geared towards evaluation by machine learning methods. The feature sets however are most often statistics, derived either from the...

Through the ongoing digitization of the world, the number of connected devices is continuously growing without any foreseen decline in the near future. In particular, these devices increasingly include critical systems such as power grids and medical institutions, possibly causing tremendous consequences in the case of a successful cybersecurity at...

Recently, distributed cloud infrastructures have become a potential business opportunity for most service providers due to the exponential growth of connected devices. The advent of the Internet of Things (IoT) and softwarized networks made centralized cloud systems impractical. In response, Fog Computing (FC) emerged, enabling the deployment of se...

New protocols and technologies are continuously competing in the Internet of Things. This has resulted in a fragmented landscape that complicates the integration of different solutions. Standardization efforts try to avoid this problem, however within a certain ecosystem, multiple standards still require integration to enable trans-sector innovatio...

The use of AI in Smart applications and in the organization of the network edge presents a rapidly advancing research field, with a great variety of challenges and opportunities. This article aims to provide a holistic review of studies from 2019 to 2021 related to the Intelligent Edge, a concept comprising both the use of AI to organize edge netwo...

Smart cities aim to make urban life more enjoyable and sustainable but their highly heterogeneous and distributed context creates unique operational challenges. In such an environment, multiple companies work together with government on applications and data streams spanning several management domains. Deploying these applications, each of which co...

Nowadays, many complex multi‐vendor production environments, such as telecom infrastructures in smart cities or on‐board passenger information systems in trains, are based on micro‐services and deployed in the cloud. From a service integrator viewpoint, building new solutions for these environments, which can host a large number of externally desig...

The advent of softwarized networks has enabled the deployment of chains of virtual network and service components on computational resources from the cloud up to the edge, creating a continuum of virtual resources. The next generation of low latency applications (e.g. Virtual Reality (VR), autonomous cars) adds even more stringent requirements to t...

In recent years, the Internet of Drones (IoD) became an important research topic for both industry and academy. An IoD environment consist of different drones, called Unmanned Aerial Vehicles (UAVs), flying in different zones whereby communication is important. Therefore, drones are becoming increasingly ambiguous, capable and more cost effective t...

Internet of Things (IoT) technologies, when adequately integrated, cater for logistics optimisation and operations' environmental impact monitoring, both key aspects for today's EU ports management. This article presents Obelisk, a scalable and multi‐tenant cloud‐based IoT integration platform used in the EU H2020 PortForward project. The landscape...

Recent years have seen fog and edge computing emerge as new paradigms to provide more responsive software services. While both these concepts have numerous advantages in terms of efficiency and user experience by moving computational tasks closer to where they are needed, effective service scheduling requires a different approach in the geographica...

Service Function Chaining and Network Function Virtualization are enabling technologies that provide dynamic network services with diverse QoS requirements. Regarding the limited infrastructure resources, service providers need to prioritize service requests and even reject some of low-priority requests to satisfy the requirements of high-priority...

Recently, with the advent of the Internet of Things (IoT), Smart Cities have emerged as a potential business opportunity for most cloud service providers. However, centralized cloud architectures cannot sustain the requirements imposed by many IoT services. High mobility coverage and low latency constraints are among the strictest requirements, mak...

Computer security is one of the main challenges of today’s technological infrastructures, whereas intrusion detection systems are one of the most widely used technologies to secure computer systems. The intrusion detection systems use a variety of information sources, one of the most important sources are the applications’ system calls. The intrusi...

The rapid growth of the internet, connecting billions of people and businesses, brings with it an increased risk of misuse. Handling this misuse requires adaptive techniques detecting known as well as unknown, zero-day, attacks. The latter proved most challenging in recent studies, where supervised machine learning techniques excelled at detecting...

In recent years, containers have gained popularity as a lightweight virtualization technology. This rise in popularity has gone hand in hand with the adoption of microservice architectures, mostly thanks to the scalable, ethereal and isolated nature of containers. More recently, edge devices have become powerful enough to be able to run containeriz...

The information explosion the world has witnessed in the last two decades has forced businesses to adopt a data-driven culture for them to be competitive. These data-driven businesses have access to countless sources of information, and face the challenge of making sense of overwhelming amounts of data in a efficient and reliable manner, which impl...

The massive industrial adoption of cloud technology has led to research into cloud-enabling traditional applications. The EMD research project proposes an elastic, reliable, and secure cloud-enabled Audio and Video (A/V) collaboration platform in replacement of a reliable hardware appliance based which had fixed constraints in terms of scalability....

This article describes an experimental investigation into the inter-dataset generalization of supervised machine learning methods, trained to distinguish between benign and several classes of malicious network flows. The first part details the process and results of establishing reference classification scores on CIC-IDS2017 and CSE-CIC-IDS2018, tw...

Organizations share data in a cross‐organizational context when they have the goal to derive additional knowledge by aggregating different data sources. The collaborations considered in this article are short‐lived and ad hoc, that is, they should be set up in a few minutes at most (e.g., in emergency scenarios). The data sources are located in dif...

The wide adoption of smart machine maintenance in manufacturing is blocked by open challenges in the Industrial Internet of Things (IIoT) with regard to robustness, scalability and security. Solving these challenges is of uttermost importance to mission-critical industrial operations. Furthermore, effective application of predictive maintenance req...

Emergency services must be able to transfer data with high priority over different networks. With 5G, slicing concepts at mobile network connections are introduced, allowing operators to divide portions of their network for specific use cases. In addition, Software‐Defined Networking (SDN) principles allow to assign different Quality‐of‐Service (Qo...

In recent years, computing workloads have shifted from the cloud to the fog, and IoT devices are becoming powerful enough to run containerized services. While the combination of IoT devices and fog computing has many advantages, such as increased efficiency, reduced network traffic and better end user experience, the scale and volatility of the fog...