|
|
|
|
| Dr. Paola Grosso | ||
| Home page | ||
| Bio | ||
| Teaching activities | ||
| Professional activities | ||
| Previous projects | ||
| Publications | ||
| Presentations |
Computer networks are constantly under attack. In the scope of this project, we propose to adapt and develop new capabilities for processing of telemetry data streams and to apply real-time anomaly detection capabilities.
The student will develop the ‘AI knowledge packs’ specifically targeted for automatic detection of various anomalies occurring in SARNET prototype. ‘AI knowledge packs” will include the model for decoding of the telemetry, trained AI datasets and mitigation scripts, which will deploy various functions onto the test bed networks.
See full description here (PDF)
Data plane programmability plays an important role in the softwarized networks community, improving the flexibility of matching, altering and forwarding packets and data while maintaining high throughput.
This project will create room to learn about the architectures and specifications related to data plane programmability and its acceleration as well as identify the use cases interesting for TNO partners and customers.See full description on TNO site (link)
This master thesis project takes place in the context of NWO SARNET project on Security Autonomous Response with programmable NETworks.
The focus is particularly on the orchestration function (e.g. ETSI MANO, OpenC2), although you will also need to address the analytical part (i.e. determining how to best respond to an attack).
See full description on TNO site (link)
SURFnet's test network is meant for the validation of software, features and performance, before they being implemented in production. The test network consists of equipment that mirrors as much as possible the equipment used in production, including the Network Management System. Such a test network consists typically of some 10 to 20 interconnected hardware systems, the SURFnet production network consists of more than 800 devices.
A test network is always of limited scale and it is not very flexible in regards to modifications of the topology. The required interfaces need to be available and physical patching on site is required. In this time of virtualization, router vendor offer possibilities to build virtual test networks. The software images can run in different environments and can be used to build logical networks suitable for testing. Ideally you can build a test network that is identical to the production one.
SURFnet is implementing its new generation network (called "SURFnet8"), using new photonic and routing equipment. This is therefore an ideal moment to create a virtual test network such that future development meant for SURFnet8 can be tested there. This virtual test environment will complement the physical test network, which will still be needed for performance testing and software 'soaking;' on actual hardware platforms. A coupling between the virtual and physical test networks is also considered a plus.
The student will contribute to the development of the virtual test network, meant for validation of SURFnet8 functionalities. There are a number of software platforms available for this work: Juniper Wistart (https://github.com/Juniper/wistar), Eve-NG (http://www.eve-ng.net/) and the GNS3 simulator. Specific tasks will be:
Segment routing is a novel routing paradigm that allows sending node to specify the entire forwarding path. In this project we look at the performance of segment routing in container networks, in particular when using eBPF (express Berkeley Packet Filter). (We are open to discuss the study of applicability of segment routing in the core networks, in case the student is interested).
Specifically the students will: