Titulo Estágio
Benchmarking SDN Controllers
Local do Estágio
CISUC-SSE
Enquadramento
Given the growing size, complexity, and the number of internet-related and information-centric technology, from mobile, cloud, edge to big data and multimedia, managing and configuring such systems has become overly complex. Combined with high bandwidth, scalability, and dynamic management, network management is of critical significance. Software-Defined Networks are a revolutionary paradigm designed for simplifying and improving network management [1].
In simple terms, computer networks consist of different devices such as routers and switches and all the different types of middle-boxes which are designed by chips and ASIC (application-specific integrated circuits). To configure each device, specific and predefined line commands from the embedded Operating System (OS) are used. This task is complex, time-consuming, and error-prone. SDNs split the control plane from the data plane: network control is separated from the forwarding mechanisms, which can be controlled directly. SDN architectures use a centralized controller, which has a global view of the network and several simple packet forwarding devices (SDN switches) that are controlled through interfaces such as ForCES and OpenFlow. Over the years, multiple controllers have been proposed for SDNs, such as ONOS, POX, and RYU.
Given the increasing rate of malicious attacks, the security of SDNs of such systems is of utmost importance. Security encompasses various attributes, such as Confidentiality, Integrity, and Availability (CIA) [2]. The innovative architecture of SDNs means that there are new attack vectors combined with existing network-related threats [3].
Due to the centralized nature of SDNs controllers, it exposes a single point of failure that if attacked can compromise the whole network. This work aims at improving the state of the art in the assessment and comparison of SDN controllers. The goal is to devise a benchmarking approach that builds the ground for comparing alternative controllers and control algorithms from a security perspective. The work includes implementing an experimental testbed (based on a realistic setup) for collecting experimental observations/metrics and conducting experiments using state-of-the-art controllers and routing algorithms.
[1] Masoudi, R., & Ghaffari, A. (2016). Software defined networks: A survey. Journal of Network and computer Applications, 67, 1-25.
[2] Avizienis, A., Laprie, J. C., Randell, B., & Landwehr, C. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE transactions on dependable and secure computing, 1(1), 11-33.
[3] Chica, J. C. C., Imbachi, J. C., & Vega, J. F. B. (2020). Security in SDN: A comprehensive survey. Journal of Network and Computer Applications, 159, 102595.
Objetivo
The learning objectives of this master’s internship are:
1) Dependability, Security: study the subject of dependability and security and its relevant attributes such as confidentiality, integrity, and availability;
2) Software Defined Networks: understand the paradigm behind SDNs and its state-of-the-art research focused on security; study its architecture to understand how the different components relate and the security of the controllers can be assessed;
3) Benchmarking: study the concept of benchmarking, specifically its different aspects (metrics, procedures, evaluation, …), and how it can be used do fairly evaluate and compare alternative solutions for SDN controllers;
4) Research Design: understand how to design and execute an experimental process to address complex and open research issues.
Plano de Trabalhos - Semestre 1
[11/09/2023 a 15/10/2023] Literature review
Study the concepts to be used in the internship, namely dependability, security, SDNs, benchmarking,
[16/10/2023 a 05/11/2023] Analysis and selection of target techniques
Identification, analysis, and selection of which controllers and routing algorithms to consider
[06/11/2023 a 03/12/2023] Definition of the benchmark
Analyze/define the benchmark process to compare alternative SDN controllers from a security perspective; this requires defining every relevant aspect, from which security attributes the benchmark will assess, the metrics to use for the comparison, the procedure, the faultload, the workload, and the experimental setup.
[04/12/2023 a 15/01/2024] Write the dissertation plan
Plano de Trabalhos - Semestre 2
[05/02/2024 a 07/04/2024] Implement the benchmark
[08/04/2024 a 21/04/2024] Conduct the experimental campaign
Use the benchmark to assess and compare various SDN controllers and routing algorithms from a security perspective
[22/04/2024 a 05/05/2024] Explore and assess the generated data
Process, explore and analyze the the results obtained from the experimental campaign
[06/05/2024 a 03/06/2024] Write the thesis.
Condições
Depending on the evolution of the internship a studentship may be available to support the development of the work. The work is to be executed at the laboratories of the CISUC’s Software and Systems Engineering (SSE) Group.
Orientador
João Rodrigues de Campos
jrcampos@dei.uc.pt 📩