Native Security Support for Virtualised Networked Infrastructures
Lead Research Organisation:
University of Glasgow
Department Name: School of Computing Science
Abstract
This PhD project will look into the areas of network anomaly and attack detection, and the types of algorithms used to detect and remediate their effects. It will subsequently consider how such algorithms can be implemented in a distributed manner over networked infrastructures that are assumed to support virtualisation of their components, such as, e.g., Cloud Data Centres.
The project explores recent technologies such as Software-Defined Networking (SDN) and Network Function Virtualisation (NFV) for securing the infrastructure in a flexible and extensible way. This is in order to overcome the current limitation of a limited set of security functions being deployed over long time-scales and over static configurations, which results in not being able to defend against unknown attacks, nor to be able to offer custom levels of security.
Results from this project will be of benefit to major network and service providers who will be able to secure their infrastructures from evolving attack vectors in short timescales.
The project is related to the ICT Networks and Distributed Systems EPSRC research area, and is aligned with the Digital Economy and Global Uncertainties themes.
The project explores recent technologies such as Software-Defined Networking (SDN) and Network Function Virtualisation (NFV) for securing the infrastructure in a flexible and extensible way. This is in order to overcome the current limitation of a limited set of security functions being deployed over long time-scales and over static configurations, which results in not being able to defend against unknown attacks, nor to be able to offer custom levels of security.
Results from this project will be of benefit to major network and service providers who will be able to secure their infrastructures from evolving attack vectors in short timescales.
The project is related to the ICT Networks and Distributed Systems EPSRC research area, and is aligned with the Digital Economy and Global Uncertainties themes.
Organisations
People |
ORCID iD |
Dimitrios Pezaros (Primary Supervisor) | |
Abeer Ali (Student) |
Studentship Projects
Project Reference | Relationship | Related To | Start | End | Student Name |
---|---|---|---|---|---|
EP/N509668/1 | 01/10/2016 | 30/09/2021 | |||
1840109 | Studentship | EP/N509668/1 | 20/10/2015 | 18/06/2019 | Abeer Ali |
Description | This project explores the areas of network anomaly and attack detection with the objective discover how such algorithms can be implemented in a distributed manner over networked infrastructures. We analysis the types of algorithms used to detect and remediate the effects of network attacks and present that in the published chapter "SDNFV-based DDoS detection and remediation in multi-tenant, virtualized infrastructures". A classification of these algorithms on how they can be implemented in a distributed manner over networked infrastructures was introduced in this book chapter. Moreover, to support virtualized infrastructures such as, e.g., Cloud Data Centres, an algorithm to allocate the first class of the classification previously introduced is designed and implemented. Results show that the placement algorithm secures the hosted machines and maintains and efficient management of the infrastructure resources. The algorithm, a mathematical model for the problem and the test results were presented in two accepted conference papers. An algorithm that allocate the two classes are designed and tested and we are in the process of submitting a third paper that demonstrate our results. |
Exploitation Route | The simulation used to test the algorithm and the mathematical mode is available for others to use. |
Sectors | Digital/Communication/Information Technologies (including Software) |
Description | Invited talk - UPC, Spain |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Invited talk on group's recent research activity and findings. Audience included primarily academics and PGRs from the Department of Network Engineering, Polytechnic University of Catalonia (Spain). |
Year(s) Of Engagement Activity | 2019 |
Description | Invited talk - York |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Invited talk on group's recent research activity and findings. Audience included primarily academics and PGRs from the Department of Electronic Engineering, University of York. |
Year(s) Of Engagement Activity | 2020 |
Description | invited talk - Exeter |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Invited talk on group's recent research activity and findings. Audience included primarily academics and PGRs from the School of Computer Science, University of Exeter |
Year(s) Of Engagement Activity | 2019 |
Description | invited talk - Sussex |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | National |
Primary Audience | Professional Practitioners |
Results and Impact | Invited talk on group's recent research activity and findings. Audience included primarily academics and PGRs from the School of Engineering and Informatics, University of Sussex |
Year(s) Of Engagement Activity | 2019 |