Information Session for the Seminar “Future Internet”Information Session for the Seminar...

Network Architectures and Services

Department Computer Science

Technische Universität München

Information Session for the Seminar

“Future Internet”

Prof. Dr.-Ing. Georg Carle and I8 research staff

Organisation: Daniel Raumer, Lukas Schwaighofer

Seminar Future Internet 2

Administrative Things for all Seminars

Responsibilities

Grading

Topic Selection for Future Internet (FI) Seminar

Content

www.fotoila.de


Basic Information

Lecturer: Prof. Dr.-Ing. Georg Carle

Organization: [email protected] Daniel Raumer

Lukas Schwaighofer

Overview Main Language: German

we will offer an English track (minimum of 4 participants)

Extent: 2 SWS (4 ECTS)

Course Type:

For M.Sc. Students: Master’s Seminar (Master-Seminar)

For B.Sc. Students: Advanced Seminar Course (Seminar)


Paper procedure

First version of your paper Agree on the content with your advisor

Use the supplied paper template from the webpage

Keep in touch with your advisor

Try to finish well in time so you advisor can give you feedback

Write reviews You will be given two papers of your fellow students

Final version of your paper Use the received reviews to improve your paper

You will also receive some feedback from your advisor

If you and your advisor agree publication in the seminar proceedings


Talk procedure

Prepare your talk Finished slides must be discussed with advisor 1 week before the talk

Advisors usually offer the opportunity of test talks

Give your talk

Session chair for one talk Introduce the talk

Watch the time constraints

Lead the discussion after the talk

Ask at least one question if nobody else does

Mandatory attendance on all sessions


Topic Handling

From your advisor(s) you may receive some literature. This is just to get you started

Find appropriate (scientific) sources yourself scholar.google.com

acm.org

ieee.org

You sources’ sources

…

Just presenting the given literature is NOT enough


Further Information

TUM-Online registration If you pick a topic today we will register you for the course

You will be able to unregister for 1 week without any consequences

Later dropout will be graded as 5.0

Webpage: http://www.net.in.tum.de/de/lehre/ Slides: How to write a paper

Slides: How to write a review

Questions: Contact your advisor

For organizational questions: [email protected]


Grading

Grading parts:

1. Both of your paper submissions (6–8 pages in ACM) (50%)

• 1st version: 37,5%

• 2nd version: 12,5%

2. Your talk (20–25min, following discussion and feedback) (25%)

• Content is graded

• Personal presentation style is not

3. Your reviews of papers from other seminar participants (25%)


Grading – influencing factors

Observe the deadlines Advisor meetings are compulsory

Use the upload form on our webpage for your submissions

0.3 degrading per day for missed deadlines

No submission 1st version of paper: Disqualification (Seminar graded as 5.0)

Other submissions: Grade 5.0 for the concerning part

Write the paper yourself Plagiarism → disqualification (and we will check!)

Seminar graded as 5.0 and reported to the examination office

Summary when and why to cite:

http://oxford.library.emory.edu/research-learning/citation-

plagiarism/citing.html

http://oxford.library.emory.edu/research-learning/citation-plagiarism/citing.html






Improving your presentation skills

You have the chance to get your talk recorded

Have a

look at yourself

after the talk!

Your talk was great?

Share it and show it to

your friends. You fully control the

access! (Initially only you can access it!)


Seminar Deadlines

Dates

Topic Selection (room 03.07.023) today

Pick up literature per mail or personal by advisor until 31.Jan

Advisor meeting (discussion of received literature) – be prepared (MUST)

until 14.Feb

Detailed structure of paper and talk until 7.Mar

Final slides* discussion with advisor

* Slides must be presentable, otherwise -0.3 degree in grading.

until 28.Mar

Upload paper (1. Version) 25. Mar

Upload Reviews 3.Apr

Talks Schedule will be published soon

2. and 3.Apr

Upload paper (2. Version) and final slides 30.Apr

Publication in Proceeding tba.

Deadlines might be shifted

depending on number of participants.


Administrative Things for all Seminars

Responsibilities

Grading

Topic Selection for Seminar Innovative Internet Technologies and Mobile Communications

Content

www.fotoila.de

Challenging Topics!

Sometimes previous knowledge required!


NEPI : Network Experiment Programming Interface

Tool set to run experiments in network testbeds

Automatic experiment deployment

Automatic result collection

Interactive experimentation

Supports use of resources from different testbeds

Your Task:

Get familiar with the mentioned concepts

Find and compare different approaches and

limitations

Point out weaknesses and possible remedies

Get familiar how to setup and use it in every day

life

Network Experimentation with NEPI Matthias


Cartography of the Internet topology

Crucial for understanding BGP, AS routing decisions

Helps diagnose network problems

Identifies bottlenecks and potential

point-of-failures

Your Task:

Get familiar with concepts

of Internet cartography

Find and compare different

approaches in literature

What kind of data do they rely on?

What limitations need to be kept in mind?

Point out weaknesses and possible remedies

Internet Cartography Oliver


Infected hosts need to communicate with C&C server

Bot masters want to avoid blacklisting

Use IP Fast Flux, Domain Generation Algorithms

Idea: Malicious domains have

different characteristics

than ‘benign’ domains

Your Task:

Get familiar with concepts

of C&C communication,

Fast Flux, DGAs

Find and compare different detection approaches in literature [1] [2]

What kind of data do they rely on? Limitations?

[1] Antonakakis et al. “From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware”, Usenix Sec 2012

[2] Frosch et al. “Predentifier: Detecting Botnet C&C Domains From Passive DNS Data”, 2013

Botnet Detection with DNS Monitoring Oliver

Bot

C&C Server

Bot Bot

tqzbozmfqc2qgaa.biz

hzzgzoc2pkagygamfkIgz.cn

d3f41cab4fee9810ba.com


Florian, Daniel

IP-packet processing is a parallelizable task

Why not use the GPU for it?

Goal:

Survey existing techniques works that use the GPU for PC based

packet processing

Compare them!

Where are the drawbacks / benefits? What will change in near future?

Start with:

W.Sun, R.Ricci: “Fast and Flexible: Parallel Packet Processing with GPUs and Click” (ANCS) 2013.

Go on with related work, and own research

Using the GPU for packet processing

In comparison to CPUs a GPU

provides an overall computational

power via a higher number of

specialized cores with moderate

less processing clock pulse.

htt

p:/

/new

s.c

net.

co

m/i/b

to/2

0090401/n

vid

ia-g

pg

pu

-sm

all

.jp

g


Florian, Daniel

Goal:

Survey existing techniques existing in Linux

(i.a. Intel DPDK, Netmap, PF_RING DNA)

Which techniques are in common, where do they differ?

Use OVS DPDK as main example

Interest and knowledge about packet processing in Linux is required

Start with:

Intel dpdk programmers guide, PF-RING UsersGuide, Netmap Documentation. (and papers belonging to each approach)

A Look at Intel‘s Dataplane Development Kit

The Intel Data Plane Development

Kit (Intel DPDK) is a set of data plane

libraries and network interface

controller drivers for fast packet

processing on Intel Architecture (IA)

platforms.

https://0

1.o

rg/p

acket-

pro

cessin

g/inte

l%C

2%

AE

-ovd

k


A Survey of Trends in Fast Packet Processing

Intel DPDK, PF_Ring Direct NIC Access, and Netmap are prominent examples

You may perform comparative measurements in our testbed if you like to

Goal

Survey DNA, Netmap, Intel dpdk and solutions found by own research

Which techniques are in common, where do they differ?

Compare them!

Display future trends that will spread along with the new trends in commodity hardware

features…

Florian, Daniel

Enabled by improvements in commodity

(PC) hardware new implementations allow

for enormous increase of packet

processing performance.


SDN with OpenFlow architecture currently gains high interest

Southbound API is standardized

No standard / state of the art for

the Northbound API

Goal

Briefly (!!) explain the OpenFlow/SDN architecture

How does the process of standardizing a Northbound API differ from standardizing

the Southbound API? Why?

Carve out the requirements for the Nothbound API

Describe and evaluate the Northbound API Pyretic[1]

[1] C.Monsanto, J.Reich, N.Foster, J.Rexford, and D.Walker ”Composing software-defined networks” nsdi'13

Northbound API Requirements for SDN Lukas, Daniel


Internet Science – Security Economics II (Heiko)

Security Engineers often blaim the stupid user.

Now, is this claim correct or are the engineers just getting

something important?

Your task:

Motivate relation economics and security

Present 1-2 claims presented in articles of the

WEIS workshop.

Use other sources to justify and/or question the claims.

(e.g. from behavioural sciences, security papers defying

security economics)

Sources: The Twelfth Workshop on the Economics of Information Security

http://weis2013.econinfosec.org/program.html

Care for

security

Care for

security

Do not

care.

Security,

wtf ???


Internet Science – High Reliability or When Things

Go Wrong and As Things Change Heiko

Banana => healthy.

Banana => accident (unhealthy).

Technology fails when sensors provide data that does not differentiate

between situation A and situation B.

Case study: Friendly fire in military operation.

What went wrong in the incident described by Snook in his book.

Would better technology have helped? What to do if we let IT decide, yet

communication fails?

Why do we have packet loss on the Internet?

How would you see the degration process described at the end in the book

happen in IT systems?


NSA Scandal lots of talk about

Meta Data Privacy

Privacy in big data sets requires that user

blend into a crowd by losing their individual

aspects in the data.

Your Task:

Present the ideas from literature, search for more

Make something homogeneous out of the different sources

What does it really tell? What should we do?

Initial Literature:

[1] de Montjoye, Y.-A., Hidalgo, C.A., Verleysen, M. & Blondel, V.D. Unique in the Crowd: The privacy bounds of human

mobility. Nature srep. 3, 1376; DOI:10.1038/srep01376 (2013).

http://www.nature.com/srep/2013/130325/srep01376/full/srep01376.html

[2] Yves-Alexandre de Montjoye, Jordi Quoidbach, Florent Robic, and Alex (Sandy) Pentland. 2013. Predicting

personality using novel mobile phone-based metrics. In Proceedings of the 6th international conference on Social

Computing, Behavioral-Cultural Modeling and Prediction (SBP'13),

What does my mobile phone leak -

Unique in the Crowd and Predictable Heiko





Smart Buildings are equipped with sensors, actors and automation

systems that, e.g.,

… increase our comfort.

… optimize a building’s energy consumption.

Problem:

Sensor data (power consumption, temperature, luminosity, etc.) might be

abused for the surveillance of employees.

E.g.: Correlate records of time worked and power consumption.

A conflict between technology and law is created.

Your Task:

Perform a study on the legal

situation (use law texts, blogs, etc.).

Perform a study on the state

of the art (scientific papers, etc.).

Present your findings.

Data Privacy Laws vs. Smart Buildings Holger

vs.


Now we want to talk about security properties of Building Networks

Problem:

In a networked building various functions might be accessible via

the network that in turn can be abused. E.g.:

Hack and disable the ventilation of an airport terminal

Based on [1] you will perform a survey targeting

the structure of a building network

the technology used therein, e.g., BACNet [2]

security props of most important base tech, e.g. BACNet

Goal:

Present the results of your survey.

[1] Granzer et. al, Security in networked building automation systems, IEEE, Sept. 2006.

[2] Holmberg, Secure Messaging in BACNet

Survey: Security in Smart Building Networks Holger


Determinism for Ethernet flows in industrial

networks

Motivation

• In order to use Ethernet (and its derivates) in industrial

networks, some guarantees are needed:

• bounded end-to-end latency,

• bounded end-to-end jitter,

• maximum buffer usage.

• Theories have been developed for giving worst-case

behaviors of Ethernet flows. One of them is called

Deterministic Network Calculus.

Your task

• Understand the principles of Network Calculus:

• Network Calculus book from J.-Y. Le Boudec and P. Thiran

• How can it be applied to Ethernet and AFDX?

• What are the limits of the method?

• Apply it to small networks using a Network Calculus

library/tool and verify that a topology meets some

industrial requirements.

Fabien


Alarme in Multi-IDS Umgebungen Nadine, Stephan

Szenario: Viele Alarm-Meldungen überfluten nachfolgende Komponenten

Wichtige Fragen in diesem Zusammenhang:

Wie können Alarme sinnvoll vorverarbeitet werden?

Wie können Alarme priorisiert werden?

Welche Kriterien werden angewandt?

Gibt es spezielle Anforderungen in konkreten Use-Cases?

Aufgabe:

Analyse der Möglichkeiten zur Vorverarbeitung

Fokus auf Priorisierungsmöglichkeiten

Welche Systeme implementieren Priorisierung?

Bestimmung der Vor- und Nachteile

Betrachtung der Probleme (z.B. Informationsverlust?)

Analyse der möglichen Einsatzszenarien

Monitor

Analyse

Policy React

Evaluate


IRS in virtualisierten Umgebungen Nadine, Stephan

Szenario: Reaktionsmaßnahmen nach Detektion eines Angriffs

Wichtige Fragen in diesem Zusammenhang:

Was sind mögliche Aktionen?

Was bietet sich in virtualisierten Umgebungen an?

Welche Herausforderungen/Chancen ergeben sich?

Gibt Implementierungen für automatisierte Responses?

Aufgabe:

Analyse bestehender IRS Systeme

Bestimmung implementierter Responses

Fokus auf VM spezifische Use-Cases (Hidden Traffic, VMI)

Analyse möglicher Probleme bei der Umsetzung

Formate zur Beschreibung eines Responses

Verwendbarkeit der bestehenden Systeme

Monitor

Analyse

Policy ?

Evaluate


How to bootstrap a P2P VPN?

Your Task:

Identify general problems of bootstrapping

Learn information about a network

NAT

…

Survey the existing methods (there is quite a bit of literature)

Analyze real world applicability

Security/privacy implications

Your background knowledge should include:

How do DHTs work?

How does hole punching work?

What is the purpose of STUN/TURN?

Bootstrapping P2P VPN Benjamin, Lukas


Several solutions for network access control exist

IEEE 802.1X

Novel, clean slate network architectures [1]

And Ethernet-compatible architectures [2]

Your Task:

Get familiar with the mentioned

concepts

Find and compare different

approaches in literature

What are the fundamental prerequisites

for the solutions to work?

What limitations need to be kept in mind?

How is abstraction handled?

Point out weaknesses and possible remedies [1] Casado et al. ”SANE: A protection architecture for enterprise networks” USENIX Security 2014

[2] Casado et al. “Ethane: Taking control of the enterprise” ACM SIGCOMM 2007

Fine-Grained Link Layer Access Control Cornelius


Self-Healing in Self-Organizing Networks

Cellular networks are very large and extremely complicated systems

Faults can appear at several functional areas of a complex cellular

network

There is huge number of network elements (i.e., base stations) each

of which can go into a state of degradation

3GPP use cases: self-recovery of network element software, self-

healing of board faults, cell outage detection, cell outage recovery,

cell outage compensation

Tasks & Questions

Explain the abovementioned use cases

Describe how the self-healing process works

Diagnosis and prediction methods?

How is self-healing handled in other networks (e.g. mesh networks)

Tsvetko

Automated solutions required


Choose your Topic

www.fotoila.de


Englisch only Track of the FI Seminar

Who?

Non-German speaking attendee and interested

Regularity:

Minimum of one person not able to do the paper, talk and reviews in German

At least 4 participants

Talk, paper and review in English (obligatory)

All other rules are unchanged

English is still optionally allowed in the normal track!

Why?

Not capable of the German language

Improving English skills

Less mandatory attendance (only at English-Track talks)

Information Session for the Seminar “Future Internet”Information Session for the Seminar...

Documents

Transcript of Information Session for the Seminar “Future Internet”Information Session for the Seminar...