information session for master seminar „future internet“ · 2013-02-25 · final slides*...
TRANSCRIPT
Network Architectures and ServicesDepartment Computer Science
Technische Universität München
Information Session for
Master Seminar
„Future Internet“
Prof. Dr.-Ing. Georg Carle and Staff
Organisation: Raumer, Schwaighofer, Schmitt
Seminar Future Internet 2
Administrative Things for all Seminars
Responsibilities
Grading
Today: Topic Selection for Seminar Future Internet
www.fotoila.de
Seminar Future Internet 3
Administrative Things for all Seminars
Responsibilities
Grading
Today: Topic Selection for SeminarFuture Internet
www.fotoila.de
Seminar Future Internet 4
Responsibilities Seminars
Organisation: Prof. Dr.-Ing. Carle, t.b.a.
Appointments:
Formality:
Main Language: German
Diplom: 2 SWS
B.Sc./ M.Sc: 4 ECTS
Attendance list exists
Each participant will be session chair for one talk (moderation, discussion leader, min. 1 question concerning the talk)
Successfull attendance (Talk, Paper, Review)
Using department templates on our homepage
Registration via Seminar homepage
http://www.net.in.tum.de/de/lehre/
Seminar FI: ~ 12 Slots
11.-12.04.2013, 8-18 p.m.
in room 03.07.023
Seminar IITM: ~ 16 Slots
Topic Selection 19.04.2013,
Fridays 14:00-16:00 p.m.
in room 03.07.023
Seminar Future Internet 5
Material
See homepage: http://www.net.in.tum.de/de/lehre/
Slides:
Talk: How to write a scientific paper?
Talk: How to write a review?
Talk: How to give feedback?
Example:
1st paper version Advisor review 2nd paper version
Questions: Send them to advisor first before inquiring
organization
Advisors offer the opportunity of test talks (dry runs)
Seminar Future Internet 6
Hints for Topic Handling
Attention:
From your advisor(s) you may receive some literature.
Starting from this you have to do research for papers on your own.
Make scholar.google.com /acm.org /ieee.org your friend! (and
your source’s sources…)
With all topics the task is especially not taking the literature
given and presenting it.
You fill the topic with life. Your goal: make it interesting for you,
me, and the other participants (your audience!)
Seminar Future Internet 7
Grading for the seminars – Guidelines
Grading parts:
1. Personal meeting with advisor is compulsory!
2. Both of your paper submissions (6–8 pages in ACM) (50%)
• 1st Version (75%) Peer review process
2nd version (final) for publication (25%)
3. Your talk (20–25min, following discussion and feedback) (25%)
• Content counts; personal presentation style is not counted
4. Your review of papers from other seminar participants (25%)
Further things to consider:
Attendance at all appointments is compulsory
Observance of deadlines (upload form on homepage)
Write the paper yourself! (plagiarism checks in every upload!)
Session chair for one talk
Plagiarism = DISQUALIFICATION.
Missing deadlines = per day 0.3 degrading (each time)
No submission = grade 5 for the concerning part
Seminar Future Internet 8
You have the chance to get your talk recorded
Seminar goals:
…, …, …, Improving your presentation skills.
They said I did this and
that… no way!
• Have a
look at yourself
after the talk!
Your talk was great? Now
you have the chance to
show it to your friends.
Want to know something about a topic that was already in the
seminar? Watch your fellow students explaining the topic
Seminar Future Internet 9
Seminar Future Internet 10
Administrative Things for all Seminars
Today: Topic Selection for Seminar
Future Internet
Seminar Future Internet
Challenging Topics!
Sometimes previousknowledge required!
www.fotoila.de
Seminar Future Internet 11
Deadlines Seminar FI
Dates
Topic Selection (room 03.07.023) today
Pick up literature per mail or personal by advisor Until 01.02.2013
Advisor meeting to group topic (discussion of received literature – be prepared (MUST)
Until 15.02.2013
Detailed structure of paper and talk Until 08.03.2013
Final slides* discussion with advisor
* Slides must be presentable, otherwise -0.3 degree in grading. They can be modified until
final talk.
Until 04.04.2013
Upload paper (1. Version) 26.03.2013
Upload Reviews 09.04.2013
TalksSchedule comes soon
11.04.2013-
12.04.2013
Upload paper (2. Version) and final slides 30.04.2013
Publication in Proceeding t.b.a.
Deadline might be shifted
depending on number of participants.
Seminar Future Internet 12
Honeypot-Architectures using VMI Techniques
The honeypot has emerged as an effective tool to provide insights
into new attacks and current exploitation trends.
Though effective, a single honeypot or multiple independently
operated honeypots only provide a limited local view of network
attacks.
Problem: coordinated honeypot deployment and operation require
close and consistent collaboration across participating network
domains
Approach: Using VMI Techniques
Your Task: Analyse and compare VMScope and Collapsar. Get an
insight into honeypot usage in general and compare it with VMI
based solutions. What is improved? Are there new problems and
issues?
It would be helpful to have some basic knowledge about
VMs, Virtual Machine Introspection and anomaly detection.
Nadine, Stephan P.
Seminar Future Internet 13
Protect Guest Kernel Integrity and monitor Guest Kernel
Behavior
Virtualization can be used to improve security, because an
additional layer is inserted between hardware and OS.
Focus in this work: Kernel Integrity and Control Flow Integrity of
the Guest OS
Your Task: Analyse and compare SIM, NICKLE, HookSafe and
VMWatcher. What is most suitable in certain circumstances? What
goals they have? What is protected?
It would be helpful to have some basic knowledge about
VMs, Virtual Machine Introspection and kernel internals.
Nadine, Stephan P.
Guest Application
Guest Application
Guest Application
Guest OS
VMM
Host Hardware
Guest Application
Guest Application
Guest Application
Guest OS
VMM
Host OS
Host Hardware
Seminar Future Internet 14
Internet Science 1 – Dependability, Resilience,
Terms and Concepts (Heiko)
Critical Infrastructure needs to be
safe and secure.
There are some terms to understand:
Safety vs Security
Dependability
Resilience
Concept
The basic idea is redundancy.
How does redundancy look like in
Network
Server
Access Point
A Travel
…
Seminar Future Internet 15
Internet Science 2 – Impact of social behavior for
critical infrastructure resilience (Heiko)
Computer Science solutions often
forget the surroundings
And the most important ingridient:
the Human
Goal
Better understand human element
Aspects
Social Risk Amplification
Intentions
Processes
Socio-economic incentives
Seminar Future Internet 16
Internet Science 3 – Virtualization as tool for network
resilience (Heiko)
Virtualization makes the position of a running service from a phyiscal
location
How can we profit from this for resilience?
Multiple server instances
Move server away from attacker
More difficult than you may think
Seminar Future Internet 17
Internet Science 4 – Cyber Attacks against Critical
Infrastructures (e.g. Smart Power Grid)
Critical Infrastructures never fail! …. well sometimes they do!
Look at REAL (and academic) cases of attack or failure
What happened?
What went wrong?
How do these networks defend?
What could they do?
Resilience (graph theory), security (network protection, crypto, protocols)
Heiko
Seminar Future Internet 18
DHT-based multicastBart
Seminar Future Internet 19
Multicast Key ManagementBart
Seminar Future Internet 20
Anonymity: Formalisation of Privacy – Ralph
Anonymity is (practically) never
perfect
Classic papers:
k-anonymity
l-diversity
Formalisations give
boundaries
Your task:
You get starting directions
Research using above starting points
Clear, concise and comprehensive overview
Think of practical applications and potential failures
Prerequisites: Willingness to learn and maths
(This topic can be split into 2)
Seminar Future Internet 21
TCP internals
Proposed changes to update TCP:
Handshake
TCP Fast Open: accelerated content transmission using the handshake
Initial congestion window
Implications of increasing init_cwnd
Sources: Papers, RFCs, TCP implementation in the Linux kernel
Your task:
Compare
Identify impediments to deployment, security analysis
How useful is it?
You should know about:
Socket programming in C or kernel programming
Inner workings of TCP, slow start, fast retransmit, syn cookies…
Benjamin, Lukas
Seminar Future Internet 22
Solutions to Bufferbloat
Bufferbloat is a common problem
Bittorrent is innocent
Your ISP doesn’t care anyway
Try it at home
Saturate your upload bandwidth
Watch the round-trip-times (e.g. using ICMP) to your favorite website
increase (typically to a value much larger than 100ms)
Your tasks:
Familiarize yourself with Bufferbloat
Implications for TCP’s congestion avoidance
Understand proposed solutions
Tuning buffer sizes
Active queue management
Random Early Detection (RED, 1993)
Controlled Delay (CoDel, 2012)
If you can, try it yourself (using your Linux-based router)
Write a (good!) paper
Lukas, Benjamin
Seminar Future Internet 23
How modern NICs speed up Packet-Processing
Performance of PC-Systems
Basic behavior of a Network Card:
1. triggers an interrupt when a packet is received
2. transmits the packet to the main memory
3. CPU processes various information in the main memory
There is a need for
…avoidance of interrupts
…offload of work to the NICs
partly requires support by drivers and OS
Goal
Provide an overview to existing techniques;
Select some relevant/innovative, describe and analyze them
Requires reading of technical descriptions of NIC‘s !!!!1einself
Wohlfart, Raumer
Seminar Future Internet 24
Standardizing Network Management
Network management is a complex task. The lack of standards
leads to
…various CLI-scripts
…different non-compatible, proprietary software
…higher costs and more complex systems
…high entry barriers for new vendors
…
The Network Configuration Protocol (NETCONF),
is a network management protocol standardized by the IETF
Goal
Why NETCONF?
What is NETCONF?
How does it cooperate with YANG
Evaluation (in context of trends and currently hyped SDN architectures)
Raumer, Wohlfart
Seminar Future Internet 25
SDN with OpenFlow architecture currently gains high interest
Southbound API is standardized
No standard / state of the art for
the Northbound API
Explain the OpenFlow/SDN architecture
Goal
Explain the OpenFlow architecture
How does the process of standardizing a Northbound API differ from standardizing the
Southbound API? Why?
Have a look at SDN controllers (i.e. NOX/POX and Floodlight) and their Northbound APIs
What are their differences?
Explain candidates and approaches for Northbound APIs
(optional combined with a look at the East-/Westbound API)
Requires fun in reading technical blogs, and a critical eye
Completing SDN – The Northbound APIRaumer, Wohlfart
Seminar Future Internet 26
Network Simulation and its LimitationsWohlfart, Raumer
Compute the behavior of a network using a mathematical model
Estimate various parameters:
Throughput, delay, packet loss, etc…
Make it possible to make statements about a system, that does
not (yet) exist
E.g. analyze the large-scale behavior of new network protocols
Goal
Give an overview of network simulation
Where is it used?
What models do exist? What are their limitations?
Describe the NS3 network simulator
Technical implementation
Simulation model
Seminar Future Internet 27
VMI-IDS
Host-based IDS resides inside the monitored host
Deep view into the monitored system
Disadvantage: Low resistance against attacks, e.g.
by malware
Possible solution: Use of virtualization
Isolation between IDS and monitored system
Monitoring can be done using Virtual Machine
Introspection
How does VMI work?
Which VMI-IDS are available?
Malware detection methods?
Classification?
Simon
Seminar Future Internet 28
Linux Rootkits
Rootkits offer data hiding techniques in context of operating
systems and allow to reobtain privileged access
Especially malware uses this technique
Hide running processes, loaded modules, files,
network ports, …
Provide root access without authentication
Different mechanisms: User mode and kernel mode
rootkits
How do rootkits work?
Focus on Linux kernel mode rootkits
Simple demonstration
Possible detection mechanisms
Simon
Seminar Future Internet 29
Evolution of Cellular Networks
From GSM to LTE-Advanced
Tasks & Questions
Describe the different Radio Access Networks (RAN)
GERAN, UTRAN, E-URAN
Describe the evolution of the core network: 2G/3G Core vs. EPC
Reachable data rates, channel access methods
3GPP inter-working system system architecture
How does the handover procedure work (e.g. inter-RAT)?
Tsvetko
Seminar Future Internet 30
LTE Self-Organizing Networks (SON)
High complexity of mobile
communication systems
Planning and optimization tools
supervised by human operators are
time-consuming
error prone and expensive
require high degree of expertise
Introduction to SON-Enabled Systems
Tasks & Questions
What is a SON-Function?
Distinguish between self-optimization, -healing and –configuration
Introduce some key SON functions (e.g. MRO, COD, CDC, CCO)
Possible SON Conflicts?
Tsvetko
Seminar Future Internet 31
Administrative Things for all
Seminars
Today: Topic Selection for
Seminar Future Internet
Challenging Topics!
Sometimes previousknowledge required!
www.fotoila.de
Seminar Future Internet 32
Topic assignment (I)
Speaker Title Advisor(s)
Hr. M. Köpferl Internet Science 1 – Dependability, Resilience, Terms and Concepts
Heiko
Hr. R. Milzarek Internet Science 2 – Impact of socialbehavior for critical infrastructureresilience
Heiko
Hr. D. Hoyos Internet Science 3 – Virtualization as tool for network resilience
Heiko
Hr. M. Grimm Internet Science 4 – Cyber Attacks against Critical Infrastructures
Heiko
Hr. S. Floeren Honeypot-Architectures using VMI Techniques
Nadine, Stephan P.
Protect Guest Kernel Integrity and Monitor Guest Kernel Behavior
Nadine, Stephan P.
Hr. J. Maier,
Hr. M. Kern
Anonymity: Formalisation of Privacy Ralph
Hr. B. Engeser VMI-IDS Simon
Seminar Future Internet 33
Topic assignment (II)
Speaker Title Advisor(s)
Hr. C. Paul Linux Rootkits Simon, Lothar
Hr. C. Dietz DHT-based Multicast Bart
Multicast Key Management Bart
Hr. S. Scheibner TCP Internals Benjamin, Lukas
Hr. V. Jacht Solutions to Bufferbloat Lukas, Benjamin
Hr. R. Schoenberger
How modern NICs speed up Packet-
Processing Performance of PC-
Systems
Wohlfart, Raumer
Hr. S. Rampfl Network Simulation and ist Limitations Wohlfart, Raumer
Hr. L. Stehnken Evolution of Cellular Networks Tsvetko
LTE Self-Organizing Networks (SON) Tsvetko
Standardizing Network Management Raumer, Wohlfart
Completing SDN – The Northbound
API
Raumer, Wohlfart