Changes between Version 35 and Version 36 of GEC22Agenda/EveningDemoSession


Ignore:
Timestamp:
01/31/15 10:57:22 (7 years ago)
Author:
hdempsey@bbn.com
Comment:

text edits

Legend:

Unmodified
Added
Removed
Modified
  • GEC22Agenda/EveningDemoSession

    v35 v36  
    11[[PageOutline]]
    22
    3 = [wiki:GEC22Agenda#ConferenceAgenda GEC 22] Evening Demo Session =
    4 
    5 This is currently a list of all requested demos.  Demo reqeusts are not yet confirmed for GEC22.
     3= [wiki:GEC22Agenda#ConferenceAgenda GENI, US Ignite and Mozilla] Evening Demos =
     4
     5This is currently a list of all requested demos.  Demo requests are not yet confirmed for GEC22.
    66
    77== Location ==
     
    125125==== Experimentation of SDN-Supported Collaborative DDoS Attack Detection and Containment ====
    126126
    127 This demo shows a collaborative monitoring and correlation approach to mitigate the effects of the surge in network traffic of a flooding Denial of Service attack that can cause loss of service for legitimate sites.
    128 
    129 Who should see this demo?
    130 
    131 Attendees interested in Cybersecurity attack detection, and mitigation techniques.
    132 
    133 Software-defined networking (SDN) and OpenFlow offer great support to dynamically adapt a network and to access data on different network layers as needed. Such advantages have been driving recent research efforts to develop new security applications and services. However, most studies on attack detection and containment have not really differentiated their solutions from the traditional ones, without fully taking advantage of the unique capabilities provided by SDN. Moreover, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. We present a novel attack detection and containment approach that is coordinated by distributed network monitors and controllers/correlators centralized on an SDN OpenFlow Virtual Switch (OVS). With different views and information availability, these elements collaboratively detect signature constituents of an attack that possess different characteristics of scale and detail. Therefore, this approach is able to not only quickly issue an alert against potential threats followed by careful verification for high accuracy, but also balance the workload on the OVS. We apply the proposed approach to TCP SYN flood attacks using Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful to our goal toward a systematic methodology of SDN-supported attack detection and containment. First, we have demonstrated through experimentation the scalability of our collaborative scheme. Second, we have studied how the combination of alerts by the monitor and deep packet inspection by the correlator, can increase the speed and accuracy of attack identification. Our experiments, in the context of a small to medium corporate network, have demonstrated the effectiveness and scalability of the SDN-supported detection and containment approach.
     127''This demo uses collaborative monitoring and correlation to mitigate effects of the network traffic surge of a flooding Denial of Service attack that can cause loss of service for legitimate sites.  Visit us to learn more about cybersecurity attack detection and mitigation.''
     128
     129Software-defined networking (SDN) and OpenFlow offer great support to dynamically adapt a network and to access data on different network layers as needed. Such advantages have been driving recent research efforts to develop new security applications and services. However, most studies on attack detection and containment have not really differentiated their solutions from the traditional ones, without fully taking advantage of the unique capabilities provided by SDN. Moreover, even if some of these studies provide interesting visions of what can be achieved, they stop short of presenting realistic application scenarios and experimental results. We present a novel attack detection and containment approach that is coordinated by distributed network monitors and controllers/correlators centralized on an SDN OpenFlow Virtual Switch (OVS). With different views and information availability, these elements collaboratively detect signature constituents of an attack that possess different characteristics of scale and detail. Therefore, this approach is able to not only quickly issue an alert against potential threats followed by careful verification for high accuracy, but also balance the workload on the OVS. We apply the proposed approach to TCP SYN flood attacks using the Global Environment for Network Innovations (GENI). This realistic experimentation has provided us with insightful findings helpful to our goal toward a systematic methodology of SDN-supported attack detection and containment. First, we have demonstrated through experimentation the scalability of our collaborative scheme. Second, we have studied how the combination of alerts by the monitor and deep packet inspection by the correlator, can increase the speed and accuracy of attack identification. Our experiments, in the context of a small to medium corporate network, have demonstrated the effectiveness and scalability of the SDN-supported detection and containment approach.
    134130
    135131Participants:
     
    138134==== O3 Network Orchestrator Suite "ODENOS" ====
    139135
    140 The demo shows network virtualization (with control delegation) over a wide-area network consisting of multiple vendor/admin domains and multiple layers (optical and packet). There will be an increasing demand from OTT providers that would like to use carrier wide area network with fine-grain control. However, creating an SDN controller for a wide-area network is already hard; A typical wide-area network consists of multiple vendor/admin domains and multiple layers (e.g., optical and packet) and you like to have an unified control over them. Creating multiple virtualization slices is even harder. ODENOS allows us to create such an SDN controller easily from building blocks.
     136*''The demo shows network virtualization (with control delegation) over a wide-area network consisting of multiple vendor/admin domains and multiple layers (optical and packet).  Visit us to learn more about building SDN controllers ''
     137
     138There will be an increasing demand from OTT providers that would like to use carrier wide-area networks with fine-grain control. However, creating an SDN controller for a wide-area network is already hard; A typical wide-area network consists of multiple vendor/admin domains and multiple layers (e.g., optical and packet) and providers would like to have unified control over them. Creating multiple virtualization slices is even harder. ODENOS allows us to create such an SDN controller easily from building blocks.
    141139
    142140Participants:
     
    144142
    145143==== Hadoop in a Hybrid Cloud ====
     144*''This demo shows how to prepare a cross-domain Hadoop cluster with virtual machines in GENI.  Visit us to learn how to use this model to manage large data sets.''
    146145
    147146Hadoop is a !MapReduce implementation for processing and generating large data sets.  Combined with the ubiquitous, on-demand, and dynamic resources at low cost from cloud computing, we can build an environment with great potential to process big data. However, using Hadoop on the cloud spends time, requires technical knowledge from users, and, sometimes, the private cloud is not able to allocate all the resources needed. The hybrid cloud is composed of public and private clouds and, when necessary, the resources in the public cloud are used. Therefore, the simultaneous management of private and public domains requires an appropriate model that combines performance with minimal cost. Our proposition is to deploy an architecture to facilitate the orchestration of Hadoop applications in hybrid clouds. The core of the model consists of a submission web portal, an orchestration engine, and an execution services factory. These components will orchestrate the creation of virtual machines for the Hadoop clusters in the private cloud. Through these components it is possible to automate the preparation of a cross-domain cluster, and, when it is needed, to allocate virtual machines at the GENI platform, and make it useful for the cloud users.