ResiliNets

Distributed Denial of Service (DDoS) attacks are a major security and resilience issues in networking at present. They compromise a large number of systems in order to exhaust a specific resource and are typically dealt with by traffic filtering at the bottleneck or in the network. However, all existing reaction techniques either cause high collateral damage (bottleneck resource management) or they are unlikely to be deployed unless legally enforced (source end reaction). On the other hand, flash events resulting from the increased popularity of specific content can be adequately ceased by ensuring the fast content duplication to geographically distant locations. This is also relevant considering batch-mode P2P-like systems where servers do not necessarily reside behind over-provisioned topologies, and bursty requests can persist for long timescales. Although today’s known P2P systems build their own incentives for fast content propagation, having two layers taking control over routing (network and application) does not improve topology congruence and causes traffic oscillations. Moreover, upcoming and future services that will use overlay paradigms for propagation of media content over congestion unfriendly transports can cause serious resource starvation, albeit their operation will be legitimate. Resilience has therefore emerged as an essential property for future networked systems that embraces the notions of service assurance, predictability and graceful degradation at the onset of operational challenges, either legitimate or malicious. The overall measurable objective of resilient systems is high availability, which can be assured by a combination of proactive and reactive mechanisms that are either triggered by external stimuli or by the network’s suboptimal operation.

Anticipated novelty from theme outputs

We propose to design a distributed measurement and control system to detect the onset and remediate the effects of abnormal network behaviour. We will investigate the potential of cross-layer synergy between the application and the network layers, and the correlation of temporal performance metrics at different points in the network (routers, hosts) to provide for fast detection and recovery. The detection mechanism will be based on the real-time analysis of traffic arrival rate at different points in the network and the way this is aggregated towards the target(s), using control-theoretic approaches. We will also develop appropriate remediation strategies for different classes of anomalies detected. We will study the impact of efficient information exchange between the infrastructure and the application layers, and the combination of local and remote control enforcement for fast remediation. Overall, the project will produce an automated network management system that will enhance the self-optimisation and resilience properties of network-wide topologies. It will therefore contribute in reducing the operational day-to-day management costs by minimising the need for human involvement and static network configuration. Consequently, energy efficiency will be enhanced by reducing the consumed number of kilowatt hours (kWh)s, and therefore the fraction of CO2 emissions that corresponds to ICT. We will also target the design one prototypical demonstrator and test environment for resilience monitoring.

Anticipated impact from theme on society (UK and India)

The proposed research has the potential to have a significant impact on the future of protecting NG networks from the ever increasing threats posed by malicious attacks and also system malfunction. The work is directly linked to research on automated malware analysis tools and global co-ordination for attack detection proposed as part of the industry collaboration within IU-ATC (specifically with British Telecom) but this will have direct relevance to Indian Telecomms partners. In order to be future proof, aspects related to the energy efficiency requirements of NG network management also have to be considered. More specifically, the work is timely since the development of NG networks is embracing active monitoring as an essential property of the systems. Particularly compelling within the proposed research is the fact that it takes a cross-layer approach and also links into the more traditional security domain as well as the relatively new domain of Energy Aware Network Management from Theme 6. Thus, the potential impact of the proposed research on protecting and better utilising NG networks within advanced as well as developing societies is exceptionally high. Its results will facilitate the development and implementation of resilience architectures as part of NG networks, and will allow the creation of a specific monitoring infrastructure that autonomously interacts with other components of the network. Therefore the research theme represents on of the cornerstones that are required to develop the Information Society further in a secure and robust manner. We also intend to make contributions to the research community and society via EU policies, particularly to the Future and Emerging Technologies Unit, and the Future Internet Research and Experimentation unit of the Information Society Directorate. We will also feed into UK /Indian government policies via the DC-KTN, DST, OFCOM and Telecom Regulatorary Authority of India (TRAI).

Anticipated impact and relevance to the digital economy (India and UK industry and govt)

The proposed research is relevant to a wide range of beneficiaries including different areas of industry and public bodies. The project will benefit the advancement of NG networks, Autonomic Network Architectures, Network Resilience and Network Security, which are the building blocks of a secure and resilient communication environment for the digital economy. It will contribute to wealth creation and quality of life, and to the overall digital economy since it will provide the vital system protection that upcoming digital services need to operate in. The resilience aspect is tackled with a view on how to provide this autonomously in order to allow the system to react and evolve in the face of new challenges. Without a well-functioning resilience and security architecture for Next Generation networks, the overlying services and applications face the constant threat of system failure or catastrophic attacks. Thus, beneficiaries are all who will operate services and applications over NG networks within the digital economy. The benefits will be of immediate effect to an emerging economy such as India, where the adoption of NG networks as the underlying carrier for the digital economy is expected to be fast.