home

SARNET: Security Autonomous Response with programmable NETworks.

http://sne.science.uva.nl/ http://uva.nl/







Introduction:

In RFC1958 "Architectural principles of the Internet", Brian Carpenter states that : Endpoints should not depend on the confidentiality or integrity of the carriers. Carriers may choose to provide some level of protection, but this is secondary to the primary responsibility of the end users to protect themselves. Several cyber-security incidents showed that end users are not always able to implement the stated responsibility. Also, end-user availability is increasingly being affected by cyber attacks such as (D)DoS attacks. All such events justify the question if the statement regarding the expected protection of carriers, should be revisited, in particular when answering the question what it means to allow carriers to provide some level of protection. As the Internet is constructed using many infrastructures from different carriers, finding answers to such a question is not trivial. Important research question would be:
  • What incentives would drive the need to have carriers collaborate to provide protection?
    If such need can be identified, important sub-questions are:
    • What is needed to have carriers and end user networks collaborate?
    • How can carriers and end user networks trust each other when detecting incidents and providing protective responses in an automated way?
  • What are the best defence tactics given the policies, motivations, costs, benefits of the carriers and the observations and capabilities of the infrastructure?
  • How can Software Defined Networks and enhanced observation techniques help to mitigate attacks in a distributed setting?

Questions are part of a Dutch research project, headed by University of Amsterdam involving TNO, Ciena and Air France - KLM, called "Security Autonomous Response NETwork" (SARNET). This project investigates how detection and protection concepts, using SDN / NFV based technologies, can provide autonomous protection against various types of cyber attacks. Part of this research considers what it would need to organize a SARNET as an alliance of collaborating carrier and end user networks. This working meeting will present and discuss the SARNET concepts and will subsequently focus on the question how to organize a SARNET Alliance, where participating community partners form a Service Provider Group creating the necessary trust enabling collaboration [3]. The project consists of two subprojects:
  • Security Autonomous Response with programmable NETworks.
    • Investigates questions on best ways to provide autonomous responses to cyber-security threats by automated security state monitoring using software defined, virtualized detection & defense mechanisms.
    • [2 PhD students, collaboration: Air France KLM, CIENA, TNO, UvA]
  • Creating a SARNET Alliance
    • Investigates questions on how to organize SARNET functionalities across multiple Service Provider- and Enterprise Networks, where each participant must trust other participants to correctly detect and mitigate cyber threats, whilst authorizing each other to be involved. [1 PhD student, collaboration: Air France – KLM, COMMIT, UvA CS + Legal faculty]

Structure of the project:

Project Structure


Status


Lab Environment

FieldLab - KLM - SURFnet - UvA first light Feb 2, 2017 DTN @ KLM enabled by CIENA photonics OpenLab @ UvA CIENA 8700 & photonics



References:

  1. Leon Gommans, John Vollbrecht, Betty Gommans - de Bruijn, Cees de Laat, "The Service Provider Group Framework; A framework for arranging trust and power to facilitate authorization of network services.", Future Generation Computer Systems, (Accepted paper), June 2014
  2. Leon Gommans, "Multi-Domain Authorization for e-Infrastructures", UvA, Dec 2014.
  3. Internet2 2012 session: "Trust Framework for Multi-Domain Authorization".
    • speakers: Leon Gommans , John Vollbrecht, chair:  Cees de Laat.

Outcome:


2017-04-25 Session organized by Cees de Laat (chair), Rodney Wilson and Leon Gommans at Internet2 Summit, Washington, April 25 2017; "Distributed Big Data Assets Sharing & Processing."

2017-04-10 Paper: Ralph Koning, Nick Buraglio, Cees de Laat, Paola Grosso, "CoreFlow: Enriching Bro security events using network traffic monitoring data.", Special section on high-performance networking for distributed data-intensive science, SC16", Future Generation Computer Systems, <accepted for publication>

2017-03-22 Poster @ ICT.OPEN: Ralph Koning, Ben de Graaff, Robert Meijer, Cees de Laat, Paola Grosso, "Determining the effectiveness of countermeasures against cyber attacks."
Won best poster presentation award!

2017-03-21 Invited talk: OSA Optical Fiber Communication Conference and Exposition, 19-23 March 2017, Los Angeles, California, session 16:30–18:30, Room 406AB, Tu3E • Networks Operating in Challenging Environment: "Enabling E-Science Applications with Dynamic Optical Networks: Secure Autonomous Response Networks."

2017-03-21
Paper: R. Koning, A. Deljoo, S. Trajanovski, B. de Graaff, P. Grosso, L. Gommans, T. van Engers, F. Fransen, R. Meijer, R. Wilson, and C. de Laat, "Enabling E-Science Applications with Dynamic Optical Networks: Secure Autonomous Response Networks",  OSA Optical Fiber Communication Conference and Exposition, 19-23 March 2017, Los Angeles, California.

2017-02-24 Report from NWO/STW Workshop “ICT with Industry 2016” Lorenz Centre Leiden, Nov. 7-11th 2016; Prof. dr. Tom M. van Engers (UvA), Prof. dr. Robert Meijer (UvA, TNO), Dr. ing. Leon Gommans (Air France KLM Group ICT Technology Office R&D, UvA), Dr. Kees Nieuwenhuis (Thales Nederland B.V., CTO Office), "Trusted Big Data Sharing for Aircraft MRO using a Secure Digital Market Place mechanism."

2017-02-23 Presentation by Cees de Laat at On*Vector workshop, UCSD, San Diego, Feb 22-23, 2017, "Smart and Secure Cyber Infrastructure."

2017-02-22 Presentation: Leon Gommans: "Trusted Sharing of Big Data Assets in Cooperative Working Groups", On*Vector workshop, UCSD, San Diego, Feb 22-23, 2017.

2017-02-21 Presentation: Leon Gommans: "Trusted Sharing of Big Data Assets in Cooperative Working Groups", Pacific Research Platform workshop, UCSD, San Diego, Feb 21, 2017.

2017-02-05
Presentation: Tom van Engers: "What is Going on: Utility-based Plan Selection in BDI Agents", KnowProS 2017 workshop, AAAI-17, San Francisco feb 5, 2017.

2017-02-05
Paper: Ameneh Deljoo, Tom van Engers, Leon Gommans and Cees de Laat, "What is Going on: Utility-based Plan Selection in BDI Agents", KnowProS 2017 workshop, AAAI-17, San Francisco feb 5, 2017.

2016-12-14
Poster @ JURIX 2016, 14-16 december 2016, Nice: Robert van Doesburg  and Tom van Engers, "Perspectives on the Formal Representation of the Interpretation of Norms".

2016-12-08 DoE workshop on Smart High-Performance Networks – Towards a New Generation of Intelligent Networking Infrastructure for Distributed Science Environment, Rockville MD, USA, Keynote by Cees de Laat: "Smart Networks and Smart Applications; where we are today, role of SDN, emphasis on cross discipline integration."

2016-11-14 Presentation at Dutch Research Consortium booth by Leon Gommans: Leon Gommans, Ameneh Deljoo, Ralph Koning, Ben de Graaff, Tristan Suerink, Gerben van Malenstein, Axel Berg, Erik Huizer, Rob Meijer, Tom van Engers, Cees de Laat, "Trusted Big Data Sharing; Researching alliances and infrastructure models across multiple autonomous organizations".

2016-11-14 SC16 poster: Ameneh Deljoo, Leon Gommans, Ralph Koning, Tom van Engers (UvA), Cees de Laat, "Simulating a SARNET Alliance Using ABM".

2016-11-14 SC16 poster: Ralph Koning, Ben de Graaff, Paola Grosso, Robert Meijer, Cees de Laat. "Autonomous mitigation of Cyber Attacks".

2016-11-14 SC16 poster: Ralph Koning, Ameneh Deljoo, Robert Meijer, Leon Gommans, Tom van Engers, Rodney Wilson, Cees de Laat, "SARNET - Secure Autonomous Response Networks".

2016-11-14 SC16 poster: Leon Gommans, Ameneh Deljoo, Ralph Koning, Ben de Graaff, Tristan Suerink, Paola Grosso, Gerben van Malenstein, Axel Berg, Erik Huizer, Rob Meijer, Tom van Engers, Cees de Laat, "Trusted Multidomain Big Data Sharing using HPCN Researching the value of future Internet capabilities".

2016-11-14 SC16 demo: SARNET Autonomous Mitigation of Cyber Attacks.

2016-11-13 Paper: Ralph Koning, Nick Buraglio, Cees de Laat, Paola Grosso, "CoreFlow: Enriching Bro security events using network traffic monitoring data", SC16 Salt Lake City, INDIS workshop, Nov 13, 2016.

2016-11-13 Presentation at SC16 Salt Lake City, INDIS workshop by Ralph Koning: "CoreFlow Enriching Bro security events using network traffic monitoring data".

2016-10-05 KLM-Amsterdam, SARNET workshop: "Autonomous Management of Cyber Threats and Attacks."

2016-10-04 Presentation at NWO stakeholdermeeting for Big Data in logistics ", Utrecht, Leon Gommans: "Value of Future Internet capabilities: Multi-domain (Big-) Data Sharing Models".

2016-10-03 Presentation at "Data & City", City Hall, Amsterdam, Leon Gommans: "Value of Future Internet capabilities: Multi-domain Big Data Sharing Models".

2016-09-20 Presentation at "Complexity and Law workshop" at CCS16 Ameneh Deljoo, Tom van Engers, Leon Gommans, Cees de Laat, "Regulating Complex Adaptive Systems: Towards a Computational Model for Simulating the Effects of Rules".

2016-09-19 Short paper: Ameneh Deljoo, Tom van Engers, Leon Gommans, Cees de Laat, "Regulating Complex Adaptive Systems: Towards a Computational Model for Simulating the Effects of Rules", short paper to "Complexity and Law workshop" at CCS16 (The Conference on Complex Systems 2016), see http://www.ccs2016.org/.

2016-06-13 Presentation at KLM and Poalo Alto Network company: Ameneh Deljoo, "SARNET Alliance".

2016-06-10 Paper: Ralph Koning, Ben de Graaff, Cees de Laat, Robert Meijer, Paola Grosso, "Analysis of Software Defined Networking defences against Distributed Denial of Service attacks", The IEEE International Workshop on Security in Virtualized Networks (Sec-VirtNet 2016) at the 2nd IEEE International Conference on Network Softwarization (NetSoft 2016), Seoul Korea, June 10, 2016.

2016-06-10 Presentation at Sec-VirtNet at NetSoft, June 10 2016, Seoul: Ralph Koning, Ben de Graaff, Cees de Laat, Robert Meijer, Paola Grosso, "Interactive Analysis of SDN-driven defence against Distributed Denial of Service attacks".

2016-04-22 Presentation at NWO workshop “Big Data Small World” on April 22, 2016 in the Amsterdam ArenA: Leon Gommans, "Organizing Trust to enable Big Data Sharing".

2016-04-15 Presentation at ADS Coffee and Data Event at the VU on April 15, 2016: Leon Gommans, "Smart Industry Future Internet: The Fieldlab approach to explore its value".

2016-02-24 Poster at the 8th International Conference on Agents and Artificial Intelligence ICAART 2016: Ameneh Deljoo, Leon Gommans, Tom van Engers, Cees de Laat, "An Agent-Based Framework for Multi-Domain service networks: Eduroam case study".

2016-02-24 Paper: Ameneh Deljoo, Leon Gommans, Tom van Engers, Cees de Laat, "An Agent-Based Framework for Multi-Domain service networks: Eduroam case study", In Proceedings of the 8th International Conference on Agents and Artificial Intelligence ICAART 2016 - Volume 1, pages 275-280.

2016-02-24
ICT.Open Poster: Ameneh Deljoo, Leon Gommans, Tom van Engers, Cees de Laat, "An Agent-Based Framework for Multi-Domain service networks: Eduroam case study".

2016-02-04 Position paper at NSF Workshop on Software-defined Infrastructure and Software-defined Exchanges, Feb 4-5, Washington DC: Ameneh Deljoo, Leon Gommans, Cees de Laat, "The Service Provider Group Framework.".

2016-01-27 Position paper at NSF workshop on Applications and Services in the year 2021, Jan 27-27, Washington DC: Ameneh Deljoo, Leon Gommans, Cees de Laat, "The Service Provider Group Framework.".

2016-01-14
Presentation at KLM and CGI: Ameneh Deljoo, "Creating a SARNET Alliance by applying the Service Provider Group Framework and using the Ciena/GENI testbed".

2015-11-16 SC15 Poster: Ralph Koning, Ameneh Deljoo, Robert Meijer, Leon Gommans, Tom van Engers, Rodney Wilson, Cees de Laat, "SARNET Secure Autonomous Response Networks".

2015-11-16 SC15 Poster: Ralph Koning, Ben de Graaff, Paola Grosso, Robert Meijer, Cees de Laat, "Interactive Analysis of Cyber Defence Mechanisms Against DDoS Attacks".

2015-11-16
SC15 demo: SARNET Interactive touchtable SDN demonstration: https://sarnet.uvalight.net

2015-12-11
CineGrid 2015 workshop, UCSD, Qualcomm Institute, San Diego: "SARNET: Security Autonomous Response with programmable NETworks."

2015-10-16 Presentation at Pacific Research Platform (PRP) workshop, UCSD, Qualcomm Institute, San Diego: Leon Gommans, "Researching Future Networking".

2015-10-15
Presentation at Pacific Research Platform (PRP) workshop, UCSD, Qualcomm Institute, San Diego: Cees de Laat, "SARNET: Security Autonomous Response with programmable NETworks."

2015-08-01 Presentation by dr. Leon Gommans at KLM kennis session, "Applying the Service Provider Group Framework to Future Inter-Networking".

2015-08-01
Presentation at KLM, Amsterdam (NL), knowledge session SARNET: Cees de Laat, "Smart Cyber Infrastructure for Big Data Processing."

2015-07-01 Interview door Leendert van der Ent met Leon Gommans, Cees de Laat in IPN I/O Magazine juni 2015, "Het netwerk als zwaarddanser".

2015-04-29 Session at I2 Global summit, Washington, chaired by Cees de Laat: "Creating a SARNET Alliance".

2015-02-01 Paper: Leon Gommans, John Vollbrecht, Betty Gommans - de Bruijn, Cees de Laat, "The Service Provider Group Framework; A framework for arranging trust and power to facilitate authorization of network services.", Future Generation Computer Systems, Vol.45, pp 176-192, Mar 2015.
_ __________