Automatic and Optimal Configuration of Secure Communications in Virtualized Networks
External reference persons BRINGHENTI DANIELE
Thesis type THEORETICAL/EXPERIMENTAL
Description Network function virtualization (NFV) and Software-Defined Networking (SDN) are two novel networking paradigms that can be used to virtualize and manage networks and security functions. These paradigms introduce several advantages compared to classical approaches, such as the dynamic provisioning of functionality or the implementation of scalable and reliable services (e.g., by adding new instances to support higher request volumes). NFV also allows the deployment of security controls, like firewalls or VPN gateways, as virtualized network functions.
However, currently, the level of security automation and optimization is quite limited with respect to what could be potentially achieved with these new paradigms. For example, currently there is no automatic way to select the security functions and configure them according to a set of user's security requirements (also ensuring that some desired network properties or invariants are always guaranteed) or to dynamically reconfigure the security functions to mitigate a network attack.
The objective of the thesis is to address one of the specific problems related to Security Automation and Optimization in NFV and SDN, and to design and implement techniques and algorithms that extend the existing state of the art in this field, by extending the existing frameworks already developed by the Netgroup (i.e., VEREFOO and VERIGRAPH)
More specifically, the thesis will focus on the Automatic and Optimal Configuration of Secure Communications in Virtualized Networks
Required skills Reti di Calcolatori, Cybersecurity, Programmazione Java
Deadline 05/11/2022 PROPONI LA TUA CANDIDATURA