Date of Completion

8-9-2020

Embargo Period

8-9-2020

Keywords

Network Configuration, Software Defined Networking, Optimization, Security, Risk Assessment

Major Advisor

Dr Ben Fuller

Associate Advisor

Dr. Michel Laurent

Associate Advisor

Dr. Amir Herzberg

Field of Study

Computer Science and Engineering

Degree

Doctor of Philosophy

Open Access

Open Access

Abstract

Networks are designed with functionality, security, performance, and cost in mind. Flows should be served while controlling risk due to attackers. Configuration is time intensive and largely static until a major new vulnerability or service requirement forces change. We address this problem with an autonomous framework consisting of Observe, Orient, Decide and Act phases and look to optimization techniques for solutions to the Orient and Decide phases.

Our first solution explores opportunities to improve network Quality of Service by combining a single flow routing solutions with a global multi-flow solution in a hybrid manner. In order to evaluate the quality of our solutions we implement an autonomous framework which generates the routing solution in a software defined network.

We then explore two additional solutions that address both functional and security requirements and explore the trade-off of modeling and implementation choices for this problem. These two solutions innovate in modeling security risk in a way that is amenable to optimization and in the evaluation of the quality of the resulting configurations.

Our framework allows an enterprise to automatically reconfigure their network upon a change in functionality (shift in user demand) or security (publication or patching of a vulnerability). The primary contributions of this work are two-fold: 1) the formulation and integrations of methods to address network Quality of Service and security in an autonomous framework and 2) detailed evaluation of these methods combining both emulation and simulation.

Download
COinS