Date of Completion
Network Configuration, Software Defined Networking, Optimization, Security, Risk Assessment
Dr Ben Fuller
Dr. Michel Laurent
Dr. Amir Herzberg
Field of Study
Computer Science and Engineering
Doctor of Philosophy
Networks are designed with functionality, security, performance, and cost in mind. Flows should be served while controlling risk due to attackers. Configuration is time intensive and largely static until a major new vulnerability or service requirement forces change. We address this problem with an autonomous framework consisting of Observe, Orient, Decide and Act phases and look to optimization techniques for solutions to the Orient and Decide phases.
Our first solution explores opportunities to improve network Quality of Service by combining a single flow routing solutions with a global multi-flow solution in a hybrid manner. In order to evaluate the quality of our solutions we implement an autonomous framework which generates the routing solution in a software defined network.
We then explore two additional solutions that address both functional and security requirements and explore the trade-off of modeling and implementation choices for this problem. These two solutions innovate in modeling security risk in a way that is amenable to optimization and in the evaluation of the quality of the resulting configurations.
Our framework allows an enterprise to automatically reconfigure their network upon a change in functionality (shift in user demand) or security (publication or patching of a vulnerability). The primary contributions of this work are two-fold: 1) the formulation and integrations of methods to address network Quality of Service and security in an autonomous framework and 2) detailed evaluation of these methods combining both emulation and simulation.
Callahan, Devon, "Dynamic Network Configurations for Functionality and Security" (2020). Doctoral Dissertations. 2627.