This workshop is dedicated to Cybersecurity, with a focus on SDN and NFV security. The purpose of this workshop is to bring together a group of researchers working in this domain to share their experiences, lessons learned, and insights, and to explore together the future directions, challenges, and potential collaborations.
This workshop will be hosted by NEPS(NEtwork Performance and Security) team of IMT Lille Douai (Villeneuve d'Ascq campus), on 10 April 2018. Below please find more details about the speakers and schedule.
The registration is free. However, please drop a message to firstname.lastname@example.org for registering your attendance in advance.
This seminar will take place at: Amphi Moorse, IMT Lille Douai, 20 Rue Guglielmo Marconi, 59650, Villeneuve-d'Ascq, France
10:00-10:30 Secure network slices, paths and functions
Gregory Blanc @Github
Gregory Blanc is an assistant professor at Télécom SudParis (TSP), member of the network department and the cybersecurity team in the CNRS SAMOVAR laboratory. Before joining , he was a doctoral candidate at NAIST, Japan and was the leader of the Web 2.0 application security WG at WIDE project. His research interests have since encompassed a wide spectrum of cybersecurity related topics, including access control, network malware detection, risk assessment, DDoS mitigation, phishing detection and mitigation, virtual network security.
11:00-12:00 SDN Security 2018: reality check or rain check?
Sandra Scott-Hayward @Queen’s University Belfast
Dr. Sandra Scott-Hayward, CEng, is a Lecturer (Assistant Professor) at Queen’s University Belfast. She has experience in both research and industry, having worked as a Systems Engineer and Engineering Group Leader with Airbus before returning to complete her Ph.D. at Queen’s University Belfast. In the Centre for Secure Information Technologies at QUB, Sandra leads research and development of network security architectures and security functions for software-defined networking (SDN). She has presented her research globally and has published a series of IEEE papers on performance and security designs for SDN. Sandra is Vice-Chair of the Open Networking Foundation (ONF) Security Working Group and has received Outstanding Technical Contributor and Outstanding Leadership awards from the ONF in 2015 and 2016, respectively.
14:15-15:15 Orchestration and chaining of security services in software-defined networks
Nizar Kheir @Linkedin
Nizar Kheir is a senior scientist in cyber security at THALES since September 2016. Before this he was a Networks and Cyber security researcher at Orange Labs since 2011. He obtained a Master Degree in Computer Science in 2007, and a PhD in Information Systems Security in 2010, from “Telecom Bretagne”. His activities are mainly related to cyber defence, through the proposal and development of techniques for cyber-attacks detection, diagnosis, mitigation, and recovery. Nizar Kheir is an active researcher with a proven track of patents and publications in international journals and conferences all specialized in cyber security.
15:45-16:15 Secure migration of virtual SDN topologies
Fabien Charmet @Linkedin
Fabien Charmet is a PhD at Télécom SudParis, France. He was previously a Research Engineer in the same department, and worked on the development of a cybersecurity platform, then moved onto the deployment of dynamic security policy inside SDN networks. He holds both an Engineering Degree obtained at the Ecole Centrale de Lille as well as a Msc at the University of Lille 1 in computer security. He research interests cover network security, Software Defined Networking, and Formal Methods.
16:15-16:45 Machine learning for IoT security
Mustafizur Shahid @Linkedin
Mustafizur Shahid is a PhD Student at Télécom SudParis, France. Currently working on topics related to artificial intelligence applied to IoT network security. Graduated from Télécom SudParis with a Master’s degree in Computer Science in 2017. Has worked on topics such as IoT security and machine learning for software security. Current research area of interest include data science, artificial intelligence and cybersecurity.
|09:45-10:00||Openning remarks||Message from organizer: Zonghua Zhang|
|10:00-10:30||Secure network slices, paths and functions Telecom SudParis||In 5G networks, traffics from vertical markets (smart city, smart grid, smart cars, eHealth, etc.) are expected to converge on the IP network segments, from mobile to access to core networks. The heterogeneity of traffic and services induce cybersecurity challenges, mainly isolation ones. Network slicing enables the creation of virtual networks on top of the unified network resources across domains. As experiments are run around the world in order to accelerate its definition and implementation, we strive to design and evaluate its security. In particular, our works encompass a number of topics, securing the mapping between virtual resources to physical resources (or virtual network embedding) to optimizing the instantiation and allocation of network monitoring and security functions in the physical network. Such network virtualization usually leverages software-defined control and network function virtualization, but also graph-based and machine-learning approaches.|
|11:00-12:00||SDN Security 2018: reality check or rain check? Queen's University Belfast||This talk will introduce the state of SDN Security in 2018 based on research undertaken at the Centre for Secure Information Technologies (CSIT), Queen’s University Belfast, and insights into the community through the speaker’s engagement with ONF and MEF. With SDN now 10 years old, what is the level of security in SDN? We will consider this question in the context of current deployments and discuss future research directions in SDNFV security.|
|14:15-15:15||Orchestration and chaining of security services in software-defined networks Thales Group||Software-Defined Networks (SDNs) are a promising platform to develop innovative network security services. However, current approaches to operate SDN-based security remain mostly provider-centric. They enable operators to specify security services, and to leverage standard SDN implementations such as OpenFlow, in order to deploy end-to-end policies including, for example, network isolation, monitoring, and incident handling. A common limitation to these approaches is their inability to specify custom, user-centric, security requirements. Users on top of the SDN controller may need to compose specific security services and to operate user-specific security policies. Unfortunately, in today’s provider-centric SDN networks, security remains mostly beyond the users’ reach, which may lead to security loopholes, yet also vendor lock-ins. This talk introduces a security management framework that is integrated to the SDN control plane. This framework enables the tenants of an SDN network to design and operate their own security monitoring contexts and policies. The framework monitors on the fly the user-defined contexts, and tunes the security policies accordingly. It further optimizes the deployment of these policies through the dynamic composition and chaining of network security services, while also reducing the cost and overhead to the operator.|
|15:45-16:15||Secure migration of virtual SDN topologies Telecom SudParis||With the emergence of Software Defined Networks (SDN), new virtualization techniques have appeared (e.g. FlowVisor). Traditional hypervision has attracted a lot of attention with respect to resource sharing and multi-tenancy.Cloud providers have usually a solid knowledge on how to manage computing, memory and storage resources, but often lack the ability to properly manage network resources. Thanks to OpenFlow, virtualizing the network infrastructure has become more accessible and eased, with a unified southbond interface. However, network virtualization also comes with its own security issues on operations. In this presentation, we focus on the security aspects related to the migration of virtual networks.|
|16:15-16:45||Machine learning for IoT security Telecom SudParis||The rapid adoption of the Internet of Thing (IoT) introduces new security challenges. Most of the IoT devices are vulnerable because of the lack of security experience of the manufacturers and the short time to market. Mirai botnet illustrates the threat posed by IoT devices. In this context, Machine Learning techniques can be leveraged to detect attacks in IoT networks. Indeed, contrary to desktop computers or laptops, IoT devices are very purpose specific. Therefore, network traffic is very predictable making data analysis techniques well suited to detect a deviation from the expected behavior. In our work, we apply machine learning algorithms to detect infected devices in a smart home network. To this purposes a small experimental smart home network is enabled to generate realistic network traffic data.The obtained dataset will help to model the expected behavior of the smart home network. Machine learning algorithms will be used to classify the traffic and to detect unusual activities.|