DOCTOR project

Context

Users' demand on the Internet is still increasing drastically, in both traffic and number of services. In order to fulfil such demand, upgrading the network is inevitable. Nevertheless, the current network's investments are facing many constraints. First, conventional network devices are often designed for a specific usage on a specific hardware; making it very expensive to be integrated in the current network. Secondly, before deploying new technologies to meet the increasing demand of network, operators have to carefully consider their potential opportunities and possible revenues. This process may take time. However, while the new technologies are being realized, nobody can ensure that the network trend does not change. Hence, researching on solutions that allow network operators to invest as well as encourage network's innovation, are crucial.

A new trend in the networking area has emerged in the last few years: Network Function Virtualization (NFV). As defined by the European Telecommunications Standards Institute (ETSI), NFV is the key technology leveraging the concept of implementing network functions in software that can run on a range of industry standard commodity server hardware. This initiative favors the progressive deployment of new network functions or protocols.

Objectives

The DOCTOR project will provide a major push towards the adoption of new standards by developing a secure use of virtualized network equipment. This will ease the deployment of novel networking architectures, thus enabling the co-existence of IP and emerging stacks (e.g. NDN) as well as the progressive migration of traffic from one stack to the other.

Novel services could then be deployed in the same network equipment, each having its own virtualized environment, and each operating the services and communications they are configured for. From this point of view, two main challenges will be addressed by DOCTOR:

The first and main challenge deals with the deployment issues related to new emerging networks functions and whole architectures (i.e., protocol stacks) in a virtualized networking environment. To achieve a progressive deployment, different strategies will be studied, implemented and evaluated in the DOCTOR project.
The second challenge is the security of virtually deployed networking architectures. Leveraging a virtualized networking technology requires a full rethought of how the security has to be designed, implemented and orchestrated. In particular, the project will investigate: (1) how monitoring probes can be dynamically deployed and activated; (2) how attacks can be detected and mitigated through countermeasures and dynamic reconfiguration of the network by leveraging the Software Defined Networking (SDN) concept.

Project organization

Task	Objective	Subtask	Leader	Start	Duration
TASK 1: ARCHITECTURE OF THE VIRTUALIZED NODE FOR HOSTING NETWORK FUNCTIONS	Design the architecture of a virtualized node that can host different protocol stacks and network functions and validate the co-existence and their correct behavior. Identify valuable services to be instantiated and deployed for one protocol stack.	T1.1: Network equipment virtualization techniques	Orange	T0	4 months
		T1.2: Architecture of the virtualized node and identification of components and functions	Orange	T0+3	9 months
TASK 2: SEURITY ANALYSIS AND MONITORING OF VIRTUALIZED NETWORK ARCHITECTURE	Design and conceive virtualized monitoring and security tools dedicated to a NDN architecture deployed in a NFV framework	T2.1: Security analysis of the virtualized NDN architecture	Thales	T0+6	18 months
		T2.2: Monitoring of NDN through virtualized components	CNRS - LORIA	T0+12	18 months
TASK 3: GLOBAL NETWORK DEPENDABILITY	A set of remediation actions will be proposed, analyzed and quantified Design and orchestrate control actions as counter-measures of observed attacks	T3.1: Remediation solutions against vulnerabilities	Thales	T0+12	18 months
TASK 3: GLOBAL NETWORK DEPENDABILITY		T3.2: Execution and orchestration of counter-measures	ICD - UTT	T0+15	15 months
TASK 4: TESTBED AND DEMONSTRATOR	Provide a proof of concept and implement it Illustrate and validate the developed solutions	T4.1: Testbed setup and Data measurement	CNRS - LORIA	T0+6	30 months
		T4.2: Validation of monitoring and remediation components	Montimage	T0+12	21 months
		T4.3: Proof of concept (Demonstrator)	Montimage	T0+24	12 months

Partners

Name	First name	Position	Email	Role in the project
Mathieu	Bertrand	Senior R&D researcher	bertrand2.mathieu [at]orange.com	Node virtualization, testbed and evaluation. Responsible of Task 1.
Truong	Patrick	Senior R&D researcher	patrick.truong [at]orange.com
Bettan	Olivier	R&D Lab Manager	olivier.bettan [at]thalesgroup.com	Risk and vulnerabilities analysis, remediation.
Aguessy	François-Xavier	Project Manager	francois-xavier.aguessy [at]thalesgroup.com
Combe	Théo	R&D security engineer	theo.combe [at]thalesgroup.com
Morel	Laurent	R&D security engineer	laurent.morel [at]thalesgroup.com
Montes de Oca	Edgardo	Project manager	edgardo. montesdeoca [at]montimage.com	Monitoring for performance and security, implemen-tation. Responsible of task 4.
Mallouli	Wissam	Senior R&D engineer	wissam.mallouli [at]montimage.com
Ortiz	Antonio	Research Engineer	antonio.ortiz [at]montimage.com
Nguyen	Van Luong	Software Engineer	luongnv89 [at]gmail.com
Mai	Hoang Long	PhD student	hoang_long.mai [at]utt.fr
Silverstone	Thomas	Associate Professor	thomas. silverston [at]loria.fr	Security monitoring and network function virtualization, testbed hosting. Responsible of task 2.
Cholez	Thibault	Associate Professor	thibault.cholez [at]inria.fr
Chrisment	Isabelle	Full Professor	isabelle.chrisment [at]loria.fr
Festor	Olivier	Full Professor	olivier.festor [at]loria.fr
Lahmadi	Abdlkader	Associate Professor	abdelkader. lahmadi [at]loria.fr
François	Jérôme	Researcher	jerome.francois [at]inria.fr
Aubry	Elian	PhD Student	elian.aubry [at]loria.fr
Marchal	Xavier	PhD Student	xavier.marchal [at]loria.fr
Kondo	Daishi	PhD Student	daishi.kondo [at]loria.fr
Doyen	Guillaume	Associate Professor	guillaume.doyen [at]utt.fr	Security counter-measures and orchestration, testbed hosting. Responsible of task 3.
Cogranne	Rémi	Associate Professor	remi.cogranne [at]utt.fr
Retraint	Florent	Associate Professor	florent.retraint [at]utt.fr
Nguyen	Tan	PhD Student	ngoc_tan.nguyen [at]utt.fr
Ploix	Alain	Associate Professor	alain.ploix [at]utt.fr
El Aoun	Moustapha	Research engineer	el_aoun [at]utt.fr
Aouadj	Messaoud	Post-doctor	messaoud.aouadj [at]utt.fr
Lallement	Patrick	Associate Professor	patrick. lallement [at]utt.fr

Funding

The DOCTOR project is funded by French Nation Research Agency (ANR), project number <ANR-14-CE28-0001>. The project is also supported by partner UTT's co-funding from Champagne-Ardenne Region, France, project number <A2101-03>