|
Context
Users' demand on the Internet is still increasing drastically, in both traffic and number of services. In order to fulfil such demand, upgrading the network is inevitable. Nevertheless, the current network's investments are facing many constraints. First, conventional network devices are often designed for a specific usage on a specific hardware; making it very expensive to be integrated in the current network. Secondly, before deploying new technologies to meet the increasing demand of network, operators have to carefully consider their potential opportunities and possible revenues. This process may take time. However, while the new technologies are being realized, nobody can ensure that the network trend does not change. Hence, researching on solutions that allow network operators to invest as well as encourage network's innovation, are crucial.
A new trend in the networking area has emerged in the last few years: Network Function Virtualization (NFV). As defined by the European Telecommunications Standards Institute (ETSI), NFV is the key technology leveraging the concept of implementing network functions in software that can run on a range of industry standard commodity server hardware. This initiative favors the progressive deployment of new network functions or protocols.
Objectives
The DOCTOR project will provide a major push towards the adoption of new standards by developing a secure use of virtualized network equipment. This will ease the deployment of novel networking architectures, thus enabling the co-existence of IP and emerging stacks (e.g. NDN) as well as the progressive migration of traffic from one stack to the other.
Novel services could then be deployed in the same network equipment, each having its own virtualized environment, and each operating the services and communications they are configured for. From this point of view, two main challenges will be addressed by DOCTOR:
-
The first and main challenge deals with the deployment issues related to new emerging networks functions and whole architectures (i.e., protocol stacks) in a virtualized networking environment. To achieve a progressive deployment, different strategies will be studied, implemented and evaluated in the DOCTOR project.
-
The second challenge is the security of virtually deployed networking architectures. Leveraging a virtualized networking technology requires a full rethought of how the security has to be designed, implemented and orchestrated. In particular, the project will investigate: (1) how monitoring probes can be dynamically deployed and activated; (2) how attacks can be detected and mitigated through countermeasures and dynamic reconfiguration of the network by leveraging the Software Defined Networking (SDN) concept.
Project organization
Task |
Objective |
Subtask |
Leader |
Start |
Duration |
TASK 1: ARCHITECTURE OF THE VIRTUALIZED NODE FOR HOSTING NETWORK FUNCTIONS
|
- Design the architecture of a virtualized node that can host different protocol stacks and network functions and validate the co-existence and their correct behavior.
- Identify valuable services to be instantiated and deployed for one protocol stack.
|
T1.1: Network equipment virtualization techniques
|
Orange
|
T0
|
4 months
|
T1.2: Architecture of the virtualized node and identification of components and functions
|
Orange
|
T0+3
|
9 months
|
TASK 2: SEURITY ANALYSIS AND MONITORING OF VIRTUALIZED NETWORK ARCHITECTURE
|
- Design and conceive virtualized monitoring and security tools dedicated to a NDN architecture deployed in a NFV framework
|
T2.1: Security analysis of the virtualized NDN architecture
|
Thales
|
T0+6
|
18 months
|
T2.2: Monitoring of NDN through virtualized components
|
CNRS - LORIA
|
T0+12
|
18 months
|
TASK 3: GLOBAL NETWORK DEPENDABILITY
|
- A set of remediation actions will be proposed, analyzed and quantified
- Design and orchestrate control actions as counter-measures of observed attacks
|
T3.1: Remediation solutions against vulnerabilities
|
Thales
|
T0+12
|
18 months
|
T3.2: Execution and orchestration of counter-measures
|
ICD - UTT
|
T0+15
|
15 months
|
TASK 4: TESTBED AND DEMONSTRATOR
|
- Provide a proof of concept and implement it
- Illustrate and validate the developed solutions
|
T4.1: Testbed setup and Data measurement
|
CNRS - LORIA
|
T0+6
|
30 months
|
T4.2: Validation of monitoring and remediation components
|
Montimage
|
T0+12
|
21 months
|
T4.3: Proof of concept (Demonstrator)
|
Montimage
|
T0+24
|
12 months
|
Partners
Organization |
Name |
First name |
Position |
Email |
Role in the project |
 |
Mathieu |
Bertrand |
Senior R&D researcher |
bertrand2.mathieu [at]orange.com |
Node virtualization, testbed and evaluation. Responsible of Task 1. |
Truong |
Patrick |
Senior R&D researcher |
patrick.truong [at]orange.com
|

|
Bettan |
Olivier |
R&D Lab Manager |
olivier.bettan [at]thalesgroup.com |
Risk and vulnerabilities analysis, remediation. |
Aguessy |
François-Xavier |
Project Manager |
francois-xavier.aguessy [at]thalesgroup.com |
Combe |
Théo |
R&D security engineer |
theo.combe [at]thalesgroup.com |
Morel |
Laurent |
R&D security engineer |
laurent.morel [at]thalesgroup.com |

|
Montes de Oca |
Edgardo |
Project manager |
edgardo. montesdeoca [at]montimage.com |
Monitoring for performance and security, implemen-tation. Responsible of task 4. |
Mallouli |
Wissam |
Senior R&D engineer |
wissam.mallouli [at]montimage.com |
Ortiz |
Antonio |
Research Engineer |
antonio.ortiz [at]montimage.com |
Nguyen |
Van Luong |
Software Engineer |
luongnv89 [at]gmail.com |
Mai |
Hoang Long |
PhD student |
hoang_long.mai [at]utt.fr |

|
Silverstone |
Thomas |
Associate Professor |
thomas. silverston [at]loria.fr |
Security monitoring and network function virtualization, testbed hosting. Responsible of task 2. |
Cholez |
Thibault |
Associate Professor |
thibault.cholez [at]inria.fr |
Chrisment |
Isabelle |
Full Professor |
isabelle.chrisment [at]loria.fr |
Festor |
Olivier |
Full Professor |
olivier.festor [at]loria.fr |
Lahmadi |
Abdlkader |
Associate Professor |
abdelkader. lahmadi [at]loria.fr |
François |
Jérôme |
Researcher |
jerome.francois [at]inria.fr |
Aubry |
Elian |
PhD Student |
elian.aubry [at]loria.fr |
Marchal |
Xavier |
PhD Student |
xavier.marchal [at]loria.fr |
Kondo |
Daishi |
PhD Student |
daishi.kondo [at]loria.fr |

| Doyen |
Guillaume |
Associate Professor |
guillaume.doyen [at]utt.fr |
Security counter-measures and orchestration, testbed hosting. Responsible of task 3.
|
Cogranne |
Rémi |
Associate Professor |
remi.cogranne [at]utt.fr |
Retraint |
Florent |
Associate Professor |
florent.retraint [at]utt.fr |
Nguyen |
Tan |
PhD Student |
ngoc_tan.nguyen [at]utt.fr
|
Ploix |
Alain |
Associate Professor |
alain.ploix [at]utt.fr |
El Aoun |
Moustapha |
Research engineer |
el_aoun [at]utt.fr |
Aouadj |
Messaoud |
Post-doctor |
messaoud.aouadj [at]utt.fr |
Lallement |
Patrick |
Associate Professor |
patrick. lallement [at]utt.fr |
Acknowledgement
The DOCTOR project warmy thanks the different users who especially supported the experiments performed in June 2018 in both Telecom Nancy and Troyes University of Technology. Among them: Le Van Khoa, Nguyen Duc Huy, Hoai Phuong Nguyen, Nguyen Nhan Quy, Brandy Romain, Hien Joël, Jauvion Gilles, Guerville Dylan, Doan Thi Ngoc Canh, Adam Alain, Annebicque Arthur, Mamalet Julien, Zigrand Anthony, Al Chami Ahmad, Ndiaye Khadidiatou, Mai Hoang Long and Ho Minh Hung.
Funding
The DOCTOR project is funded by French Nation Research Agency (ANR), project number <ANR-14-CE28-0001>. The project is also supported by partner UTT's co-funding from Champagne-Ardenne Region, France, project number <A2101-03>
|
|
|
|