Verfügbare Themen


4.
default
Lukaseder, Thomas
High-Speed SDN-assisted DDoS-Mitigation
Bachelorarbeit, Masterarbeit, Projekt
Institut für Verteilte Systeme,
2017
in Vorbereitung

Marker: AA, BA, MA, ThomasLukaseder, distributed, itsec, networks

Zusammenfassung: We are working on a framework to mitigate DDoS attacks in high-speed networks. The framework uses software-defined networking to mitigate attacks. There are different areas of the system still under development and therefore different open theses or master project topics. Areas currently under development: Distribution of the current infrastructure, measurements of real-life networks to improve the data basis for attack mitigation, extending the system to mitigate a wider variety of attacks, and improving scalability of the system. There are open topics in all of these areas.

3.
default
Lukaseder, Thomas
Policy Checking of SDN-based Networks
Bachelorarbeit, Masterarbeit, Projekt
Institut für Verteilte Systeme,
2017
in Vorbereitung

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: Policy checker are programs that check the network topology whether there are policy violations such as loops r unreachable services. Controllers of software-defined networks sometimes include these policy checkers to ensure that policy violations do not go live in a network in the first place. However, placing these right next to the SDN controller can be problematic if the controller itself might be under attack or compromised. Therefore, we want to move the policy checker to an external middlebox directly comunicating with the switch infrastructure.

2.
default
Lukaseder, Thomas
Performance Measurements of Security Devices in High-Speed Networks
Bachelorarbeit, Masterarbeit, Projekt
Institut für Verteilte Systeme,
2017
in Vorbereitung

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: Security devices in networks such as firewalls or intrusion detection systems need to be evaluated concerning throughput, precision, and reliability before using them in production networks. We are working on different aspects of performance measurements of security devices: Performance evaluation of firewalls or IDS, building a network testing framework for evaluations. There are open topics in all of these areas.

1.
default
Lukaseder, Thomas
Hardware Support for Intrusion Detection Systems
Bachelorarbeit, Masterarbeit, Projekt
Institut für Verteilte Systeme,
2017
in Vorbereitung

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: The ever increasing network bandwidth causes intrusion detection mechanisms to reach the limits of their capacity. Thus, new and improved implementations for security mechanisms are urgently required. Hardware support is one way to increase the performance of IDS. One of the bottlenecks of high-speed data analysis is regular expression matching. We currently examine two possible hardware support solutions to offload the regular expression matching to hardware modules: a FPGA-based Co-Processor (extending and evaluating an existing prototype) and offloading regular expression matching to GPUs. There are open topics in both areas.

Kontakt

Sprechzeiten

Vereinbart bitte per E-Mail einen Termin mit mir.