Doctoral student Markku Vajaranta from the Tampere University of Technology has been researching security solutions in Software Defined Networks (SDN) and in home networks. We spoke to him to hear about the hot topics in cyber security research and how has our IP load generator Ruge been able to support his studies.
“Home network security can be improved by detecting cyber attacks”, says Vajaranta. As the number of connected devices in homes grow, the complexity of home networks is increasing. How could a regular home network owner protect their own network, unless they have extremely good technical skills?
This was the starting point for the research conducted at the Tampere University of Technology, published in 2016 by Silverajan, Kolehmainen, and Vajaranta himself. They assumed that an ongoing cyber attack should increase the activity of the CPU and the wireless radio interface in the home network routers enough to have a measurable effect on energy consumption. In order to prove that, they created a home network in their TUTCyberlabs laboratory.
The researchers placed Energy Monitoring Modules within the network, to get accurate readings of the energy consumption at typical use and while an attack was taking place. They then attacked the network by creating the malicious traffic with Ruge and sending that traffic wirelessly through a laptop. “Ruge was useful, as it could easily create a large amount of traffic with each packet having a different route advertisement with the Babel protocol”, Vajaranta sums up.
The results confirmed that a volumetric attack will cause enough radio or CPU activity, or increased gateway activity at quiet hours that differs clearly from the baseline energy consumption levels. Monitoring the energy consumption and detecting anomalous peaks is definitely a feasible way to detect cyber attacks. (Find the IEEE publication here)
The current area of interest for Vajaranta is cyber security in Software Defined Networks (SDN). There are no established best practices yet for designing secure SDN’s which makes it a very interesting research topic. SDN decouples the control and data planes. That means the data forwarding logic is centralized into the SDN controller and separate from the network hardware. This centralized control provides the ability to gain a general view of the network and introduces new possibilities and challenges to security design. The central control simplifies the security management and assists in the security policy decision making. On the other hand, the separation of the control plane from the data plane adds complexity to security systems. The traditional cyber attacks targeting a server may remain only in the data plane, while new attack methods might also affect the network control plane. The interaction between the planes means, however, that the security needs to be ensured on both planes.
An SDN network structure consisting of controllers and switches is flexible and scalable but may come with unexpected bottlenecks. They may appear especially if a significant number of connections are new ones, each requiring instructions from the controller. Thus extremely high processing capability is required from the controller. A more solid understanding of the limitations and bottlenecks is vital for ensuring seamless operation in software defined networks. We at Rugged Tooling look forward to seeing more results from Markku Vajaranta in the near future.
More on Ruge on the product pages, click here.