Context

Users' demand on the Internet is still increasing drastically, in both traffic and number of services. In order to fulfil such demand, upgrading the network is inevitable. Nevertheless, the current network's investments are facing many constraints. First, conventional network devices are often designed for a specific usage on a specific hardware; making it very expensive to be integrated in the current network. Secondly, before deploying new technologies to meet the increasing demand of network, operators have to carefully consider their potential opportunities and possible revenues. This process may take time. However, while the new technologies are being realized, nobody can ensure that the network trend does not change. Hence, researching on solutions that allow network operators to invest as well as encourage network's innovation, are crucial.

A new trend in the networking area has emerged in the last few years: Network Function Virtualization (NFV). As defined by the European Telecommunications Standards Institute (ETSI), NFV is the key technology leveraging the concept of implementing network functions in software that can run on a range of industry standard commodity server hardware. This initiative favors the progressive deployment of new network functions or protocols.

Objectives

The DOCTOR project will provide a major push towards the adoption of new standards by developing a secure use of virtualized network equipment. This will ease the deployment of novel networking architectures, thus enabling the co-existence of IP and emerging stacks (e.g. NDN) as well as the progressive migration of traffic from one stack to the other.

Novel services could then be deployed in the same network equipment, each having its own virtualized environment, and each operating the services and communications they are configured for. From this point of view, two main challenges will be addressed by DOCTOR:

  • The first and main challenge deals with the deployment issues related to new emerging networks functions and whole architectures (i.e., protocol stacks) in a virtualized networking environment. To achieve a progressive deployment, different strategies will be studied, implemented and evaluated in the DOCTOR project.
  • The second challenge is the security of virtually deployed networking architectures. Leveraging a virtualized networking technology requires a full rethought of how the security has to be designed, implemented and orchestrated. In particular, the project will investigate: (1) how monitoring probes can be dynamically deployed and activated; (2) how attacks can be detected and mitigated through countermeasures and dynamic reconfiguration of the network by leveraging the Software Defined Networking (SDN) concept.

Project organization

Task Objective Subtask Leader Start Duration

TASK 1:
ARCHITECTURE OF THE VIRTUALIZED NODE FOR HOSTING NETWORK FUNCTIONS

  • Design the architecture of a virtualized node that can host different protocol stacks and network functions and validate the co-existence and their correct behavior.
  • Identify valuable services to be instantiated and deployed for one protocol stack.

T1.1: Network equipment virtualization techniques

Orange

T0

4 months

T1.2: Architecture of the virtualized node and identification of components and functions

Orange

T0+3

9 months

TASK 2:
SEURITY ANALYSIS AND MONITORING OF VIRTUALIZED NETWORK ARCHITECTURE

  • Design and conceive virtualized monitoring and security tools dedicated to a NDN architecture deployed in a NFV framework
T2.1: Security analysis of the virtualized NDN architecture

Thales

T0+6

18 months

T2.2: Monitoring of NDN through virtualized components

CNRS - LORIA

T0+12

18 months

TASK 3:
GLOBAL NETWORK DEPENDABILITY

  • A set of remediation actions will be proposed, analyzed and quantified
  • Design and orchestrate control actions as counter-measures of observed attacks

T3.1: Remediation solutions against vulnerabilities

Thales

T0+12

18 months

T3.2: Execution and orchestration of counter-measures

ICD - UTT

T0+15

15 months

TASK 4:
TESTBED AND DEMONSTRATOR

  • Provide a proof of concept and implement it
  • Illustrate and validate the developed solutions

T4.1: Testbed setup and Data measurement

CNRS - LORIA

T0+6

30 months

T4.2: Validation of monitoring and remediation components

Montimage

T0+12

21 months

T4.3: Proof of concept (Demonstrator)

Montimage

T0+24

12 months

Partners

Organization Name First name Position Email Role in the project
Mathieu Bertrand Senior R&D researcher bertrand2.mathieu
[at]orange.com
Node virtualization, testbed and evaluation. Responsible of Task 1.
Truong Patrick Senior R&D researcher patrick.truong
[at]orange.com

Bettan Olivier R&D Lab Manager olivier.bettan
[at]thalesgroup.com
Risk and vulnerabilities analysis, remediation.
Aguessy François-Xavier Project Manager francois-xavier.aguessy
[at]thalesgroup.com
Combe Théo R&D security engineer theo.combe
[at]thalesgroup.com

Montes de Oca Edgardo Project manager edgardo.
montesdeoca
[at]montimage.com
Monitoring for performance and security, implemen-tation. Responsible of task 4.
Mallouli Wissam Senior R&D engineer
wissam.mallouli
[at]montimage.com
Ortiz Antonio Research Engineer
antonio.ortiz
[at]montimage.com
Nguyen Van Luong Software Engineer
luongnv89
[at]gmail.com

Silverstone Thomas Associate Professor thomas.
silverston
[at]loria.fr
Security monitoring and network function virtualization, testbed hosting. Responsible of task 2.
Cholez Thibault Associate Professor thibault.cholez
[at]inria.fr
Chrisment Isabelle Full Professor
isabelle.chrisment
[at]loria.fr
Festor Olivier Full Professor
olivier.festor
[at]loria.fr
Lahmadi Abdlkader Associate Professor
abdelkader.
lahmadi
[at]loria.fr
François Jérôme Researcher jerome.francois
[at]inria.fr
Aubry Elian PhD Student elian.aubry
[at]loria.fr
Marchal Xavier PhD Student xavier.marchal
[at]loria.fr

Doyen Guillaume Associate Professor guillaume.doyen
[at]utt.fr
Security counter-measures and orchestration, testbed hosting. Responsible of task 3.
Cogranne Rémi Associate Professor remi.cogranne
[at]utt.fr
Retraint Florent Associate Professor florent.retraint
[at]utt.fr
Nguyen Tan PhD Student ngoc_tan.nguyen
[at]utt.fr

Ploix Alain Associate Professor alain.ploix
[at]utt.fr
El Aoun Moustapha Research engineer el_aoun
[at]utt.fr
Lallement Patrick Associate Professor patrick.
lallement
[at]utt.fr

Funding

The DOCTOR project is funded by French Nation Research Agency (ANR), project number <ANR-14-CE28-0001>. The project is also supported by partner UTT's co-funding from Champagne-Ardenne Region, France, project number <A2101-03>