SENDATE

SEcure Networking for a DATa Center Cloud in Europe

Description

Large Data Centers (DCs) are forming the most important control centers of the Internet nowadays. Within DCs, business as well as private data is stored, edited, forwarded, and processed. Although current DCs have a huge computing power, massive storage capacities, and an enormous performance based on centrally stored data, they are located far away from the customer, use the network only for transport, and are mostly run by non-European companies. This leads to low flexibility, long delays to customers, and security concerns.

New application scenarios of our digital society such as Industrial Internet, mobile connected objects, Internet of Things, health applications, and especially 5G lead to a huge number of end devices and an enormous increase of traffic volume. The high demands on security, location awareness, service guarantees, flexibility, and latency require a convergence of telecommunication networks and IT as well as distributed data centers, which are placed close to the customers. Innovative approaches such as Network Functions Virtualization (NFV) in combination with Software Defined Networking (SDN) are the basis for a secure, flexible, low latency, and locality-aware distributed data center approach to support the upcoming application scenarios.

Within the SENDATE-PLANETS project, all project partners together will design a network architecture and technologies for secure and flexible distributed data centers in close collaboration. The target is to develop security mechanisms for NFV/SDN networks as well as set up, develop, and optimize VNFs and their placement in distributed data centers.

TUM Chair of Network Architecures and Services investigates methods for validating specific properties of the configurations and the integration and adaption of network intrusion detection with SDN-based high speed networks. Objectives are to combine techniques of SDN and network intrusion detection systems to increase network security and to analyze how SDN can support the flexible deployment of network intrusion detection systems. As second activity our research group focuses on the designs of a framework for measurements that operates and applies to data center components. The framework addresses performance and bottleneck prediction and optimization including the three layers of hardware, services and service management layer.

Partners in Sub-Project SENDATE-PLANETS:

  • NOKIA Networks
  • Airbus Group Innovations
  • BISDN
  • Fraunhofer AISEC
  • genua GmbH
  • Infineon Technologies AG
  • Infosim GmbH & Co. KG
  • Karlsruher Institut für Technologie
  • Leibniz-Rechenzentrum der Bayerischen Akademie der Wissenschaften
  • Ruhr Universität Bochum (RUB)
  • TU Braunschweig
  • TU Darmstadt
  • Uni Würzburg
  • x-ion GmbH

Related publications

2018-09-01 Dominik Scholz, Daniel Raumer, Paul Emmerich, Alexander Kurtz, Krzysztof Lesiak, Georg Carle, “Performance Implications of Packet Filtering with Linux eBPF,” in Teletraffic Congress (ITC 30), 2018 30th International, Vienna, Austria, Sep. 2018. accepted for publication [Bib]
2018-07-01 Simon Bauer, Daniel Raumer, Paul Emmerich, Georg Carle, “Behind the scenes: what device benchmarks can tell us,” in The Applied Networking Research Workshop 2018 (ANRW ’18), Montreal, Canada, Jul. 2018. accepted for publication [Pdf] [Rawdata] [Bib]
2018-06-01 Erkin Kirdan, Daniel Raumer, Paul Emmerich, Georg Carle, “Building a Traffic Policer for DDoS Mitigation on Top of Commodity Hardware,” in International Symposium on Networks, Computers and Communications (ISNCC’18), Rome, Italy, Jun. 2018. [Pdf] [Bib]
2018-05-01 Dominik Scholz, Benedikt Jaeger, Lukas Schwaighofer, Daniel Raumer, Fabien Geyer, Georg Carle, “Towards a Deeper Understanding of TCP BBR Congestion Control,” in IFIP Networking 2018, Zurich, Switzerland, May 2018. [Pdf] [Bib]
2018-01-01 Sebastian Gallenmüller, Dominik Scholz, Florian Wohlfart, Quirin Scheitle, Paul Emmerich, Georg Carle, “High-Performance Packet Processing and Measurements (Invited Paper),” in 10th International Conference on Communication Systems & Networks (COMSNETS 2018), Bangalore, India, Jan. 2018. [Pdf] [Bib]
2017-09-01 Daniel Raumer, Simon Bauer, Paul Emmerich, Georg Carle, “Performance Implications for Intra-node Placement of Network Function Chains,” in IEEE 6th International Conference on Cloud Networking (CloudNet’17), Prague, Czech Republic, Sep. 2017. [Pdf] [Bib]
2017-07-01 Paul Emmerich, Daniel Raumer, Sebastian Gallenmüller, Florian Wohlfart, Georg Carle, “Throughput and Latency of Virtual Switching with Open vSwitch: A Quantitative Analysis,” Journal of Network and Systems Management, Jul. 2017. [DOI] [Bib]
2017-06-01 Paul Emmerich, Maximilian Pudelko, Sebastian Gallenmüller, Georg Carle, “FlowScope: Efficient Packet Capture and Storage in 100 Gbit/s Networks,” in IFIP Networking 2017, Stockholm, Sweden, Jun. 2017. [Pdf] [Bib]
2017-05-01 Sebastian Gallenmüller, Paul Emmerich, Rainer Schönberger, Daniel Raumer, Georg Carle, “Building Fast but Flexible Software Routers,” in ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS 2017), Beijing, China, May 2017. [Pdf] [Poster] [Bib]
2016-10-01 Julius Michaelis, Cornelius Diekmann, “LOFT – Verified Migration of Linux Firewalls to SDN,” Archive of Formal Proofs, Oct. 2016. Formal proof development [Url] [Bib]
2016-10-01 Daniel Raumer, Sebastian Gallenmüller, Paul Emmerich, Lukas Märdian, Florian Wohlfart, Georg Carle, “Efficient Serving of VPN Endpoints on COTS Server Hardware,” in 2016 IEEE 5th tnternational Conference on Cloud Networking (CloudNet’16), Pisa, Italy, Oct. 2016. [Pdf] [Bib]
2016-09-01 Cornelius Diekmann, Lars Hupel, “Iptables_Semantics,” Archive of Formal Proofs, Sep. 2016. Formal proof development [Url] [Bib]
2016-08-01 Julius Michaelis, Cornelius Diekmann, “Routing,” Archive of Formal Proofs, Aug. 2016. Formal proof development [Url] [Bib]
2016-08-01 Cornelius Diekmann, Julius Michaelis, Max Haslbeck, “Simple Firewall,” Archive of Formal Proofs, Aug. 2016. Formal proof development [Url] [Bib]
2016-07-01 Daniel Raumer, Sebastian Gallenmüller, Florian Wohlfart, Paul Emmerich, Patrick Werneck, Georg Carle, “Revisiting Benchmarking Methodology for Interconnect Devices,” in The Applied Networking Research Workshop 2016 (ANRW ’16), Berlin, Germany, Jul. 2016. [Pdf] [Bib]
2016-06-01 Cornelius Diekmann, Julius Michaelis, Lars Hupel, “IP Addresses,” Archive of Formal Proofs, Jun. 2016. Formal proof development [Url] [Bib]

Finished student theses

Author Title Type Advisors Year Links
Alexander Kurtz Application-level Firewalling with eBPF IDP Dominik Scholz, Paul Emmerich, Daniel Raumer 2017 Pdf
Sebastian Bruhn An Analysis of Linux Firewall Performance BA Daniel Raumer, Lukas Schwaighofer, Johannes Naab 2017 Pdf
Bastian Hofmann Benchmarking of Docker-based Network Functions BA Daniel Raumer, Florian Wohlfart 2017 Pdf
Thomas Bachmaier Scanning for TCP SYN Proxy Implementations BA Dominik Scholz, Paul Emmerich, Quirin Scheitle, Minoo Rouhi 2017 Pdf
Thomas Eidenmüller Analysis of Parallel Packet Processing on NUMA Architectures BA Daniel Raumer, Florian Wohlfart 2017 Pdf
Krzysztof Lesiak DDoS Mitigation in the Linux Kernel with XDP BA Dominik Scholz, Paul Emmerich 2017 Pdf
Benedikt Jaeger Evaluation of TCP BBR mixed with other Congestion Avoidance Algorithms MA Dominik Scholz, Lukas Schwaighofer, Daniel Raumer, Fabien Geyer 2017
Michael Remmler Entwicklung eines OpenFlow-Switch Benchmarks MA Daniel Raumer, Florian Wohlfart 2016 Pdf
Elias Tatros Live Monitoring of Network Experiments IDP Daniel Raumer 2016 Pdf
Simon Bauer Increasing Application Performance with SR-IOV IDP Paul Emmerich, Daniel Raumer 2016
Bernhard Metz Throughput and Latency in Cloud-benchmarking BA Daniel Raumer 2016 Pdf
Adrian Weis Measuring and Modelling the Performance of OpenStack BA Daniel Raumer, Sebastian Gallenmüller 2016 Pdf
Simon Bauer Network function chaining: configuration guidelines for optimal performance MA Daniel Raumer, Paul Emmerich 2016 Pdf
Erkin Kirdan Traffic shaping and policing with DPDK GR Paul Emmerich, Dominik Scholz, Daniel Raumer 2016 Pdf
Christoph Schwarzenberg A System for Evaluation of Network Experiments in Multiuser Testbeds IDP Daniel Raumer, Florian Wohlfart 2016 Pdf
Chris Hanselmann Implementation and Evaluation of a Client Controlled Multipath Proxy BA Daniel Raumer, Quirin Scheitle 2016
Simon Leber Tracking down the CPU consumption for Linux Traffic Control BA Paul Emmerich, Daniel Raumer, Dominik Scholz 2016 Pdf

Open and running student theses

Author Title Type Advisors Year Links
open Description and Processing of Security Policies MA Johannes Naab, Manfred Schäfer, Christian Banse 2017 Pdf