Network Security

Header image for network security

Network security is concerned with techniques for detecting and preventing unauthorised access to and modification of networks and the data transmitted over them. Our research is focused on emerging technologies such as 6G mobile networks and quantum communications.

Secure Communications in a Quantum World

Shima Hassanpour

The development of quantum computers poses a challenge to securing systems because many cryptographic primitives will become easier to break. However, due to certain properties of quantum mechanics, such as quantum superposition, quantum entanglement, and the quantum no-cloning theorem, secure communication in a quantum world is still possible. Quantum security holds the key to a possible solution to security challenges.

Use cases

  • Quantum key distribution
  • Quantum private query

Methods

  • Use the definition of the quantum game to specify the actual notion of security.
  • Formalize the quantum security of existing and future protocols.

Future

  • Use the properties of quantum mechanics to provide high levels of security and privacy when sending signals over the future communication networks.

Security aspects of network slicing in Software-Defined Networks

Fritz Windisch

Modern communication infrastructure faces new threats constantly, also due to the recent flooding of the market with IoT devices. This prompts network operators to switch from the model of a perimeter defense (protecting a demilitarized zone) towards the model of micro-segmentation to isolate devices and thus threats on a network level. This limits the lateral movement an attacker can reach in a network. This isolation and micro-segmentation can be provided by network slicing, a term that has gained more traction with the advent of 5G and subsequent mobile standards. Apart from isolation, other guarantees can also be provided by network slicing solutions, such as bandwidth or latency guarantees. Network slicing will thus play a major role in the networks of the future.

We are mainly interested in building and evaluating network slicing solutions according to their security aspects.

Use cases

  • Isolation of devices in networks
  • Provisioning of network resources to participants with guarantees

Methods

  • Creation of a hardware based testbed to build and test network slicing solutions at data center speeds (100Gbit/s+) using SDN
  • Evaluation of security aspects of network slicing solutions through experiments

Future

  • Development of network slicing solutions that provide adequate and proven security characteristics for future networks

Publications on this topic


Improving Resilience of Future Mobile Network Generations Implementing Zero Trust Paradigm
Abedi, K.; Nguyen, G. T.; Strufe, T.
2024. NOMS 2024-2024 IEEE Network Operations and Management Symposium, 06th-10th May 2024, Seoul, Korea, 1–5, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/NOMS59830.2024.10574898
Demo: Towards Rapid Prototyping Network-Slicing Solutions in Software-Defined Networks
Windisch, F.; Abedi, K.; Nguyen, G. T.; Strufe, T.
2024. IEEE/IFIP Network Operations and Management Symposium, 3 S., Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/NOMS59830.2024.10575679
Resilience-by-Design in 6G Networks: Literature Review and Novel Enabling Concepts
Khaloopour, L.; Su, Y.; Raskob, F.; Meuser, T.; Bless, R.; Janzen, L.; Abedi, K.; Andjelkovic, M.; Chaari, H.; Chakraborty, P.; Kreutzer, M.; Hollick, M.; Strufe, T.; Franchi, N.; Jamali, V.
2024. IEEE Access, 12, 155666–155695. doi:10.1109/ACCESS.2024.3480275
Hybrid Testbed for Security Research in Software-Defined Networks
Windisch, F.; Abedi, K.; Doan, T.; Strufe, T.; Nguyen, G. T.
2023. 2023 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), Dresden, Germany, 07-09 November 2023, 147–152, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/NFV-SDN59219.2023.10329614
Mitigating Internal, Stealthy DoS Attacks in Microservice Networks
Osman, A.; Born, J.; Strufe, T.
2021. Stabilization, Safety, and Security of Distributed Systems : 23rd International Symposium, SSS 2021, Virtual Event, November 17–20, 2021, Proceedings. Ed.: C. Johnen, 500–504, Springer. doi:10.1007/978-3-030-91081-5_37
Security for mobile edge cloud
Hanisch, S.; Osman, A.; Li, T.; Strufe, T.
2020. Computing in Communication Networks. Ed.: F.H.P. Fitzek, 371–385, Academic Press. doi:10.1016/B978-0-12-820488-7.00038-4
Transparent Microsegmentation in Smart Home IoT Networks
Osman, A.; Wasicek, A.; Köpsell, S.; Strufe, T.
2020. 3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20), USENIX Association
SeCoNetBench: A modular framework for Secure Container Networking Benchmarks
Osman, A.; Hanisch, S.; Strufe, T.
2019. IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Stockholm, Sweden, 17-19 June 2019, 21–28, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/EuroSPW.2019.00009
Sandnet: Towards High Quality of Deception in Container-Based Microservice Architectures
Osman, A.; Bruckner, P.; Salah, H.; Fitzek, F. H. P.; Strufe, T.; Fischer, M.
2019. ICC 2019 - 2019 IEEE International Conference on Communications (ICC), Shanghai, China, 20-24 May 2019, 1–7, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/ICC.2019.8761171