Net Security
Agile & Adaptive Network Security for Edge Cloud Networks — Researcher Amr Osman (PhD Student)
Motivation
- Future-generation networks are increasingly expanding to include untrusted edge devices. Thus, the security parameter is dynamically changing. How can we adapt the network isolation & security mechanisms in real-time with minimal impact on utility and performance?
- Current network attacks and Advanced Persistent Threats (APTs) have shifted from automated attacks to highly-targeted multi-stage attacks with adaptive strategies and stealthy lateral movements that originate internally. How can we perform defense-in-depth, localize and isolate such attackers?
Use-case
- Smart home and IoT networks
- Microservice networks in edge clouds
Methods
- Leveraging softwarized networks and programmable networking to reduce the attack surface, and analyze network security metrics.
- Develop new approaches to approximate the origins and targets of stealthy polymorphic attacks that evade traditional IPS/IDS.
Future
- Develop & Improve zero-trust networking strategies and their incremental deployment.
- Develop dynamic end-to-end segmentation across multiple administrative domains in a way that is transparent to end devices.
Publications on this topic
Mitigating Internal, Stealthy DoS Attacks in Microservice Networks
Osman, A.; Born, J.; Strufe, T.
2021. Stabilization, Safety, and Security of Distributed Systems : 23rd International Symposium, SSS 2021, Virtual Event, November 17–20, 2021, Proceedings. Ed.: C. Johnen, 500–504, Springer. doi:10.1007/978-3-030-91081-5_37
Osman, A.; Born, J.; Strufe, T.
2021. Stabilization, Safety, and Security of Distributed Systems : 23rd International Symposium, SSS 2021, Virtual Event, November 17–20, 2021, Proceedings. Ed.: C. Johnen, 500–504, Springer. doi:10.1007/978-3-030-91081-5_37
Security for mobile edge cloud
Hanisch, S.; Osman, A.; Li, T.; Strufe, T.
2020. Computing in Communication Networks. Ed.: F.H.P. Fitzek, 371–385, Academic Press. doi:10.1016/B978-0-12-820488-7.00038-4
Hanisch, S.; Osman, A.; Li, T.; Strufe, T.
2020. Computing in Communication Networks. Ed.: F.H.P. Fitzek, 371–385, Academic Press. doi:10.1016/B978-0-12-820488-7.00038-4
Transparent Microsegmentation in Smart Home IoT Networks
Osman, A.; Wasicek, A.; Köpsell, S.; Strufe, T.
2020. 3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20), USENIX Association
Osman, A.; Wasicek, A.; Köpsell, S.; Strufe, T.
2020. 3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20), USENIX Association
SeCoNetBench: A modular framework for Secure Container Networking Benchmarks
Osman, A.; Hanisch, S.; Strufe, T.
2019. IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Stockholm, Sweden, 17-19 June 2019, 21–28, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/EuroSPW.2019.00009
Osman, A.; Hanisch, S.; Strufe, T.
2019. IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Stockholm, Sweden, 17-19 June 2019, 21–28, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/EuroSPW.2019.00009
Sandnet: Towards High Quality of Deception in Container-Based Microservice Architectures
Osman, A.; Bruckner, P.; Salah, H.; Fitzek, F. H. P.; Strufe, T.; Fischer, M.
2019. ICC 2019 - 2019 IEEE International Conference on Communications (ICC), Shanghai, China, 20-24 May 2019, 1–7, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/ICC.2019.8761171
Osman, A.; Bruckner, P.; Salah, H.; Fitzek, F. H. P.; Strufe, T.; Fischer, M.
2019. ICC 2019 - 2019 IEEE International Conference on Communications (ICC), Shanghai, China, 20-24 May 2019, 1–7, Institute of Electrical and Electronics Engineers (IEEE). doi:10.1109/ICC.2019.8761171