Current Funded Projects

MiMANSaS: Metrics, Models and Analysis of Network Security & Survivability

Project Summary: Information and Communications Technology (ICT) infrastructure failures and cyber attacks are realities that can have catastrophic societal effects. Information Assurance (IA) can be defined as the operations undertaken to protect and defend ICT systems by ensuring their dependability and security. There is a critical need for systematic IA methods that enable ICT systems to adapt and survive any type of disruption or attack. A major hurdle in the development of IA techniques is the lack of models and metrics which enable one to determine the effectiveness of IA mechanisms. This exploratory project seeds a collaborative effort between three PIs at different institutions: Duke University, University of Missouri-Kansas City, and the University of Pittsburgh focused on the development of metrics and models that will allow one to quantitatively study the technical aspects of information assurance (IA) for the network component of the ICT infrastructure. The basis of the approach is to unify attack trees, attack graphs, privilege graphs and fault trees into a common scalable framework with a well defined set of metrics and application scenarios. Extensions of the basic model that include state information, stochastic properties and rewards via Markov chains and stochastic Petri nets, enabling a wider variety of attack and fault scenarios are being studied. The impact of the models and metrics developed is that they provide the techniques and tools necessary to determine the effectiveness of IA mechanisms and allow one to detect bottlenecks and to evaluate the tradeoffs between levels of information assurance, performance and cost.

MuRNeDO: Multilayer Reconfigurable Network Design and Optimization

Project Summary: Future communication networks are envisioned be dynamic reconfigurable at the physical, label and routing layers forming a multiple layer communication infrastructure. In the resulting hierarchical structure each layer is a network on its own, having the flexibility to change the formation dynamically. There are also structural dependencies due to the multilayer infrastructure. For example, a link failure at a lower layer can impact multiple links at an upper layer. With dynamic changes in traffic demand, reconfigurability, and structural dependencies, future multilayer networks present new design challenges. In this project, future multilayer network design is addressed by considering routing properties of different layer networks, layer dependencies, virtualization, topological reconfigurability, and resiliency. For this, new optimization models are developed. As the problems can be large due to interdependencies, new design algorithms are developed that exploit the special structure of the problems. The exploration of multilayer networks with emerging technological possibilities leads to key insights that would benefit future networks in terms of efficient and robust network design, deployment, and operations. Expected results include new design models and algorithms. Studies conducted will provide deeper understanding of the overall system dynamics in terms of interdependencies in layers and trade-offs on functionalities to be invoked in different layers.

SeRViTR: A Secure and Resilient Virtual Trust Routing Framework for Future Internet

Project Summary: Current network-centric Internet service model is prone to resource exhausting attacks such as Distributed Denial of Services attacks. Due to the resource sharing nature and non-coordinated monitoring capability of the current Internet, it is difficult to quickly identify attack sources. Second, a new trend is to develop a user-centric Internet service model, in which traditional local network services are outsourced to remote service providers such as for cloud services. This new trend allows end users to fully control remote service nodes, their interconnections and routing, which imposes great threats on network resource allocations. Thus, it is highly desired that the future Internet is designed to provide a secure service domain that is both network-centric and user-centric. As a fundamental core to this goal, a secure and resilient virtualized routing architecture in a global inter-networking environment is explored to provide network resource reservation protection both at the network-centric and the user-centric level. A novel attribute-based, cryptography-based approach to construct secure virtualization is to be developed. Furthermore, an architectural solution to address the policy enforcement and inter-domain trust management is also considered. The end goal is to greatly improve the efficiency of attack monitoring and intrusion detection and to increase the resiliency of the future Internet. This is a collaborative exploratory project bringing together researchers from the University of Missouri-Kansas City, Arizona State University, and Osaka City University, Japan.

GpENI: Great Plains Environment for Network Innovation

Project Summary: The Great Plains Environment for Network Innovation, GpENI, is an international programmable network testbed centered on a Midwest US regional optical network between The University of Kansas (KU), Kansas State University (KSU), University of Nebraska-Lincoln (UNL), and University of Missouri-Kansas City (UMKC) within the Great Plains Network, supported with optical switches from Ciena interconnected by Qwest fiber infrastructure, in collaboration with the Kansas Research and Education Network (KanREN) and Missouri Research and Education Network (NOREnet). GpENI is undergoing significant expansion to Europe and Asia using various tunneling protocols.

The Goals of GpENI are to: