-
Towards Synthesizing Datasets for IEEE 802.1 Time-sensitive Networking
Authors:
Doğanalp Ergenç,
Nurefşan Sertbaş Bülbül,
Lisa Maile,
Anna Arestova,
Mathias Fischer
Abstract:
IEEE 802.1 Time-sensitive Networking (TSN) protocols have recently been proposed to replace legacy networking technologies across different mission-critical systems (MCSs). Design, configuration, and maintenance of TSN within MCSs require advanced methods to tackle the highly complex and interconnected nature of those systems. Accordingly, artificial intelligence (AI) and machine learning (ML) mod…
▽ More
IEEE 802.1 Time-sensitive Networking (TSN) protocols have recently been proposed to replace legacy networking technologies across different mission-critical systems (MCSs). Design, configuration, and maintenance of TSN within MCSs require advanced methods to tackle the highly complex and interconnected nature of those systems. Accordingly, artificial intelligence (AI) and machine learning (ML) models are the most prominent enablers to develop such methods. However, they usually require a significant amount of data for model training, which is not easily accessible. This short paper aims to recapitulate the need for TSN datasets to flourish research on AI/ML-based techniques for TSN systems. Moreover, it analyzes the main requirements and alternative designs to build a TSN platform to synthesize realistic datasets.
△ Less
Submitted 20 August, 2023;
originally announced August 2023.
-
Towards Developing Resilient and Service-oriented Mission-critical Systems
Authors:
Doğanalp Ergenç,
Cornelia Brülhart,
Mathias Fischer
Abstract:
Mission-critical systems (MCSs) have embraced new design paradigms such as service-oriented architecture (SOA) and IEEE 802.1 Time-sensitive Networking (TSN). These approaches tackle the static and closed-loop design and configuration of MCSs to address their strict performance and resilience requirements. While SOA enables the dynamic placement of critical services over virtualized hardware, TSN…
▽ More
Mission-critical systems (MCSs) have embraced new design paradigms such as service-oriented architecture (SOA) and IEEE 802.1 Time-sensitive Networking (TSN). These approaches tackle the static and closed-loop design and configuration of MCSs to address their strict performance and resilience requirements. While SOA enables the dynamic placement of critical services over virtualized hardware, TSN provides several protocols to establish deterministic communication over standard Ethernet equipment. This paper presents a prototype combining SOA and TSN to design flexible and fault-tolerant MCSs. It demonstrates the benefits of dynamic service migration and time-sensitive redundancy protocols to increase the resilience of MCSs against node and link failures, respectively. Moreover, it presents additional advanced functionalities like optimal service distribution and security monitoring for new TSN protocols.
△ Less
Submitted 31 March, 2023;
originally announced April 2023.
-
TSNZeek: An Open-source Intrusion Detection System for IEEE 802.1 Time-sensitive Networking
Authors:
Doğanalp Ergenç,
Robin Schenderlein,
Mathias Fischer
Abstract:
IEEE 802.1 Time-sensitive Networking~(TSN) standards are envisioned to replace legacy network protocols in critical domains to ensure reliable and deterministic communication over off-the-shelf Ethernet equipment. However, they lack security countermeasures and can even impose new attack vectors that may lead to hazardous consequences. This paper presents the first open-source security monitoring…
▽ More
IEEE 802.1 Time-sensitive Networking~(TSN) standards are envisioned to replace legacy network protocols in critical domains to ensure reliable and deterministic communication over off-the-shelf Ethernet equipment. However, they lack security countermeasures and can even impose new attack vectors that may lead to hazardous consequences. This paper presents the first open-source security monitoring and intrusion detection mechanism, TSNZeek, for IEEE 802.1 TSN protocols. We extend an existing monitoring tool, Zeek, with a new packet parsing grammar to process TSN data traffic and a rule-based attack detection engine for TSN-specific threats. We also discuss various security-related configuration and design aspects for IEEE 802.1 TSN monitoring. Our experiments show that TSNZeek causes only ~5% CPU overhead on top of Zeek and successfully detects various threats in a real TSN testbed.
△ Less
Submitted 20 March, 2023;
originally announced March 2023.
-
Moving Target Defense for Service-oriented Mission-critical Networks
Authors:
Doğanalp Ergenç,
Florian Schneider,
Peter Kling,
Mathias Fischer
Abstract:
Modern mission-critical systems (MCS) are increasingly softwarized and interconnected. As a result, their complexity increased, and so their vulnerability against cyber-attacks. The current adoption of virtualization and service-oriented architectures (SOA) in MCSs provides additional flexibility that can be leveraged to withstand and mitigate attacks, e.g., by moving critical services or data flo…
▽ More
Modern mission-critical systems (MCS) are increasingly softwarized and interconnected. As a result, their complexity increased, and so their vulnerability against cyber-attacks. The current adoption of virtualization and service-oriented architectures (SOA) in MCSs provides additional flexibility that can be leveraged to withstand and mitigate attacks, e.g., by moving critical services or data flows. This enables the deployment of strategies for moving target defense (MTD), which allows stripping attackers of their asymmetric advantage from the long reconnaissance of MCSs. However, it is challenging to design MTD strategies, given the diverse threat landscape, resource limitations, and potential degradation in service availability. In this paper, we combine two optimization models to explore feasible service configurations for SOA-based systems and to derive subsequent MTD actions with their time schedule based on an attacker-defender game. Our results indicate that even for challenging and diverse attack scenarios, our models can defend the system by up to 90% of the system operation time with a limited MTD defender budget.
△ Less
Submitted 17 March, 2023;
originally announced March 2023.
-
Reliable and Distributed Network Monitoring via In-band Network Telemetry
Authors:
Goksel Simsek,
Doğanalp Ergenç,
Ertan Onur
Abstract:
Traditional network monitoring solutions usually lack of scalability due to their centralized nature collecting heartbeats from all network components via a single controller. As a solution, In-Band Network Telemetry (INT) framework has been recently proposed to collect network telemetry information more autonomously and distributedly by employing programmable switches. However, it imposes further…
▽ More
Traditional network monitoring solutions usually lack of scalability due to their centralized nature collecting heartbeats from all network components via a single controller. As a solution, In-Band Network Telemetry (INT) framework has been recently proposed to collect network telemetry information more autonomously and distributedly by employing programmable switches. However, it imposes further challenges to (i) find suitable INT paths to optimize the control overhead and information freshness and (ii) ensure reliable delivery of control information over multi-hop INT paths. In this work, we propose a monitoring scheme, reliable Graph Partitioned INT (GPINT), by extending our previous work and integrating shared queue ring (SQR) as a reliability feature against potential failures in network telemetry collection due to network congestion and link degradation that may cause loss of the visibility of the network. We implement our proposal in a recent data plane programming language P4, and compare it with traditional Simple Network Management Protocol (SNMP) and also another state-of-the-art study employing Euler's method for INT path generation. Our analysis first shows the importance of having a data recovery mechanism against packet losses under different network conditions. Then, our emulation results indicate that GPINT with reliability extension performs much better than its opponent in terms of telemetry collection latency and overhead monitoring scheme even under a high amount of packet losses.
△ Less
Submitted 30 December, 2022;
originally announced December 2022.
-
SDN-based Self-Configuration for Time-Sensitive IoT Networks
Authors:
Nurefşan Sertbaş Bülbül,
Doğanalp Ergenç,
Mathias Fischer
Abstract:
The convergence of IT and OT technologies results in the need for efficient network management solutions for automotive and industrial automation environments. However, configuring real-time Ethernet networks while maintaining the desired QoS is challenging due to the dynamic nature of OT networks and the high configuration parameters. This paper introduces an SDN-based self-configuration framewor…
▽ More
The convergence of IT and OT technologies results in the need for efficient network management solutions for automotive and industrial automation environments. However, configuring real-time Ethernet networks while maintaining the desired QoS is challenging due to the dynamic nature of OT networks and the high configuration parameters. This paper introduces an SDN-based self-configuration framework for the fully automated configuration of TSN networks. Unlike standard TSN configuration, we remove end-host-related dependencies and put flows initially on default paths to extract traffic characteristics by monitoring network traffic at edge switches. Communicated to a central SDN controller, these characteristics allow to move the flows to optimal paths while maintaining hard real-time guarantees, for which we also formulate an optimization problem. Our simulation results indicate that the proposed self-configuration approach works properly for different network sizes and numbers of end-hosts. Even though it slightly increases the average latency of critical frames, it still provides a certain level of real-time guarantee without any prior knowledge of flows.
△ Less
Submitted 1 March, 2021;
originally announced March 2021.
-
On Network Traffic Forecasting using Autoregressive Models
Authors:
Doğanalp Ergenç,
Ertan Onur
Abstract:
Various statistical analysis methods are studied for years to extract accurate trends of network traffic and predict the future load mainly to allocate required resources. Besides, many stochastic modeling techniques are offered to represent fundamental characteristics of different types of network traffic. In this study, we analyze autoregressive traffic forecasting techniques considering their p…
▽ More
Various statistical analysis methods are studied for years to extract accurate trends of network traffic and predict the future load mainly to allocate required resources. Besides, many stochastic modeling techniques are offered to represent fundamental characteristics of different types of network traffic. In this study, we analyze autoregressive traffic forecasting techniques considering their popularity and wide-use in the domain. In comparison to similar works, we present important traffic characteristics and discussions from the literature to create a self-consistent guidance along with the survey. Then, we approach to techniques in the literature revealing which network characteristics they can capture offering a characteristic-based framework. Most importantly, we aim to fill the gap between the statistical analysis of those methods and their relevance with networking by discussing significant aspects and requirements for accurate forecasting from a network-telemetric perspective.
△ Less
Submitted 27 December, 2019;
originally announced December 2019.
-
CUPSMAN: Control User Plane Separation Based Routing in Ad-hoc Networks
Authors:
Doganalp Ergenc,
Ertan Onur
Abstract:
Separation of user (data) plane from the control plane in networks helps scale resources independently, increase the quality of service and facilitate autonomy by employing software-defined networking techniques. Clustering introduces hierarchy in ad hoc networks where control functions can be carried out by some designated cluster heads. It is also an effective solution to handle challenges due t…
▽ More
Separation of user (data) plane from the control plane in networks helps scale resources independently, increase the quality of service and facilitate autonomy by employing software-defined networking techniques. Clustering introduces hierarchy in ad hoc networks where control functions can be carried out by some designated cluster heads. It is also an effective solution to handle challenges due to lack of centralized controllers and infrastructure in ad-hoc networks. Clustered network topologies gain a significant amount of scalability and reliability in comparison to flat topologies. Different roles that nodes have in a clustered network can be effectively used for routing as well. In this paper, we propose a novel plane-separated routing algorithm, Cluster-based Hybrid Routing Algorithm (CHRA). In CHRA, we take advantage of the hierarchical clustered structure through control and user plane separation (CUPS) in mobile ad-hoc networks. In the cluster neighborhood with a particular size, a link-state routing is used to minimize delay, control overhead, and also utilize energy consumption. For facilitating the communication with distant nodes, we form a routing backbone that is responsible for both control and data messages. The results show that CHRA outperforms its opponents in terms of fair energy consumption and end-to-end delay.
△ Less
Submitted 27 July, 2018;
originally announced July 2018.