Projects Past Projects

 
2017sp2016

2017

Project Title:

Opportunistic Network for Proof of Location

Supervisors:
Dr. Lionel Wolberger , Platin.io
Description:
Platin.io brings location to the world of decentralization, supplying this missing piece. When Proof of Location (PoL) is provided via the Platin blockchain, a transaction fee is charged in “Platin” (PTN) that also serves as the “gas” for fueling proof of location requests. This enables for example to transfer virtual money to a certain location.
Picture of Opportunistic Network for Proof of Location Project
 
Project Title:

OpenDaylight NETCONF/YANG Adapter for VPP

Students:
Sivan Ben-Haim, Nir Chachmovitz
Supervisors:
Charles Eckel, Cisco
Description:
All NETCONF/YANG-enabled network functions - whether physical or virtualized - can be controlled by an OpenDaylight (ODL) SDN controller so long as an appropriate device adapter has been installed in the ODL controller. That ODL device adapter (or southbound plugin) can be generated from the network function's YANG model, and can be completed with Java programming.
Picture of OpenDaylight NETCONF/YANG Adapter for VPP Project
 
Project Title:

Smart IoT Parking wireless Sensor

Students:
Oved Chitayat, David Smolyanov
Supervisors:
Shai Ben-Ari, Itzik Ashkenazi
Description:
One of the fundamental requirements from a Smart Campus Transportation implementation and deployment is the ability of the campus to take responsibility and globally manage the traffic as whole inside the campus physical boundaries. This management should then serve both campus applications (such as events organizations or security needs) as well as guests that enters or plans to arrive. This can be achieved by improved monitoring and ability to supply on-line valuable information gathered from Internet-of-Things (IoT) sensors and gateways that are installed all over the campus area.
Picture of Smart IoT Parking wireless Sensor Project
 
Project Title:

BGP protocol deviations in routers

Supervisors:
Dr. Gabi Nakibly
Description:
Routing protocols such as OSPF and BGP have open standards (published in RFCs), however commercial routers (e.g. Juniper and Cisco) that implement those protocols may deviate from those standards (deliberately or inadvertently). Such deviation are important to identify from a security point of view as they may be a pose a security vulnerability. We would like to discover those deviations. The problem is that commercial routers are closed-source so it is difficult to directly analyze the router’s implementation.
Picture of BGP protocol deviations in routers Project
 
Project Title:

SDN In-Band Boot Strapping

Supervisors:
Itzik Ashkenazi
Description:
In traditional networks, the control software is distributed across all devices, which run routing protocols to compute forwarding state. An advantage of this design is that legacy networks can use the in-band ports for the control plane. In contrast, Software Defined Networking (SDN) is based on the separation of the control plane from the data plane. Because of that, most SDN deployments today use out-of-band control and the controller configuration parameters (for example: Controller IP, Controller port #) in each switch in those deployments are static. Such way of deployment is a major obstacle and operators are looking for a way where both the control and data planes will be transmitted on the same channel (in-band mode) and there will be no need to statically configure each deployed switch.
Picture of SDN In-Band Boot Strapping Project
 
Project Title:

Automated Service Ordering

Students:
Rami Geraisy, Wissam Abu Sini
Supervisors:
Ran Yazdi (Amdocs)
Description:
The project will revolutionize the way network services are ordered between telecom companies. It will turn what is a weeks long process into a modern API-driven operation and save millions of dollars in the process. The working prototype built will be used as a basis for ordering in all international telecom companies for the next 20 years.
Picture of Automated Service Ordering Project
 
Project Title:

MEF Point-to-point Ethernet Service

Students:
Muhammad Abed, Rand Hreish
Supervisors:
Daniel Bar-Lev (MEF)
Description:
The MEF is a collaborative code and specs development organization that starting in 2001 defined Carrier Ethernet and helped build the global Carrier Ethernet market now valued at $80Bn. MEF has 210 member companies, of which 130+ are the world’s leading service providers, including AT&T, Verizon, Deutsche Telekom, BT, China Telecom, Cisco, Huawei, Ciena and many Israeli companies such as ECI, RAD, Telco Systems and Amdocs. Carrier Ethernet services defined by the MEF and widely adopted by the telecoms industry include E-Line, E-LAN, E-Tree, E-Access and E-Transit
Picture of MEF Point-to-point Ethernet Service Project
 
Project Title:

Connection Tracking (CT) - Open Virtual Switch (OVS) Offload

Supervisors:
Dr. Tal Anker, Mellanox
Description:
Today’s Carrier Ethernet architecture is undergoing the biggest transformation since the beginning of the internet. Video, mobile and cloud usage is driving huge growth in traffic while the constantly changing traffic patterns requires ability to introduce new services quickly. This led the creation of Networking Function Virtualization (NFV), which defines the specifications for Virtualized Network Function (VNF). VNF is a software implementation of a network function such as routing or firewall. Each such VNF runs in a virtual machine (VM). The VMs are created in a compute blade or in a high scale server – unusually called the host device. The VMs are located on top of the host’s Hypervisor that uses Open Virtual Switch (OVS) to switch the data traffic to/from each VM/NFV and also to chain the traffic between them. OVS is designed to operate under Linux Operating System and uses its kernel services to perform various operational-related functions. One of the frameworks that the kernel provides is NetFilter that offers various operations like packet filtering, Network Address Translation (NAT) and more. One of the important features built on top of the Netfilter framework is Connection Tracking (CT). CT allows the kernel to keep track of all logical network connections, and thereby relate all of the packets which may make up that connection. When CT is used along with OVS, using an advanced Network Interface Card (NIC) to handle the connections can help to offload OVS.
Picture of Connection Tracking (CT)  - Open Virtual Switch (OVS) Offload Project
 
Project Title:

Analysis of the QUIC protocol

Description:
QUIC is a new transport layer designed by Google to replace TCP. It offers reduced latency and higher throughput as compared to TCP. Although the protocol is already widely used by Google’s services and Google’s Chrome the protocol design and deployment is still nascent. The standard of the protocol is being written these days by the IETF. However, it is obvious that the Google implementation has many more details as compared to the standard’s draft in its current form.
Picture of Analysis of the QUIC protocol Project
 
Project Title:

Security Policies Tracking

Students:
Gal Berger, Evgeny Shapiro
Description:
Cisco TrustSec solution enables deployment of security policies into organization’s network. The policies are enforced by the network infrastructure such as routers and switches. The policies define the type of traffic that is allowed in the network and whether traffic of some employee in an organization is allowed to reach various resources in the network (for example policy can define that in the network of the university a student can access only the servers in the computer science faculty lab and cannot access any other computers in the university). The network security policies are dynamic and are obligated to changes. As a result the network infrastructure which enforce the policies maintains different policies at a given time.
Picture of Security Policies Tracking Project
 
Project Title:

Identify Abnormal User Network Access

Description:
Cisco Identity Service Engine (ISE) is responsible to authenticate and authorize users that login into an organization networks such as in universities for example (only students and/or staff can login the network with different privileges). Once some user access the network ISE collects various information about the user such as whether the user access the network from wireless connection or wired. The location of the user, the user IP address, the user MAC address, the OS type the user uses (iOS, Android, Windows etc.) and more
Picture of Identify Abnormal User Network Access Project
 
Project Title:

Power efficiency SDN application

Description:
The current architecture of telecom and data networks is based on the IP protocol stack, where the routing is made by distributed hop by hop decisions over single data packets. This approach is beginning to show some limits in terms of performance, flexibility and scalability due to the exponential growth of data traffic that we have been experiencing for some years. The requirements on the different traffic types range from high throughput to low latency, from high user density to high availability, from low power consumption to high reliability. The fulfillment of such a wide variety of requirements asks for a quite different network architecture, where adaptively is fundamental.
Picture of Power efficiency SDN application Project
 
Project Title:

BGP Deviations In Routers

Students:
Yair Cohen
Supervisors:
Dr. Gabi Nakibly
Description:
Routing protocols such as OSPF and BGP have open standards (published in RFCs), however commercial routers (e.g. Juniper and Cisco) that implement those protocols may deviate from those standards (deliberately or inadvertently). Such deviation are important to identify from a security point of view as they may be a pose a security vulnerability. We would like to discover those deviations. The problem is that commercial routers are closed-source so it is difficult to directly analyze the router’s implementation.
Picture of BGP Deviations In Routers Project
 
Project Title:

INT on P4 Software Switch

Description:
In-band Network Telemetry (INT) is a new framework designed to allow the collection and reporting of network state, by the data plane, without requiring intervention of additional control plane protocols. Data packets are instrumented with INT header fields that contain “Telemetry Instructions” to INT-capable network device. The instructions tell the devices what Telemetry data to collect and the collected data is written into the forwarded data packets. INT data that can be collected includes: switch IDs, Input/Output Port IDs, Hop Latency, Queue Occupancy, In/Out Timestamps and more. Such telemetry data provides immense value in networks in general. It enables real-time debugging of network issues as well as “self healing” networks. Programming Protocol-independent Packet Processor (P4) is a high-level language that can be deployed in the future into Software Defined Networks (SDN) and can actually serve as an alternative to OpenFlow that is currently used – due to its flexibility and ability to support emerging new protocols such as INT.
Picture of INT on P4 Software Switch Project
 
Projects:Current ProjectsspPast Projects