Research units A-Z

• How do you verify the performance of your distributed applications?
• How do you configure your Cloud-based network-server farm to deliver maximum throughput?
• How do you know you are getting the performance you have paid for from your provider?

The Internet has seen great success mainly due to its decentralised nature and its ability to accommodate myriad services over a simple, packet-switched communication paradigm. However, measurement, monitoring, and management of resources have never been a native part of the Internet architecture that prioritised efficient data delivery over accountability of resource usage.

This has led to a global, complex network that has been notoriously hard to debug, to measure its temporal performance, and to verify that it delivers consistent service quality levels. The lack of such capabilities has so far been swept under the carpet due to the distribution of resources across the global Internet, and the over-provisioning of network bandwidth which has also been the main stream of revenue for network operators.

However, the Internet landscape has been changing drastically over the past few years: the penetration of Cloud computing imposes significant centralisation of compute-network-storage resources over data centre infrastructures that exhibit significant resource contention; and providers’ revenue increasingly depends on their ability to differentiate, and offer predictable and high-performing services over this new environment. The increased collocation of diverse services and users over centralised infrastructures, as well as the many layers of virtualisation (VM, network, application, etc.) required to support such multi-tenancy make the development of always-on measurement and troubleshooting mechanisms a challenging research problem to tackle.

The overarching objective of this PhD project is to design native instrumentation and measurement support for performance verification over virtualised collocation infrastructures. This will enable data centre operators to monitor and troubleshoot their (physical and virtual) infrastructure on-demand, and provide “network measurement as a service” to tenants through exposing appropriate interfaces. Application providers (tenants) will in turn be able to define measurement metrics and instantiate the corresponding modules to verify their applications’ performance, and to validate that their service level agreements with the hosting infrastructure providers are being honoured.

The work will entail experimental research in the areas of Network Function Virtualisation (NFV) and Software-Defined Networking (SDN) with a view towards enabling programmable measurement at the various layers (and locations) of future virtualised infrastructures. For example, it will explore how network nodes can efficiently provide accounting and reporting functionality alongside their main forwarding operation; what support from the end-systems (and virtual machines) will be required in order to synthesise and deploy novel end-to-end performance verification services; and what the specification and execution interfaces of such programmable environment should be.

The research will be conducted as part of Netlab at the School of Computing Science and the student will be given access to a state-of-the-art virtualisation infrastructure and relevant platforms. Through the strong experimental nature of this project, the student will contribute to a currently buzzing research area, and will be equipped with highly demanded expertise in virtualised systems design, development, and evaluation. Digging under the surface, this work can have transformative effects on the design of future converged ICT environments that will need to deliver high-performance services, and where the boundaries between network, end-system, and application are becoming increasingly blurry.

Since its inception, the Internet has been inherently insecure. Over the years, much progress has been made in the areas of information encryption and authentication. However, infrastructure and resource protection against anomalous and attack behaviour are still major open challenges. This is exacerbated further by the advent of Cloud Computing where resources are collocated over virtualised data centre infrastructures, and the number and magnitude of security threats are amplified.

Current techniques for statistical and learning-based network-wide anomaly detection are offline and static, relying on the classical Machine Learning paradigm of collecting a corpus of training data with which to train the system. There is thus no ability to adapt to changing network and traffic characteristics without collecting a new corpus and re-training the system. Assumptions as to the characteristics of the data are crude: assuming measured features are independent through a Naïve Bayes classifier, or that projections that maximise the variance within the features (PCA) will naturally reveal anomalies. Moreover, there currently is no framework for profiling the evolving normal behaviour of networked infrastructures and be able to identify anomalies as deviations from such normality.

The overarching objective of this PhD project is to design in-network, learning-based anomaly detection mechanisms that will be able to operate on (and integrate) partial data, work in short timescales, and detect previously unseen anomalies. The work will bridge Machine and Reinforcement Learning with experimental systems research, and will evaluate the devised mechanisms over real-world virtualised networked environments and traffic workloads.

The student can focus on advancing the state-of-the-art in the learning processes, the requisite network programmability mechanisms, or both. For example, the project can focus on exploring recent advances in statistical ML to develop flexible probabilistic models that can capture the rapidly evolving view of the network. Or, it can focus on designing programmable dataplanes and application acceleration/offload frameworks that can support such advanced functionality running in-network and sustaining line-rate performance.

The research will be conducted as part of the Networked Systems Research Laboratory at the School of Computing Science, and the student will be given access to actual Internet traffic traces, and a state-of-the-art networking testbed with fully programmable platforms at all software and hardware layers. The work will spread across some very vibrant and cross-disciplinary research areas, and the student will be equipped with highly demanded skills in Machine Learning, CyberSecurity and next generation network architectures.

Active and programmable networks were a popular research area over 20 years ago but eventually faded due to the lack of adoption by the industry that was at the time focusing almost exclusively at increasing bandwidth capacity.

All this has now changed: resource virtualisation allows the efficient sharing of the physical infrastructure; and network operators and service providers now try to differentiate based on services they offer over virtualised infrastructures. In this new landscape, Software-Defined Networking (SDN) has emerged over the past decade as a new paradigm for dynamically-configured next generation networks, and has already been embraced by equipment vendors and service providers (e.g., Google, Facebook, etc.).

Fundamental to SDN has been the idea that a network’s entire control plane is logically centralised and abstracted from individual switches which are stripped from their legacy functionality to reduced complexity devices that are configured through an established API (e.g., OpenFlow). This mode of operation demonstrated the great potential of SDN but also highlighted shortcomings in real-time packet processing: the (simplified) SDN switches are not capable to make stateful, per-packet decisions at line-rate and hence to implement advanced services such as telemetry, intrusion and anomaly detection, and in-network compute acceleration. For this reason, over the past five years, a significant fraction of SDN research has been steered towards making the dataplane of individual switches itself programmable and independent of specific protocols like OpenFlow. This way, using domain-specific programming languages (e.g., P4), packet processing programs can be composed and execute on the switch, making the device itself programmable and able to support custom functionality at high-speeds.

So, research has been fragmented and focusing either on service orchestration through a network-wide control-plane or on the programmable dataplane of individual switches with a very limited and sometime device-local control plane, with relatively very few studies tackling both.

The overarching objective of this PhD project is to look at these two areas in synergy, and devise network-wide control plane(s) able to orchestrate individually-programmable and potentially diverse dataplanes for the development of advanced and high-speed services over heterogeneous networked infrastructures. The work will entail experimental research in protocols and languages for network programmability, in switch architectures, and the software-hardware interface. It will explore platform-independent language representations and runtimes (e.g., bytecodes and intermediate representations) that can allow custom pipelines on the switches without requiring the manual extension of protocol fields to support new functionality and at the same time offer bound data forwarding performance independent of bespoke hardware support. The work will also include the design of exemplar time-critical services that will benefit from such underlying network architecture.

The research will be conducted as part of the Networked Systems Research Laboratory at the School of Computing Science and the student will be given access to a state-of-the-art SDN testbed with fully programmable platforms at all software and hardware layers. Through the strong experimental nature of this project, the student will contribute to a currently buzzing research area, and will be equipped with highly demanded expertise in Software-Defined Networks, and next generation network architectures.