Section: Partnerships and Cooperations
Participants : Isabelle Chrisment [contact] , Thibault Cholez, Vassili Rivron.
The Quality of Experience (QoE) when accessing the Internet, on which more and more human activities depend on, is a key factor for today’s society. The complexity of Internet services and of user’s local connectivity has grown dramatically in the last years with the proliferation of proxies and caches at the core and access technologies at the edge (home wireless and 3G/4G access), making it difficult to diagnose the root cause of performance bottlenecks. The objective of BottleNet is to deliver methods, algorithms, and software systems to measure end-to-end Internet QoE and to diagnose the cause of experienced issues. The result can then be used by users, network and service operators or regulators to improve the QoE.
The ANR BottleNet project (https://project.inria.fr/bottlenet) started in February 2016. It involves many partners in the field of computer networks and QoE: Inria Muse and Diana teams, Lille1 University, Telecom Sud-Paris, Orange, IP-Label. The objective of BottleNet is to deliver methods, algorithms, and software systems to measure Internet QoE and diagnose the root cause of poor Internet QoE. Our goal calls for tools that run directly at users’ devices. We plan to collect network and application performance metrics directly at users’ devices and correlate them with user perception to model Internet QoE, and to correlate measurements across users and devices to diagnose poor Internet QoE. This data-driven approach is essential to address the challenging problem of modeling user perception and of diagnosing sources of bottlenecks in complex Internet services. BottleNet will lead to new solutions to assist users, network and service operators as well as regulators in understanding Internet QoE and the sources of performance bottleneck.
Participants : Thibault Cholez [contact] , Xavier Marchal, Daishi Kondo, Olivier Festor.
The DOCTOR project http://www.doctor-project.org is an applied research project funded by the French National Research Agency (ANR), grant <ANR-14-CE28-000>, and supported by the French Systematic cluster. The project started on December 2014 for three years plus one year of extension (2018) to align the scientific production with the budget consumption. It involves five partners specialized in network monitoring and security: Orange Labs (lead), Thales, Montimage, Université de technologie de Troyes and LORIA/CNRS. The DOCTOR project advocates the use of virtualized network equipment (Network Functions Virtualization), to enable the co-existence of new Information-Centric Networking stacks (e.g.: Named-Data Networking) with IP, and the progressive migration of traffic from one stack to the other while guaranteeing the good security and manageability of the network. Therefore in DOCTOR, the main goals of the project are: (1) the efficient deployment of NDN as a virtualized networking environment; (2) the monitoring and security of this virtualized NDN stack.
This year, we focused on the second workpackage dedicated to security. We did a joint work with UTT investigating the impact on the Content Poisoning Attack on the NDN architecture . We also wrote a book chapter about our use of NDN and NFV technologies to deploy an NDN network while providing advanced monitoring and security functions .
We also improved our HTTP/NDN gateway that will be soon released for the community and which design and evaluation will be submitted in a journal.
The next (and last) year of the project will be dedicated to the orchestration of our virtualized NDN architecture to manage its performance and security, and to the deployment of a testbed carrying real user traffic.
FUI HUMA (01/09/2015-31/08/2018)
Participants : Giulia de Santis, Soline Blanc, Sofiane Lagraa, Jérôme François [contact] , Abdelkader Lahmadi, Isabelle Chrisment.
The HUMA project (L’HUmain au cœur de l’analyse de données MAssives pour la sécurité) is funded under the national FUI Framework (Fonds Unique Interministeriel) jointly by the BPI (Banque Publique d'Investissement) and the Région Lorraine. It has been approved by two competitive clusters: Systematic and Imaginove. The consortium is composed of three academic (ICube, Citi, Inria) and five industrial (Airbus Defence and Space, Intrinsec, Oberthur, Wallix, Sydo) partners. The leader is Intrinsec.
This project targets the analysis of Advanced Persistent Threat. APT are long and complex attacks which thus cannot be captured with standard techniques focused on short time windows and few data sources. Indeed, APTs may last for several months and involve multiple steps with different types of attacks and approaches. The project will address such an issue by leveraging data analytics and visualization techniques to guide human experts, which are the only one able to analyze APT today, rather than targeting a fully automated approach.
In 2017, our contribution focused on defining a graph-mining technique to discover dependencies among security events clustering techniques in order to group individual events into a common one. We applied our technique to darknet data as shown in section 7.2.1. In addition, we also start the modeling of an attacker process by considering the first phase of APT, i.e. the reconnaissance phase by analyzing scanning activities using Hidden Markov Model (7.2.1). We also technically contribute to the definition of APT scenarios by providing a very stealthy scanning approach (Wiscan described in 7.1.2). Finally, from a project management point of view, Inria is in charge of leading the work-package related to data analytics technique for analyzing security probe events.
Inria-Orange Joint Lab
Participants : Jérôme François [contact] , Rémi Badonnel, Olivier Festor, Maxime Compastié, Paul Chaignon.
The challenges addressed by the Inria-Orange joint lab relate to the virtualization of communication networks, the convergence between cloud computing and communication networks, and the underlying software-defined infrastructures. This lab aims at specifying and developing a GlobalOS (Global Operating System) approach as a platform or a software infrastructure for all the network and computing resources required by the Orange network operator. Our work, started in November 2015, concerns in particular monitoring methods for software-defined infrastructures, and management strategies for supporting software-defined security in multi-tenant cloud environments. We have specified a management framework dedicated to cloud software-defined security. It relies on on-the-fly generation and execution of unikernels in order to build highly-constrained configurations. The solution has been evaluated through extensive series of experiments, based on a proof-of-concept prototype using MirageOS. Results show that the costs induced by security mechanisms integration are relatively limited, and unikernels are well suited to minimize risk exposure.
Participants : Olivier Festor [contact] , Rémi Badonnel, Thibault Cholez, Jérôme François, Abdelkader Lahmadi, Laurent Andrey.
FLIRT (Formations Libres et Innovantes Réseaux & Télécom) is an applied research project leaded by the Institut Mines-Télécom, for a duration of 4 years. It includes 14 academic partners (engineering schools including Telecom Nancy), 3 industrial partners (Airbus, Nokia Group and Orange), 2 innovative startups (the MOOC agency, and Isograd), as well as 3 professional or scientific societies (Syntec Numérique, Unetel, SEE). The project objective is to build a collection of 10 MOOCs (Massive Open Online Courses) in the area of networks and telecommunications, 3 training programmes based on this collection, as well as several innovations related to pedagogical efficiency (such as virtualization of practical labs, management of student cohorts, and adaptative assessment). The Madynes team is leading a working group dedicated to the building of a MOOC on network and service management. This MOOC, whose first session will open end of 2018, covers the fundamental concepts, architectures and protocols of the domain, as well as their evolution in the context of future Internet, and includes practical labs and exercises using widely-used tools and technologies.
Technological Development Action (ADT)
The goal of this ADT provides assistance in developing the Aetournos platform to help in the UAV Challenge Medical Express. Through this ADT, funded by Inria, Raphaël Cherfan has coordinated students work on the platform and tutored the Aetournos team for the 2016 Outback Joe Search and Rescue / Medical Express Challenge, and help in the design and buidling of a novel Hybrid UAV.
This ADT started in 2016 and will end on 2018. The Madynes project is a major partner funded at the level of 120k€. ADT VERTEX built upon the foundations of the Grid'5000 testbed aims to reinforce and extend it towards new use cases and scientific challenges. Several directions are being explored: networks and Software Defined Networking, Big Data, HPC, and production computation needs. Previously developed prototypes are also being consolidated, and the necessary improvements to user management and tracking are also being performed.
Built on the Distem emulator, that enables the creation of virtual experimental environments from clusters of homogeneous machines, this project aims at enlarging the scope of use of Distem to additional fields: Software Defined Networking, Named Data Networking, Big Data. In addition, we will explore temporal dilation as a technique to study future infrastructures.
The project started in 2017 and will end in 2019.
RIOT ADT is a multi-site project with Infine and Madynes teams, which started in December 2016 for a duration of two years. The high-level objective is to (1) contribute open source code, upstream, to the RIOT code base, (2) coordinate RIOT development within Inria, with other engineers and researchers using/developing RIOT, (3) coordinate RIOT development outside Inria, help maintain the RIOT community at large (see http://www.riot-os.org and http://www.github.com/RIOT-OS/RIOT) which aims to become the equivalent of Linux for IoT devices that cannot run Linux because of resource constraints.
This year MADYNES team has mainly contributed to the efficient MAC layer protocol implementation issues. We have built a general MAC protocol module (gnrc mac module) for providing critical development tools for MAC protocol developers in the RIOT community. Based on these generic functions, we have developed two duty-cycled MAC protocols lw-MAC and GoMacH which are above IEEE802.15.4. lw-MAC is a single channel MAC protocol that has similar principle of X-MAC and ContikiMAC. GoMacH  is a traffic-adaptive multi-channel MAC protocol for IoT which exhibes low power consumption and high throughput performance. Both are integrated into the RIOT IoT protocol stack and merged into RIOT master branch. They are publically available in RIOT open source github.
The ATT AMICS is run in cooperation with the High Security Lab (HSL). The goal is to develop a customizable security analytics stack as a service. The added value of the HSL is to cross-correlate customer data with Internet probes hosted at HSL collecting tons of security data. Indeed, the basic service provided to potential customer is a VPN on top of which custom modules can be added. In 2017, we setup the VPN elements and also developed a flexible framework for security analysis. Different moddules have already been defined and implemented: blacklists aggregators to gather continuously information from third parties providing blacklists, real-time verification of traffic going through the VPN using blacklists, real-time detection of IP spoofing by correlating user traffic with HSL darknet traffic and real-time detection of customer hosts infected by a malware.
Inria Project Lab
Participants : Isabelle Chrisment [contact] , Thibault Cholez, Vassili Rivron, Lakhdar Meftah [University of Lille] .
The Inria Project Lab BetterNet (https://project.inria.fr/betternet) has been launched in October 2016. Its goal is to build and deliver a scientific and technical collaborative observatory to measure and improve the Internet service access as perceived by users. We will propose new original user-centered measurement methods, which will associate social sciences to better understand Internet usage and the quality of services and networks. Tools, models and algorithms will be provided to collect data that will be shared and analyzed to offer a valuable service to scientists, stakeholders and civil society.
The Madynes team leads this IPL and in particular Isabelle Chrisment who coordinates the project.
In 2017, the main activities of the project focused on federating Inria's monitoring tools (APISENSE, Fathom, Hostview, ACQUA) and building our open measurement platform for acquiring data.
Lakhdar Meftah, a shared PhD student with the SPIRALS team (Inria/University of Lille) has worked on a privacy preservation scheme using data dissemination that introduces an a priori data anonymization and improves user privacy without compromising the overall quality of the crowdsourced dataset.
Participant : Lucas Nussbaum [contact] .
To accommodate the ever-increasing demand for Utility Computing (UC) resources, while taking into account both energy and economical issues, the current trend consists in building larger and larger Data Centers in a few strategic locations. Although such an approach enables UC providers to cope with the actual demand while continuing to operate UC resources through centralized software system, it is far from delivering sustainable and efficient UC infrastructures for future needs.
The DISCOVERY initiative aims at exploring a new way of operating Utility Computing (UC) resources by leveraging any facilities available through the Internet in order to deliver widely distributed platforms that can better match the geographical dispersal of users as well as the ever increasing demand. Critical to the emergence of such locality-based UC (also referred as Fog/Edge Computing) platforms is the availability of appropriate operating mechanisms. The main objective of DISCOVERY is to design, implement, demonstrate and promote a new kind of Cloud Operating System (OS) that will enable the management of such a large-scale and widely distributed infrastructure in an unified and friendly manner.
The consortium is composed of experts in the following research areas: large-scale infrastructure management systems, networking and P2P algorithms. Moreover, two key network operators, namely Orange and RENATER, are involved in the project.
By deploying and using a Fog/Edge OS on backbones, our ultimate vision is to enable large parts of the Internet to be hosted and operated by its internal structure itself: a scalable set of resources delivered by any computing facilities forming the Internet, starting from the larger hubs operated by ISPs, governments and academic institutions, to any idle resources that may be provided by end users.
MADYNES contributes to the DISCOVERY IPL on the networking axis. A CIFRE PhD with Orange is expected to start at the beginning of 2018.