Browsing by study line "Networks"

Various Denial of Service (DoS) attacks are common phenomena in the Internet. They can consume resources of servers, congest networks, disrupt services, or even halt systems. There are many machine learning approaches that attempt to detect and prevent attacks on multiple levels of abstraction. This thesis examines and reports different aspects of creating and using a dataset for machine learning purposes to detect attacks in a web server environment. We describe the problem field, origins and reasons behind the attacks, typical characteristics, and various types of attacks. We detail ways to mitigate the attacks and provide a review of current benchmark datasets. For the dataset used in this thesis, network traffic was captured in a real-world setting, and flow records were labeled. Experiments performed include selecting important features, comparing two supervised learning algorithms, and observing how a classifier model trained on network traffic on a specific date performs in detecting new malicious records over time in the same environment. The model was also tested with a recent benchmark dataset.

Software development speed has significantly increased in recent years with methodologies like Agile and DevOps that use automation, among other technics, to enable continuous delivery of new features and software updates to the market. This increased speed has given rise to concerns over guaranteeing security at such a pace. To improve security in today’s fast-paced software development, DevSecOps was created as an extension of DevOps. This thesis focuses on the experiences and challenges of organizations and teams striving to implement DevSecOps. We first view our concepts through existing literature. Then, we conduct an online survey of 37 professionals from both security and development backgrounds. The results present the participants’ overall sentiments towards DevSecOps and the challenges they struggle with. We also investigate what kind of solutions have been tried to mitigate these issues and if these solutions have indeed worked.

The cloud computing paradigm has risen, during the last 20 years, to the task of bringing powerful computational services to the masses. Centralizing the computer hardware to a few large data centers has brought large monetary savings, but at the cost of a greater geographical distance between the server and the client. As a new generation of thin clients have emerged, e.g. smartphones and IoT-devices, the larger latencies induced by these greater distances, can limit the applications that could benefit from using the vast resources available in cloud computing. Not long after the explosive growth of cloud computing, a new paradigm, edge computing has risen. Edge computing aims at bringing the resources generally found in cloud computing closer to the edge where many of the end-users, clients and data producers reside. In this thesis, I will present the edge computing concept as well as the technologies enabling it. Furthermore I will show a few edge computing concepts and architectures, including multi- access edge computing (MEC), Fog computing and intelligent containers (ICON). Finally, I will also present a new edge-orchestrator, the ICON Python Orchestrator (IPO), that enables intelligent containers to migrate closer to the users. The ICON Python orchestrator tests the feasibility of the ICON concept and provides per- formance measurements that can be compared to other contemporary edge computing im- plementations. In this thesis, I will present the IPO architecture design including challenges encountered during the implementation phase and solutions to specific problems. I will also show the testing and validation setup. By using the artificial testing and validation network, client migration speeds were measured using three different cases - redirection, cache hot ICON migration and cache cold ICON migration. While there is room for improvements, the migration speeds measured are on par with other edge computing implementations.

Nowadays a growing number of mobile devices are in use, and the internet connections with mobile devices are increasingly important for the everyday life of the global population. As a result, applications and use cases of different requirements including high throughput, reliability and continuous connection have emerged for mobile device connections. Multipath transport located on the transport layer of the TCP/IP model has been proposed as a solution for providing better throughput, reliability and smooth handovers for mobile devices. Multiple network interfaces are present in current mobile devices, and multipath protocols can utilize them to transfer data through multiple paths inside one connection. Multipath protocols of parallel functionality have been proposed over the years, and relevant protocol versions include multipath extensions for well-known transport layer protocols. The aim of the thesis is to provide an overview of three multipath protocols, MPTCP, CMT-SCTP and MPQUIC and the advantages and limitations they have when used for mobile connectivity through a literature review. First the challenges of multipath transport and requirements specific for mobile device usage are identified, and an overview of the protocols and their features are discussed. Then the protocols are compared in the context of the identified challenges and mobile device use. MPTCP is the only transport layer multipath protocol currently deployed and in use, while CMT-SCTP faces problems with deployability. MPQUIC shows promise for having initially comparable performance and deployability with MPTCP. Transport layer multipath protocols are currently not optimal for interactive applications and have suboptimal performance in heterogeneous network conditions. Conversely, they can provide a boost for throughput with data intensive applications and can be helpful for providing smoother handovers, but at the cost of higher energy consumption.