Resilient Networking

For reasons of Covid-19 and other challenges, this lecture will be given in a hybrid mode. The lecture is going to be given on Tuesdays, 12:00 - 13:30 (physically in the Grashof lecture hall in Karlsruhe), starting from November 3rd! It will be streamed and the videos will be available for download, online, subsequent to the corresponding lecture. We will organize the reading group during the first lecture, so please try to make sure that you participate in this event, at least.

Alike the past years there's a limit of 15 students who can participate in this course, as the reading group does not scale to larger groups.

HINT

The exercise of this lecture is a reading group, where each participating student is expected to present (at least) one paper throughout the term. Due to the timing constraints we hence have to limit the number of participants of this course.

Topic

The lecture resilient networking provides an overview on the basics of secure networks as well as on current threats and respective countermeasures. Especially bandwidth-depleting Denial of Service attacks represent a serious threat. Moreover, over the last years the number of targeted and highly sophisticated attacks on company and governmental networks increased. To make it worse, as a new trend at the moment, the interconnection of the Internet with cyber physical systems takes place. Such systems, e.g., the energy network (smart grid), trans- portation systems and large industrial facilities, are critical infrastructures with severe results in case of their failure. Thus, the Internet that interconnects these systems has evolved to a critical infrastructure as well.

The lecture introduces the current state-of-the-art in the research towards resilient networks. Resilience-enhancing techniques can be generally classified in proactive and reactive methods. Proactive techniques are redundancy and compartmentalization. Redundancy allows to tolerate attacks to a certain extent, while compartmentalization attempts to restrict the attack locally and preventing its expansion across the whole system. Reactive techniques follow a three step approach by comprising the phases of detecting an attack, mitigate its impacts, and finally restore a system's usual operation.

Based upon this categorisation of resilience strategies the lecture will give an excursus to graph theorie and will introduce generic strategies to increase the resilience of networks, e.g., proactively establishing backup routes and fast restoration strategies. Furthermore, the lecture will provide an overview on BGP routing and the Domain Name Service, as two essential Internet services. Both services are presented and current attacks as well as corresponding countermeasures are described. Moreover, Denial of Service attacks and their mitigation are observed in detail as well as mechanism for increasing the resilience of P2P networks. Finally, Intrusion Detection systems are covered as mechanisms to mitigate the impacts of successful attacks.

Please register to the mailing list

Teaching Material (SS19)

Lecture Schedule

This link leads to the coursera course on crypto by Dan Boneh, as mentioned in the lecture.

Reading Group Schedules

Initial set of papers, more potentially to follow...

Template that helps reading papers (h/t: anonymous student from Darmstadt).

Collaborative Editing: https://etherpad.net/p/resilient_networking

Overview of Information