Nils Rodday M.Sc.

Nils Rodday M.Sc.
CODE
Gebäude Carl-Wery-Str. 18, Zimmer 1604
+49 89 6004-7317
nils.rodday@unibw.de

Nils Rodday M.Sc.

 

Forschungsprojekt

Moving Target Defense

Das Projekt Moving Target Defense (MTD) hat das Ziel die Angriffsoberfläche eines Netzes durch kontinuierliches Ändern von Parametern zu reduzieren. Hierzu zählen Ansätze wie z.B. IP Address Shuffling und Port Hopping. Durch die Änderungen ist es einem Angreifer wesentlich schwerer möglich Reconnaissance zu betreiben und hieraus eine Netz Topologie zu erstellen. Sämliche Systeme im Netz würden bei diesem Ansatz bereits nach kurzer Zeit unter einer anderen Adresse, sämliche Services unter einem anderen Port erreichbar sein. Das Projekt beleuchtet verschiedene Ansätze von MTD und stellt deren Nutzbarkeit dar. Darüber hinaus werden neue MTD Ansätze erforscht welche zur Absicherung von Netzen genutzt werden können.

Konferenzbeiträge, Workshops und weitere Tätigkeiten:

- ISNCC, Istanbul (2019)
- CoNEXT, Heraklion (2018)
- RTUWO, Riga (2018)
- IETF102, Montréal (2018)
- RSA Conference USA, San Francisco (2016)
- BlackHat Asia, Singapur (2016)
- IEEE Network Operations and Management Symposium, Istanbul (2016)
- EIT Innovation Day 2016, Eindhoven (2016)
- PvIB CISO8, Utrecht (2016)

Veröffentlichungen:

Klement Streit, Nils Rodday, Florian Steuber, Gabi Dreo Rodosek. Wireless SDN for Highly Utilized MANETs. In Sixth International Workshop on ICT Systems for Public Protection and Risk (ICT4PPRR), 2019 IEEE. (to be published)

Nils Rodday, Klement Streit, Gabi Dreo Rodosek and Aiko Pras. On the Usage of DSCP and ECN Codepoints in Internet Backbone Traffic Traces for IPv4 and IPv6. In International Symposium on Networks, Computers and Communications (ISNCC), 2019 IEEE. ISBN: 978-1-7281-1243-5

Nils Rodday, Klement Streit, Gabi Dreo Rodosek, Aiko Pras; An Empirical Study of DSCP and ECN Usage by Application in Internet Traffic Traces, Poster @ CoNEXT 2018

Klement Streit, Nils Rodday, Gabi Dreo Rodosek, AODV-CBR: Capacity-based Path Discovery Algorithm for MANETs with High Utilization, RTUWO'18 - Advances in Wireless and Optical Communications, Nov 2018, Riga, Latvia. 2018

Nils Rodday, Aiko Pras and Gabi Dreo Rodosek. Towards European Network Sovereignty. In IFIP Proceedings of AIMS 2018. ISBN: 978-3-903176-12-6. Page 75-79

Rodday, N.M., Schmidt, R.D.O. and Pras, A., 2016, April. Exploring security vulnerabilities of unmanned aerial vehicles. In Network Operations and Management Symposium (NOMS), 2016 IEEE/IFIP (pp. 993-994). IEEE.

Seminar/Bachelor/Masterthemen:

BGP hijacking – RPKI topics

BGP hijacking is a pressing issue that has not yet been fully resolved. As trust is the basis for a BGP announcement to propagate through the Internet, it is relatively easy for an attacker to announce prefixes belonging to other organizations.

Several solutions have been proposed to (partially) solve the problem of BGP hijacking. RPKI is a promising approach that is using Origin-Authentication through certificates to determine whether an entity is allowed to announce a certain prefix or not.

As RPKI is a fast-moving field that is actively being researched by CODE, we offer several topics in the field. Students interested in the security of Internet routing are welcome to send a mail and ask for up-to-date topics in this area.

Network-based Moving Target Defense
One of the projects CODE is pursuing is network based Moving Target Defense. Permanently altering connection parameters (IP Address Shuffling / Port Hopping) is helping in reducing the attack surface an attacker has to target a system.

We offer several topics in this area (setup of lab environments, implementation of MTD approaches, evaluation of these approaches) for different levels. Students interested in the field of network security are invited to send a mail to ask for more specifics.

P4 – Network Programming
P4 is a new programming language to allow programming of packet forwarding planes (network cards). The advantages of Software-Defined-Networking are combined with the advantage of quick execution in hardware, therefore putting together best of both worlds.

We have several P4 networking cards at our disposal and are looking for students interested in working with a new programming paradigm that might change the way future networks are built. Please send an email if you would like to know where we currently stand with this project and to get to know more details about work that can be done.


Vorschläge durch Studenten sind ebenfalls gerne gesehen!