Pen testing the intra network elements


Project Description

A number of elements exist in the network that can affect the quality, reliability, performance of network connections. They are normally used to improve the end user experience but remain mostly invisible to him/her. Examples of such elements are Web Access Firewall (WAF), Network Firewalls, Traffic shaper, Intrusion Prevention Systems (IPS), Proxies, CDNs, Tunnels, Encapsulation/Translation mechanisms (IPV4/IPV6, HTTP1/HTTP2, etc.), etc.. It is thus very important to continuously verify that these systems behave as they should, that they have not been misconfigured (accidentally or intentionally). It is also very important to be able to verify that no malicious actor has introduced such element on a route between two communicating parties. As part of an ongoing research project, we have developed a platform that enables to generate test cases and test campaigns exactly for that purpose. The goal of this project is to use that platform to develop test campaigns against specific use cases, such as the detection of a WAF, for instance. The campaigns, once produced, will be tested experimentally at large scale by using machines deployed all over the world. The analysis of the results and of the lessons learned is going to be part of the project as well.
Program - Computer Science
Division - Computer, Electrical and Mathematical Sciences and Engineering
Center Affiliation - Resilient Computing and Cybersecurity Center
Field of Study - network security

About the

Marc Dacier

Professor of Computer Science and Associate Director of Cybersecurity Center

Marc Dacier

Desired Project Deliverables

The intern, together with the other people involved in this project, will first select an interesting use case and, then, develop the test campaigns needed for that target. He/she will design an experimental campaign and run it. He/she will analyse the experimental results. The ultimate goal will be to produce a paper summarizing the work that could be submitted to a security or networking measurement conference. A desire to understand how networks function, an appetite for looking at packets and strange protocols is a must. Python programming is going to be required.