Pen testing the intra network elements


Project Description

A number of elements exist in the network that can affect the quality, reliability, performance of network connections. They are normally used to improve the end user experience but remain mostly invisible to him/her. Examples of such elements are Web Access Firewall (WAF), Network Firewalls, Traffic shaper, Intrusion Prevention Systems (IPS), Proxies, CDNs, Tunnels, Encapsulation/Translation mechanisms (IPV4/IPV6, HTTP1/HTTP2, etc.), etc.. It is thus very important to continuously verify that these systems behave as they should, that they have not been misconfigured (accidentally or intentionally). It is also very important to be able to verify that no malicious actor has introduced such element on a route between two communicating parties. As part of an ongoing research project, we have developed a platform that enables to generate test cases and test campaigns exactly for that purpose. The goal of this project is to use that platform to develop test campaigns against specific use cases, such as the detection of a WAF, for instance. The campaigns, once produced, will be tested experimentally at large scale by using machines deployed all over the world. The analysis of the results and of the lessons learned is going to be part of the project as well.
Program - Computer Science
Division - Computer, Electrical and Mathematical Sciences and Engineering
Center Affiliation - Resilient Computing and Cybersecurity Center
Field of Study - network security

About the

Marc Dacier

Professor, Computer Science<br/>Associate Director of Resilient Computing and Cybersecurity Center

Marc Dacier

Marc Dacier is a full professor of Computer Science (CS) and a member of the Resilience Computing and Cybersecurity research Center (RC3) at King Abdullah University of Sciences and Technology, Saudi Arabia.

Dr. Dacier obtained his Ph.D. from INPT in 1994 from his work done at LAAS, CNRS, in Toulouse (France). Since then, he has had a balanced career between industry and academia. After his thesis, he worked for one year as a security consultant in Paris, France, for France Telecom and the French ministry of interior. In 1996, he joined IBM Research in Zurich (Switzerland) to create the Global Security Analysis Laboratory (GSAL). In 2002, he became a professor at Eurecom. In 2008, he joined Symantec to build its European Research Labs. Later, he spent two years in the USA to manage all the collaborative research projects, worldwide. In that role, he was in charge of teams in France, Ireland, and in the United States. He was also the university relationship manager for Symantec Research Labs, worldwide. In 2014, he became the director of the cybersecurity research group at QCRI, in Qatar, where he lived for 3 years. In October 2017, Dr. Dacier came back to EURECOM to become the head of the Digital Security department and a full professor. An internationally recognized expert in cybersecurity, Dr. Dacier has served on more than 120 program committees of all major security and dependability conferences and as a member of the editorial board of several top-tier technical peer-reviewed journals.

Desired Project Deliverables

The intern, together with the other people involved in this project, will first select an interesting use case and, then, develop the test campaigns needed for that target. He/she will design an experimental campaign and run it. He/she will analyse the experimental results. The ultimate goal will be to produce a paper summarizing the work that could be submitted to a security or networking measurement conference. A desire to understand how networks function, an appetite for looking at packets and strange protocols is a must. Python programming is going to be required.