Research

Our research area is divided into 5 main macro categories. Software Defined Networking, Internet of Things, Automotive, Data Management and Serverless and Microservice Architecture. Our activities therefore revolving around these 5 main topics and range from applied research to existing systems to theoretical research and development of original and innovative solutions. Furthermore, thanks to our partnerships with companies and the public administration of the Emilia Romagna region, we do advanced testing of existing systems and platforms, exploiting the knowledge deriving from our research activities.

Software Defined Networking

Software-defined networking (SDN) technology is a novel approach to cloud computing that facilitates network management and enables programmatically efficient network configuration in order to improve network performance and monitoring. SDN is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting. SDN suggests to centralize network intelligence in one network component by disassociating the forwarding process of network packets (Data Plane) from the routing process (Control plane). From the beginning one of the main goal of SDN was the focus on the security issues. Examples of possible security threats that we are looking for are: multiple compromised network boxes as a result of malicious injected flow-rules; prevent nodes from communicating or they may divert traffic flows for eavesdropping activities; inner loops and black-holes (usually difficult to detect via normal network scans); flow-rules replacement or removal with the aim of causing unexpected network behavior such as network boxes Denial of Service (DoS) and Man-in-the-Middle attacks; any kind of SDN controller exploitation that results in a compromised forwarding activity. Generally we focus on any possible applications of Software Defined Networking but our particular interest is the Industry 4.0 applications At Ulisse Lab we are looking for projects and thesis regarding:

  • Penetration testing and analysis of current and new SDN protocols, controller and applications
  • Practical testing and evaluation of the current state of art.
  • Develop tools and plug ins for the most important SDN controller with the aim to improve and evaluate the state of the security into a network
  • Improve and develop our ONOS controller framework which are developing based on a pool of tools for a industry 4.0 security administration.

Serverless and Microservice Architecture

A microservice architecture is a distributed application where all its modules are microservices. A microservice is a cohesive, independent process interacting via messages. For instance, consider a service intended to compute calculations. To call it a microservice, it should provide arithmetic operations requestable via messages, but it should not provide other (possibly loosely related) functionalities like plotting and displaying of functions. Serverless, instead, also called Function-as-a-Service, is the latests technology for designing and deploying distributed applications, those composed of multiple programs communicating via message-passing, possibly deployed in different hosts. This kind of architecture has proven popular due to inherent scalability and compatibility with cloud services and includes AWS Lambda, Azure Functions, Google Cloud Functions, and IBM BlueMix Cloud Functions. However, this architecture although have solved some of the main issues of cloud platform they’ve introduced also new one. At Ulisse Lab we are looking for projects and thesis regarding:

  • Analysis and testing of current or new Serverless paradigm, in particular we are developing a formal model that can describe, analyze and manage the security threat of such platform.
  • Develop of new security solutions for Serverless and MicroServices applications
  • Penetration Testing of real world case scenario applications, such as AWS, Openwhisk, ecc.

Automotive

Nowadays car are not simply more an engine able to move people and goods but they became a complex and heterogeneous collection of hardware and systems. Futuristic visions as autonomous pilot are close then we can imagine, but there is the need to feed the gaps in automotive security and privacy, as well as successful recent attacks on car computer systems from different manufacturers, are just two reminders of the increased threat to vehicle safety. Computer attacks are now a clear and present danger for car drivers, owners, dealers, manufacturers, and suppliers. Increased automation, vehicle-to-vehicle and vehicle-to-infrastructure communications, and advances in autonomous driving add computer security and data privacy to reliability and safety as cornerstones for consumer confidence and continued success in the automotive industry. At Ulisse Lab we are looking for projects and thesis regarding:

  • Analysis and testing of current or new protocols
  • Develop of new security solutions.
  • Penetration Testing of real world case scenarios.

Available Theses

Network Verification Tool and ONOS integration

SDN architectures need a formal method to verify the current network status in a efficient way. the objective is to Integrate the Network Verification Tool implemented in the student Thesis “Sviluppo di strumenti per il model checking in tempo reale del data plane di reti SDN”, into our ONOS SDN architecture and the apps implemented. Expected Results, Substitution of NetPlumber Tool with the one developed by Alessandro Pacielli, with performances tests and analysis results. Additional Info, For a bachelor thesis the workload can be more that the one required by the thesis credit number, for this reason this thesis can include both thesis and internship period for bachelor students

Pentesting Openwhisk

Despite AWS Lambda by Amazon seems to be the best Serverless Architecture currently used, Openwhisk by Apache is increasing the number of customers. Openwhisk is an Open Source platform so it seems to be a perfect target for a pentesting analysis. Objective, Pentesting / Bug Bounty of a Openwhisk platform. Additional Info, For a bachelor thesis the workload can be more that the one required by the thesis credit number, for this reason this thesis can include both thesis and internship period for bachelor students