Σχολή Ηλεκτρολόγων Μηχανικών και Μηχανικών Υπολογιστών
Πρόγραμμα Προπτυχιακών Σπουδών
ΠΑΡΟΥΣΙΑΣΗ ΔΙΠΛΩΜΑΤΙΚΗΣ ΕΡΓΑΣΙΑΣ
Μέτρηση απόδοσης αρχιτεκτονικής συστημάτων ασφαλείας σε δίκτυα 5G
Measuring performance of 5G cyberdefence systems
Αναπληρωτής Καθηγητής Σωτήριος Ιωαννίδης (επιβλέπων)
Καθηγητής Απόστολος Δόλλας
Καθηγητής Ευτύχιος Κουτρούλης
This thesis focuses on the field of 5G network security, specifically in the area of programmable networks that use Kubernetes as a VNF controller. For these operating environments, there are currently no available solutions for efficient real-time monitoring and log aggregation that will enable network administrators to evaluate performace and security threats. While some general-purpose industry-standard solutions offer a number of features, such as leveled logs, advanced text formatting, built-in visualizations and frontends, their use introduces significant performance overheads and requires a lot of customization effort in order to be deployed in live networks.
In this thesis, a new metrics system, developed in Golang, is introduced to alleviate the shortcomings of the aforementioned solutions. It enables efficient real-time monitoring and evaluation of network services and its
parser-analyzer captures information related to network service performance and security and analyzes it in order to provide valuable insights. Automation scripts and Ansible configurations were also developed to facilitate and automate the monitoring and evaluation process, offering a more efficient and effective means of measuring the performance of network services as well as the effectiveness of the security countermeasures deployed in them.
The developed metrics system has been deployed, tested and validated in the PRINCIPALS research project. PRINCIPALS strives to enhance active network service management and security through the provision of security primitives to counter diverse types of attacks. The metrics system is an integral component
of the PRINCIPALS framework, providing real-time benchmarking capabilities, as well as serving as the main logging mechanism.