UO earns $1M to design next generation network monitors

UO computer scientists have been awarded more than $1 million from the National Science Foundation to design better methods to monitor computer networks.

The grant was awarded to professors Reza Rejaie and Ram Durairajan, who co-direct the Oregon Networking Research Group in the CS department. This new project will build on their recent publication at a top-tier conference.

Today’s network operators need to closely monitor network traffic to obtain detailed and timely visibility into the state of the communication networks. This visibility enables operators to detect suspicious traffic patterns that might indicate problems concerning security, such as Distributed Denial of Service attacks, or management issues such as routing or performance.

Traditional approaches to monitoring networks use devices, known as network switches, that either send a summary of a network’s state or a mirror feed of all the network traffic to another server for closer examination. Unfortunately, Rejaie said, the former does not provide a sufficient level of detail while the latter is very costly. “The growing size and complexity of networks has made it even more challenging to gain fine-grain visibility into network traffic,” he said.

Rejaie and Durairajan’s research relies on runtime programable switches—a new generation of network switches that can be reprogrammed on the fly to monitor specific features of a particular portion of traffic that goes through the switch. For example, the switch can be programmed to monitor and report the bandwidth of individual video connections between UO users and YouTube or monitor and report the rate of new connections from external services to computers at UO.

Rejaie and Durairajan propose to use the programmable monitoring capability of a single or multiple modern switches across a network to develop a new generation of network security and management solutions.

Their work promises two key advantages for network operators. One is the ability to scale with network speed because there is no need to transfer all the traffic to another server, and the relevant portion of traffic can be examined by the switch at network speed, in real-time.

Another is agility because the switch can be reprogrammed during live operation to zoom into a different portion or different features of traffic. These advantages lead to “more reliable solutions to promptly deal with evolving network management and security problems for networks at any speed,” Rejaie said.

Other researchers involved in the project are UO PhD student Chris Misa, Walter Willinger from NIKSUN Inc., and Shahram Davari from Broadcom Inc.

“Receiving a competitive grant of this size reflects well on our entire team,” Rejaie said. “Core programs of the National Science Foundation often award this type of competitive, medium-size grant to multiple investigators at different institutions. Awarding the entire grant of this kind to two computer scientists at UO shows the quality of our proposed ideas.”

—By Laurel Hamers and George Evano, University Communications