CARMA modelling of network security (by V. Galpin)

Software Defined Networks (SDNs) provide a flexible approach to networking. They are characterised by switches with dynamic behaviour which is determined by a single controller or set of controllers. This adaptivity allows for network topologies that can respond to the current circumstances and hence permit a co-ordinated response to attacks on the network such as denial of service (DoS).

CARMA (Collective Adaptive Resource-sharing Markovian Agents) is a process-algebra-style modelling language developed to model collective adaptive systems. It is allows expressive attribute-based communication using unicast and/or broadcast and its semantics are expressed as time-inhomogeneous continuous-time Markov chains, allowing for simulation of models using a kinetic Monte Carlo algorithm. An important aspect of modelling collective adaptive systems is spatial distribution and the language of the CARMA Eclipse-Plugin, CaSL, provides a syntax for describing discrete space as graphs.

This presentation demonstrates how CARMA/CaSL modelling can be applied to networks, specifically software defined networks. The space syntax is utilised to define the physical network infrastructure, allowing for models to be parametrised by a network description. This parameterisation means that the model consists of only four generic component definitions. A number of scenarios will be presented included a DoS attack and performance evaluation of a mitigation for a side-channel attack. Additionally, model parameters and validation will be considered.