Skip to main content

CyLab News

Recent CyLab research makes big push in improving network testing and verification

To date, network administrators have been challenged with checking whether a network configuration correctly implements a suite of intended security policies. This is hard even for basic reachability policies (e.g. Can X talk to Y?) in simple networks.  In practice, network administrators would like to implement more complex security postures using more advanced network functions (e.g., web application firewalls, intrusion prevention systems). 

“The more complex the policy and the more advanced your network fucntions are, the harder it is to give the network administrator assurance that the policy is realized correctly in the network,” says Vyas Sekar, an assistant professor of Electrical and Computer Engineering (ECE) and principal investigator of the study. “But for the first time, we’ve made network testing for checking dynamic policies with stateful networks practical.” 

Recent research conducted by CyLab researchers has paved way towards reliable network security assurances. The study, titled “BUZZ: Testing Context-Dependent Policies in Stateful Networks,” was presented by ECE Ph.D. student Seyed Fayaz at last month’s USENIX Symposium on Networked Systems Design and Implementation (NSDI). Other authors included Ph.D. Computer Science Student Tianlong Yu, a recent INI graduate Yoshiaki Tobioka and Software Engineering Institute researcher Sagar Chaki. 

Sekar also co-authored two other papers presented at NSDI, one of the top two conferences in the area of Computer Networks: 

CFA: A Practical Prediction System for Video QoE Optimization
Junchen Jiang and Vyas Sekar from Carnegie Mellon University
Henry Milner from University of California at Berkeley
Davis Shepherd from Conviva
Ion Stoica from University of California at Berkeley, Conviva and Databricks
Hui Zhang from Carnegie Mellon University and Conviva

Simplifying Software-Defined Network Optimization Using SOL
Victor Heorhiadi from the University of North Carolina at Chapel Hill
Michael K. Reiter from the University of North Carolina at Chapel Hill
Vyas Sekar from Carnegie Mellon University


See all CyLab News articles