Master theses

Here you find the list of currently available master theses. They are ONLY available for students at the UvA or the VU.

OpenFlow vulnerabilities

Start: ASAP
Contact: dr. Paola Grosso
Location: UvA/SNE in collaboration with SURFnet

Software Defined Networking is a new paradigm in controlling computer networks: end users and applications will be able to control network devices directly and will achieve customize network services.

OpenFlow is protocol that enables such control, by defining the interfaces between a controller running on the users’ behalf and the underlying devices.

There is already some work on using OpenFlow to mitigate attacks on the network, for example using OpenFlow to redirect traffic to filtering nodes; but there is not much research on the security of the OpenFlow setup itself, for example the communication with the controller and injection of rules.

The student should look at which attacks can be carried out on OpenFlow controllers. This can be done in our OpenLab and in the SURFnet OpenFlow testbed. In particular the student should assess how easy it is to inject malicious flow rules to manipulate traffic or cause denial of service.

OpenNSA backends

Start: ASAP
Contact: dr. Paola Grosso
Location: UvA/SNE in collaboration with SURFnet

The NSI (Network Service Interface) protocol is the result of NSI Work Group of the Open Grid Forum. It is an open standard to formulate a generic network service interface, i.e. the messages and protocols required to provide inter-domain network circuits to end users. NSI v2 is the current version of the protocol under definition. OpenNSA is a Network Service Agent, one of the seven software implementations of the NSI framework.

SURFnet is taking NSI into production as part of their Bandwidth on Demand tool. The SNE group is at the same time setting up a production NSA running with a finalized NSI v2 with a handful of permanent services next to our experimental facility. This can be used for interoperability tests with SURFnet.

This thesis works investigates the current missing components in NSA in order to make it fully operable, in particular the student will have to develop and test various  backend for different types of networking devices.

HEP and energy consumption

Start: ASAP
Contact: dr. Paola Grosso
Location: UvA/SNE in collaboration with Princeton University (dr. Peter Elmer) and KPMG (dr. Sander Klous)

The HEP – High Energy Physics – community has created complex distributed computing infrastructures to support fundamental research in physics.

Endeavors like the Higgs discovery at the Large Hadron Collider (LHC) at CERN requires a large number of machines spread across the globe. The WorldWide LHC Computing Grid (WLCG) comprises 150 computing centers across 40 countries, with ~350k x86-64 cores available for computation.

An interesting aspect that has not seen comprehensive attention so far is the energy costs of such infrastructures.

The student will investigate into what is possible to measure today in the WLCG, and report results from those measurements. These results should be related to the aggregate power use in order to make predictions regarding the power trends. We will concentrate on event reconstruction and simulation software.

Ultimately this project will try to determine the impact of design choices in the HEP software, and choices in the overall distributed architecture. To place it in context, we intend to compare the specific example of HEP applications with other types of distributed power-sensitive systems, specifically the IBIS system.

This project is carried out at the UvA under the supervision of dr. P. Grosso (http://staff.science.uva.nl/~grosso) in close collaboration with Princeton University and KPMG.

PAPI and energy consumption

Start: ASAP
Contact: dr. Paola Grosso
Location: UvA/SNE in collaboration with SURFSARA (Thomas Geenen), HvA (Bo Merkus) and SIG (Michiel Cuijpers)

PAPI is the Performance Application Programming Interface, a standard API for accessing hardware performance counters on modern microprocessors. Recently the PAPI library can provide information on energy consumption of systems as energy consumption is a growing concern for high-performance systems (See:
http://icl.cs.utk.edu/news_pub/submissions/ispass2013_papi.pdf).

We are interested in determining how the system behavior can be extracted from the PAPI counters without having to explicitly read power consumption with external measurement units.

We will focus on typical applications running on the LISA cluster at SURFSARA. The student should collect data from PAPI on the energy consumption in the nodes, later comparing the results with the instrumented LISA node being built at the HvA.

The desired outcome of the research work is a categorization of the energy profiles of few relevant software applications running on LISA, and the possible insight in which programming techniques and solutions should be adopted in order to have a higher energy efficiency.

This project is carried out at the UvA under the supervision of dr. P. Grosso (http://staff.science.uva.nl/~grosso/) in the framework of the Cluster Green Software project. The student will conduct the research in close collaboration with SURFSARA, HVA and SIG.

Advanced Metering Infrastructure

Start: ASAP
Contact: dr. Jan M. Amoraal/dr. A. belloum, +31 6 51837630, amoraal.jan at kpmg dot nl.
Location: KPMG
An advanced metering infrastructure (AMI) is a system of networked devices, e.g. smart (electrical) meters, and forms the basis of a so-called Smart Grid. With a Smart Grid it is possible, e.g. to match energy consumption to green energy production by, e.g., (externally) managing domestic devices, provide personalized services to consumers and even allow consumers to become suppliers of energy. For this to work requires real-time, up-to a minute, bi-directional communication between the networked devices and a robust and scalable communication network.

This project consists of a literature study and designing a advanced metering infrastructure. The aim of the literature study is to explore the available smart metering technologies and to determine which of these technologies allow to build a robust, scalable and future proof Smart Grid. This is then followed by developing an architectural network design of a Smart Grid for the chosen technologies. Implementing the AMI design in a toy Monte Carlo simulation is also a possibility.

Monitoring the cloud

Start: ASAP
Contact: Drs. Ing. Tünde Bálint/dr. A. Belloum, +31 (0)65 198 8517, balint.tunde at kpmg dot nl.
Location: KPMG
The main challenge when migrating services to the cloud is to identify the security issues and the problems which can derive from loss of control. After the services are migrated to a cloud provider, organizations should continue monitoring these services. Most of the cloud providers already have some type of monitoring which allows clients to see the status of their services, but unfortunately sometimes these monitoring tools are not detailed enough or the mapping between the virtual and physical resources isn’t visualized correctly.
This project consists of a literature study and the design and implementation of a real-time monitoring tool. The literature study should examine how different virtualization techniques and architecture designs can influence the client’s services. This is followed by the implementation of a reliable monitoring tool which shows the mapping of the client’s services to the underlying virtualized and physical layers. The status and performance of these services should be monitored near real-time.

Source code analysis with respect to Security-related problems

Start: ASAP
Contact: dr. Yaroslav S. Usenko/dr. A. belloum, +31 6 24449199, usenko.yaroslav at kpmg dot nl.
Location: KPMG.
Security is one of the most exposed and important areas in today’s IT. A lot of effort is being put into securing the infrastructure, networks (with firewalls), improving security governance and management. One of the areas that is often forgotten is security of applications, especially that of custom-made web applications. Initiatives such as OWASP and CWE define known security vulnerabilities in web applications. However, not so many flexible and automated tools are available to find security issues in the program code.

Most known vulnerabilities of this kind are SQL injection and Cross Site Scripting, that both boil down to proper input and output validation, which is often forgotten. It is interesting to approach this problem with static source code analysis. To this end, a tool for automatic analysis of source code w.r.t data flow and input validation is needed. This could help finding possible security issues in the program code.

Nomad VMs

Supervisor: Reginald Cushing
Location: UvA Science Park, Amsterdam
Motivation: If the trend in popularity of clouds is kept up we can expect the proliferation of cloud providers. Cost models of many providers include incur costs on data access outside their domain. In scientific computing it can turn out cheaper to migrate the VM to the provider closer to the datasets. The challenge is how can a VM do this autonomously?

Aim: To investigate if VM can autonomously optimize their own cost which for data intensive Vms should result in migrating the VM closer to the data. Will the individual optimizations also translate into a global optimization?

Method: Some pointers to tackle this problem are Pareto efficiency and multi objective optimization. Some of the costs that have to be considered are the cost per unit time for hosting the VM the cost for accessing data outside the domain, and the cost of migration. The best way to test the method is in a discrete event simulator where simulated Vms are given trace loads (patterns of communication and processing). The incurred cost of the VM is continuously calculated and is a candidate for optimization by reducing the cost either moving closer to the data(data-intensive) or moving away(for non data intensive).

Data Replication: Trade-off between consistency and latency

Supervisor: Spiros Koulouzis
Location: UvA Science Park, Amsterdam
Motivation: Nowadays, we see a shift in the way scientific research is done. Biologists, physicists, chemist, have started to look through complex and massive data volumes instead of microscopes or telescopes. Their analysis on data fuels the generation of even larger data volumes. Sciences are now producing more data then ever, for example, the LHC produces 15 PB/year and LOFAR is expected to produce 1.224 GB/h. In genome sequence data is doubling each year. Several technologies such as the Grid or the Cloud have being proposed in order to harness geographically distributed resources for large-scale data-intensive scientific applications that generate large data sets. However, ensuring efficient and fast access to such huge and widely distributed data is hindered by the high latencies of the Internet. Thus providing efficient data access and maximum data availability is a challenging task. One way of addressing these issues is to replicate data across different sites. Replication is used to reduce bandwidth and access latency in large distributed systems such as Data Grids or Storage Clouds where users require remote access to files.

Aim: Each scientific data-intensive application uses data in a different way. Some applications require to read large files and produce small-size files, while others require both reading and writing on a large number of medium or small-size files. Since the choice of the replication strategy strongly depends on the nature, size and use of the data replicated, we are interested in knowing what is the best replication strategy in terms of latency and availability and what is its consistency trade-off.

Method: In order to identify access patterns of scientific applications it will be necessary to either find real traces of file requests, or to simulate them based on some intuitive access scenarios. These traces will be used in order to evaluate different replication strategies in terms of file availability, latency, and consistency.

Automated performance scaling of services based on SLA’s in service registry

Supervisor: Frank Terpstra
Location: Enable-U in Amsterdam
Company: Enable-U is a company based in Amsterdam that specializes in SOA Governance. One of our products is a service registry called Enable-U 2See.
Aim: Enable-U is interested in expanding the capabilities of its service registry with auto scaling of services that are registered in Enable-U 2See. The idea is to provide capabilities to auto scale services when the load increases to make sure that the SLA’s that are set in Enable-U 2See are being met.

Method: Enable-U is either looking at the automatic deployment of whole processes or automatic deployment of individual processes which are part of the process for which the SLA needs to be maintained when the load increases. It would be an application of previous work done on auto scaling at the UvA.

Prerequisites: Experience in Java programming and an interest in workflow management systems and/or grid computing. An appropriate “stagevergoeding” is available.

Integration of a Service registry with Data Governance

Supervisor: Frank Terpstra
Location: Enable-U in Amsterdam
Company: Enable-U is a company based in Amsterdam that specializes in SOA Governance. One of our products is a service registry called Enable-U 2See.

Motivation: An important aspect which defines the quality of services in a SOA based IT infrastructure is the use of industry and corporate standards. Today SOA Governance solutions will help organizations to check for compliancy based on these standards. However semantic checks at the message level are not part of these solutions.

Aim: The goal of this research project is to connect tools that check at the semantic level (sometimes referred as Data Governance) to SOA Governance tools such as Enable-U 2See. Enable-U believes that by connecting Data Governance and SOA Governance organizations will improve the quality of their services.

Prerequisites: Experience in Java programming and an interest in SOA governance and message level semantics.

Stagevergoeding: An appropriate stagevergoeding is available.

Integration of service registry with Social Network solutions

Supervisor: Frank Terpstra
Location: Enable-U in Amsterdam
Company: Enable-U is a company based in Amsterdam that specializes in SOA Governance. One of our products is a service registry called Enable-U 2See.

Motivation: One of the benefits of SOA is reuse; by componentizing your IT infrastructure in logical building blocks with standard interfaces reuse is promoted. From an organizational level collaboration between the stakeholders is a requirement to achieve effective reuse. The challenge today is with the existing SOA Governance tools available collaboration is not effectively promoted. Enable-U believes by the incorporation of social networks and mechanisms this collaboration and therefore also the level of reuse can be increased. Thereby making their SOA infrastructure more effective. The integration of SOA and Social media has been pioneered within the bio-informatics field using the Taverna workflow system and MyExperiment social network for sharing workflow composed of webservices.

Aim: Within enable-u we are looking at achieving a similar integration with social media and our SOA governance tool (Enable-U 2See) but with the aim of being more generic. It should be reusable in fields as diverse as the financial sector, e-geovernment, telecom.

Prerequisites: We are looking for a Student with experience in social media and an interest in SOA governance.

Stagevergoeding: An appropriate stagevergoeding is available

Automated SLA calculations based on dependencies

Supervisor: Frank Terpstra
Location:  Enable-U in in Amsterdam
Company: Enable-U is a company based in Amsterdam that specializes in SOA Governance. One of our products is a service registry called Enable-U 2See.

Motivation: One of the artifacts we maintain for services registered in our registry is the associated Service Level Agreement SLA. SLA is an important attribute of a service within a SOA based infrastructure. It defines the performance the consumer application or process expects from consuming this service. However the process or application service level is depending on the SLA’s of the services it uses.

Aim: Enable-U is aiming at developing automated calculation to determine the SLA of the consumer application/process. By adding algorithms to calculate the top level SLA impact of using services are immediately visible. Architects, designers are then able to make the right choices which services to incorporate in their application or process.

Prerequisites: Experience in Java programming and an interest in grid computing.

Stagevergoeding: An appropriate is stagevergoeding available

Integration of API Management and SOA Governance

Supervisor: Frank Terpstra
Location:  Enable-U in Amsterdam
Company: Enable-U is a company based in Amsterdam that specializes in SOA Governance. One of our products is a service registry called Enable-U 2See.

Motivation: Traditional SOA governance takes the form of service registries in which ownership usage SLAs and other artifacts describing the use of a service is registered. Service registries are mostly used internally within an organization. A new development is API management. This concept allows organizations to facilitate external App developers to leverage their API’s. External developers who build mobile apps can be on boarded via a process to get access to the API’s the organization is exposing. These API’s that are services based on the REST protocol and are exposed to external partners /third party developers (as well as internal services that are used for internal consumption) need to be governed. Blending the two together will create a API Store. API’s can be considered as small Apps.

Aim:  The question is how can we apply the App store model (like Apple’s app Store) to the API’s, can we define integration as an API using the concepts of an App? Examples are http://gigaom.com/2012/05/28/the-api-ificiation-of-software-and-legos
www.programmableweb.com, www.webservices.nl. How can we blend API Management and SOA Governance? Is it possible to apply the world of Apps to API’s/services?

Prerequisites: Experience in app store concepts and an interest in SOA governance.

Stagevergoeding: An appropriate stagevergoeding is available

Comments are closed.