- Mentor: Alina Oprea, email: email@example.com
- Min-max team size: 5
- Expected project hours per week (per team member): 6-8
- Will the project be open source? Y
- Linux (Very important)
- Python or C/C++ (Very important)
- Basic network protocols, such as TCP and HTTP (Very important)
- Network switches (Rather important)
- DB technologies like InfluxDB (Rather important)
- Basic statistics (Nice to have)
The MOC is deploying the monitoring infrastructure that collects a number of different metrics from several layers of the cloud. Datasets from multiple sources (Ceilometer, Sensu, LogStash) are integrated into a time-series database (InfluxDB) that will provide various analytics services to the cloud provider and selected researchers. This project will augment the monitoring infrastructure to:
- Keep historical performance metrics into InfluxDB and allow queries based on different attributes (time interval, VM identifier, physical machine identifier, etc.).
- Augment the monitoring infrastructure with a proxy VM that will intercept network traffic of users opting in to this service. The proxy will collect finer-grained data on users’ network connections, including HTTP header information.
- Time-permitting, the team will simulate one or several attacks (e.g., VM performing a DoS attack, or visiting a malicious web site) and deploy some statistical techniques to detect them.
This project will create the necessary infrastructure for the analytics-based security service planned to be deployed in the MOC.
- Tools for monitoring the cloud
- Network traffic collection
- Time-series databases
- Simple attack simulation and detection