Training Workshop for Network Engineers and Educators on Tools and
Protocols for High-Speed Networks and Cybersecurity
Monday July 22 – Tuesday July 23, 2019
Registration is now closed
| The Cyberinfrastructure Network of Expertise (CNE) | Innovation Center Building, room 1400 |
| The Engagement and Performance Operations Center (EPOC) | University of South Carolina |
| The Research Computing (RC) Group at University of South Carolina | 550 Assembly Street, Columbia, SC 29201 |
|
Directions to hourly parking lot ($8 daily): Map |
Overview
This free hands-on workshop provides cyberinfrastructure (CI) engineers with an introduction to tools and techniques for the design, implementation, and monitoring of high-throughput networks and science demilitarized zones (Science DMZs). Each attendee will have full control of equipment pods emulating internetworks and tools (see figures below) to learn and test TCP-related issues, perfSONAR nodes distributed across networks, and Bro-based Intrusion Detection.
Outcomes
By the end of this workshop, attendees will:
Network Tools and Protocols: |
Bro/Zeek: |
perfSONAR: |
| Use tools and techniques for measuring performance | Describe Bro operations | Describe the operation of perfSONAR and use perfSONAR GUI to configure regular tests |
| Test Linux systems on emulated Wide Area Networks (WANs) | Manage and automate Bro instances | Analyze perfSONAR results on a variety of scenarios with injected packet loss and latency |
| Measure the performance of different TCP congestion control algorithms (Reno, HTCP, BBR) on high-throughput (10 Gbps) high-latency (varying parameters) networks | Instrument Bro for network forensics | Use pScheduler’s CLI to schedule tests |
| Measure the impact of parallel streams and maximum segment size (MSS) on throughput | Visualize measurement data using MaDDash | |
| Understand and use the psConfig Web Administrator (PWA) to host groups and tests |
Lodging Information
The closest hotel to the workshop site is Courtyard Marriot (630 Assembly St, Columbia, SC 29201, https://www.marriott.com/hotels/travel/caecd-courtyard-columbia-downtown-at-usc/"), 5-minute walking distance. Another option includes The Inn at USC (1619 Pendleton St, Columbia, SC 29201, http://www.innatusc.com ), which provides shuttle services to campus.
Intended Audience
The audience of this workshop includes IT educators, IT professionals, CI Engineers, High-Performance computing specialists, research systems administrators, security professionals.
Award Information
This activity is supported by NSF awards 1829698 and 1822567. Link to Official Webpage: NSF-1829698 and NSF-1822567
Pre-requisites
Attendees are required to bring their own laptops.
Agenda
| Time | DAY 1: Monday, July 22 - University of South Carolina Topic |
Presenter |
| 8:00 - 8:30 | Breakfast | |
| 8:30 - 8:40 | Welcome (PDF) | Jorge Crichigno (University of South Carolina - UofSC), Jason Zurawski (ESnet) |
| 8:40 - 9:10 | Importance of Cyberinfrastructure for Scientific Discovery (PDF) | F. Alex Feltus (Clemson) |
| 9:10 - 9:45 | Cyberinfrastructure for Big Science Flows: Science DMZs (PDF) | Jason Zurawski (ESnet) |
| 9:45 - 10:15 | Break | |
| 10:15 - 10:45 | End devices in Science DMZs: DTNs (PDF) | Jason Zurawski (ESnet) |
| 10:45 - 12:00 | Hands-on vLabs: WAN emulation and performance tools (PDF) | Jorge Crichigno (UofSC), Elie Kfoury (UofSC) |
| 12:00 - 1:00 | Lunch | |
| 1:00 - 1:30 | Role of TCP in large data transfers (PDF) | Jorge Crichigno (UofSC) |
| 1:30 - 2:30 | Hands-on vLabs: TCP best practices; congestion control, buffers, parallel streams, MSS, pacing (PDF) | Jorge Crichigno (UofSC), Elie Kfoury (UofSC) |
| 2:30 - 2:45 | Break | |
| 2:45 - 3:15 | Monitoring end-to-end systems: perfSONAR (PDF) | Jason Zurawski (ESnet) |
| 3:15 - 4:15 | Hands-on vLabs: measuring metrics in multi-domain networks with perfSONAR (PDF) | Jorge Crichigno (UofSC), Jose Gomez (UofSC) |
| 4:15 - 4:45 | Panel: Best practices, DTNs, research networks, perfSONAR | Moderator: Nasir Ghani (University of South Florida - USF). Panel: Paul Sagona (UofSC), Damian Clarke (Alabama A&M), F. Alex Feltus (Clemson), Jason Boryk (UofSC) |
| 4:45 - 5:00 | Questions, wrap-up day one | Jorge Crichigno (UofSC), Jason Zurawski (ESnet) |
| Time |
DAY 2: Tuesday, July 23 - University of South Carolina Topic |
Presenter |
| 8:00 - 8:30 | Breakfast | |
| 8:30 - 9:00 | The Cyberinfrastructure at National Laboratories (PDF) | Steve Tibrea (Savannah River National Laboratory - SRNL) |
| 9:00 - 9:20 | Monitoring end-to-end systems: perfSONAR's MaDDash (PDF) | Jason Zurawski (ESnet), Andrew Lake (ESnet) |
| 9:20 - 10:00 | Hands-on vLabs: measuring and visualizing RTT, throughput, packet loss with MaDDash (PDF) | Jorge Crichigno (UofSC), Jose Gomez (UofSC) |
| 10:00 - 10:30 | Break | |
| 10:30 - 11:10 | Security aspects of Science DMZs, high-throughput high-latency networks (PDF) | Von Welch (Center for Applied Cybersecurity Research - CACR) |
| 11:10 - 11:45 | Bro Intrusion Detection System (IDS) (PDF) | Elias Bou-Harb (Florida Atlantic University - FAU) |
| 11:45 - 12:45 | Lunch | |
| 12:45 - 2:00 | Hands-on vLabs: Bro IDS (PDF) | Elias Bou-Harb (FAU), Antonio Mangino (FAU) |
| 2:00 - 2:45 | Panel: Security aspects and best practices in high-speed networks | Moderator: Nasir Ghani (USF). Panel: Elias Bou-Harb (FAU), Von Welch (CACR), Damian Clarke (Alabama A&M), Jason Zurawski (ESnet) |
| 2:45 - 3:00 | Questions, wrap-up day two | Jorge Crichigno (UofSC), Jason Zurawski (ESnet) |
Virtual Laboratory (vLabs) Experiments
| Lab | Network Tools and Protocols | perfSONAR | Bro/Zeek |
| Lab 1 | Introduction to Mininet | Configuring Administrative Information Using perfSONAR Toolkit GUI | Introduction to the Capabilities of Zeek |
| Lab 2 | Introduction to Iperf3 | PerfSONAR Metrics and Tools | An Overview of Zeek Logs |
| Lab 3 | Emulating WAN with NETEM I: Latency, Jitter | Configuring Regular Tests Using perfSONAR GUI | Parsing, Reading and Organizing Zeek |
| Lab 4 | Emulating WAN with NETEM II: Packet Loss, Duplication, Reordering, and Corruption | Configuring Regular Tests Using pScheduler CLI Part I | Generating, Capturing and Analyzing Network Scanner Traffic |
| Lab 5 | Setting WAN Bandwidth with Token Bucket Filter (TBF) | Configuring Regular Tests Using pScheduler CLI Part II | Generating, Capturing and Analyzing DoS and DDoS-centric Network Traffic |
| Lab 6 | Understanding Traditional TCP Congestion Control (HTCP, Cubic, Reno) | Bandwidth-delay Product and TCP Buffer Size | Introduction to Zeek Scripting |
| Lab 7 | Understanding Rate-based TCP Congestion Control (BBR) | Configuring Regular Tests Using a pSConfig Template | Introduction to Zeek Signatures |
| Lab 8 | Bandwidth-delay Product and TCP Buffer Size | perfSONAR Monitoring and Debugging Dashboard | Advanced Zeek Scripting for Anomaly and Malicious Event Detection |
| Lab 9 | Enhancing TCP Throughput with Parallel Streams | pSConfig Web Administrator | Profiling and Performance Metrics of Zeek |
| Lab 10 | Measuring TCP Fairness | Configuring pScheduler Limits | Application of the Zeek IDS for Real-Time Advanced IDS Protection |
| Lab 11 | Router's Buffer Size | Preprocessing of Zeek Output Logs for Machine Learningm | |
| Lab 12 | TCP Rate Control with Pacing | Developing Machine Learning Classifiers for Anomaly Inference and Classification | |
| Lab 13 | Impact of MSS on Throughput | ||
| Lab 14 | Router's Bufferbloat | ||
| Lab Manuals | NTP Lab Series (PDF) | perfSONAR Lab Series (PDF) | Zeek/Bro Lab Series (PDF) |