Past Projects

  • Anomaly Detection for Physical and Cyber Security Information, research contract with a private company: research of developing Machine Learning-based techniques aim to detect anomalies jointly exploiting information from physical and cyber security systems.

  • Cyber security for Critical Infrastructure (CYBIC), research contract with a private company: research activity within a research project aims to create a solution for the automation of the security monitoring of critical infrastructures.

  • "Gestore Avanzato di Scambi di Potenza in Alta Tensione per reti Energetiche della Difesa (ITER)", PNRM (Piano Nazionale della Ricerca Militare) research project, Italian Ministry of Defense, 2019-2021;

  • "DNS and HTTP tunnelling detection", research contract with a private company, 2020;

  • The Satellite Communications Network of Excellence - SatNEx IV - COO2 Part 2, "Innovative Networking Solutions for SatCom in 5G and beyond", European Space Agency (ESA) research project, 2019-2020;

  • "Analysis of future 5G application scenarios and the security level of communication protocols", research contract with a private company, 2017-2019;

  • The Satellite Communications Network of Excellence - SatNEx IV - COO2 Part 1, "Alternative security schemes for integrated satellite terrestrial networks", European Space Agency (ESA) research project, 2017-2018;

  • The Satellite Communications Network of Excellence - SatNEx IV - COO1 Part 2, "Multi-homed network architectures for flying ad-hoc networks (FANETs) and nano-satellite swarms", European Space Agency (ESA) research project, 2016-2017;

  • "PLUG-IN - Platform for Urban Mobility with Management of Information from Heterogeneous Sources”, Italian Ministry of Education, Universities and Research (MIUR) within Ligurian Technological District - SIIT, 2013-2016;

  • The Satellite Communications Network of Excellence - SatNEx III - COO2, European Space Agency (ESA) research project, 2012-2014;

  • The Satellite Communications Network of Excellence - SatNEx III - COO1, European Space Agency (ESA) research project, 2010-2012;

  • "slimPORT - Port Safety, Logistics, InterModality", Italian Ministry of Economic Development (MISE) research project, 2009-2012;

  • "Emulator for an ETSI BSM-compliant SI-SAP interface", European Space Agency (ESA) research project ITT AO/1-5615/08/NL/JK, Item 07.153.16 - ARTES-5, 2007-2010;

  • "Study, Simulation and Implementation of QoS-oriented Solutions over OTE Devices Studio" (Coordinator Prof. M. Marchese), research contract with Selex Communications s.p.a., 2007-2009.

  • "SatNEx II, European Network of Excellence", European Union (EU) research project, 2007-2009;

  • "Design, Analysis and Implementation of Quality of Service Oriented Platforms" (Coordinator Prof. M. Marchese), research contract with Selex Communications s.p.a., 2006-2009.

  • "Bora-Bora" (Coordinator Prof. M. Marchese), Italian National Interest Research Project (PRIN), Italian University and Research Minister (MIUR), 2006-2007;

  • "SatNEx I, European Network of Excellence", European Union (EU) research project, 2005-2007;

  • "FORM-SAT, CNIT Satellite Network Extension for Advanced Didactics in the South of Italy", Programma Operativo Nazionali (PON) research project, Italian University and Research Minister (MIUR), 2000-2006;

  • "Study, Evaluation and Management of a Meteorological Radar Network", Environment Monitoring Centre and Italian Civil Protection research project, 2002-2005;

  • "Study, Design and Implementation of QoS-oriented Data Link, Network, Transport and Application Layer Protocols", research contract with Selex Communications s.p.a., 2002-2005.

  • "Teledottorato2 – Distance Learning for Ph. D. Students in Telecommunications Sciences and Technologies," Italian University and Research Minister (MIUR) research Project, 2003-2004;

  • "DIDANET – Didactics Satellite Network", Italian University and Research Minister (MIUR) research project, 2002-2004;

  • "Study, Design and Realization of a Reconfigurable QoS-oriented Satellite Network for Multimedia Applications", Italian Space Agency Project, 2001-2004;

  • "Transport Protocol and Resource Management for Mobile Satellite Networks," European Space Agency (ESA) research project, 2001-2003;

  • "Satellite On-board Switching System Emulation", Italian Space Agency (ASI) research project, 2000-2003;

  • "MYTHOS International Interpretes and Opera Artists Telelearning", Emilia Romagna Regional research project funded by the European Social Fund, 2000-2003;

  • "Teledottorato – Distance Learning for Ph. D. Students in Telecommunications Sciences and Technologies", Italian University and Research Minister (MIUR) research project, 2000-2002;

  • "LABNET", Italian University and Research Minister (MIUR) research project, 2000-2003;

  • "DAVID phase B", Italian University and Research Minister (MIUR) research project, 2001;

  • "Multimedia Services Integration over Satellite interconnected Heterogeneous", Italian Space Agency (ASI) research project, 1998-2001.

  • "Multimedia Project – Multimedia Interactive Network with Satellite Access", Italian National Research Council (CNR) research project, 1998-2001;

  • "Multimedia Project – Mobile Network", Italian National Research Council (CNR) research project, 1998-2001;

  • "Multimedia Applications Control, Managment and Test over Heterogenous Networks", Italian National Research Council (CNR) research project, 1996-1997;

  • "Telecommunications for Transport Services," Italian National Research Council (CNR) research project, 1996;

  • "Broadband ATM Networks for Multimedia Applications", Italian University and Research Minister (MIUR) research project, 1994-1996;

 

The main reference of SCNL research activity has been and is Quality of Service (QoS) management over heterogeneous networks, including satellite and wireless network portions, and network and critical infrastructure security issues. The main research topics currently addressed by the SCNL Lab are:

 

Satellite Communication Networks

Satellite Communication (SatCom) networks have always had a main role in allowing communicate people located in areas not covered by other communication technologies. However, recently, their involvement in worldwide data communications is becoming more and more pivotal. With the born and growth of the fifth generation of mobile communications (5G), a higher number of people and industries are envisioning SatCom networks as an additional mean to extend Internet coverage throughout the Earth and as a backup solution to increase the reliability of the terrestrial Internet.

 

Routing in Nanosatellite Networks

Industries and companies such as SpaceX, Google, and Facebook, are designing constellations made of thousands of small satellite (called micro- and nano-satellites) to be deployed in the next few years in order to build a universal “Space Internet” able to support the classical and legacy terrestrial Internet. However, a lot of challenges from several viewpoints are still open, such as how to route the information throughout this network considering the strict hardware constraints of these space nodes.

People Involved: Fabio PatroneMario Marchese

Principal Recent Results:

  • T. de Cola, M. Marchese, M. Mongelli, F. Patrone, A Unified Optimisation Framework for QoS Management and Congestion Control in VHTS Systems”, IEEE Transactions on Vehicular Networks, 10.1109/TVT.2020.3015252, accepted for publication.
  • M. Marchese, F. Patrone, “E-CGR: Energy-aware Contact Graph Routing over Nanosatellite Networks”, IEEE Transactions on Green Communications and Networking, vol. 3, n. 3, pp. 890 - 902, 2020.

  • T. de Cola, M. Marchese, A. Moheddine, M. Mongelli, F. Patrone, “QoS-Aware Handover Strategies for Q/V Feeder Links in VHTS Systems", IEEE International Conference on Communications (ICC) 2020, Dublin, Ireland.

  • F. Davoli, T. de Cola, M. Marchese, M. Mongelli, F. Patrone, “Smart Gateway Diversity Strategies for Q/V Feeder Links in SDN-Satellite Networks", Mediterranean Communication and Computer Networking Conference (MedComNet) 2020, Arona, Italy.

  • F. Davoli, C. Kourogiorgas, M. Marchese, A. Panagopoulos, F. Patrone, “Small satellites and CubeSats: Survey of structures, architectures, and protocols, International Journal of Satellite Communications and Networking, vol. 37, no. 4, pp. 343 - 359, 2019.

 

5G satellite/terrestrial integrated networks

SatCom networks became a viable solution to improve the current Internet connectivity in the vision of the upcoming 5G technologies. Satellites can offer higher coverage (they do not suffer from geographical limitations), reliability (they cannot be damaged by harmful events such as natural disaster or wars), and extend Internet connection to rural and remote areas where there is no other kind of telecommunication infrastructure (and the cost to build a terrestrial network from scratch would be prohibitive). However, the employment of networking solutions designed and developed for terrestrial networks is not straightforward.

People Involved: Fabio PatroneMario Marchese

Principal Recent Results:

 

Internet of Thing (IoT)

A lot of different IoT communication protocols are available on the market. However, their communication capabilities and coverage areas are limited. We are developing a solution based on a flying IoT gateway equipped onboard an UAV, which allows users to collect data from IoT sensors and forward them towards the Internet exploiting cellular communications (if available) or satellite connectivity (when needed).

People Involved: Aya MoheddineFabio PatroneMario Marchese

Principal Recent Results:

 

Cyber-security

Nowadays a lot of important applications such as public services, Internet banking, and also systems devoted to defend are dependent on networks and computers. For this reason, they are often the target of malicious software (malware, spyware, etc...) attacks. Malware is software specifically designed to insert itself in a computer system without the approval of the owner using techniques such as trojans, backdoors, keylogger, and worms. To prevent these type of attack it is necessary to accurately detect malware and other types of intrusions.

 

Network Security

In particular, the integration of intrusion detection algorithms in a Software-Defined Networking (SDN) environment and in future 5G. We are developing an SDN-based Intrusion Detection System (IDS) where SDN switches extract and send all packet flow statistics to an SDN Controller which catalogs the incoming flows as normal or malware by using Machine Learning (ML) algorithms and instructs the SDN switches to drop the malicious flows.

People Involved: Alessandro Fausto, Mario Marchese

 Principal Recent Results:

 

Cyber-Physical security for Critical Infrastructures

The integration of Information Technology in the control systems of critical infrastructures (CI) brings totally new security threats. The "security by obscurity" paradigm that was generally accepted especially in the energy sector is no more efficient: the smart grid, and in general the smart city concept, requires strong communication between all the elements involved, which lead to many security risks; in this case however not only data are threatened, but also the safety of industrial processes, environment and human lives. The research activity focuses on the correlation between the cyber and the physical domain, in order to detect anomalies and improve the resilience of CI, and on attack injection and penetration strategies employing a Machine Learning (ML) approach for Smart Grids and Distributed Energy Resources application scenarios.

People Involved: Giovanni Battista Gaggero, Mario Marchese

Principal Recent Results:

Contact Info

 

Satellite Communications and Networking Laboratory (SCNL)

Department of Electrical, Electronic, and Telecommunications Engineering and Naval Architecture (DITEN)

Polytechnic School, University of Genoa

Via all'Opera Pia 13, 16145 Genoa, Italy

mail:

phone: (+39) 010 335 2806 (lab)

phone: (+39) 010 335 6571 (office)

fax: (+39) 010 335 2154

 

Location

 

SCNL is located in Genoa at DIBRIS Department building (Dipartimento Interscuola di Informatica Bioingegneria Robotica e Ingegneria dei Sistemi) in Via all'Opera Pia 13, 16145 Genoa, Italy

Thesis

Our Master theses cover all the research topics at SCNL.

Our immediately available theses are:

 

Study and Design of Routing Algorithms for Nanosatellite/DTN Networks

 

Study and Design of a SDN Orchestrator for a Terabit/SDN Satellite Network

 

Study and Design of networking solutions for 5G integrated terrestrial-satellite networks

 

Study and Design of QoS Support in Software Defined Networks

 

Study and Design of malware detector inside an SDN controller

 

 

Study and Design of Cyber-Physical security strategies for Critical Infrastructures

 

 

Master's thesis abroad

Thanks to the close relations between SCNL and other foreign institutions, we offer the possibility to the students in master’s programs to spend a period abroad to work at the thesis at one of the SCNL partner institutions.

 

 

At the Institute of Communications and Navigation of Deutsches Zentrum für Luft- und Raumfahrt (DLR) German Aerospace Center.

 

For details:

Software

Networking simulators and emulators are particularly useful because they allows testing new networking protocols and algorithms or changes to existing ones in a controlled and reproducible environment. Moreover, compared to the cost and time involved in setting up an entire test bed containing multiple networked computers, routers and data links, network simulators are relatively fast and inexpensive.

Hybrid Simulator-Emulator Platform (HySEP)

Hybrid Simulated-Emulated Platform (HySEP) is a tool which integrates simulated and emulated networks, enabling simultaneously tests of wireless access technologies through simulations, and transmission of real traffic flows from/to real hosts. HySEP is composed of three main elements as shown in Figure 1:

  • Simulated Access Networks (SANs), implemented in PC1, is composed of mobile terminals and base stations, simulated using Network Simulator 3 (ns-3);
  • Emulated Core Network (ECN), implemented in PC2, is composed of a network of virtual machines (VMs). Each core network node implements the Differentiated Service (DiffServ) as a Quality of Service (QoS) solution;
  • Real Remote Host, implemented in PC2, communicates with the simulated nodes inside the ns-3 simulation. It is an end point for the up-link traffic flows generated by the simulated nodes, and collects and displays different statistics about these flows.


Figure 1: HySEP structure.

The interconnection between simulated and emulated networks is based on the use of virtual bridges and virtual interfaces (tun/tap) which can be configured to connect the ns-3 simulation in the user space of PC1 and the kernel space of PC1 where is located the Ethernet interface used to connect PC1 with PC2. Moreover a particular ns-3 simulated node, called Ghost Node, is necessary: it acts as an alias of a tap inside the simulated network. Its task is to forward real packets from the emulated network to the simulation and simulated packets from the simulation to the emulated network. To connect simulated and real nodes it is necessary to use ns-3 in real time mode to schedule the events in real time and to keep the synchronization with the real network.


Figure 2: Reference scenario for HySEP.

The reference scenario is represented in Figure 2: it is composed of two heterogeneous wireless access networks: LTE (green) and Wi-Fi (red). These two networks are connected to a Core Network. Two Edge Routers (ERs) are located at the frontiers of this domain: one communicates with LTE and Wi-Fi networks and the other is connected to a remote host. Three different terminals are included in this scenario: i) Wi-Fi terminals, called Station (STA) nodes; ii) LTE terminals, called User Equipments (UEs); iii) multimodal terminals, each of them equipped with both network interfaces. Each multimodal terminal is able to execute vertical handover while is transmitting a file of arbitrary type and dimension, using TCP or UDP.

 

Network Simulator 3 - Full DTN Protocol Stack

 

Network Simulator 3 (NS3) is an open source discrete-event network simulator. This software implements protocols, algorithms, traffic flow applications and all other functionalities necessary to fully simulate the behaviour of a network. Unfortunately, NS3 does not officially implement the Delay Tolerant Networking (DTN) paradigm, which can be useful to simulate all types of networks whose links suffer from high delays or disruptions (expected or not), such as Wireless Sensor Networks and Satellite Networks.
Our need was to have a tool which allows us to simulate a Nanosatellite-DTN network.
We have developed a module which includes:

  • a Scenario module: it allows setting different network parameters in order to simulate different scenarios;
  • a DTN module: it implements the characteristics of the DTN paradigm needed to perform a communication in this DTN-Nanosatellite network. It includes store and forward mechanism, a personalized and light version of the Bundle Protocol, and the developed routing algorithms;
  • a LEO nanosatellite constellation module: it computes and updates the position of each nanosatellite during the simulation time.

Figure 1: DTN stack implemented in our module.

 

Beacon-Mininet - ReRouting Module


Mininet is a free and open-source software for network emulation which allows to create a network composed by virtual hosts, switches, controllers and links running on a single Linux machine. Mininet uses lightweight virtualization in order to make a single system act like a complete network. Mininet is the most used emulator for SDN testing as it can provide a fully compliant SDN topology consisting of multiple instances of Open vSwitches, which support OpenFlow protocol and can therefore interact with a dedicated SDN controller.

A powerful software controller is Beacon, which is a Java-based SDN controller fully supporting OpenFlow protocol. Beacon architecture is based on OSGi Framework, consisting of several bundles with specific functionalities interacting together by means of the Spring Framework.

Figure 1: Mininet

We are developing custom bundles dedicated to collect flow, queue, and port statistics from network switches, compute performance parameters and decide queueing strategy upon specific metrics. The chosen strategy is then implemented by installing ad hoc rules inside the switches by means of Flow Modification commands.

Figure 2: Beacon

The aim of these modules is to support Quality of Service using basic tools offered by OpenFlow protocol. When the offered load to a switch grows too much, our modules are able to detect the critical condition and take decisions accordingly in order to avoid packet loss. The queueing strategy allows therefore to avoid upcoming congestion based on the computed metrics.

 

Ryu-Mininet - IDS Module

  

Mininet is a free and open-source software for network emulation which allows to create a network composed by virtual hosts, switches, controllers and links running on a single Linux machine. Mininet uses lightweight virtualization in order to make a single system act like a complete network. Mininet is the most used emulator for SDN testing as it can provide a fully compliant SDN topology consisting of multiple instances of Open vSwitches, which support OpenFlow protocol and can therefore interact with a dedicated SDN controller.

Ryu is a component-based software defined networking framework. Ryu provides software components with well defined API that make it easy for developers to create new network management and control applications. Ryu supports various protocols for managing network devices, such as OpenFlow, Netconf, OF-config, etc. About OpenFlow, Ryu supports fully 1.0, 1.2, 1.3, 1.4, 1.5 and Nicira Extensions. All of the code is freely available under the Apache 2.0 license.

Figure 1: Mininet

We are developing custom application dedicated to collect flow statistics from network switches, compute some features and decide if the considered flow is affected by malware or not.

Figure 2: SF-IDS

The aim of these modules is to support malware detection using basic tools offered by OpenFlow protocol.

Satellite-Radio Network Emulator (ACE)

 

The aim of the ACE system is to emulate a network environment composed by a set of earth stations that communicate through a satellite platform. Every station may act as router and consequently may interconnect different networks.
Furthermore, in order to achieve the data communication through the satellite network, a satellite modem is included within each station. In more the modem may be an independent hardware entity connected to other units by means of a cable or also a network adapter card plugged into a unit (e.g. the router itself or a PC). In practice, it can be though as a data link layer of an overall protocol stack.

It is possible to identify, in a real satellite system, the following main parts:

      • a modem with an interface towards the upper layers (namely the network layer);
      • a channel characterized by its own peculiarities;
      • a data link protocol over the satellite channel and a satellite with its on-board switching capabilities.


Fig. 1 Overall Emulator Architecture and Real System.

The reference architecture of the emulator is shown in Fig. 1, along with one possible system to be emulated enclosed in the cloud (a GEO satellite system has been depicted in this case). Different units called Gateways (GTW) operate as interface among the emulator and the external PCs.
Each GTW is composed of a PC with two network interfaces: one towards the external world (a 10/100 Mbit/s Ethernet card), the other towards the emulator. An Elaboration Unit (EU), which has a powerful elaboration capacity, carries out most of the emulation, as the decision about the "destiny" of each PDU.
The interface towards the external world concerns the GTWs; the loss, delay and any statistics of each PDU regards the EU; the real transport of the information PDU through the network concerns the input GTW and the output GTW.

The various components are connected via a 100 Mbits/s network, completely isolated, by a full-duplex switch. In such way, the emulator has an available bandwidth much wider than the real system to be emulated, which should not overcome a maximum overall bandwidth of 10/20 Mbits/s.


Fig. 2 Emulator vs. Real System

In more detail, Fig. 2 shows how the different parts of the real system (modem, data link protocol, channel and switching system, as mentioned in the previous sub-section) are mapped onto the different components of the emulator.
It is clear in Fig. 2 that, the architecture of the emulator is not exactly correspondent to the real system. The earth station, identified by the grey rectangle, is divided, in the emulator, into two parts (GTW and EU). The network layer, the network interface towards the external world and the interface between the network layer and the satellite modem are contained in the Gateway (GTW).
The other parts of the modem (i.e. the data link layer, protocol and encapsulation), the overall transmission characteristics (e.g. bit error ratio, channel fading, lost and delayed packets), the on-board switching architecture as well as the queuing strategies are contained in the Elaboration Unit (EU).