Technology Exchange 

The Community Labeling and Sharing of Security and Networking Test datasets (CLASSNET) project supports network and security research with new, labeled, rich and diverse datasets to the research community. The project develops a framework for collaborative, community-driven enrichment and labeling of data, enabling use of our datasets for machine learning in networking and security. Second, the CLASSNET project makes data available to researchers through multiple methods, ensuring privacy of data while enabling flexible data computation. Finally, the project generates diverse continuous (constantly, automatically updated) and curated (selected by human) datasets for research use.

CLASSNET project innovates in dimensions of data labeling, data distribution and data sources. For data labeling CLASSNET provides a collaborative framework for low-friction sharing of annotations among researchers. The framework supports bulk, automatic, algorithmic labeling. For data distribution, CLASSNET supports multiple ways of data access, ranging from downloading anonymized data to processing data in cloud, on provider machines or via the code-to-data approach. Finally, CLASSNET data sources provide new, diverse, continuous, and curated datasets that are useful for network and security research, including traffic packets and flows, network telescope data, DNS data and Internet topology data.

Data from CLASSNET is available to researchers at no cost, and used to support education and research, and can be browsed and requested at https://comunda.isi.edu.

Single Bidiretional TF Service is Demanding: How to Establish and Monitor Multiple of Them in a Single Fiber?

The evolving demands in high-precision timing and ultrastable references have driven GÉANT to define a core Transfer Frequency Network (TFN) architecture that leverages parallel services on bidirectional transfer frequency (TF) lines.

Currently, only a few specialized research networks implement such configurations, integrating both coherent frequency transfer and precise time transfer on a single fiber line. As the concept gains traction, it becomes essential to verify the viability and performance of multiple coherent frequency and time transfers within a single line. This approach has the potential to significantly enhance the capabilities of research and academic networks, providing robust support for time-critical applications while optimizing infrastructure usage. The exploration and validation of this multi-service architecture will be a key step in advancing the effectiveness and scalability of high-precision networks.

The Square Kilometre Array (SKA) will be a multi-purpose radio telescope, that will play a major role in answering key questions in modern astrophysics and cosmology. Whilst the headquarters for this project is located at Jodrell Bank in the UK, the main telescope sites located in South Africa and Australia, supported by a global network of SKA Regional Centres – SRCs – located in its member states.

Collectively these SRCs will form a collaborative science ecosystem, the SRCNet, which will support collaborative and interoperable global access to SKA data – the quantity of which is expected to be around 700PB per year. In order for the SRCNet to deliver on these goals, a federated authorisation, authentication, and identity management infrastructure is crucial. Design and prototyping for such a federated infrastructure has been underway for the last two years, steered by UKSRC members based at UKRI STFC, alongside international collaborators from other SRCs.

The Authentication and Authorisation for Research and Collaboration (AARC) Blueprint Architecture (BPA) has formed a central part of the prototyping process for SKA, however it has been found that the architecture needed for SRCNet does not map directly to the existing BPA. Resultingly, the SRCNet team have been working to support and drive development of the updated AARC BPA, due to be produced as part of the recently commenced AARC-TREE project. This presentation will provide an overview of the prototyping work done so far, as well as share principles and assertions for the design of the final infrastructure and how these both relate and steer changes to the AARC BPA.

MS-CC will present a series of posters highlighting our three primary programs: Cyberinfrastructure Center of Excellence, Climate Science Collaboratory and Proof of Concept Grant. Posters will highlight the programs including the technology utilized, the participants involved and will include ways conference attendees can collaborate with MS-CC to support each program and the participating institutions.

Who should attend? Technical networking folks who usually attend TechEx, and would like to get more hands on and weedy with eduroam. Topics covered will include:

--Configuring and optimizing RADIUS Troubleshooting RADIUS

--Catching weird eduroam specific problems like UDP fragmentation and MTU issues Configuring to US eduroam best practices

ORION network telescope at Merit Network Inc. is one of the largest operational network telescopes in the United States designed to capture and analyze scanning activities and backscatter events across the Internet.

It passively monitors traffic directed toward unassigned IP address space which remains visible in the global routing system. This unsolicited traffic often includes malicious activities such as spoofed Denial-of-Service (DoS) attacks and address space scanning by attackers and malware seeking vulnerable targets and misconfigurations. Traffic volume at large network telescopes can exceed, on average, 7 GB per hour, necessitating the development of efficient methodologies to analyze and classify the traffic effectively.

In this poster, we present an approach to characterize and annotate anomalous unsolicited network traffic captured by ORION network telescope. We utilize the IP header information to label various types of anomalous activities, including scanning and backscatter events. We then apply supervised Machine Learning techniques to classify this traffic, evaluating and comparing the performance of multiple Machine Learning algorithms to improve the identification of malicious activities.

For the second year running, we bring you Mobility Day at Internet2 TechEx!

A joint meeting on mobility (heavily influence with adoration from Mobility Day at TNC) will take place on Monday,  Dec. 9th 2024 at Internet2 Technology Exchange.

Mobility Day is an annual event, covering topics including eduroam, mobile networks, 5G, CBRS, WiFi 7, Internet of Things, Passpoint/Hotspot 2.0 and other mobility related topics. Mobility Day is supported by the eduroam-US Advisory Committee (eAC).

Vocareum's LLM Gateway offers a groundbreaking solution for educational institutions, enabling secure, scalable, and efficient access to a variety of large language models (LLMs).

Trusted by over 7,000 institutions, including Georgia Tech and the University of Michigan, and supported by partnerships with the National Science Foundation (NSF), Databricks Academy, and AWS Academy, Vocareum's platform centralizes the management of LLM resources.

It ensures robust governance, budget control, and seamless integration with existing IT infrastructure. This poster session will explore the platform's capabilities, highlight real-world case studies, and demonstrate how the LLM Gateway enhances educational outcomes through AI-driven tools.

Feeling overwhelmed by the amount of noise, marketing jargon, and number of options in the identity and access management (IAM) product market? Feeling like home-grown and open source options aren't getting a fair shake?

You’re not alone. IT decision makers are relentlessly bombarded by trendy buzzwords and big promises from IAM vendors claiming to provide “the” tool or platform that can solve all their identity and access related problems. This poster session will cut through the hype and demonstrate how a data driven approach to IAM tool selection has been successfully applied by a variety of higher education institutions to select the appropriate IAM components for their institutions.

Our experts will share how they facilitated a data driven approach to: Prioritize Budgetary, Operational, Functional, and Technical Requirements: Selecting an IAM platform should incorporate both technology and business considerations. In this session you will learn how to identify and prioritize your unique requirements to turn them into actionable selection criteria.

Demystify Features from Functionality: Cut through the marketing jargon and endless advertised features to determine which ones truly apply to and can be leveraged by your institution. Optimize Your Investment: Discover how to evaluate operational costs, training requirements, and long-term scalability to maximize your investment. After attending this session you’ll walk away with a clear understanding for navigating the IAM platform selection process with confidence.

As networks become more complex and data grows at infinite volumes, virtualization and software control can help manage real-time automation and network performance by monitoring current statistics and logs.

However, growing networks also means growing number of problems that need to be caught as soon as they happen, or trying to find faults in the network if there is down time. Engineers have to be on call and take a large amount of time trying to deduce these errors. With intent-based networking, we have shown how simple bots can help requirements capture and automatic configuration of networks to help users with their needs. However, these bots can also help engineers catch errors and optimize the network itself.

Autoregressive large language models (LLMs) cite{touvron2023llama}, such as ChatGPT, have shown immense recent success in AI applications becoming more 'human-like' like in conversation, writing story books, creating art and more. However these model's performance relies heavily on volume of training data, number of parameters and computational cost.

Among these representations, the transformer architecture, the Bidirectional Encoder Representations from Transformers (BERT) and Generative Pretrained Transformer 2 (GPT-2) have shown how natural language processing tasks (NLP) can help communicate with users in a human-like manner such as in biology and conversation applications. Adapting such a model for network engineering will allow considerable effort in building the training data sets, computational challenges and identifying the challenges it can help solve.

Dive into the dynamic world of data privacy and cybersecurity with our "SecureShow: Privacy & Security Quiz Challenge."

This engaging quiz show-style event offers attendees a unique opportunity to test their knowledge, sharpen their skills, and deepen their understanding of critical information security concepts.

Through a series of fast-paced rounds featuring multiple-choice questions, true/false statements, and scenario-based challenges, participants will explore key issues such as encryption methods, compliance regulations, threat detection strategies, and incident response protocols. With interactive elements like buzzers and online polling tools, audience engagement is at the forefront, fostering a lively atmosphere of learning and competition.

Join us for an exciting journey through the realms of information security, where every correct answer brings us one step closer to a safer digital future." To ensure an engaging and informative quiz experience, the development process will focus on crafting questions, statements, and challenges that align closely with the themes of the conference, namely data privacy and cybersecurity. The quiz content will be designed to cover a range of topics within these domains, including but not limited to:

--Encryption Methods: Questions assessing understanding of encryption algorithms, techniques, and best practices for securing sensitive data. - Scenarios presenting encryption-related challenges and asking participants to identify the most appropriate encryption solution.

--Privacy Compliance Regulations: True/false statements testing knowledge of relevant privacy laws, regulations, and compliance frameworks (e.g., GDPR, HIPAA, CCPA).

-- Multiple-choice questions focusing on specific compliance requirements and implications for organizations. Threat Detection Strategies: - Scenario-based challenges simulating cybersecurity threats such as malware infections, phishing attacks, or insider threats.

-- Questions exploring methods for detecting, mitigating, and responding to various types of security incidents. Incident Response Protocols: - True/false statements evaluating familiarity with incident response procedures, including incident classification, escalation, and communication protocols.

--Multiple-choice questions on incident response best practices, roles and responsibilities of incident response team members, and post-incident analysis.

A Technological Overview of OpenRAN@Brasil

Building on the successful introduction of OpenRAN@Brasil at TechEx 2023, this poster presentation updates the program's significant advancements over the past year. We'll showcase some of the cutting-edge technologies integrated within the OpenRAN@Brasil testbed across its two ongoing phases.

Our aim is to provide an overview of the diverse technological domains harnessed within the OpenRAN@Brasil testbed, including 5G Open RAN integration, programmable P4 switches for network programmability, and cutting-edge orchestration solutions including KVM, Kubernetes, EMCO, and NEPHIO.