NET Capstone Projects

Come and see our latest projects at the NET Capstone Fair

Projects of 2023

Project Image

Simulation of Routing and Load Balancing in Low-Earth Orbit (LEO) Satellite Network

Discover the future of satellite communication as students demonstrate advanced routing and load balancing techniques in LEO satellite networks, enabling faster and more efficient global connectivity. Satellite networks will become an integral part of future communication networks, likely in the era of 6G. Starlink, for example, has deployed more than 3000 LEO satellites and started providing Internet services on multiple continents. Compared to terrestrial networks, satellite networks are more dynamic due to the orbiting satellites. In addition, compared to wired links between relays in terrestrial networks, inter-satellite links in a satellite network usually have much less bandwidth. Therefore, data forwarding and delivery in satellite networks need customized designs of routing and load balancing schemes. In this project, students worked on routing and load-balancing in a simulated LEO satellite network in two parts, after preliminary research on LEO satellite networks. The first was the software implementation of the LEO constellation with satellites orbiting the Earth. The second part was the testing of different routing strategies in the LEO satellite network and the refinement of a strategy for improved performance, which could be based on either heuristics or machine learning methods.

Project Image

Data Center Network Monitoring and Web App Service Provisioning

Experience the next level of data center management with real-time network monitoring and seamless web app service provisioning, optimizing performance and resource allocation. The goal of this project was to put together a system that can monitor the usage of Web services in a Data Center and automatically scale the deployment of an application based on traffic demands. Dynamic application scaling is essential to the cloud computing providers such as Amazon Web Services, as well as to cloud users, due to the commonly used pay-as-you-go billing model. For example, during low traffic time periods, less instances should be deployed, while more should be generated during peak traffic times. This project was accomplished using a variety of technologies, such as Kubernetes for application deployment, Terraform for managing infrastructure and all the attached resources, Ansible or Helm for managing applications and application states from within a Kubernetes cluster, Grafana for monitoring, and Docker for containerization or SDLens (i.e., a SDN monitoring web app) for monitoring operating on the OpenDaylight (ODL) controller.

Project Image

Implementing Network Security Applications in Open-Source SDN Networks

Delve into the world of software-defined networking (SDN) and explore innovative network security applications that enhance protection and resilience in open-source environments. This project required the students to implement one or more security applications (IDS, Firewall, etc.) on top of an SDN network. The students were asked to create individual SDN nodes, not just virtualization using mininet. It required the creation of open vSwitch nodes and creating an actual SDN network using open-source controllers such as OpenDayLight or ONOS. The application had to run on top of this SDN network made of commodity linux boxes. The group had to implement network security applications (e.g. firewalls) from scratch and test their performance.

Project Image

Service Function Chaining in Kubernetes using Service Mesh

Unlock the power of Kubernetes and service mesh technologies for agile and streamlined service function chaining, driving more efficient and scalable container orchestration. Due to the dynamicity of next-generation networks such as edge and 5G, an abundant number of service instances are created dynamically. The interconnection of these instances to form a whole end-to-end network service is a time-consuming and complex process. Service function chaining (SFC) is a technique that enables various Virtual Network Functions (VNFs) to be chained to act as a complete network service. Last year, 4th year students successfully implemented a basic SFC framework in Kubernetes. However, the framework was not dynamic in terms of assigning IP addresses to the containers and implementing a VXLAN full mesh network between worker nodes. Hence, the main goal of this project was to add dynamic features to the SFC framework. For example: Assigning IP addresses to the pods dynamically from an IP address pool Adding newly created worker node automatically to the VXLAN network. The project was mainly composed of 3 phases: Phase 1 – Implementing a basic scenario: Creating a basic infrastructure and deploying a simple service chain and steer the traffic to it. The goal was to get familiar with: Docker, OVS, network packet generator tools. Phase 2 – Implementing a Kubernetes cluster with SFC: Integrating the basic infrastructure with Kubernetes and deploying an SFC. The goal was to get familiar with Kubernetes, and Container Network Interfaces (CNIs). Phase 3 – Adding Dynamic functionalities: Writing a Python/Bash script code to add dynamic functionalities.

Project Image

Breach and Attack Scenario Datasets on the Cyber Gymnasium Platform

Witness the creation of a comprehensive, realistic cyber gymnasium platform, featuring diverse breach and attack scenario datasets for hands-on cybersecurity training and development. The Cyber Gymnasium is a training and simulation platform designed to teach Cyber Operators/technician/analysts on how to defend their network systems from adversary attacks and techniques. Industry partners (GD-MS and Field Effect) provided the training and simulation platform with training and support to Carleton University for use for the duration of this project. A breach and attack scenario were represented on the training and simulation platform via a dataset to simulate the network, background user data, and the breach and attack as it is applied against the network. For this project, students created datasets for the training and simulation platform that represented a minimum of 2 breach and attack scenarios. Students worked with GDMS/FE to identify a representative network in which Carleton characterized and created a simulation. Carleton University then researched the Mitre Att&ck Framework, identified and simulated that breach and attacks that were simulated against the representative network. Students also identified areas of the workflow/process which could be optimized to reduce the overall time required to generate a dataset.

Project Image

Network Datasets on the GD RANGE Platform

Explore the expansive GD RANGE platform, offering an extensive collection of network datasets to facilitate research, analysis, and advancements in networking technology. RANGE (Rapid Network Generation and Modeling Tool) is a high-fidelity network simulator developed by GDMS as part of the ARMOUR (Automated Computer Network Defense) program. RANGE is used to create realistic network simulations that are used in part to train cyber defense algorithms that utilize ML/AI. The simulated network was represented on RANGE via a dataset to simulate the network. Students worked with GDMS to identify a set of representative networks in which Carleton University characterized and created simulations using the RANGE platform. These datasets were then used to further enhance other areas of work within the ARMOUR and other GDMS programs. As part of this project, GDMS provided RANGE to Carleton University with training and support for use for the duration of this project. Carleton University also identified areas of the workflow/process which could be optimized to reduce the overall time required to generate a dataset.