Cristian Hesselman appointed Professor by the University of Twente
"Bridge between network operators and the academic community strengthens our collaboration"
With effect from 1 March, SIDN Labs Director Cristian Hesselman has been appointed Professor of Trusted Open Networking at the University of Twente (UT). For one day a week, Cristian will be attached to a research group called DACS – Design and Analysis of Communication Systems – within the Faculty of Electrical Engineering, Mathematics and Informatics. The appointment is important recognition for both SIDN and Cristian, who has been teaching on two MSc courses at UT – Advanced Networking and Security Services for the IoT – since 2018. Cristian's work at UT dovetails perfectly with SIDN's public role. In this article, Cristian talks about his UT research plans and how collaboration between SIDN Labs and the university contributes to the security of the internet infrastructure. And therefore to problem-free, opportunity-rich digital living for everyone.
Social impact and value exchange
At SIDN Labs and UT, Cristian is involved with projects aimed at the development of technologies that increase internet security. So that the internet continues to meet society's changing expectations. Cristian's personal mission is closely aligned with those goals. "Contributing to the security of the internet infrastructure is central to what we do, both at SIDN Labs and at DACS," Cristian explains. "That infrastructure forms an indispensable but generally invisible communication layer, on which our whole digital community is built. The Domain Name System and the internet's routing system are good examples. Although SIDN is a private foundation, while UT is a public body, both organisations have public roles and missions. We're also committed to making research findings public and generic. So that other community members, including SIDN, can make use of them. Another thing the two organisations have in common is their commitment to collaboration and the sharing of knowledge and expertise. SIDN Labs and DACS also share an interest in two key research themes: network security and secure future internet infrastructures."
"SIDN and SIDN Labs form a unique combination, because we're able to bring together the operational and research worlds within a single organisation, with SIDN running .nl and us doing our research work. Cooperation with UT helps us to do that, and is therefore very positive and valuable. For example, researchers and students at UT will critically review our work and provide input from the perspective of their fields of expertise. And we'll provide the university with operational expertise, additional funding for research projects, and postgraduate research opportunities for students. The combination of research and industry is evident within the SIDN Labs team as well. Some team members concentrate mainly on academic research, while others are more involved with operational matters. My own role is to support the team, so that they are able to work as effectively as possible. After all, we are talking about a group of people with great technical expertise."
TUCCR and the DDoS Clearing House
A good example of the cooperation between SIDN Labs and UT is the collaborative Twente University Centre for Cybersecurity Research (TUCCR). TUCCR brings together entrepreneurs and enterprises, government agencies, research teams and postgrads, with the aim of acquiring new cybersecurity knowledge and sharing it with other TUCCR members for use in solution development. We published an article about the initiative in 2021. UT acts as the spider in the TUCCR web, supported by SIDN Labs as one of the Centre's founder members. Other members include SURF, Thales, Cisco, NDIX and the NCSC.
TUCCR works to reinforce the strategic digital autonomy of the Netherlands and Europe, with the emphasis on data and network security. "The initiative is a good example of the direct links between academia, industry and government," says Cristian. "TUCCR facilitates the translation of academic research findings into practical applications. It does that by bringing generic results to a level of maturity where they are suitable for use in products, services and cybersecurity."
"For an example of how research can lead to an operational service that enhances internet security, look at the DDoS Clearing House. The Clearing House concept is based on the doctoral thesis of a UT postgrad. We're currently developing the concept in the European CONCORDIA project, and using it for the Dutch Anti-DDoS Coalition. Under the CONCORDIA umbrella, we developed a testbed in 2021, for running DDoS Clearing House trials. Using the testbed, Clearing House members can measure the defining characteristics of a DDoS attack – duration, source IP addresses and so on – and share them with other members. Using the shared metadata, other members can prepare to defend themselves if they too come under attack. So the DDoS Clearing House supplements an organisation's existing anti-DDoS services. That approach, where research results are simultaneously published and put to practical use, is known as 'use-inspired research'."
"Development of the DDoS Clearing House is now complete. So we're ready to run a pilot within the National Anti-DDoS Coalition. If the pilot is successful, we'll hand the DDoS Clearing House system over to the National Internet Providers Management Organization (NBIP). They can then operate a production version of the Clearing House and share full details of DDoS attacks with the seventeen Anti-DDoS Coalition members."
Future internet infrastructures
Cristian has definite plans for using his professorship as a platform for research in the field of secure future internet infrastructures. One focus will be ways of giving internet users more control over the paths that their data follows around the internet. "The internet is a huge partnership of more than seventy thousand networks. Whenever data goes from one network to another, it always passes through others along the way, without the user knowing which. What's more, most networks and devices in our current digital infrastructure are 'black boxes', many of which are constructed or operated outside Europe. At SIDN Labs and UT, we're therefore investigating and testing various technologies for making the internet infrastructure more transparent. So that people and organisations can decide which networks they trust and want to use."
"One possible approach is open networking, in relation to which we're studying the potential of programmable network equipment. Such equipment runs open-source software, so that the user can see who has access to the data and whether the software has any 'backdoors'. What's more, users can program the equipment, including the hardware, themselves. Another line of research is new internet infrastructures, such as SCION. In that context, we're looking at various technologies with an open mind, because what ultimately matters is what expectations society has regarding the internet of the future."
"In order to make progress and strengthen our digital society, it's important to explore various possibilities and operate realistic testbeds with various partners. We can then progress from a research concept to a prototype, a testbed and a pilot, and ultimately arrive at an operational service or network. That way, we can achieve social impact that reinforces our digital society."
Want to learn more about SIDN Labs and our research team's ongoing commitment to maximising the reliability of the internet infrastructure? Visit https://www.sidnlabs.nl/.
Cristian is employed by SIDN and devotes one day a week to his professorship at the UT. SIDN pays for these hours.
