WP1 Project Management

This workpackage covers the aspects concerned with the overall project management and coordination and follow up which will ensure that the project achieves successfully its state objectives on time, within budget and with the expected level of quality. The management activity will ensure that resources are deployed and adapted, will manage risks and eventual recovery actions, will facilitate communication between the team members and will handle liaison with the EC management.

In the same way this activity will assure that all activities are performed with quality reference, will check completion and adequacy of deliverables with respect to the contract and will arrange financial matters according to the EC contractual rules.

WP2 Big Data Network Traffic Summary dataset

This work package deals with designing, deploying, managing and provisioning with real ISP network flows a Big Data Network Traffic Summary dataset named ONTS (ONTIC Network Traffic Dataset).

The ONTS dataset, containing trillions of records, will be used by ONTIC analytics algorithms and will be stored in a Big Data platform based on a Big Data Architecture. Storage, database, processing and statistical analysis capabilities will be selected in this WP to meet the strict requirements of the ONTIC project and so a Big Data Architecture will be defined to be able to store network traffic summaries obtained from an ISP core network in real time. The Big Data Architecture will define the structure of hardware (e.g. network of cluster nodes)  and software (e.g. map-reduce Hadoop/Spark middleware, database management system) elements of which the Big Data platform will be made up. In short, the ONTS dataset will be stored in a Big Data platform that will be made up. In short, the ONTS dataset will be stored in a Big Data platform that will be a specific implementation of a Big Data Architecture for Network Traffic Summary dataset.

Moreover, an important task to be done in this work package is the design of a Provisioning Subsystem that will perform the following tasks in real time: a) to catch network packets crossing the core network of our ISP (Interhost-SATEC), b) to extract statistical information from each packet and generate a summary record, and finally, c) to store this summary record in the Big Data platform.

WP3 Scalable offline network traffic characterization system

The goal of WP3 is to design and develop a scalable analysis system for offline characterization network traffic traces.

WP3 specifically addresses the limits of the existent analysis techniques for big data:

  • available large-scale data mining algorithms are poorly optimized for cloud computing environments;
  • none or few complex mining techniques are available to be applied to petabyte-scale datasets;
  • large-scale mining algorithms are much less rich of features withj respect to the vast amount of algorithms that can be applied to small-scale datasets on a single machine;
  • recent advances in the networking domain, such as Software Defined Networking, and the presence of largely distributed phenomena, such as DDoS (Distributed Denial of Service) attacks, cloud storage services and CDN (Content Delivery Networks), require new network characterization approaches.

Algorithms developed in the ONTIC framework will run on top of the de-facto Big Data standard Hadoop platform. Furthermore, the Spark framework will be explored, thanks to the promising results of the latest reports. Further goals of WP3 also include exploring the feasibility of applying the devised algorithms into new domains, such as bioinformatics, genomic, physics , etc., and proper visualization of the characterization system results, to facilitate domain expert interpretation and interactivity.

WP4 Scalable online network traffic characterization system

ONTIC will propose a framework composed of techniques, that can mostly be qualified as semi supervised, for traffic characterization:

  1. Able to catch traffic patterns evolution
  2. Network anomalies and intrusions detection.

This system has to run online with a reactive level close to real-time. It then will have to cope with the huge amount of data and their high dimensionality level. In addition, this system consists of several functions (detection and analysis of traffic patterns evolution, anomalies and intrusions detection, automatic defense devices configuration with autonomously generated filtering rules, continuously updating of the system knowledge database, visualization, etc.) that have to run continuously and in parallel: parallelizing and synchronizing the execution of these functions is then an essential feature of the system. As the subsystems will mainly rely on unsupervised techniques (as clustering), we will then investigate a scalable and elastic architecture for online data stream clustering (more/less processes can be seamlessly added or removed on the fly during computation). A specific architecture for all these functionalities will then be designed in order to reach the near real-time reaction objective.

To cope with the huge amount of data and their high dimensionality level, different techniques overpassing current ones will be investigated and improved.

On the other side, when traffic patterns evolution is detected, a supervised subsystem needs to be re-trained for updating the system knowledge database. It will help the intrusion detection subsystem for improving its efficiency bu cutting some parts of the analysis to be run in each case. Last, an anomalies and intrusions detection subsystem will be investigated. It aims at detecting autonomously intrusions and anomalies, and to autonomously trigger countermeasures. For this purpose we will investigate information theory techniques for giving a score to anomalies abnormality. and depending on the score, generate automatically filtering rules to be deployed on network security devices. The target is to have very fast reaction giving the feeling to administrators and users of a proactive defense system.

All these subsystems will be developed and integrated for both evaluation in real environments and demonstration purposes.

WP5 Implementation, Integration and Verification

This WP has the following main objectives:

  • Integrate offline and online mechanisms and techniques into an autonomous supervised or unsupervised network traffic characterization system to be used as cornerstone of a new generation of scalable and proactive network management and engineering applications.
  • Parameterize offline and online mechanisms and set up the ONTIC framework.
  • Design, implement and validate prototupes based on Use Cases using the ONTIC framework components.
  • Perform verification on the ONTIC framework and the Use Case based prototypes, verifying compliance with the requirements defined in WP2, WP3, WP4 and WP5.

WP6 Exploitation and Dissemination

 The main aim of WP6 is to ensure the maximum awareness and visibility of project results.

In the scope of this work package the results of the ONTIC project will be used to externally promote and position the idea of the project. Therefore, the publication and dissemination activities of the scientific results of the project will be developed in this WP. Moreover, this workpackage will promote the dissemination and adoption of ONTIC outcomes to other application domains where scalability, accuracy and, ins ome cases real time response, are a must, such as bioinformatics, genomic, medicine, physics, social sciences, finances, marketing, etc.


Latest News

  • 1
  • 2
  • 3
BigDAP 2016

We are glad to announce the Third International Workshop on Big Data Application and Principles (BigDAP 2016), to be held 2016 August 28th, at Prague, Czech Republic.

Call for Papers:

Read more
BigDAP 2015

We are glad to announce the Second International Workshop on Big Data Application and Principles (BigDAP 20145), to be held 2015 Sept. 8th, at Futuroscope, Poitiers, France.

Call for Papers:

Read more
ONTIC Project press release by Polito

Polito has recently published a press release specifically for the ONTIC project on the December 8th 2014 edition of a leading Italian business newspaper, Il Sole 24 Ore, (, which is the most widespread newspaper among decision makers and business people in Italy. The full page of the newspaper which includes the press release is available as a PDF file after the break. Future plans are to evaluate the outcomes of this press release and include the possibility of a new press release with updated results of the project.

Read more