Studentische Arbeiten

• Implement the optimization algorithm structure in a chemical reaction network oscillator
• Evaluate both deterministic ODE and stochastic SSA simulator methods
• Vary parameters and adapt the structure to improve the performance of the network
• Compare the results with the purely analytical implementation

Robustness of Free-Space Optical Communications (FSOC) channels

Hyper-connected meshes are a growing idea that improves the connectivity in core networks. This approach adds several links to the existing core network to make it more dense and increases the number of simple paths in the network. There are several approaches to add these links to the network. In this work, we compare the robustness of the different approaches on different topologies and identify the best approach to add links in terms of robustness. 

We already have our tool to develop robustness surfaces for the given network. The student is expected to use this tool and compare the robustness of different approaches and make meaningful inferences.

[1] Manzano, M., Sahneh, F., Scoglio, C., Calle, E. and Marzo, J.L., 2014. Robustness surfaces of complex networks. Scientific reports, 4(1), p.6133.

[2] Rueda, D.F., Calle, E. and Marzo, J.L., 2017. Robustness comparison of 15 real telecommunication networks: Structural and centrality measurements. Journal of Network and Systems Management, 25(2), pp.269-289.

This work is in collaboration with Christofer Vásquez from the University of the Bundeswehr, Munich.

Voraussetzungen

How can the capacity of a quantum network nodes be assigned optimally to the connection of the node, such that the rejection rate and wasted resources is minimized.

How do different routing metrics for routing in quantum networks impact rejection rates and wasted resources.

In memory constraint quantum networks, how does entanglement need to be reallocated, such that most of the entanglement requests can be fullfilled.

The interdependence of communication networks and electrical power grids is a topic of discussion in recent times. Though researchers try to map the interdependence, there are no topology-level frameworks that have data on both communication networks and electrical power grids. This work aims to generate such topology-level frameworks to publish as open-source to encourage research along this direction.

Voraussetzungen

A cut set of a flow is a set of components when removed, cause the flow to fail. A cut set is minimal if it cannot be further reduced. Based on minimal cut sets for flows, this work aims to investigate a potential centrality metric to determine the importance of particular nodes in the network. 

Voraussetzungen

The goal is to optimize the purification for a given entanglement generation method.

The goal is to see whether the entanglement should be swapped at the request phase or in the ack phase, to increase the resulting fidelity.

The fifth generation of mobile networks (5G) is revolutionizing connectivity with its promise of ultra-low latency, high throughput, and massive device support. As users increasingly roam across national and international networks, ensuring secure and seamless roaming becomes a critical challenge.

While the control plane, responsible for signaling and session management, has been studied and fortified to an extend, the user plane, which carries actual user data (e.g., voice, video, internet traffic), remains a critical area for security enhancement. In roaming scenarios, user data traverses multiple operator networks, making it vulnerable to interception, manipulation, and privacy breaches.

This data is typically transported using the GPRS Tunneling Protocol for User Plane (GTP-U), a protocol originally designed for earlier generations of mobile networks. While GTP-U enables efficient tunneling of user data between network entities, it lacks built-in security features, making it susceptible to threats such as spoofing, tampering, and data leakage.

This master's thesis aims to implement, and evaluate security mechanisms for the 5G roaming user plane, focusing on GTP-U, encryption, integrity protection, and secure tunneling. The implementation will be done within Open5GS, and integrated into an existing dockerized roaming testbed.

Objectives

• StrongSwan Integration: Integrate and configure the StrongSwan IPsec application within the Open5GS UPF containers for the Home Routed (HR) roaming scenario.
• IKEv2 Configuration Evaluation: Implement and evaluate the impact of different Internet Key Exchange (IKEv2) settings (e.g., algorithms, key lifetimes) on the secure tunnel between the UPFs.
• Includes an investigation into using post-quantum key exchange certificates (PQKE) for IKEv2.
• IPsec Configuration Evaluation: Analyze the performance and security trade-offs of various IPsec settings, including different CIPHER suites (e.g., AES-GCM, ChaCha20-Poly1305) for integrity protection and encryption.
• Security Assessment: Man-in-the-Middle (MITM): Design and execute simulations of a Man-in-the-Middle (MITM) attack between the serving and home UPFs to assess the robustness of the implemented IPsec security measures.

Voraussetzungen

Implementation and evaluation of a holistic placement approach of modular application functions in emerging 6G networks.

Investigating the potentials of an adversarial 5G UE.

Background and Motivation

The 5G Core Network utilizes Service-Based Interfaces (SBI), which rely on RESTful APIs for communication between network functions. This design enables direct service-to-service interaction but introduces limitations such as:

• High latency due to HTTP session setup.

• Tight coupling and dependency on complete routing knowledge within services or the Service Communication Proxy (SCP).

To address these challenges, Release 16 introduced the SCP for indirect communication, and Release 18 added Service Sets for service grouping. However, both approaches still depend on centralized routing logic and synchronous communication models.

Problem Statement

The current REST-based communication paradigm in 5G Core Networks may not scale efficiently for Beyond 5G (B5G) systems, which demand ultra-low latency, high throughput, and dynamic service orchestration. There is a need to explore alternative communication models that support asynchronous, decoupled, and scalable messaging.

Proposed Solution

This thesis proposes the integration of Publish-Subscribe (Pub-Sub) messaging mechanisms—commonly used in distributed event streaming platforms such as Apache Kafka, Redis Streams, Google Pub/Sub, and Data Distribution Service (DDS) into the 5G Core Network architecture.

These platforms are capable of handling gigabit-scale data rates and millions of messages per second, making them suitable candidates for intra-core communication in future mobile networks.

Objectives

• Evaluate the feasibility of Pub-Sub messaging for 5G and 6G core network communication.

• Compare performance metrics (latency, throughput, scalability) between REST-based and Pub-Sub-based communication.

• Analyze architectural implications and integration strategies for Pub-Sub in service-based mobile core networks.

Goal-oriented (GO) communication is a novel concept that suggests directly taking the application context into account for network management and optimizing the resource distribution for the application goal. GO transport layer filtering of the traffic entering the network is one of the promising directions of GO communication for real-time Cyber-Physical Systems (CPSs). 

In particular, we consider a system of distributed networked control loops, in which sensors apply Reinforcement Learning (RL)-based filtering to observed real-time states and discard part of the measurements that might consume significant network resources but do not contribute to the control objective. 

While initial approaches assume fully distributed decision-making by sensors, the main goal of the current thesis is to explore the performance tradeoffs incurred by the coordination among loops. The main steps to achieve this goal include:

1. Develop a simulator including the application and networking counterparts, with the possibility of communication not only within a single control loop but also among loops. Primary communication mode implies distributed random access.

2. Formulate the system as a Markov Decision Process, i.e., define the action and state space and its dynamics, as well as design application rewards and communication costs.

3. Using the simulator as an environment for the RL agent, explore fully distributed and multi-agent RL approaches.

4. Make a performance evaluation and tradeoff analysis for different coordination options.

5. Optional: extend the results and compare against different communication scenarios, i.e., scheduled transmissions over 5G, including sidelink for coordination.

Voraussetzungen

Providing reliable voice communication over LDACS using IP-based networking

The 5G Service-Based Architecture (SBA) introduces new challenges and opportunities in the design of roaming interfaces between mobile network operators. Central to secure inter-operator communication are the Security Edge Protection Proxy (SEPP) and IP eXchange (IPX) network provider entities, which facilitate secure signaling across trust boundaries.

An existing Python-based simulation framework models a fixed 5G roaming topology with four entities: vSEPP, vIPX, hIPX, and hSEPP. While this setup is suitable for basic testing, it lacks scalability and flexibility for simulating realistic, multi-operator roaming scenarios.

This thesis aims to refactor and extend the SEPP and IPX implementations to support scalable, multi-connection environments, enabling dynamic routing and connection management across a larger simulated network. The SEPP must unify the roles of vSEPP and hSEPP, while the IPX must support parallel connections and enforce routing rules based on operator policies and network topology. To achieve realistic routing behavior, the thesis will incorporate the FRRouting (FRR) suite, an open-source routing stack supporting protocols such as BGP, OSPF, and IS-IS. FRR will be used to simulate routing decisions and path selection within the IPX network, enabling policy-based and topology-aware message forwarding.

Objectives

1. Unified SEPP Design: Develop a single SEPP module that combines both vSEPP and hSEPP functionalities, capable of handling multiple concurrent connections and maintaining session state.
2. Enhanced IPX Module: Extend the IPX implementation to support: Multiple parallel connections. Routing logic based on operator identifiers, trust relationships, and message types. Integrate with the FRRouting suite to simulate realistic routing behavior.
3. Scalability Framework: Design a flexible configuration system to instantiate multiple SEPP and IPX entities dynamically, simulating a larger roaming network.
4. Testing & Validation: Create test scenarios to validate connection handling, routing correctness, and protocol compliance.
5. Documentation & Thesis Writing: Produce comprehensive documentation and a formal thesis de-

tailing design decisions, implementation, and evaluation results.

Voraussetzungen

This thesis evaluates how a UE can be pingponged between two 5G base stations in case of an attack.

In this thesis, 5G SIB and RRC configurations of cells shall be analyzed for patterns of specific network operators in order to design a parameter generator for that operator.

5G is the latest generation of mobile networks, offering high data rates, ultra-low latency, and support for a wide range of applications. A key component of the 5G Core is the Security Edge Protection Proxy (SEPP), which ensures secure communication between Public Land Mobile Networks (PLMNs) in roaming scenarios.

To secure the control plane traffic between SEPPs, 3GPP defines the N32 interface, which is split into two parts: N32-c (for capability negotiation) and N32-f (for control message forwarding). While N32-c is secured using end-to-end Transport Layer Security (TLS), N32-f can either use TLS or a new protocol called PRotocol for N32 INterconnect Security (PRINS).

PRINS is designed to provide application-layer security using the Javascript Object Signing and Encryption (JOSE) framework, while still allowing intermediate IP Exchange Network (IPX) providers to route messages. This hybrid approach introduces new security challenges, especially in the presence of potentially untrusted intermediaries.

This thesis aims to conduct a formal security analysis of the PRINS protocol using the Tamarin Prover, a state-of-the-art tool for symbolic protocol verification. The goal is to model PRINS, define its security goals (e.g., confidentiality, integrity, authentication), and verify whether these goals are met under realistic threat models.

Objectives:

1. Study the PRINS protocol as defined in 3GPP specifications (e.g.,TS 29.573 and TS 33.501).
2. Model the protocol in Tamarin, including key exchange, message protection, and verification steps.
3. Define formal security properties, such as secrecy, authentication, and replay protection.
4. Analyze the protocol under different attacker models (e.g., compromised IPX, key leakage).
5. Compare PRINS with TLS-based N32-f in terms of formal guarantees.
6. Optionally, extend the model to include protocol variants or optimizations.

Voraussetzungen

Within current 6G research, so-called in-X Subnetworks (SNs) are envisioned to constitute a key technology for providing ubiquitous network connectivity. Possible deployment scenarios for these SNs include, e.g., industrial environments, vehicles, or drones to facilitate communication between users in geographically confined areas with high data rates, ultra-low latencies, and high reliability. The use-cases that are envisioned for in-X SNs are, e.g., intra-vehicle sensor-actuator communication, robot control in industrial environments, or in-body networks for health monitoring. SNs can thereby be operated in three different modes: In the standalone mode, the SN runs fully autonomous, while in the semi-autonomous and connected mode, the SN can receive control information from a so-called 6G umbrella network, and the SN Access Point (AP) can act as a gateway to the umbrella network.

Regardless of the operation mode, and despite SNs representing a new type of network, SNs still require frequency bands to provide their services. Therefore, adequate frequency planning mechanisms must be developed to mitigate interference among SNs, especially for SNs enabling high reliability communication services. Due to the deployment of SNs within autonomous vehicles, Unmanned Aerial Vehicles (UAVs), or robots, many of the SNs will be mobile. The mobility of SNs thus makes the problem of frequency planning for SNs a dynamic task. Since frequency spectrum is a limited resource, resource allocation mechanisms must focus on effective spectrum usage while ensuring a certain communication quality.

While there exists related work addressing this problem for mobile SNs, i.e., for varying interference scenarios, and optimizing resource allocation at different time instances, SN reconfigurations, i.e., changing a SN’s allocated frequency spectrum from one time step to the other, have not yet been considered. Due to the signaling overhead, a SN reconfiguration can, however, have significant impact on the service availability within a SN. Thus, in [1], the problem of dynamic frequency subband allocation to mobile in-X SNs with the objectives of minimizing SN reconfigurations and bandwidth usage while guaranteeing interference-free operation of all SNs has been studied and solved using heuristic algorithms.

To complement this work, this thesis should investigate different solution approaches based on Machine Learning (ML) to solve the problem presented in [1]. Specifically, in the case of a research internship, the student should implement a Graph Neural Network (GNN) to solve the optimization problem. In the case of a master thesis, it is also possible to change the system model and problem setting. Depending on the quality of the work, the results of the thesis can lead to a scientific publication.

[1] V. T. Haider, R. Pries, W. Kellerer, and F. Mehmeti, “Dynamic frequency planning for autonomous mobile 6G in-X subnetworks,” in NOMS 2025-2025 IEEE/IFIP Network Operations and Management Symposium, To Appear, 2025.

Goal: To obtain a rule-based heuristic from a well-performing AI agent for an NP-hard optimization problem. 

AI models, especially deep learning systems, often operate as "black boxes," making complex decisions without revealing how they arrived at a specific conclusion. Explainable AI provides insights into the decision-making process, fostering transparency. As future 5G/6G networks evolve, mobile operators will increasingly rely on AI-driven solutions. For widespread adoption, it's crucial that operators trust these systems, a trust that is far more likely to be built if they can clearly understand how the AI arrives at its decisions.

First, we will focus on extracting the underlying rules that guide AI decision-making. Next, we will aim to develop a rule-based heuristic that can replicate the AI’s performance, offering a simpler yet equally effective solution.

Voraussetzungen

In today’s business landscape, the demand for highly available, secure, and scalable networks is continuously increasing, particularly for large enterprises.

Conventional network management faces challenges such as complexity, with manual configurations being error-prone and time-consuming. It also struggles with scalability issues due to slow adaptation to changing needs and limited automation, which requires deep expertise. Modern solutions like SDN, NFV, and AI-driven automation address these problems by enabling dynamic, scalable, and policy-driven network management.

The traditional network management approach relies on manual implementation, requiring expertise in routing, Quality of Service (QoS), and encryption mechanisms. This results in high operational costs and makes the network prone to misconfigurations. Intent-Based Network Configuration Management is a modern approach to managing and automating networks, where the operator defines "what they want the network to do" (the intent) rather than specifying "how to configure the network" (manual steps). The system interprets these high-level intents and automates the necessary configurations and adjustments to achieve the desired outcome.

Voraussetzungen

This master’s thesis addresses the challenge of classifying encrypted traffic in large-scale networks. Traditionally, network operators could monitor and deeply analyze the traffic flowing through their infrastructure to optimize traffic management. However, since the rise of encrypted communications and security concerns, the details accessible by network operators have shrunk to a very high degree. Thus, the current project aims to propose and implement a method for in-network, flow-based encrypted traffic classification.

Alongside the increasing difficulty in classifying and analyzing encrypted traffic comes also the limitations of in-network classification in traditional networks. Traditional network monitoring and analysis methods suffer from little scalability. Therefore, the question addressed in this thesis is whether software-defined networks (SDN) are suitable for in-network traffic classification, relying on SDN-enabled switches distributed across the network operator’s infrastructure. For this classification task, a decision tree classifier implemented using the P4 language and running on the switches is proposed. Finally, the performance and accuracy of implementing such processing will be assessed.

Key points:

• Large-scale traffic classification

• ETC is a hot topic. It provides information to the network operator for optimizing traffic management

• SDN is the new networking paradigm that helps by relying on switches across the network for classification instead of relying on a central network element for it, which could be a bottleneck and could hinder getting real-time analytics.

• Decision Trees as the Machine Learning model used for traffic classification, based on previous work done in the field.

Voraussetzungen

The increasing complexity of video analysis tasks has led to the development of sophisticated machine learning applications that rely on multiple interconnected deep-learning models. However, deploying these applications on edge servers with limited resources poses significant challenges in terms of balancing response time, accuracy, and resource utilization.

This research aims to investigate the trade-offs between monolithic and microservice-based architectures for multi-model video analytics applications. We will leverage Apache Ray and Kubernetes to develop a comprehensive benchmarking and monitoring pipeline that systematically analyzes scaling configurations and resource utilization. Our goal is to identify strategies for reducing latency and communication overhead while handling the complexity of multi-model architectures.

Through case studies, we will implement two applications consisting of multiple ML models and explore various deployment configurations, from monolithic to fully microservice-based. We will analyze their performance under different scaling strategies and investigate the impact of model disaggregation on performance metrics during scaling.

The research will focus on addressing key challenges, including:

• Implementing effective monitoring and profiling across distributed services
• Balancing performance and resource utilization across multiple models
• Researching scalability solutions to meet strict latency requirements in edge computing scenarios

Our expected outcomes include a deeper understanding of the trade-offs between monolithic and microservice-based architectures and the development of strategies for optimizing the deployment of multi-model ML applications.

This project aims to identify, analyze, and mitigate antipatterns in AI applications that use microservices-based architectures in distributed systems. The focus will be on Apache Ray within a Kubernetes environment. The goal is to develop strategies to optimize performance and resource efficiency by addressing common antipatterns that can degrade system performance, such as inefficient communication between services, over-provisioning of resources, and poor task distribution.

To achieve this, the project will benchmark AI applications, including video surveillance and action detection systems, to understand how antipatterns emerge and affect key performance metrics like latency, throughput, and resource utilization.

The growing interdependence between optical access networks and electrical distribution systems is a key factor in maintaining the reliability of essential services in urban environments. As cities increasingly rely on both power and digital connectivity, the resilience of these interconnected infrastructures has become more critical than ever. This thesis explores the integration of various protection schemes within Passive Optical Networks (PON) and assesses their dependability on electrical distribution networks under multiple failure scenarios.

The protection schemes examined include the Unprotected scheme, as well as more robust configurations such as Type A (Feeder Fiber Protection), Type B (Dual Parented), Type C, and Type C2, which offer varying levels of reliability. These protection strategies aim to mitigate the risks posed by network failures, ensuring uninterrupted service in urban areas where dependability is essential.

A primary goal of this thesis is to develop a generic tool that can assess the dependability of optical and electrical networks, particularly within the context of FttX (Fiber to the X) architectures. While the focus will primarily be on FttC (Fiber to the Cabinet), the tool might also explore potential applications in FttB (Fiber to the Building) and FttH (Fiber to the Home) scenarios. By using OpenStreetMap (OSM) data to model real-world urban layouts, the tool will integrate these protection schemes into a PON planning system to design both optical and electrical network topologies.

Additionally, the tool will feature a failure analysis component that simulates different failure types – such as node, edge, and disaster failures – to generate robustness metrics. These analyses will be complemented by visualizations such as robustness surfaces and statistical breakdowns, offering insights into the resilience of urban infrastructures. Through this approach, the thesis aims to enhance the overall understanding of how optical and electrical networks respond to stress, with a focus on ensuring robustness and reliability in densely populated urban settings.

This thesis aims to achieve its objectives through a combination of Python scripting, data analysis libraries, and geospatial data sources. As a geospatial data source, OSM is planned to be used, and for processing and visualizing the networks Python will be used. Key Python libraries include Folium, which is employed to plot the networks interactively on maps, and NetworkX, used for creating and analyzing the structure of complex network topologies. Pandas can be used in managing and analyzing the large datasets generated from OSM and network simulations. Visualization tools such as Matplotlib, Seaborn and Folium will be utilized to create both static and interactive visual representations of the data, including network layouts and failure impacts. Together, these tools will enable a robust analysis of network dependability across optical and electrical infrastructures.

Voraussetzungen

The widespread deployment of Fiber-to-the-Home (FttH) in various markets has given consumers access to high-speed data connections over the extensive optical fiber-based core networks. End users usually access these networks with wireless devices using the 802.11 standard. However, as the next generation of IoT devices with VR and AI applications enter the market, the demand for improved bandwidth and latency has increased drastically. This has led to the development of Fiber-to-the-Room (FttR) networks, which seek to extend the fiber connections closer to the terminal devices by eliminating the bottleneck caused by traditional ethernet and wireless access. Current implementations utilize a cascaded XGPON optical distribution network (ODN) in convergence with WiFi 6. The ONU at the user’s premises is replaced with a Main FttR Unit (MFU), which acts as the OLT for the Sub FttR Units (SFU) in each room using point-to-multipoint architecture. The SFUs convert the optical signals to baseband and retransmit the data as WiFi frames.

These solutions keep both MAC and PHY layers between the optical transport and WiFi completely separated without using any synergies. This introduces various limitations to the FttR setup, such as degraded data rates, jitter / latency, and high power consumption. To solve these problems, a centralized wireless - optical access network (C-WAN) has been conceptualized, where the MFU becomes a central controller to enable seamless roaming, with deterministic low latency transmission and gigabit coverage for the entire room. Within the scope of this solution, a cross-domain MAC layer between optical and WiFi has been proposed to implement dynamic resource management and scheduling. Such a centralized and converged MAC protocol must reduce overhead and optimize the framing of both physical layers to minimize the processing delay at the SFUs. This thesis aims to design and evaluate such a minimal optical access protocol with a centralized controller and test its performance in an FttR setup. The ns-3 network simulator is used within the context of this thesis to implement, simulate, and analyze the designed protocol with C++. Extensive modules that simulate both XGPON and WiFi 6 are already implemented in ns-3 and can be modified as required.

Problem: BGP is performance-agnostic

Solution: incorporate a delay-related metric into the best-path selection process.

Approach: Estimate the round-trip prop_delay to destinations (/24s) within the routing table of the IXP

Goal: Evaluate if it is possible to outperform BGP’s route selection criterion, in terms of latency, with a measurement-based approach.

Providing Quality of Service (QoS) to emerging time-sensitive applications such as factory automation, telesurgery, and VR/AR applications is a challenging task [1]. Time Sensitive Networks (TSN) [2] and Deterministic Networks [3] were developed for such applications to guarantee ultra low latency, bounded latency and jitter, and zero congestion loss. The objective of this work is to develop a methodology to guarantee bounded End-to-End (E2E) latency and jitter in large-scale networks.

Voraussetzungen

5G networks increasingly serve mission-critical applications such as industrial automation, autonomous vehicles, and remote control. These use cases require highly deterministic communication with strict bounds on latency, jitter, and reliability. Time-Sensitive Networking (TSN), originally designed for wired industrial Ethernet, provides mechanisms for deterministic communication and is now being integrated with 5G to provide mobility. 

Although several reliability mechanisms exist, such as Frame Replication and Elimination for Reliability (FRER) and adaptive Modulation and Coding Scheme (MCS), their usage is typically fixed or manually configured. Real 5G environments, however, exhibit dynamic and sometimes unpredictable wireless channel conditions. This leads to the need for a Central Network Controller that dynamically applies the best reliability mechanism.

This thesis aims to simulate and analyze the dynamic management of reliability measures (e.g., FRER, MCS adaptation, and resource allocation) in TSN-5G networks, and evaluate their performance under varying channel conditions.

Deterministic, low-latency communication for time-sensitive data is a critical challenge in industrial and automotive networks. IEEE introduced the Ethernet standards Time-Sensitive Networking (TSN) to address these requirements. Using traffic prioritization and scheduling, TSN enables deterministic, reliable, and low-latency communication. However, industry 4.0 has intensified the need for mobility, such as using Automated Guided Vehicles (AGVs). To meet these demands, 5G must be integrated into TSN systems.
To explore the integration of 5G and TSN, a TSN-5G testbed is build to evaluate end-to-end schedulers and reliability concepts.

• Extend an existing molecular communication testbed setup to support multiple transmitters (and receivers)
• Implement at least three different multiple access schemes (TMDA, MDMA, NOMA)
• Evaluate the bit-error-rate performance of all schemes under different conditions
• Potential extensions: extend beyond 2 TXs/RXs, implement more schemes

In this FP, the goal is to implement and evaluate "Fake MAFs" in the existing medical testbed based on real traffic behavior.

Mobile roaming enables users to seamlessly access internet and communication services across the globe. These services are facilitated by Mobile Network Operators (MNOs) through extensive roaming agreements with numerous international counterparts. As a result, roaming interfaces have evolved into highly complex interconnection points, supporting a wide array of protocols and multiple generations of mobile network technologies. Large-scale MNOs, serving millions of inbound and outbound roaming users, must efficiently manage high volumes of network traffic — often processing thousands of packets per second. Even when focusing solely on control plane messages, this traffic generates substantial data, all of which passes through firewalls and contributes to extensive logging activity. Beyond firewall logs, several other data sources — such as diameter routing agents, DNS servers, and passive monitoring systems — offer valuable insights and can be integrated into a comprehensive analysis.

The aim of this research internship is to explore selected data sources within a controlled environment to identify correlations, uncover trends, and propose innovative approaches for leveraging this data in operational network management. The investigation will focus on a 4G roaming scenario, analyzing and comparing two distinct one-hour timeframes: A high-traffic hour during an international event, characterized by elevated roaming activity, and a regular hour on a typical day with no special events. Through this comparative analysis, the student will gain hands-on experience in data interpretation, network behavior analysis, and the development of actionable insights for real-world mobile network operations.

Objectives

1. Work into different data sources.
a) Firewall logs.
b) Diameter Routing Agent logs.
c) DNS server logs.
d) Logs from passive monitoring.
2. Investigate trends and correlations between the data sources.
3. Investigate the possible detection special events.
4. Investigate differences between the two distinct data sets.
5. Evaluate results and draw conclusions on the applicability of the collected information.
6. What can be done in future work?

Voraussetzungen

Mobile networks have evolved significantly over the years—from older generations like 2G, 3G, and 4G to the latest 5G technology. Each generation brings new features and changes in how data is handled and secured.

In older networks (2.5G to 4G), a special type of firewall called a GTP-Firewall was used to protect both the control signals (which manage the connection) and the actual user data (like videos or messages). These firewalls could see and filter all the traffic because it was sent in a readable format. 

With 5G, things are changing. The control signals now use a different protocol (HTTP/2), and the user data might be encrypted using IPSec. This makes it harder for traditional firewalls to inspect and secure the traffic in the same way.

To address this, a new function called IPUPS was introduced in the 5G standard. It helps secure user data but works differently—it doesnot allow the same kind of visibility as the old firewalls. This is fine in a pure 5G network, but it becomes tricky when 4G and 5G are combined in one system, especially when users move between the two (a process called handover). 

This research internship will explore how to combine the old and new approaches to security in a way that works smoothly in a mixed 4G/5G network. The goal is to understand the challenges and propose solutions that ensure both security and performance.

Objectives

1. Analyze the architectural and security differences between legacy GTP-Firewalls and the 5G IPUPS function.

2. Investigate the implications of HTTP/2-based CP and IPSec-protected UP on traffic inspection and security enforcement.

3. Design a hybrid model that enables secure and efficient CP and UP handling in a 4G/5G Combo Core.

4. Evaluate the model in terms of:
• Handover performance (4G <-> 5G)
• Security (visibility, integrity, confidentiality)
• Operability and maintainability

5. Compare the hybrid modes with standalone 5G and legacy 4G implementations.

Voraussetzungen

Serverless computing is a cloud computing paradigm that separates infrastructure management from software development and deployment. It offers advantages such as low development overhead, fine-grained unmanaged autoscaling, and reduced customer billing. From the cloud provider's perspective, serverless reduces operational costs through multi-tenant resource multiplexing and infrastructure heterogeneity.

    However, the serverless paradigm also comes with its challenges. First, a systematic methodology is needed to assess the performance of heterogeneous open-source serverless solutions. To our knowledge, existing surveys need a thorough comparison between these frameworks. Second, there are inherent challenges associated with the serverless architecture, specifically due to its short-lived and stateless nature.

Clustering is already used in our cities to distribute splitters for managing network operations. However, the current distribution does not effectively reduce the costs caused by huge urban area with long fiber lengths. To solve this, we can use k-means clustering to group the splitters and optimize how fibers are laid out in the city.

With k-means clustering, we group users (ONUs) in an area to create a virtual center. This center is chosen so that the total distance to all users in the area is minimized. We then find a nearby point where a splitter can be placed, ensuring the distance from the splitter to the users is as short as possible.

Next, we cluster the remote nodes (RNs) where splitters are located. By grouping nearby splitters, we can combine their connections into one line to the central office (OLT). This line will be organized by a new splitter near to the center of the old splitter's cluster center. This helps reduce the total fiber length needed and lowers deployment costs.

Voraussetzungen

...

The Internship aims to analyze Open Source Optical Network Data for performance prediction of Optical Networks and develop data-driven methods for quality of transmission estimation.

Reliability Block Diagrams (RBDs) are visual aids that help evaluate the availability of a system. In communication networks, the availability evaluation is often computation and memory-intensive owing to the large size of the topologies. Hence, we investigate a novel approach of evaluating RBDs using minimal path sets.

Voraussetzungen

Molecular communication (MC) is an alternative to classical electromagnetic wave-based communication, where molecules are used for information exchange. MC is expected to enable in-body networks for future medical applications in the Internet of Bio-Nano Things, a vision for 6G and beyond.

We seek a working student to help us operate and maintain a molecular communication networks testbed at the chair. The testbed is based on ink molecules transmitted through a water-filled tube system with a background flow. Spectral absorption measurements are used to detect the information molecules.

What you will do:

• Set up the tubes, pumps, sensors, and other components
• Program microcontrollers to control microfluidic pumps and spectral sensors
• Debugging and fault detection in both software and hardware
• Implement data collection and visualization methods
• Support with experiments conducted on the testbed

Voraussetzungen

Future medical applications put stringent requirements on the underlying communication networks in terms of highest availability, maximal throughput, minimal latency, etc. Thus, in the context of the 6G-life project, new networking concepts and solutions are being developed.

For the research of using 6G for medical applications, the communication and the medical side have joined forces: While researchers from the MITI group (Minimally invasive Interdisciplinary Therapeutical Intervention), located at the hospital "Rechts der Isar", focus on the requirements of the medical applications and collecting needed parameters of patients, it is the task of the researchers at LKN to optimize the network in order to satisfy the applications' demands. The goal of this joint research work is to have working testbeds for two medical testbeds located in the hospital to demonstrate the impact and benefits of future 6G networks and concepts for medical applications.

Your task during this work is to implement the communcation network for those testbeds. Based on an existing open-access 5G network implementation, you will implement changes according to the progress of the current research. The results of your work, working 6G medical testbeds, will enable researchers to validate their approaches with real-world measurements and allow to demonstrate future 6G concepts to research, industry and politics.

In this project, you will gain a deep insight into how communication networks, especially the Radio Access Network (RAN), work and how different aspects are implemented. Additionally, you will understand the current limitations and weaknesses as well as concepts for improvement. Also, you will get some insights into medical topics if interested. As in such a broad topic there are many open research questions, you additionally have the possibility to also write your thesis or complete an internship.

Voraussetzungen

Beginning possible from 1st October 2024

Future medical applications put stringent requirements on the underlying communication networks in terms of highest availability, maximal throughput, minimal latency, etc. Thus, in the context of the 6G-life project, new networking concepts and solutions are being developed.

For the research of using 6G for medical applications, the communication and the medical side have joined forces: While researchers from the MITI group (Minimally invasive Interdisciplinary Therapeutical Intervention), located at the hospital "Rechts der Isar", focus on the requirements of the medical applications and collecting needed parameters of patients, it is the task of the researchers at LKN to optimize the network in order to satisfy the applications' demands. The goal of this joint research work is to have working testbeds for two medical testbeds located in the hospital to demonstrate the impact and benefits of future 6G networks and concepts for medical applications.

Your task during this work is to implement the communcation network for those testbeds. Based on an existing open-access 5G network implementation, you will implement changes according to the progress of the current research. The results of your work, working 6G medical testbeds, will enable researchers to validate their approaches with real-world measurements and allow to demonstrate future 6G concepts to research, industry and politics.

In this project, you will gain a deep insight into how communication networks, especially the Radio Access Network (RAN), work and how different aspects are implemented. Additionally, you will understand the current limitations and weaknesses as well as concepts for improvement. Also, you will get some insights into medical topics if interested. As in such a broad topic there are many open research questions, you additionally have the possibility to also write your thesis or complete an internship.

Voraussetzungen

5G is the newest generation of mobile networks allowing for higher data-rates, lower latency and many new features like network slicing. Its central element is the 5G Core, which is a network of specialised Network Functions (NFs). Roaming allows subscribers to connect to the internet via other network operator’s networks if they have a roaming agreement. We are looking for a student to help implement and maintain a 5G Roaming testbed. At first, that is planned as an open source testbed leveraging Open5GS. Later, the plan is to connect this open source testbed to the LKN campus network.

This working student position may run parallel to Master Theses with more focused implementation and evaluation works. The working student is welcome to follow up on this work with his/ her own research internship or Master’s thesis.

Objectives

The primary objective of this work is to help implement and maintain a 5G Roaming testbed. This testbed shall then be used for investigation of security mechansims and performance measurements. Those are not the main job of the student, but the student is supposed to help.

1. Work into 5G Roaming

2. Implement missing Roaming functionalities into Open5GS

3. Maintain Roaming Testbed

4. Connect open source 5G Roaming testbed with Campus Network (once possible)

5. Aid in security investigations

6. Aid in performance measurements

7. Potentially add other NFs later

Voraussetzungen

The Wireless Sensor Networks lab offers the opportunity to develop software solutions for the wireless sensor networking system, targeting innovative applications. For the next semester, a position is available to assist the participants in learning the programming environment and during the project development phase. The lab is planned to be held on-site every Tuesday 15:00 to 17:00.

Voraussetzungen