Project is directed at the security issues in Software-Defined Networking (SDN) where the control and
data “planes” are separated. If I have understood the proposal correctly SDN offers network
administration advantages; however, by separating control and data, the control layer becomes
vulnerable to security attacks, particularly Distributed Denial of Service (DDoS) attacks (not sure why
this should be the case, but OK).
The proposed PhD programme of work seeks to address this issue.
The research question is:
What is the role of SDN in the defence against DDoS attacks.
I don’t think this is expressed correctly, I don’t think SDN has a “role” in the defence against DDoS
attacks. I think the research question is something like “How can DDoS attacks be best mitigated against
in the context of SDN”.
A number of issues are identified associated with the resolution of the research question; OK, but no
hints are given as to how they might be addressed.
Although elements of the proposal are unclear I believe there is sufficient research content and
“application novelty” for a PhD. However, I was unclear as to the “technical novelty” of any proposed
solution. Indeed, looking at the programme of work, there does not seem to be anything new that is
being proposed (but see comments on research plan below).
The research plan includes deliverable s of various kinds, but I would have liked to have seen some
planned academic papers.
Feedback on the timescales and planning, including any constructive comments on how it could
be modified.
The PhD programme plan seems feasible, although I have some concerns, which might have arisen out of the way
the research plan is presented.
My main concern is that there are a lot of Work Packages (WPs) directed at reviewing existing work. In fact
Phases 1 to 5, November 2015 to February 2018 (more two years of the available time), are directed at reviews of
various sorts. When does the original/novel work happen?
Phase 6, “Doing experimental work” (Think we need more academic/scientific title) is directed at evaluating
previous work. Again, where is the new work undertaken?
Almost three years into the research, in WP 6.3, the student intends to prepare and send questionnaires to
organisations, this seems very late. Also I doubt many organisation would be prepared to divulge the security
challenges they face as they would not like their customers to think the have any security challenges.
The project plan dose not include a thesis writing WP, when is this going to happen?
Any other issues?
The use of English in the proposal is very poor, which is a cause for concern. The student should take
every opportunity to practice writing technical reports to support the research work
The student should decide how to write SDN, in the proposal it is written in three different ways!:
1) Software define networking
2) Software defined networking
3) Software-defined networking
The document uses the phrase (para 3) “The above research” but no research is presented “above”.
