2025 INTERNET2
Technology Exchange
Poster sessions
Dec. 8 – 12 Denver, Colo.
Experience TechEX Poster Sessions
Join us for interactive dialog and exhibits on Wednesday, Dec. 10.
After a successful introduction to the program in 2024, Poster Sessions are now part of the interactive dialog for TechEX attendees.
These sessions are feature presentations that do not neatly fit into a single focus area or category, or where the time allowed for a talk was insufficient for the topic's range of content.
We encourage you to engage with these exhibits during the Poster Social on Wednesday, Dec. 10. This is an excellent opportunity to explore emerging topics in smaller groups.
The Posters will be staffed during the Poster Social on Wednesday from 5-6 p.m., and – if space allows -- may be staffed during morning and afternoon breaks for the remainder of the conference.
Want to add your voice to the program? There's still time to submit a poster, with an extended deadline of Oct. 17.
| Poster Title | Description |
|---|---|
| Merit Network Telescope: Initial Insights from Nearly 20 Years of Darknet Traffic for Cybersecurity Research | We present an initial longitudinal analysis of unsolicited Internet traffic collected from 2005 to 2025 by one of the largest and longest-running network telescopes in the United States, operated by Merit Network. This dataset offers a unique view of global threat activity, including large-scale scanning, backscatter, and denial-of-service (DoS) events. To process nearly two decades of data, we adopt a coarse-to-fine methodology: a metadata sub-pipeline provides high-level insights, while a packet header sub-pipeline enables deeper analysis. Together, these pipelines yield dynamic insights into Internet-wide activity while making observations regarding data integrity, long-term continuity, and IPv4 address space reduction. This work establishes a foundation for scalable methods in cyber threat intelligence, network measurement, and Internet observatories, supporting future research in long-term security and infrastructure studies. |
| Building a Country-Wide Open, Disaggregated 5G Testbed | The OpenRAN@Brasil initiative is entering its third phase, whose core ambition is to evolve from a nascent testbed into a truly nationwide, open, disaggregated 5G experimentation infrastructure spanning all Brazilian macro-regions. In this poster, we present the two-phased open call strategy underpinning Phase 3: (1) a host accreditation call to expand the geographic footprint of testbed “islands” (i.e. accredited institutions that host OpenRAN experimental sites), and (2) a call for application/use-case development to stimulate innovation on top of this distributed infrastructure. In the first stage, the program invites research institutes, universities, and other ICT nodes across the North, Northeast, and South of Brazil to submit proposals for homologation as OpenRAN hosts. These hosts will deploy and operate local OpenRAN nodes integrated with the core testbed, offering capabilities such as synchronization, low-PHY control, network orchestration (NETCONF/YANG), and edge/cloud support. The accreditation criteria emphasize compliance with interface standards, interoperability, operational readiness, and connectivity to the broader network fabric. This expansion is critical to achieving Phase 3’s goal of at least one testbed site per major region. In the second stage, the program issues a call for application development proposals that leverage the distributed OpenRAN infrastructure. Innovations in verticals such as smart agriculture, health, industry, urban computing, education, and digital inclusion are encouraged. Selected projects will gain access to testbed resources, funding, and integration support to validate new xApps, rApps, orchestration logic, or novel 5G service prototypes in realistic, multi-site settings. By structuring the call in two interlocking phases, OpenRAN@Brasil aims both to scale the physical infrastructure footprint and to activate a local innovation ecosystem that can operationalize and stress-test open RAN at scale. The poster will outline the call timelines and criteria, anticipated capacity growth, key technical and logistical challenges (e.g. synchronization, interoperability across diverse hardware, backhaul connectivity), and early expectations for use-case deployment. Our vision is that this strategy can serve as a replicable model for country-scale, open RAN rollouts in other emerging and large geographies. |
| CLASSNET: Community Labeling and Sharing of Security and Networking Test datasets | CLASSNET project supports network and security research by sharing new, labeled, rich and diverse datasets to the research community. The project has developed a framework for collaborative, community-driven enrichment and labeling of data, enabling use of datasets for machine learning in networking and security. Second, the CLASSNET project makes data available to researchers through multiple methods, ensuring privacy of data while enabling flexible data computation. Finally, the project also generates diverse continuous (constantly, automatically updated) and curated (selected by human) datasets for research use. This poster presents the CLASSNET project and its outputs, and it outlines pathways for researchers and data providers to join the effort. |
| Cloud Econ 101 - What’s really draining your storage budget |
Universities sit on a mountain of valuable data like student records, groundbreaking research, instructional content, and campus surveillance footage. But as cloud adoption expands, so do the blind spots in budgeting. While you think you’re paying for storage capacity, the reality is up to half of your spend goes to hidden fees: egress, API calls, operations, and retrieval costs.
In this session, we’ll unpack the economics of traditional cloud storage and how it undermines digital resilience and data access. Learn why immutable storage with Object Lock is often priced like a luxury, when it should be standard. Gain insight into the true cost of building an active archive, replicating data for compliance, and simply accessing your own information month after month.
Session Takeaways
|
| Exploiting Embedded Sensing Functionalities in Optical Networks for Cost-Effective Monitoring |
Vibration sensing in optical networks has emerged as a crucial capability for enhancing both infrastructure security and system reliability. By leveraging the inherent sensitivity of optical fibers to external perturbations, fiber-optic sensing (FOS) techniques enable real-time detection of vibrations along existing communication links without the need for additional sensing infrastructure. This dual use of telecom fibers for data transmission and vibration monitoring provides significant economic and operational advantages, including early detection of mechanical stress, prevention of fiber damage, and protection against unauthorized physical intrusion. |
| Exploring new ways to use SCIM for your IGA needs |
SCIM Shim functions as an intermediary that provides a standardized SCIM (System for Cross-domain Identity Management) interface to various backend systems. Most IAM suites, such as Entra, Okta, SailPoint ISC, and even Grouper, support SCIM integrations. By pointing those tools at the SCIM Shim instead, we expand the number of systems that customers can integrate with those products, including on-premises flat files, databases, and other legacy systems. In most cases, no coding is required.
|
| From Data to Decisions: Translating EDUCAUSE Cybersecurity and Privacy Research into Action | Leadership just scheduled a meeting about AI governance. The board wants to know about cybersecurity workforce trends. The registrar is inquiring about the privacy implications of the new student information system. Your executive team is asking tough questions about compliance frameworks. Sound familiar? When leadership comes calling with urgent questions, you need insights quickly, and you need them to have an impact. This poster reveals a framework for rapidly accessing, distilling, and communicating EDUCAUSE research when those critical questions arise. We'll also explain how to extract cybersecurity and privacy insights not only from obvious sources but also from research on teaching and learning, student experience, and other areas of higher education information technology. You'll learn how to apply the EDUCAUSE wealth of community insights across diverse formats, from formal executive presentations to elevator pitches. Whether you have five minutes or five days to prepare, you'll have the resources to be the go-to source for credible, actionable intelligence on the higher education cybersecurity and privacy landscape. |
| Global Research and Education Routing Report |
The Global Research and Education Network Routing Report helps the R&E community by providing data and insights to improve the efficiency and reliability of routing announcements made to the global Internet. The R&E Routing Report receives Border Gateway Protocol (BGP) data from host organizations that provide an EBGP Multihop feed with the collector hosted by the Network Startup Resource Center (NSRC) at the University of Oregon.
The NSRC collector is a Linux appliance running Free Range Routing (FRR) software. Each R&E participant in the project sets up an EBGP Multihop feed from one of their routers and sends the NSRC collector their view of the global R&E routing table. Data can be used to analyze and fix misconfigurations, inefficient routing paths, and other issues to improve IPv4 and IPv6 routing security across the global routing table. |
| Hosted RADIUS for eduroam - Making it easy | Eduroam is a critical service supporting collaboration across research and academic organizations. In Spring of 2025, Cirrus Identity and Painless Security launched a partnership to help organizations join the eduroam network. This poster session will cover the value of eduroam, some of the challenges organizations can face in joining eduroam, how this new partnership will address some of those challenges and help campuses participate in eduroam and meet their IAM modernization goals. We will share the success of our initial pilot customer experience. |
| Honeypot App Store - publish & deploy honeypots from the community. |
Universities and research institutions face increasing pressure to study and defend against rapidly evolving cyber threats. Traditional defensive tools often fail to keep pace with attacker tradecraft, leaving critical gaps in visibility and understanding. To address this challenge, we introduce the Honeypot App Store, a novel platform designed to accelerate honeypot deployment and collaboration across higher education communities.
The Honeypot App Store enables institutions to gain real-time vulnerability detection and capture of attacker tactics, techniques, and procedures (TTPs) through access to a diverse and expanding catalog of honeypots. By lowering barriers to adoption and deployment the platform makes it easier for researchers and security teams to quickly operationalize new honeypots tailored to emerging threats.
Equally important, the Honeypot App Store fosters a trusted community where universities can share, reuse, and enhance community-developed honeypots. This collaborative model strengthens collective defense, promotes reproducible research, and reduces duplication of effort across organizations.
By combining real-time threat visibility with a community-driven ecosystem, the Honeypot App Store represents a significant step forward in advancing cyber defense research and operational readiness within Higher education and research institutions across the country |
| IAM: Pathways to Insight | Identity and Access Management (IAM) can feel like a maze of accounts, systems, and access requests and that’s exactly the point of this interactive poster session! Using InCommon Trusted Access framework as inspiration, participants will step into a “Choose Your Path” navigation game where they take on different campus roles (student, faculty, staff, or vendor) and make real-world IAM decisions. Each choice reveals how identity lifecycle, access governance, authentication, and integration impact the user experience and institutional security. In just a few minutes, participants will see how small decisions create ripple effects from reducing privilege creep to uncovering “something” while learning IAM best practices along the way. The session is designed for high interactivity, quick participation, and engaging discussions with colleagues facing similar IAM challenges. Attendees will walk away with practical insights, a clearer view of IAM maturity, and an appreciation for how to “navigate” identity successfully in higher education. |
| Making “ACCESS” More Accessible: Human-Centered Design of Integration Pathways for Resource Providers in a Large-Scale Cyberinfrastructure | In this NSF-funded project (NSF #2138307), we address the challenges of integrating high-performance computing (HPC) resources into ACCESS, a national cyberinfrastructure ecosystem. Resource providers have long struggled with ACCESS’s complex interface, resulting in high cognitive load and inefficiency. To address this, we applied human-centered design principles to develop a badge-based interface system that simplifies navigation, reduces cognitive load, and enhances task efficiency. The ongoing UI redesign not only improves ACCESS but also offers a scalable framework adaptable to similar platforms, ultimately benefiting the broader scientific and research community by improving the accessibility and usability of critical HPC resources. |
| OHAZ (Oregon Hazards) Network Connectivity |
The University of Oregon IT team collaborated with the Oregon Hazards Lab (OHAZ) to design and implement a network solution supporting critical wildfire detection cameras and seismic sensors on remote mountain-top locations throughout Oregon.
Challenge: OHAZ operates wildfire detection cameras and seismic sensors on remote mountain peaks, requiring reliable network connectivity to transmit real-time monitoring data for early wildfire detection and earthquake preparedness.
Solution: UO IT and OHAZ developed a hybrid network architecture combining wireless microwave links with OSPF for site-to-site connectivity and BGP peering to UO's network infrastructure. The design features redundant connectivity through dual router BGP peering (4 total peerings) with traffic segmented through a dedicated OHAZ VRF. Additionally, the network leverages Link Oregon, the regional education and research network, to extend connectivity to various remote sites throughout the state and establish partnerships with monitoring systems in other states.
Impact: This solution enables continuous operation of critical public safety monitoring systems while demonstrating UO's network engineering expertise and commitment to supporting research partnerships. The redundant design ensures reliable data transmission for early warning systems that protect Oregon communities. |
| Wi-Fi Performance Metric Analysis and Visualization Using pSSID | pSSID is a system used for measuring, analyzing, and visualizing Wi-Fi performance and availability metrics via a distributed system of probes. pSSID is an open-source project that enables perfSONAR to interact with SSIDs for a user-based monitoring perspective. This summer we are doing an Alpha deployment on campus at the University of Michigan. This poster will be a case study of the metrics gathered by the deployment, the hardware and software requirements of the project, and overall lessons learned. |
