Poster: Flow Inspection Scheduling for Cyber Security on Software-Defined Networks
نویسندگان
چکیده
Software-defined networking (SDN) is an emerging network technology that decouples the control plane from the data plane. Using SDN, a fine-grained flow-level inspection for cyber security can be performed by capturing suspicious packets on the network and steering the captured traffic to a traffic analyzer. This work proposes a flow inspection scheduling for various types of traffic flows on SDNs in order to enhance the traffic inspection performance when the inspection capability of traffic analyzer is limited. It performs continuous traffic sampling for suspicious traffic and newly generated traffic while normal flows are probabilistically sampled. The performance of the flow inspection scheduling scheme was evaluated through SDN testbed experiments.
منابع مشابه
Survey the Security Function of Integration of vehicular ad hoc Networks with Software-defiend Networks
In recent years, Vehicular Ad Hoc Networks (VANETs) have emerged as one of the most active areas in the field of technology to provide a wide range of services, including road safety, passenger's safety, amusement facilities for passengers and emergency facilities. Due to the lack of flexibility, complexity and high dynamic network topology, the development and management of current Vehicular A...
متن کاملGoing Beyond Deep Packet Inspection (DPI) Software on Intel® Architecture
Ever-increasing IP traffic and security threats are driving the need for more robust cyber security and extensive analysis of packet flows to better protect and manage network traffic. In response, a new breed of security appliances has emerged, interrogating packet content and extracting metadata, and providing far more traffic flow detail than made possible with first generation deep packet i...
متن کاملA Chaotic Complexity Measure for Cognitive Machine Classification of Cyber-Attacks on Computer Networks
Today’s evolving cyber security threats demand new, modern, and cognitive computing approaches to network security systems. In the early years of the Internet, a simple packet inspection firewall was adequate to stop the then-contemporary attacks, such as Denial of Service (DoS), ports scans, and phishing. Since then, DoS has evolved to include Distributed Denial of Service (DDoS) attacks, espe...
متن کاملLeveraging SDN for Cyber Situational Awareness in Coalition Tactical Networks
Coalition tactical networks are composed of different networks of two or more nations coming together for securing a mission in the tactical arena. Cyber security is an important consideration in coalition operations, and is a complex challenge due to the need for operational effectiveness, as well as for limited trust relationships that exist among coalition partners. New emerging paradigms in...
متن کاملComputational Game Theory for Security and Sustainability
Security is a critical concern around the world that arises in protecting our ports, airports, transportation and other critical national infrastructure from adversaries, in protecting our wildlife and forests from poachers and smugglers, and in curtailing the illegal flow of weapons, drugs and money; and it arises in problems ranging from physical to cyber-physical systems. In all of these pro...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017