Skip to Main content Skip to Navigation
Conference papers

Automated Factorization of Security Chains in Software-Defined Networks

Nicolas Schnepf 1, 2 Rémi Badonnel 1 Abdelkader Lahmadi 1 Stephan Merz 2, 3
1 RESIST - Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
2 VERIDIS - Modeling and Verification of Distributed Algorithms and Systems
LORIA - FM - Department of Formal Methods , Inria Nancy - Grand Est, MPII - Max-Planck-Institut für Informatik
3 MOSEL - Proof-oriented development of computer-based systems
LORIA - FM - Department of Formal Methods
Abstract : Software-defined networking (SDN) offers new perspectives with respect to the programmability of networks and services. In particular in the area of security management, it may serve as a support for building and deploying security chains in order to protect devices that may have limited resources. These security chains are typically composed of different security functions, such as firewalls, intrusion detection systems, or data leakage prevention mechanisms. In previous work, we suggested the use of techniques for learning automata as a basis for generating security chains. However, the complexity and the high number of these chains induce significant deployment and orchestration costs. In this paper, we propose and evaluate algorithms for merging and simplifying these security chains in software-defined networks, while keeping acceptable accuracy. We first describe the overall system supporting the generation and factorization of the security chains. We then present the different algorithms supporting their merging, and finally we evaluate the solution through an extensive set of experiments.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download
Contributor : Rémi Badonnel Connect in order to contact the contributor
Submitted on : Friday, April 26, 2019 - 10:46:10 AM
Last modification on : Wednesday, November 3, 2021 - 7:09:18 AM


Files produced by the author(s)


  • HAL Id : hal-02111656, version 1


Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz. Automated Factorization of Security Chains in Software-Defined Networks. IFIP/IEEE IM 2019 - IFIP/IEEE International Symposium on Integrated Network Management, Apr 2019, Washington, United States. ⟨hal-02111656⟩



Record views


Files downloads