Automated Factorization of Security Chains in Software-Defined Networks - Archive ouverte HAL Access content directly
Conference Papers Year :

Automated Factorization of Security Chains in Software-Defined Networks

(1, 2) , (1) , (1) , (2, 3)
1
2
3

Abstract

Software-defined networking (SDN) offers new perspectives with respect to the programmability of networks and services. In particular in the area of security management, it may serve as a support for building and deploying security chains in order to protect devices that may have limited resources. These security chains are typically composed of different security functions, such as firewalls, intrusion detection systems, or data leakage prevention mechanisms. In previous work, we suggested the use of techniques for learning automata as a basis for generating security chains. However, the complexity and the high number of these chains induce significant deployment and orchestration costs. In this paper, we propose and evaluate algorithms for merging and simplifying these security chains in software-defined networks, while keeping acceptable accuracy. We first describe the overall system supporting the generation and factorization of the security chains. We then present the different algorithms supporting their merging, and finally we evaluate the solution through an extensive set of experiments.
Fichier principal
Vignette du fichier
camera-ready.pdf (177.01 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02111656 , version 1 (26-04-2019)

Identifiers

  • HAL Id : hal-02111656 , version 1

Cite

Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz. Automated Factorization of Security Chains in Software-Defined Networks. IFIP/IEEE IM 2019 - IFIP/IEEE International Symposium on Integrated Network Management, Apr 2019, Washington, United States. ⟨hal-02111656⟩
79 View
95 Download

Share

Gmail Facebook Twitter LinkedIn More