Testbed for security orchestration in a network function virtualization environment

Aapo Kalliola, Shankar Lal, Kimmo Ahola, Ian Oliver, Miche Yoan, Silke Holtmanns

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

1 Citation (Scopus)

Abstract

We present a testbed implementation for the development, evaluation and demonstration of security orchestration in a network function virtualization environment. As a specific scenario, we demonstrate how an intelligent response to DDoS and various other kinds of targeted attacks can be formulated such that these attacks and future variations can be mitigated. We utilise machine learning to characterise normal network traffic, attacks and responses, then utilise this information to orchestrate virtualized network functions around affected components to isolate these components and to capture, redirect and filter traffic (e.g. honeypotting) for additional analysis. This allows us to maintain a high level of network quality of service to given network functions and components despite adverse network conditions.
Original languageEnglish
Title of host publication2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017
PublisherInstitute of Electrical and Electronic Engineers IEEE
Pages1-4
Number of pages4
Volume2017-January
ISBN (Electronic)978-1-5386-3285-7
DOIs
Publication statusPublished - 7 Dec 2017
MoE publication typeA4 Article in a conference publication
EventConference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017 - Berlin, Germany
Duration: 6 Dec 20178 Dec 2017

Conference

ConferenceConference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017
Abbreviated titleNFV-SDN 2017
CountryGermany
CityBerlin
Period6/12/178/12/17

Fingerprint

Testbeds
Learning systems
Quality of service
Demonstrations
Network function virtualization

Keywords

  • cloud computing
  • computer crime
  • network function virtualization
  • quality of service

Cite this

Kalliola, A., Lal, S., Ahola, K., Oliver, I., Yoan, M., & Holtmanns, S. (2017). Testbed for security orchestration in a network function virtualization environment. In 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017 (Vol. 2017-January, pp. 1-4). Institute of Electrical and Electronic Engineers IEEE. https://doi.org/10.1109/NFV-SDN.2017.8169857
Kalliola, Aapo ; Lal, Shankar ; Ahola, Kimmo ; Oliver, Ian ; Yoan, Miche ; Holtmanns, Silke. / Testbed for security orchestration in a network function virtualization environment. 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017. Vol. 2017-January Institute of Electrical and Electronic Engineers IEEE, 2017. pp. 1-4
@inproceedings{062e900ef6a7482485f255f3ec3c8256,
title = "Testbed for security orchestration in a network function virtualization environment",
abstract = "We present a testbed implementation for the development, evaluation and demonstration of security orchestration in a network function virtualization environment. As a specific scenario, we demonstrate how an intelligent response to DDoS and various other kinds of targeted attacks can be formulated such that these attacks and future variations can be mitigated. We utilise machine learning to characterise normal network traffic, attacks and responses, then utilise this information to orchestrate virtualized network functions around affected components to isolate these components and to capture, redirect and filter traffic (e.g. honeypotting) for additional analysis. This allows us to maintain a high level of network quality of service to given network functions and components despite adverse network conditions.",
keywords = "cloud computing, computer crime, network function virtualization, quality of service",
author = "Aapo Kalliola and Shankar Lal and Kimmo Ahola and Ian Oliver and Miche Yoan and Silke Holtmanns",
year = "2017",
month = "12",
day = "7",
doi = "10.1109/NFV-SDN.2017.8169857",
language = "English",
volume = "2017-January",
pages = "1--4",
booktitle = "2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017",
publisher = "Institute of Electrical and Electronic Engineers IEEE",
address = "United States",

}

Kalliola, A, Lal, S, Ahola, K, Oliver, I, Yoan, M & Holtmanns, S 2017, Testbed for security orchestration in a network function virtualization environment. in 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017. vol. 2017-January, Institute of Electrical and Electronic Engineers IEEE, pp. 1-4, Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017, Berlin, Germany, 6/12/17. https://doi.org/10.1109/NFV-SDN.2017.8169857

Testbed for security orchestration in a network function virtualization environment. / Kalliola, Aapo; Lal, Shankar; Ahola, Kimmo; Oliver, Ian; Yoan, Miche; Holtmanns, Silke.

2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017. Vol. 2017-January Institute of Electrical and Electronic Engineers IEEE, 2017. p. 1-4.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Testbed for security orchestration in a network function virtualization environment

AU - Kalliola, Aapo

AU - Lal, Shankar

AU - Ahola, Kimmo

AU - Oliver, Ian

AU - Yoan, Miche

AU - Holtmanns, Silke

PY - 2017/12/7

Y1 - 2017/12/7

N2 - We present a testbed implementation for the development, evaluation and demonstration of security orchestration in a network function virtualization environment. As a specific scenario, we demonstrate how an intelligent response to DDoS and various other kinds of targeted attacks can be formulated such that these attacks and future variations can be mitigated. We utilise machine learning to characterise normal network traffic, attacks and responses, then utilise this information to orchestrate virtualized network functions around affected components to isolate these components and to capture, redirect and filter traffic (e.g. honeypotting) for additional analysis. This allows us to maintain a high level of network quality of service to given network functions and components despite adverse network conditions.

AB - We present a testbed implementation for the development, evaluation and demonstration of security orchestration in a network function virtualization environment. As a specific scenario, we demonstrate how an intelligent response to DDoS and various other kinds of targeted attacks can be formulated such that these attacks and future variations can be mitigated. We utilise machine learning to characterise normal network traffic, attacks and responses, then utilise this information to orchestrate virtualized network functions around affected components to isolate these components and to capture, redirect and filter traffic (e.g. honeypotting) for additional analysis. This allows us to maintain a high level of network quality of service to given network functions and components despite adverse network conditions.

KW - cloud computing

KW - computer crime

KW - network function virtualization

KW - quality of service

UR - http://www.scopus.com/inward/record.url?scp=85043287295&partnerID=8YFLogxK

U2 - 10.1109/NFV-SDN.2017.8169857

DO - 10.1109/NFV-SDN.2017.8169857

M3 - Conference article in proceedings

VL - 2017-January

SP - 1

EP - 4

BT - 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017

PB - Institute of Electrical and Electronic Engineers IEEE

ER -

Kalliola A, Lal S, Ahola K, Oliver I, Yoan M, Holtmanns S. Testbed for security orchestration in a network function virtualization environment. In 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017. Vol. 2017-January. Institute of Electrical and Electronic Engineers IEEE. 2017. p. 1-4 https://doi.org/10.1109/NFV-SDN.2017.8169857