Abstract
We present a testbed implementation for the development,
evaluation and demonstration of security orchestration in
a network function virtualization environment. As a
specific scenario, we demonstrate how an intelligent
response to DDoS and various other kinds of targeted
attacks can be formulated such that these attacks and
future variations can be mitigated. We utilise machine
learning to characterise normal network traffic, attacks
and responses, then utilise this information to
orchestrate virtualized network functions around affected
components to isolate these components and to capture,
redirect and filter traffic (e.g. honeypotting) for
additional analysis. This allows us to maintain a high
level of network quality of service to given network
functions and components despite adverse network
conditions.
Original language | English |
---|---|
Title of host publication | 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017 |
Publisher | IEEE Institute of Electrical and Electronic Engineers |
Number of pages | 4 |
ISBN (Electronic) | 978-1-5386-3285-7 |
ISBN (Print) | 978-1-5386-3286-4 |
DOIs | |
Publication status | Published - 7 Dec 2017 |
MoE publication type | A4 Article in a conference publication |
Event | Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017 - Berlin, Germany Duration: 6 Dec 2017 → 8 Dec 2017 |
Conference
Conference | Conference on Network Function Virtualization and Software Defined Networks, NFV-SDN 2017 |
---|---|
Abbreviated title | NFV-SDN 2017 |
Country/Territory | Germany |
City | Berlin |
Period | 6/12/17 → 8/12/17 |
Funding
This work was supported by the DIMECC Cyber Trust programme.
Keywords
- cloud computing
- computer crime
- network function virtualization
- quality of service