Adaptive policy-driven attack mitigation in SDN - Télécom SudParis Accéder directement au contenu
Communication Dans Un Congrès Année : 2017

Adaptive policy-driven attack mitigation in SDN

Résumé

This paper presents a dynamic policy enforcement mechanism that allows ISPs to specify security policies to mitigate the impact of network attacks by taking into account the specific requirements of their customers. The proposed policy-based management framework leverages the central network view provided by the Software-Defined Networking (SDN) paradigm. One of the major objectives of such a framework is to achieve fine-grained and automated attack mitigation in the ISP network, ultimately reducing the impact of attack and collateral damage to the customer networks. To evaluate the feasibility and effectiveness of framework, we develop a prototype that serves for one ISP and three customers. The experimental results demonstrate that our framework can successfully reduce the collateral damage on a customer network caused by the attack traffic targeting another customer network. More interestingly, the framework can provide rapid response and mitigate the attack in a very short time
Fichier principal
Vignette du fichier
3071064.3071068.pdf (437.48 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-01649980 , version 1 (21-03-2023)

Identifiants

Citer

Rishikesh Sahay, Gregory Blanc, Zonghua Zhang, Khalifa Toumi, Hervé Debar. Adaptive policy-driven attack mitigation in SDN. XDOMO 2017: the 1st International Workshop on Security and Dependability of Multi-Domain Infrastructures (XDOMO), Apr 2017, Belgrade, Serbia. pp.1-6, ⟨10.1145/3071064.3071068⟩. ⟨hal-01649980⟩
63 Consultations
38 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More