Abstract | ||
---|---|---|
Service Function Chaining (SFC) allows the delivery of advanced end-to-end services composed of one or more network functions. IPv6 Segment Routing (SRv6) is a network architecture based on source routing, where a list of segments is attached to packets to enforce different path from the shortest one. SRv6 supports SFC by assigning each network function a segment and combining these segments into a segment list. In order to fully leverage the SRv6 network programming capabilities, network functions are required to be SR-aware. In this paper, we present our implementation of SR-Snort, a SR-aware intrusion detection system (IDS) and intrusion prevention system (IPS). We extended the open-source implementation of Snort, so it can apply the configured rules to the inner packet of SR traffic. SR-Snort can handle both inner IPv4 and inner IPv6 traffic. It can work in either IDS or IPS mode. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1109/NFV-SDN.2018.8725797 | 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) |
Keywords | DocType | ISBN |
Routing,IP networks,Data acquisition,Open source software,Computer architecture,Linux,Network function virtualization | Conference | 978-1-5386-8281-4 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ahmed Abdelsalam | 1 | 9 | 3.05 |
Stefano Salsano | 2 | 799 | 78.03 |
Francois Clad | 3 | 0 | 0.68 |
Pablo Camarillo | 4 | 7 | 1.95 |
Clarence Filsfils | 5 | 285 | 33.29 |