Paper Info
Title
Automated Factorization of Security Chains in Software-Defined Networks
Abstract
Software-defined networking (SDN) offers new perspectives with respect to the programmability of networks and services. In particular in the area of security management, it may serve as a support for building and deploying security chains in order to protect devices that may have limited resources. These security chains are typically composed of different security functions, such as firewalls, intrusion detection systems, or data leakage prevention mechanisms. In previous work, we suggested the use of techniques for learning automata as a basis for generating security chains. However, the complexity and the high number of these chains induce significant deployment and orchestration costs. In this paper, we propose and evaluate algorithms for merging and simplifying these security chains in software-defined networks, while keeping acceptable accuracy. We first describe the overall system supporting the generation and factorization of the security chains. We then present the different algorithms supporting their merging, and finally we evaluate the solution through an extensive set of experiments.
Year
Venue
Keywords
2019
2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)
Security Management,Software-Defined Networking,Chain Synthesis,Merging Methods
Field
DocType
ISSN
Software deployment,Learning automata,Computer science,Computer network,Factorization,Merge (version control),Software-defined networking,Intrusion detection system,Orchestration (computing),Security management,Distributed computing
Conference
1573-0077
ISBN
Citations 
PageRank 
978-1-7281-0618-2
0
0.34
References 
Authors
4
4
Name
Order
Citations
PageRank
Nicolas Schnepf112.04
Remi Badonnel215422.43
Abdelkader Lahmadi39018.46
Stephan Merz474159.44