SDNFV Based Threat Monitoring and Security Framework for Multi-Access Edge Computing Infrastructure
作者: Prabhakar Krishnan , Subhasri Duttagupta , Krishnashree Achuthan
DOI: 10.1007/S11036-019-01389-2
关键词: Analytics 、 Overhead (computing) 、 Edge computing 、 Computer network 、 Denial-of-service attack 、 Anomaly detection 、 Computer science 、 Botnet 、 Forwarding plane 、 Scalability
摘要: DDoS botnet attacks such as Advanced Persistent & Ransom DoS assaults, Botnets and Application flood are examples of multi-vector, sophisticated application-layer attacks. Conventional IT security approaches centralized have limitations in terms scale, network-wide monitoring resources for distributed detection. This paper proposes a newer approach that integrates multi-layer cooperative intelligence on to converged Software-Defined-Networking/Network-Function-Virtualization architecture typical Multi-access Edge Computing (MEC) scenario. The key features framework include: a) lightweight real-time Threat Analytics Response Framework (DTARS), identify DDoS/botnets closer the source b) behavioral profiling functions data plane validation control operations, c) advanced correlation, signature, anomaly detection techniques, d) threat analytics system e) scalable agile mitigation mechanisms based stateful-data security-aware SDN stack. We evaluate performance DTARS within three practical MEC case studies: enabled Mobile LTE network, IoT network Software-Defined Datacenter network. In comparison legacy incurs about 60% less overhead than Legacy 40% lesser prior OVS MEC-LTE solution, speed was 10x faster, accuracy 96% at different attack intensities improves overall end-to-end connection management under rapid scaling end users.
springer.com
amrita.edu参考文章(45)
Alireza Shameli-Sendi, Makan Pourzandi, Mohamed Fekih-Ahmed, Mohamed Cheriet, Taxonomy of Distributed Denial of Service mitigation approaches for cloud computing Journal of Network and Computer Applications. ,vol. 58, pp. 165- 179 ,(2015) , 10.1016/J.JNCA.2015.09.005
K. Giotis, C. Argyropoulos, G. Androulidakis, D. Kalogeras, V. Maglaris, Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments Computer Networks. ,vol. 62, pp. 122- 136 ,(2014) , 10.1016/J.BJP.2013.10.014
William S. Dorn, Editor's Preview… ACM Computing Surveys. ,vol. 1, pp. 2- 5 ,(1969) , 10.1145/356540.356542
James Kempf, Bengt Johansson, Sten Pettersson, Harald Luning, Tord Nilsson, Moving the mobile Evolved Packet Core to the cloud wireless and mobile computing, networking and communications. pp. 784- 791 ,(2012) , 10.1109/WIMOB.2012.6379165
Hesham Mekky, Fang Hao, Sarit Mukherjee, Zhi-Li Zhang, T.V. Lakshman, Application-aware data plane processing in SDN acm special interest group on data communication. pp. 13- 18 ,(2014) , 10.1145/2620728.2620735
Navid Nikaein, Eryk Schiller, Romain Favraud, Kostas Katsalis, Donatos Stavropoulos, Islam Alyafawi, Zhongliang Zhao, Torsten Braun, Thanasis Korakis, Network Store: Exploring Slicing in Future 5G Networks mobility in the evolving internet architecture. pp. 8- 13 ,(2015) , 10.1145/2795381.2795390
Minlan Yu, Jennifer Rexford, Michael J. Freedman, Jia Wang, Scalable flow-based networking with DIFANE Proceedings of the ACM SIGCOMM 2010 conference on SIGCOMM - SIGCOMM '10. ,vol. 40, pp. 351- 362 ,(2010) , 10.1145/1851182.1851224
Navid Nikaein, Mahesh K. Marina, Saravana Manickam, Alex Dawson, Raymond Knopp, Christian Bonnet, OpenAirInterface: A Flexible Platform for 5G Research acm special interest group on data communication. ,vol. 44, pp. 33- 38 ,(2014) , 10.1145/2677046.2677053
Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, Jonathan Turner, OpenFlow: enabling innovation in campus networks acm special interest group on data communication. ,vol. 38, pp. 69- 74 ,(2008) , 10.1145/1355734.1355746
Seungwon Shin, Vinod Yegneswaran, Phillip Porras, Guofei Gu, AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks computer and communications security. pp. 413- 424 ,(2013) , 10.1145/2508859.2516684