This paper describes a demo that showcases some of the capabilities foreseen for the security infrastructure designed by the H2020 SHIELD project. SHIELD exploits NFV for adaptive monitoring of an IT infrastructure and for feeding the data to an analytics engine to detect attacks in real time. An intelligent reaction system is then activated to reconfigure the SDN/NFV infrastructure so that the attacks are thwarted. The SDN/NFV infrastructure itself is protected from attacks thanks to trusted computing techniques, that permit to quickly identify misbehaving nodes. The proposed demo will present detection and reaction to a DDoS attack (by on-the-fly deployment of new virtual network security functions and/or change of network paths), as well as detection of software attacks against virtual network functions (executed in Docker containers) and unauthorized modification of the SDN switching tables and NFV configurations.

NFV-based network protection: the SHIELD approach / Lioy, Antonio; Gardikis, George; Gaston, Bernat; Jacquin, Ludovic; De Benedictis, Marco; Angelopoulos, Yiannis; Xylouris, Christos. - STAMPA. - (2017), pp. 1-2. (Intervento presentato al convegno NFV-SDN 2017: IEEE Conference on Network Function Virtualization and Software Defined Networks tenutosi a Berlin (Germany) nel November 6-8, 2017) [10.1109/NFV-SDN.2017.8169869].

NFV-based network protection: the SHIELD approach

Lioy, Antonio;De Benedictis, Marco;
2017

Abstract

This paper describes a demo that showcases some of the capabilities foreseen for the security infrastructure designed by the H2020 SHIELD project. SHIELD exploits NFV for adaptive monitoring of an IT infrastructure and for feeding the data to an analytics engine to detect attacks in real time. An intelligent reaction system is then activated to reconfigure the SDN/NFV infrastructure so that the attacks are thwarted. The SDN/NFV infrastructure itself is protected from attacks thanks to trusted computing techniques, that permit to quickly identify misbehaving nodes. The proposed demo will present detection and reaction to a DDoS attack (by on-the-fly deployment of new virtual network security functions and/or change of network paths), as well as detection of software attacks against virtual network functions (executed in Docker containers) and unauthorized modification of the SDN switching tables and NFV configurations.
2017
978-1-5386-3285-7
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2695847
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo