IntelFlow: Towards adding Cyber Threat Intelligence to Software Defined Networks

  • Javier Richard Quinto Ancieta UNICAMP
  • Christian Esteve Rothenberg UNICAMP

Resumo


Security is a major concern in computer networking, which faces increasing threats as the commercial Internet and related economies continue to grow. Our work aims to explore advances in Cyber Threat Intelligence (CTI) in the context of Software Defined Networking (SDN). More specifically, we propose IntelFlow, an intelligence detection system for Software Defined Networking (SDN) that follows a proactive approach using OpenFlow to deploy countermeasures to the threats learned through a distributed intelligence plane. We show through a proof of concept implementation that the proposed system is capable of delivering a number of benefits in terms of effectiveness, altogether contributing to the security of modern computer network designs.

Referências

iSIGHT (2014). What is Cyber Threat Intelligence and why do I need it? Technical report.

Johnson, C., Badger, L., and Waltermire, D. (2014). Guide to cyber threat information sharing. Technical report, U.S Departament of Commerce.

Kreutz, D., Ramos, F., Esteves Verissimo, P., Esteve Rothenberg, C., Azodolmolky, S., and Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proc. of IEEE, 103.

Lopez, M. A., Figueiredo, U., Lobato, A. P., and DUARTE, O. C. M. B. (2014). Broflow: Um sistema eficiente de detecção e prevenção de intrusão em redes definidas por software. In CSBC, Centro de Convenções Brasil 21. CSBC2014.

Nagahama, F. Y., Farias, F., Aguiar, E., Luciano, G., Granville, L., Cerqueira, E., and Antônio, A. (2012). Ipsflow: uma proposta de sistema de prevençao de intrusao baseado no framework openflow. In III WPEIF-SBRC, volume 12, pages 42–47.

Xing, T., Huang, D., Xu, L., Chung, C.-J., and Khatkar, P. (2013). Snortflow: A openflowbased intrusion prevention system in cloud environment. In Proc. of GREE ’13, pages 89–92, Washington, DC, USA. IEEE Computer Society.
Publicado
09/11/2015
ANCIETA, Javier Richard Quinto; ROTHENBERG, Christian Esteve. IntelFlow: Towards adding Cyber Threat Intelligence to Software Defined Networks. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 15. , 2015, Florianópolis. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2015 . p. 322-325. DOI: https://doi.org/10.5753/sbseg.2015.20106.

Artigos mais lidos do(s) mesmo(s) autor(es)