IntelFlow: Towards adding Cyber Threat Intelligence to Software Defined Networks
ResumoSecurity is a major concern in computer networking, which faces increasing threats as the commercial Internet and related economies continue to grow. Our work aims to explore advances in Cyber Threat Intelligence (CTI) in the context of Software Defined Networking (SDN). More specifically, we propose IntelFlow, an intelligence detection system for Software Defined Networking (SDN) that follows a proactive approach using OpenFlow to deploy countermeasures to the threats learned through a distributed intelligence plane. We show through a proof of concept implementation that the proposed system is capable of delivering a number of benefits in terms of effectiveness, altogether contributing to the security of modern computer network designs.
Johnson, C., Badger, L., and Waltermire, D. (2014). Guide to cyber threat information sharing. Technical report, U.S Departament of Commerce.
Kreutz, D., Ramos, F., Esteves Verissimo, P., Esteve Rothenberg, C., Azodolmolky, S., and Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proc. of IEEE, 103.
Lopez, M. A., Figueiredo, U., Lobato, A. P., and DUARTE, O. C. M. B. (2014). Broflow: Um sistema eficiente de detecção e prevenção de intrusão em redes definidas por software. In CSBC, Centro de Convenções Brasil 21. CSBC2014.
Nagahama, F. Y., Farias, F., Aguiar, E., Luciano, G., Granville, L., Cerqueira, E., and Antônio, A. (2012). Ipsflow: uma proposta de sistema de prevençao de intrusao baseado no framework openflow. In III WPEIF-SBRC, volume 12, pages 42–47.
Xing, T., Huang, D., Xu, L., Chung, C.-J., and Khatkar, P. (2013). Snortflow: A openflowbased intrusion prevention system in cloud environment. In Proc. of GREE ’13, pages 89–92, Washington, DC, USA. IEEE Computer Society.