Uma Arquitetura de Virtualização de Funções de Rede para Proteção Automática e Eficiente contra Ataques

Resumo

Intrusion Prevention Systems (IPSs) are expensive and inefficient when blocking all traffic from a source address. Therefore, the ability to apply countermeasures only to malicious traffic becomes an important security challenge. This article proposes a Network Function Virtualization (NFV) architecture to provide automatic, and efficient protection against attacks. Malicious flows are dynamically diverted through a Virtual Network Functions (VNFs) chain containing an application firewall and an IDS. A prototype was built using the Open Platform for NFV (OPNFV). The architecture is capable of blocking 99.12% of the attacks without affecting 93.6% of the benign traffic.