{"title":"使用软件定义的网络进行异常追溯","authors":"J. François, O. Festor","doi":"10.1109/WIFS.2014.7084328","DOIUrl":null,"url":null,"abstract":"While the threats in Internet are still increasing and evolving (like intra multi-tenant data center attacks), protection and detection mechanisms are not fully accurate. Therefore, forensics is vital for recovering from an attack but also to identify the responsible entities. Therefore, this paper focuses on tracing back to the sources of an anomaly in the network. In this paper, we propose a method leveraging the Software Defined Networking (SDN) paradigm to passively identify switches composing the network path of an anomaly. As SDN technologies tend to be deployed in the next generation of networks including in data centers, they provide a helpful framework to implement our proposal without developing dedicated routers like usual IP traceback techniques. We evaluated our scheme with different network topologies (Internet and data centers) by considering distributed attacks with numerous hosts.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"37","resultStr":"{\"title\":\"Anomaly traceback using software defined networking\",\"authors\":\"J. François, O. Festor\",\"doi\":\"10.1109/WIFS.2014.7084328\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"While the threats in Internet are still increasing and evolving (like intra multi-tenant data center attacks), protection and detection mechanisms are not fully accurate. Therefore, forensics is vital for recovering from an attack but also to identify the responsible entities. Therefore, this paper focuses on tracing back to the sources of an anomaly in the network. In this paper, we propose a method leveraging the Software Defined Networking (SDN) paradigm to passively identify switches composing the network path of an anomaly. As SDN technologies tend to be deployed in the next generation of networks including in data centers, they provide a helpful framework to implement our proposal without developing dedicated routers like usual IP traceback techniques. We evaluated our scheme with different network topologies (Internet and data centers) by considering distributed attacks with numerous hosts.\",\"PeriodicalId\":220523,\"journal\":{\"name\":\"2014 IEEE International Workshop on Information Forensics and Security (WIFS)\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"37\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE International Workshop on Information Forensics and Security (WIFS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WIFS.2014.7084328\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WIFS.2014.7084328","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Anomaly traceback using software defined networking
While the threats in Internet are still increasing and evolving (like intra multi-tenant data center attacks), protection and detection mechanisms are not fully accurate. Therefore, forensics is vital for recovering from an attack but also to identify the responsible entities. Therefore, this paper focuses on tracing back to the sources of an anomaly in the network. In this paper, we propose a method leveraging the Software Defined Networking (SDN) paradigm to passively identify switches composing the network path of an anomaly. As SDN technologies tend to be deployed in the next generation of networks including in data centers, they provide a helpful framework to implement our proposal without developing dedicated routers like usual IP traceback techniques. We evaluated our scheme with different network topologies (Internet and data centers) by considering distributed attacks with numerous hosts.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
