A Data Driven Soft Defined Security Framework

Posted on:2018-01-27

Degree:Master

Type:Thesis

Country:China

Candidate:W J Wang

Full Text:PDF

GTID:2348330518496362

Subject:Information and Communication Engineering

Abstract/Summary:

PDF Full Text Request

At the same time of the rapid development of internet brings great convenience to people, the areas of security, operation and maintenance of the network are facing tremendous pressure. But the traditional network is difficult to solve this problem fundamentally, the emergence of Software-Defined Network (SDN) break the bottleneck. The core idea of SDN is to separate the control layer and data layer. The separate of the control layer provides the possibility of centralized management and programmable control.Software-Defined Security (SDS) come with using the core idea of SDN to design, deploy, manage the security mechanism in the area of security. SDS, which provides a flexible and centralized security solution by abstracting the security mechanisms from the hardware layer into a software layer, attracts many researchers to study the detail of this conception. However, there are two key challenges of SDS achieving automatic and intelligent scheduling and management. One problem is intelligent security information interaction, how to schedule and orchestrate security appliances according to huge and heterogeneous threat information. And the other one is security function abstraction, the security system centralized control with the lack of standardized interfaces of a wide variety of security devices.To solve these two problems above, this paper presents a data driven Security-Defined Security Framework. The complex Structured Threat Information expression (STIX) ontology and corresponding tools are tailored for SDOF to standardize and centralize all data in SDS. In the framework, we put forward uniform interfaces for security devices so that they could be orchestrated by software and their data could be collected and processed centrally. These two achievements makes real-time dynamic orchestration possible in SDS.We also provide an orchestration scenario to demonstrate how the data driven Security-Defined Security Framework works and the implementation of this framework through evaluating its performance.

Keywords/Search Tags:

Software-Defined Security, intelligent information interaction, security function abstraction, STIX, uniform interfaces, orchestration

PDF Full Text Request

Related items

1	The Design And Implementation Of Security Service Orchestration System Based On Software Defined Security
2	Design And Implementation Of Service Function Chain Based On Software Defined Security
3	Research On Network Service Orchestration Mechanisms Based On SDN And NFV
4	Virtualization-Based Network Security Service Function Chain Orchestration System Design
5	Design And Implementation Of Dynamic Orchestration Mechanism Of Service Function Chain In Hybrid NFV Networks
6	Several Security Issues In Software-Defined Networking
7	Research On Security Applications Of Software-Defined Boundaries
8	Security Research Of Time Service Platform Based On Software-defined Security
9	Research On Software-defined Security Based On SDN Security Controller
10	Lifecycle Management Of Network Security Incident Emergency Response