Research And Application Of Service Function Chaining Based On Security Threat Intelligence

In recent years,network security protection is facing more and more challenges.The traditional firewall,intrusion detection and anti-virus software using feature detection as a means of static defense have been difficult to counter the means of continuous change and escalation.The existing security threat intelligence platforms also face problems such as inconsistent data formats,lack of intelligence in data analysis,and lack of automation in security response.Based on security threat intelligence data-driven defense with data unification,analysis intelligence and response automation,will become a new security defense strategy.End-to-end security services often require a range of network functions,such as firewalls,intrusion detection systems,and more.The deployment of the traditional service function chaining(SFC)is usually closely coupled with the network topology and has become a stumbling block for the rapid expansion of security services.Software defined networking(SDN),as an emerging network technology,has features such as centralized management and open interfaces that effectively promote the development of the service function chaining.Service function chaining technology based on SDN network will be an important part of implementing intelligent and automated security threat response in security threat intelligence systems.Based on this,this thesis mainly studies how to realize the security and automation of security threat defense based on security threat intelligence,focusing on security threat intelligence sharing and service function chaining policy and conflict detection.First of all,this paper analyzes the limitations of existing solutions by studying the current problem of service function chaining policy and policy conflict detection.This paper proposes the design requirements and ideas of the security threat intelligence system.Then,through the technical selection and program demonstration,the core module of the security threat intelligence platform is realized.The experiments were designed separately to verify the correctness and performance of the system.In addition,in order to achieve rapid response to security threats,this paper studies the service function chaining policy and policy conflict detection problem under SDN network,and proposes a policy conflict detection algorithm for the service function chaining,which is developed and integrated into the laboratory system.By designing and constructing the security service orchestration scenario under the SDN network,the correctness of the service function chaining policy and conflict detection is verified.