Firewall as a service in SDN OpenFlow network

被引：0

作者：

Arins, Andis ^{[1
]}

机构：

[1] Univ Latvia, Fac Comp, Riga, Latvia

来源：

PROCEEDINGS OF THE 2015 IEEE 3RD WORKSHOP ON ADVANCES IN INFORMATION, ELECTRONIC AND ELECTRICAL ENGINEERING (AIEEE 2015) | 2015年

关键词：

BGP; latency; BGP experimentation;

D O I：

暂无

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Protecting publicly available servers in internet today is a serious challenge, especially when encountering Distributed denial-of-service (DDoS) attacks. In traditional internet, there is narrow scope of choices one can take when ingress traffic overloads physical connection limits. This paper proposes Firewall as a service in internet service providers (ISP) networks allowing end users to request and install match-action rules in ISPs edge routers. In proposed scenario, ISP runs Software Defined Networking environment where control plane is separated from data plane utilizing OpenFlow protocol and ONOS controller. For interaction between end-users and SDN Controller author defines an Application Programming Interface (API) over a secure SSL/TLS connection. The Controller is responsible for translating high-level logics in low-level rules in OpenFlow switches. This study runs experiments in OpenFlow test-bed researching a mechanism for end-user to discard packets on ISP edge routers thus minimizing their uplink saturation and staying on-line.

引用

页数：5

共 50 条

[31] SDN Architecture to prevent attacks with OpenFlow
Flauzac, Olivier
Robledo, Erick Gallegos
Gonzalez, Carlos
Mauhourat, Fabien
Nolot, Florent
2020 8TH INTERNATIONAL CONFERENCE ON WIRELESS NETWORKS AND MOBILE COMMUNICATIONS (WINCOM 2020), 2020, : 40 - 45
[32] Dynamic Optical Packet Switching Network with Advanced SDN/Openflow Control (Invited talk)
Cao, Xiaoyuan
Yoshikane, Noboru
Tsuritani, Takehiro
Morita, Itsuro
Shiraiwa, Masaki
Wada, Naoya
2015 OPTO-ELECTRONICS AND COMMUNICATIONS CONFERENCE (OECC), 2015,
[33] Packet_In message based DDoS attack detection in SDN network using OpenFlow
You, Xiang
Feng, Yaokai
Sakurai, Kouichi
2017 FIFTH INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR), 2017, : 522 - 528
[34] Control-Plane OpenFlow Segment Routing SDN for Network Control Messages Reduction
Thaenchaikun, Chakadkit
Panichpattanakul, Wasimon
2017 14TH INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING/ELECTRONICS, COMPUTER, TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY (ECTI-CON), 2017, : 322 - 325
[35] Making Queueing Theory More Palatable to SDN/OpenFlow-based Network Practitioners
Ansell, Jordan
Seah, Winston K. G.
Ng, Bryan
Marshall, Stuart
NOMS 2016 - 2016 IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, 2016, : 1119 - 1124
[36] REFLO: Reactive Firewall System with OpenFlow and Flow Monitoring System
Visoottiviseth, Vasaka
Lertviriyasawat, Suthasinee
Suppiyatrakoon, Peerada
Chitkornkitsil, Pattarajit
Yamai, Nariyoshi
TENCON 2017 - 2017 IEEE REGION 10 CONFERENCE, 2017, : 2273 - 2278
[37] SDN and OpenFlow for Converged Access/Aggregation Networks
Woesner, Hagen
Fritzsche, Daniel
2013 OPTICAL FIBER COMMUNICATION CONFERENCE AND EXPOSITION AND THE NATIONAL FIBER OPTIC ENGINEERS CONFERENCE (OFC/NFOEC), 2013,
[38] Deployment of OpenFlow/SDN Technologies to Carrier Services
Sato, Yoichi
Fukuda, Ichiro
Fujita, Tomonori
IEICE TRANSACTIONS ON COMMUNICATIONS, 2013, E96B (12) : 2946 - 2952
[39] A Robust SDN Network Architecture for Service Providers
Lopez-Rodriguez, Fernando
Campelo, Divanilson R.
2014 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM 2014), 2014, : 1903 - 1908
[40] NFShunt: a Linux firewall with OpenFlow-enabled hardware bypass
Miteff, Simeon
Hazelhurst, Scott
2015 IEEE CONFERENCE ON NETWORK FUNCTION VIRTUALIZATION AND SOFTWARE DEFINED NETWORK (NFV-SDN), 2015, : 100 - 106

← 1 2 3 4 5 →