In this work we present an exploitation of the Software Defined Networking paradigm to implement an architecture allowing a system network administrator to implement and verify in a formal way security policies. The main result is a framework that support the network administrator in the security management process providing services during all this phase, from automated traffic analysis during the prevention phase to tools for the exclusion of malicious traffic from the main flow in the reaction phase. In order to validate the proposed architecture we will showcase an industrial network applied scenario, simulating attacks and countermeasures techniques.
Security network policy enforcement through a SDN framework
Berardi, Davide;
2018-01-01
Abstract
In this work we present an exploitation of the Software Defined Networking paradigm to implement an architecture allowing a system network administrator to implement and verify in a formal way security policies. The main result is a framework that support the network administrator in the security management process providing services during all this phase, from automated traffic analysis during the prevention phase to tools for the exclusion of malicious traffic from the main flow in the reaction phase. In order to validate the proposed architecture we will showcase an industrial network applied scenario, simulating attacks and countermeasures techniques.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
