来源： 计算机学院 | 发表时间： 2017-08-03 | 浏览次数： 323
报告题目：Defending Against Cyber Attacks through SDN and NFV Enabled Approaches
报告内容：The emergence of Software Defined Networking (SDN) and Network Functions Virtualization (NFV) significantly expedites the evolution towards next generation networks. Specifically, SDN decouples the traditional network architecture into control plane and date plane, significantly simplifying the complexity of network management. NFV serves as an efficient approach to reducing CAPEX and OPEX by pooling and consolidating various network equipment types, e.g., NAT, firewall, IDS, DNS, onto industry standard high volume servers, switches and storage using virtualization technologies. Despite their advantages, it remains unclear how the landscape of Cyberdefense can be reshaped and whether or not the asymmetric advantages between attacker and defender could be changed. In this talk, we showcase our two contributions, (1) ArOMA: an SDN based autonomic DDoS mitigation framework, which leverages the programmability, global visibility, and centralized manageability of SDN to bring ISPs and their customers together to collaboratively defend against DDoS attacks; (2) SecMANO: a NFV-based security management and orchestration framework, which has potential to dynamically manage and orchestrate security functions, ultimately enabling security as on demand services. A proof-of-concept security orchestrator will be specifically exemplified. Some lessons learned and our ongoing work will be finally discussed.