A Framework for SFC Integrity in NFV Environments - Security of Networks and Services in an All-Connected World
Conference Papers Year : 2017

A Framework for SFC Integrity in NFV Environments

Abstract

Industry and academia have increased the deployment of Network Functions Virtualization (NFV) on their environments, either for reducing expenditures or taking advantage of NFV flexibility for service provisioning. In NFV, Service Function Chainings (SFC) composed of Virtualized Network Functions (VNF) are defined to deliver services to different customers. Despite the advancements in SFC composition for service provisioning, there is still a lack of proposals for ensuring the integrity of NFV service delivery, i.e., detecting anomalies in SFC operation. Such anomalies could indicate a series of different threats, such as DDoS attacks, information leakage, and unauthorized access. In this PhD, we propose a framework composed of an SFC Integrity Module (SIM) for the standard NFV architecture, providing the integration of anomaly detection mechanisms to NFV orchestrators. We present recent results of this PhD regarding the implementation of an entropy-based anomaly detection mechanism using the SIM framework. The results presented in this paper are based on the execution of the proposed mechanism using a realistic SFC data set.
Fichier principal
Vignette du fichier
452969_1_En_18_Chapter.pdf (292.93 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01806053 , version 1 (01-06-2018)

Licence

Identifiers

Cite

Lucas Bondan, Tim Wauters, Bruno Volckaert, Filip De Turck, Lisandro Zambenedetti Granville. A Framework for SFC Integrity in NFV Environments. 11th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jul 2017, Zurich, Switzerland. pp.179-184, ⟨10.1007/978-3-319-60774-0_18⟩. ⟨hal-01806053⟩
279 View
50 Download

Altmetric

Share

More