OpenSec: Policy-Based Security Using Software-Defined Networking


As the recognition of software-defined networks (SDN) and OpenFlow increases, policy-driven network management has received more attention. Manual configuration of multiple devices is being replaced by an automated approach where a software-primarily based, network-aware controller handles the configuration of all network devices. Software applications running on high of the network controller offer an abstraction of the topology and facilitate the task of operating the network. We have a tendency to propose OpenSec, an OpenFlow-primarily based security framework that allows a network security operator to create and implement security policies written in human-readable language. Using OpenSec, the user can describe a flow in terms of OpenFlow matching fields, outline that security services must be applied to that flow (deep packet inspection, intrusion detection, spam detection, etc.) and specify security levels that outline how OpenSec reacts if malicious traffic is detected. In this paper, we initial provide a additional detailed clarification of how OpenSec converts security policies into a series of OpenFlow messages required to implement such a policy. Second, we describe how the framework automatically reacts to security alerts as specified by the policies. Third, we perform extra experiments on the GENI testbed to judge the scalability of the proposed framework using existing datasets of campus networks. Our results show that up to ninety fivepercent of attacks in an existing knowledge set will be detected and 99percent of malicious source nodes will be blocked automatically. Furthermore, we have a tendency to show that our policy specification language is simpler whereas giving quick translation times compared to existing solutions.

Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE :Critical communications and public safety networks, part 2: technical issues, security, and applications [Guest Editorial]ABSTRACT:As we tend to mentioned in the Guest Editorial of Part 1 of this Feature Topic,
PROJECT TITLE :Visible Light Communication, Networking, and Sensing: A Survey, Potential and ChallengesABSTRACT:The solid-state lighting is revolutionizing the indoor illumination. Current incandescent and fluorescent lamps are
PROJECT TITLE :Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control SystemsABSTRACT:Critical infrastructures, such
PROJECT TITLE : Video Dissemination over Hybrid Cellular and Ad Hoc Networks - 2014 ABSTRACT: We study the problem of disseminating videos to mobile users by using a hybrid cellular and ad hoc network. In particular, we formulate
PROJECT TITLE : Security Analysis of Handover Key Management in 4G LTESAE Networks - 2014 ABSTRACT: The goal of 3GPP Long Term Evolution/System Architecture Evolution (LTE/SAE) is to move mobile cellular wireless technology

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry