PROJECT TITLE :
OpenSec: Policy-Based Security Using Software-Defined Networking
As the recognition of software-defined networks (SDN) and OpenFlow increases, policy-driven network management has received more attention. Manual configuration of multiple devices is being replaced by an automated approach where a software-primarily based, network-aware controller handles the configuration of all network devices. Software applications running on high of the network controller offer an abstraction of the topology and facilitate the task of operating the network. We have a tendency to propose OpenSec, an OpenFlow-primarily based security framework that allows a network security operator to create and implement security policies written in human-readable language. Using OpenSec, the user can describe a flow in terms of OpenFlow matching fields, outline that security services must be applied to that flow (deep packet inspection, intrusion detection, spam detection, etc.) and specify security levels that outline how OpenSec reacts if malicious traffic is detected. In this paper, we initial provide a additional detailed clarification of how OpenSec converts security policies into a series of OpenFlow messages required to implement such a policy. Second, we describe how the framework automatically reacts to security alerts as specified by the policies. Third, we perform extra experiments on the GENI testbed to judge the scalability of the proposed framework using existing datasets of campus networks. Our results show that up to ninety fivepercent of attacks in an existing knowledge set will be detected and 99percent of malicious source nodes will be blocked automatically. Furthermore, we have a tendency to show that our policy specification language is simpler whereas giving quick translation times compared to existing solutions.
Did you like this research project?
To get this research project Guidelines, Training and Code... Click Here