Related papers: Methods and Techniques for Dynamic Deployability of Software-Defined Security Services

Methods and Techniques for Dynamic Deployability of Software-Defined Security Services

URL: http://arxiv.org/abs/2004.02876v1
Date: Sat, 4 Apr 2020 16:04:18 GMT
Title: Methods and Techniques for Dynamic Deployability of Software-Defined Security Services
Authors: Roberto Doriguzzi-Corin
Abstract summary: This thesis investigates the challenges of provisioning network security services in "softwarised" networks. The study is approached from the perspective of the telecom operator, whose goal is to protect the customers from network threats. The overall aim of the research presented in this thesis is proposing novel techniques for optimising the resource usage of software-based security services.
Score: 0.0
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: With the recent trend of "network softwarisation", enabled by emerging technologies such as Software-Defined Networking (SDN) and Network Function Virtualisation (NFV), system administrators of data centres and enterprise networks have started replacing dedicated hardware-based middleboxes with virtualised network functions running on servers and end hosts. This radical change has facilitated the provisioning of advanced and flexible network services, ultimately helping system administrators and network operators to cope with the rapid changes in service requirements and networking workloads. This thesis investigates the challenges of provisioning network security services in "softwarised" networks, where the security of residential and business users can be provided by means of sets of software-based network functions running on high performance servers or on commodity compute devices. The study is approached from the perspective of the telecom operator, whose goal is to protect the customers from network threats and, at the same time, maximize the number of provisioned services, and thereby revenue. Specifically, the overall aim of the research presented in this thesis is proposing novel techniques for optimising the resource usage of software-based security services, hence for increasing the chances for the operator to accommodate more service requests while respecting the desired level of network security of its customers. In this direction, the contributions of this thesis are the following: (i) a solution for the dynamic provisioning of security services that minimises the utilisation of computing and network resources, and (ii) novel methods based on Deep Learning and Linux kernel technologies for reducing the CPU usage of software-based security network functions, with specific focus on the defence against Distributed Denial of Service (DDoS) attacks.

Related papers

Security Evaluation in Software-Defined Networks [1.9713190626298576]
Cloud computing has led to a significant increase in Data Centre (DC) network requirements. Traditional DCs are struggling to meet the flexible, centrally managed requirements of cloud computing applications. This article presents a framework for evaluating security of Software-Defined Networks (SDN)
arXiv Detail & Related papers (2024-08-21T09:56:14Z)
Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z)
Software-based Security Framework for Edge and Mobile IoT [0.5735035463793009]
This work focuses on designing secure communication among remote servers and embedded IoT devices. The proposed approach uses lightweight cryptography, optimizing device performance and security without overburdening their limited resources.
arXiv Detail & Related papers (2024-04-09T16:25:13Z)
A Learning-based Incentive Mechanism for Mobile AIGC Service in Decentralized Internet of Vehicles [49.86094523878003]
We propose a decentralized incentive mechanism for mobile AIGC service allocation. We employ multi-agent deep reinforcement learning to find the balance between the supply of AIGC services on RSUs and user demand for services within the IoV context.
arXiv Detail & Related papers (2024-03-29T12:46:07Z)
Differentiated Security Architecture for Secure and Efficient Infotainment Data Communication in IoV Networks [55.340315838742015]
Negligence on the security of infotainment data communication in IoV networks can unintentionally open an easy access point for social engineering attacks. In particular, we first classify data communication in the IoV network, examine the security focus of each data communication, and then develop a differentiated security architecture to provide security protection on a file-to-file basis.
arXiv Detail & Related papers (2024-03-29T12:01:31Z)
The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
arXiv Detail & Related papers (2024-01-03T07:47:22Z)
Towards Intelligent Network Management: Leveraging AI for Network Service Detection [0.0]
This study focuses on leveraging Machine Learning methodologies to create an advanced network traffic classification system. We introduce a novel data-driven approach that excels in identifying various network service types in real-time. Our system demonstrates a remarkable accuracy in distinguishing the network services.
arXiv Detail & Related papers (2023-10-14T16:06:11Z)
Enhancing Network Resilience through Machine Learning-powered Graph Combinatorial Optimization: Applications in Cyber Defense and Information Diffusion [0.0]
This thesis focuses on developing effective approaches for enhancing network resilience. Existing approaches for enhancing network resilience emphasize on determining bottleneck nodes and edges in the network. This thesis aims to design effective, efficient and scalable techniques for discovering bottleneck nodes and edges in the network.
arXiv Detail & Related papers (2023-09-22T01:48:28Z)
Machine Learning-Based User Scheduling in Integrated Satellite-HAPS-Ground Networks [82.58968700765783]
Integrated space-air-ground networks promise to offer a valuable solution space for empowering the sixth generation of communication networks (6G) This paper showcases the prospects of machine learning in the context of user scheduling in integrated space-air-ground communications.
arXiv Detail & Related papers (2022-05-27T13:09:29Z)
Using Reinforcement Learning to Allocate and Manage Service Function Chains in Cellular Networks [0.456877715768796]
We propose the use of reinforcement learning to deploy a service function chain (SFC) of cellular network service and manage the network virtual functions (VNFs) The main purpose is to reduce the number of lost packets taking into account the energy consumption of the servers. Preliminary results show that the agent is able to allocate the SFC and manage the VNFs, reducing the number of lost packets.
arXiv Detail & Related papers (2020-06-12T17:38:23Z)
A Privacy-Preserving Distributed Architecture for Deep-Learning-as-a-Service [68.84245063902908]
This paper introduces a novel distributed architecture for deep-learning-as-a-service. It is able to preserve the user sensitive data while providing Cloud-based machine and deep learning services.
arXiv Detail & Related papers (2020-03-30T15:12:03Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.