CRJun 8, 2018
A SDN-based Flexible System for On-the-Fly Monitoring and Treatment of Security EventsMaxli Campos, Joberto Martins
The Software Defined Networking (SDN) paradigm decouples control and data planes, offering high programmability and a global view of the network. However, it is a challenge not only provide security in these next generation networks as well as allow that network attacks could be subjected to an incident and forensic treatment procedure. This paper proposes the implementation of flexible mechanisms of monitoring and treatment of security events categorized per type of attack and associated with whitelist and blacklist resources by means of the SDN controller programmability. The resources to perform intrusion and attack analysis are validated by means of a real SDN/OpenFlow testbed.
NIJun 8, 2018
Evaluating CBR Similarity Functions for BAM Switching in Networks with Dynamic Traffic ProfileEliseu Oliveira, Rafael Freitas, Joberto Martins
In an increasingly complex scenario for network management, a solution that allows configuration in more autonomous way with less intervention of the network manager is expected. This paper presents an evaluation of similarity functions that are necessary in the context of using a learning strategy for finding solutions. The learning approach considered is based on Case-Based Reasoning (CBR) and is applied to a network scenario where different Bandwidth Allocation Models (BAMs) behaviors are used and must be eventually switched looking for the best possible network operation. In this context, it is required to identify and configure an adequate similarity function that will be used in the learning process to recover similar solutions previously considered. This paper introduces the similarity functions, explains the relevant aspects of the learning process in which the similarity function plays a role and, finally, presents a proof of concept for a specific similarity function adopted. Results show that the similarity function was capable to get similar results from the existing use case database. As such, the use of similarity functions with CBR technique has proved to be potentially satisfactory for supporting BAM switching decisions mostly driven by the dynamics of input traffic profile.