Using Cyber Threat Intelligence to Prevent Malicious Known Traffic in a SDN Physical Testbed
This work addresses network security challenges for organizations by enhancing SDN protection against known threats, though it appears incremental in applying CTI to an existing framework.
The paper tackled the problem of increasing and evolving network attacks by incorporating Cyber Threat Intelligence (CTI) into Software Defined Networks (SDN) to block malicious traffic, and it demonstrated this approach in a physical testbed.
Since the use of applications and communication tools has increased, one of the concerns of the responsible for network security has been to protect information and information systems, as well as to provide trust to end users for the use of information and communication technologies. Nowadays, attacks on the network have increased and undergone modifications, which make the task for traditional security devices difficult, being necessary to add the intelligence to face the new attacks generated in the network. Hence the need to incorporate Cyber Threat Intelligence (CTI) as a new component in the network. This work focuses on the use of information provided by a CTI to improve the security of Software Defined Networks (SDN), and at the same time, analyze how malicious traffic could be blocked in a physical testbed.