论文信息 - SDN-based security services using interface to network security functions

SDN-based security services using interface to network security functions

This paper proposes a framework for security services using Software-Defined Networking (SDN) and Interface to Network Security Functions (I2NSF). It specifies requirements for such a framework for security services based on network virtualization. It describes two representative security systems, such as (i) centralized firewall system and (ii) DDoS-attack mitigation system. For each service, this paper discusses the limitations of existing systems and presents a possible SDN-based system to protect network resources by controlling suspicious and dangerous network traffic.

[1] Jürgen Schönwälder,et al. Network Configuration Protocol (NETCONF) , 2011, RFC.

[2] Christian Jacquenet,et al. Software-Defined Networking: A Perspective from within a Service Provider Environment , 2014, RFC.

[3] Martin Bjorklund,et al. YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF) , 2010 .

[4] Nick Feamster,et al. Improving network management with software defined networking , 2013, IEEE Commun. Mag..

[5] Sam Hartman,et al. Security Analysis of the Open Networking Foundation (ONF) OpenFlow Switch Specification , 2013 .

[6] Jung-Soo Park,et al. A Framework for Security Services Based on Software-Defined Networking , 2015, 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops.