Visible to the public The Vision of Self-Aware Reordering of Security Network Function Chains

TitleThe Vision of Self-Aware Reordering of Security Network Function Chains
Publication TypeConference Paper
Year of Publication2018
AuthorsIffländer, Lukas, Walter, Jürgen, Eismann, Simon, Kounev, Samuel
Conference NameCompanion of the 2018 ACM/SPEC International Conference on Performance Engineering
ISBN Number978-1-4503-5629-9
KeywordsChained Attacks, models at run-time, network function virtualization, pubcrawl, resilience, Resiliency, Scalability, service function chaining, software-defined networking

Services provided online are subject to various types of attacks. Security appliances can be chained to protect a system against multiple types of network attacks. The sequence of appliances has a significant impact on the efficiency of the whole chain. While the operation of security appliance chains is currently based on a static order, traffic-aware reordering of security appliances may significantly improve efficiency and accuracy. In this paper, we present the vision of a self-aware system to automatically reorder security appliances according to incoming traffic. To achieve this, we propose to apply a model-based learning, reasoning, and acting (LRA-M) loop. To this end, we describe a corresponding system architecture and explain its building blocks.

Citation Keyifflander_vision_2018