Proactive stateful Firewall for software defined networking

3Citations
Citations of this article
11Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Security solutions in conventional networks are complex and costly because of the lack of abstraction, the rigidity and the heterogeneity of the network architecture. However, in Software Defined Networking (SDN), flexible, reprogrammable, robust and cost effective security solutions can be built over the architecture. In this context, we propose a SDN proactive stateful Firewall. Our solution is completely integrated into the SDN environment and it is compliant with the Open‐ Flow (OF) protocol. The proposed Firewall is the first implemented stateful SDN Firewall. It uses a proactive logic to mitigate some fingerprinting and DoS attacks. Furthermore, it improves the network performance by steering network communications in order to fulfil network protocol FSM (Finite State Machine). Besides, an Orchestrator layer is integrated in the Firewall in order to manage the deployment of the Firewall applications. This integration empowers the interactions with the administrator and the data plane elements. We conduct two tests to prove the validity of our concept and to show that the proposed Firewall is efficient and performant.

Cite

CITATION STYLE

APA

Zerkane, S., Espes, D., Le Parc, P., & Cuppens, F. (2017). Proactive stateful Firewall for software defined networking. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10158 LNCS, pp. 123–138). Springer Verlag. https://doi.org/10.1007/978-3-319-54876-0_10

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free