Go to CCN 2017 homepageSHIELD: Securing Against Intruders and Other Threats Through an NFV-Enabled Environment
Abstract: Organisations are witnessing an unprecedented escalation of cyber-crime attacks and struggle to protect against them. Rethinking security is required to cope with numerous new challenges arising today: the sophistication of new attacks, the increasing weakness of traditional security controls, the explosion of data to be collected and analysed to detect threats and the ongoing transformation of IT – such as virtualisation and cloud computing. This chapter provides an overview of the motivations and technical work carried out by the EU-funded project SHIELD: securing against intruders and other threats through an NFV-enabled environment. It aims at combining network functions virtualisation (NFV), security-as-a-service (SecaaS), big data analytics and trusted computing (TC) to provide an extensible, adaptable, fast, low-cost and trustworthy cybersecurity solution. The SHIELD platform leverages NFV to dynamically deploy virtualised security appliance in the network: those virtual network security functions (vNSF) either monitor the network traffic to extract security-relevant metrics or they are actively protecting against threats or attacks. The vNSFs deployment is verified using TC methods to ensure correctness of the NFV infrastructure. The security metrics gathered are feed into a big data storage, which allows multiple security analytics to find out potential attacks threatening the network. The loop is closed with a security controller and dashboard: it presents threats and remediation actions to the operator as well as interacts with the NFV infrastructure to deploy and configure protecting vNSFs.
0 Replies
Loading