Abstract
Organisations are witnessing an unprecedented escalation of cyber-crime attacks and struggle to protect against them. Rethinking security is required to cope with numerous new challenges arising today: the sophistication of new attacks, the increasing weakness of traditional security controls, the explosion of data to be collected and analysed to detect threats and the ongoing transformation of IT – such as virtualisation and cloud computing.
This chapter provides an overview of the motivations and technical work carried out by the EU-funded project SHIELD: securing against intruders and other threats through an NFV-enabled environment. It aims at combining network functions virtualisation (NFV), security-as-a-service (SecaaS), big data analytics and trusted computing (TC) to provide an extensible, adaptable, fast, low-cost and trustworthy cybersecurity solution.
The SHIELD platform leverages NFV to dynamically deploy virtualised security appliance in the network: those virtual network security functions (vNSF) either monitor the network traffic to extract security-relevant metrics or they are actively protecting against threats or attacks. The vNSFs deployment is verified using TC methods to ensure correctness of the NFV infrastructure. The security metrics gathered are feed into a big data storage, which allows multiple security analytics to find out potential attacks threatening the network. The loop is closed with a security controller and dashboard: it presents threats and remediation actions to the operator as well as interacts with the NFV infrastructure to deploy and configure protecting vNSFs.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Kochetkova K (2016) Kaspersky Lab official blog. https://blog.kaspersky.com/attack-on-dyn-explained/13325/. Accessed 6 Apr 2017
Paganini P (2013) 2013 Norton Report, the impact of cybercrime according Symantec. In: Security Affairs. http://securityaffairs.co/wordpress/18475/cyber-crime/2013-norton-report.html. Accessed 6 Apr 2017
Ponemon Cyber Crime Report: IT, Computer & Internet Security. In: Hewlett-Packard Enterprise. http://www8.hp.com/us/en/software-solutions/ponemon-cyber-security-report/. Accessed 6 Apr 2017
Paganini P (2013) 2013 – the impact of cybercrime. In: InfoSec Resources. http://resources.infosecinstitute.com/2013-impact-cybercrime/. Accessed 6 Apr 2017
Security as a Service: Cloud Security Alliance. https://cloudsecurityalliance.org/group/security-as-a-service/#_overview. Accessed 6 Apr 2017
Messmer E (2013) Gartner: cloud-based security as a service set to take off. In: Network World. http://www.networkworld.com/article/2171424/data-breach/gartner--cloud-based-security-as-a-service-set-to-take-off.html. Accessed 6 Apr 2017
Network Functions Virtualisation. http://www.etsi.org/technologies-clusters/technologies/nfv. Accessed 6 Apr 2017
(2014) Network Functions Virtualisation (NFV); NFV Security; Security and Trust Guidance. http://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/003/01.01.01_60/gs_NFV-SEC003v010101p.pdf. Accessed 6 Apr 2017
(2014) Network Functions Virtualisation (NFV); Management and Orchestration. http://www.etsi.org/deliver/etsi_gs/NFV-MAN/001_099/001/01.01.01_60/gs_nfv-man001v010101p.pdf. Accessed 6 Apr 2017
Herbaut N (2015) D5.1 Network Function Store. http://www.t-nova.eu/wp-content/ uploads/2016/03/TNOVA_D5_1_Network_Function_Store_v1.0.pdf. Accessed 6 Apr 2017
Vapnik V, Cheryonenkis A (1974) Theory of pattern recognition
Gerdsri N, Kocaoglu D (2007) Applying the analytic hierarchy process (AHP) to build a strategic framework for technology road mapping. Math Comput Model 46:1071–1080. doi:10.1016/j.mcm.2007.03.015
(2017) Open Cloud Integrity Technology (Open CIT). In: Intel Open Source. https://01.org/opencit. Accessed 6 Apr 2017
(2017) Trusted Platform Module (TPM). http://www.trustedcomputinggroup.org/trusted-platform-module-tpm-summary/. Accessed 6 Apr 2017
Asokan N, Niemi V, Nyberg K (2005) Man-in-the-Middle in Tunnelled Authentication Protocols. Security Protocols 28–41. Doi:10.1007/11542322_6
OpenTC – Open Trusted Computing. In: Technikon. https://www.technikon.com/projects/ former/opentc. Accessed 6 Apr 2017
TClouds – Trustworthy Clouds. In: Technikon. https://www.technikon.com/projects/former/ tclouds. Accessed 6 Apr 2017
SECURED – SECURity at the network EDge. https://www-secured-fp7.eu. Accessed 6 Apr 2017
Jacquin L, Shaw A, Dalton C (2015) Towards trusted software-defined networks using a hardware-based Integrity Measurement Architecture. In: Proceedings of the 2015 1st IEEE conference on Network Softwarization (NetSoft). Doi:10.1109/netsoft.2015.7116186
TeNOR, FP7 T-NOVA. https://github.com/T-NOVA/TeNOR. Accessed 6 Apr 2017
Open Source Mano. https://osm.etsi.org. Accessed 6 Apr 2017
(2016) Catalogue and Repository, 5G–PPP SONATA. https://github.com/sonata-nfv/son-catalogue-repos. Accessed 6 Apr 2017
Kill chain. In: Wikipedia. https://en.wikipedia.org/wiki/Kill_chain. Accessed 6 Apr 2017
Apache Kafka, distributed streaming platform. https://kafka.apache.org. Accessed 6 Apr 2017
Apache Storm, open source distributed real-time processing of data. http://storm.apache.org/. Accessed 6 Apr 2017
Apache Spot, open source solution for packet and flow analytics. https://spot.apache.org. Accessed 6 Apr 2017
Blei D, Ng A, Jordan M (2003) Latent dirichlet allocation. J Mach Learn Res 3:993–1022
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Attak, H. et al. (2017). SHIELD: Securing Against Intruders and Other Threats Through an NFV-Enabled Environment. In: Zhu, S., Scott-Hayward, S., Jacquin, L., Hill, R. (eds) Guide to Security in SDN and NFV. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-64653-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-64653-4_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64652-7
Online ISBN: 978-3-319-64653-4
eBook Packages: Computer ScienceComputer Science (R0)