An adaptive mitigation framework for handling suspicious network flows via MPLS policies

International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Ta...

Full description

Bibliographic Details
Main Authors: Hachem, Nabil, Garcia-Alfaro, Joaquin, Debar, Hervé
Other Authors: Département Réseaux et Services de Télécommunications (RST), Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP), Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR), Centre National de la Recherche Scientifique (CNRS), Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR), Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)
Format: Conference Object
Language:English
Published: HAL CCSD 2013
Subjects:
Network security
Policy management
MPLS
OrBAC
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Greenland
Ilulissat
Online Access:https://hal.archives-ouvertes.fr/hal-01269681
https://doi.org/10.1007/978-3-642-41488-6_20
id ftccsdartic:oai:HAL:hal-01269681v1
record_format openpolar
spelling ftccsdartic:oai:HAL:hal-01269681v1 2023-05-15T16:28:25+02:00 An adaptive mitigation framework for handling suspicious network flows via MPLS policies Hachem, Nabil Garcia-Alfaro, Joaquin Debar, Hervé Département Réseaux et Services de Télécommunications (RST) Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP) Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR) Centre National de la Recherche Scientifique (CNRS) Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR) Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP) Ilulissat, Greenland 2013-10-18 https://hal.archives-ouvertes.fr/hal-01269681 https://doi.org/10.1007/978-3-642-41488-6_20 en eng HAL CCSD Springer-Verlag info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-41488-6_20 hal-01269681 https://hal.archives-ouvertes.fr/hal-01269681 doi:10.1007/978-3-642-41488-6_20 Proceedings NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems https://hal.archives-ouvertes.fr/hal-01269681 NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems, Oct 2013, Ilulissat, Greenland. pp.297 - 312, ⟨10.1007/978-3-642-41488-6_20⟩ Network security Policy management MPLS OrBAC [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] info:eu-repo/semantics/conferenceObject Conference papers 2013 ftccsdartic https://doi.org/10.1007/978-3-642-41488-6_20 2021-01-31T00:00:18Z International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented Conference Object Greenland Ilulissat Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe) Greenland Ilulissat ENVELOPE(-51.099,-51.099,69.220,69.220) 297 312
institution Open Polar
collection Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe)
op_collection_id ftccsdartic
language English
topic Network security
Policy management
MPLS
OrBAC
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
spellingShingle Network security
Policy management
MPLS
OrBAC
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Hachem, Nabil
Garcia-Alfaro, Joaquin
Debar, Hervé
An adaptive mitigation framework for handling suspicious network flows via MPLS policies
topic_facet Network security
Policy management
MPLS
OrBAC
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
description International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented
author2 Département Réseaux et Services de Télécommunications (RST)
Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)
Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR)
Centre National de la Recherche Scientifique (CNRS)
Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR)
Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)
format Conference Object
author Hachem, Nabil
Garcia-Alfaro, Joaquin
Debar, Hervé
author_facet Hachem, Nabil
Garcia-Alfaro, Joaquin
Debar, Hervé
author_sort Hachem, Nabil
title An adaptive mitigation framework for handling suspicious network flows via MPLS policies
title_short An adaptive mitigation framework for handling suspicious network flows via MPLS policies
title_full An adaptive mitigation framework for handling suspicious network flows via MPLS policies
title_fullStr An adaptive mitigation framework for handling suspicious network flows via MPLS policies
title_full_unstemmed An adaptive mitigation framework for handling suspicious network flows via MPLS policies
title_sort adaptive mitigation framework for handling suspicious network flows via mpls policies
publisher HAL CCSD
publishDate 2013
url https://hal.archives-ouvertes.fr/hal-01269681
https://doi.org/10.1007/978-3-642-41488-6_20
op_coverage Ilulissat, Greenland
long_lat ENVELOPE(-51.099,-51.099,69.220,69.220)
geographic Greenland
Ilulissat
geographic_facet Greenland
Ilulissat
genre Greenland
Ilulissat
genre_facet Greenland
Ilulissat
op_source Proceedings NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems
NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems
https://hal.archives-ouvertes.fr/hal-01269681
NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems, Oct 2013, Ilulissat, Greenland. pp.297 - 312, ⟨10.1007/978-3-642-41488-6_20⟩
op_relation info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-41488-6_20
hal-01269681
https://hal.archives-ouvertes.fr/hal-01269681
doi:10.1007/978-3-642-41488-6_20
op_doi https://doi.org/10.1007/978-3-642-41488-6_20
container_start_page 297
op_container_end_page 312
_version_ 1766018064438001664

Similar Items