An adaptive mitigation framework for handling suspicious network flows via MPLS policies

International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Ta...

Full description

Bibliographic Details
Main Authors: Hachem, Nabil, Garcia-Alfaro, Joaquin, Debar, Hervé
Other Authors: Département Réseaux et Services de Télécommunications (RST), Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP), Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR), Centre National de la Recherche Scientifique (CNRS), Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR), Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)
Format: Conference Object
Language:English
Published: HAL CCSD 2013
Subjects:
Network security
Policy management
MPLS
OrBAC
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Greenland
Ilulissat
Online Access:https://hal.science/hal-01269681
https://doi.org/10.1007/978-3-642-41488-6_20
Description
Summary:International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented

Similar Items