An adaptive mitigation framework for handling suspicious network flows via MPLS policies
International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Ta...
Main Authors: | , , |
---|---|
Other Authors: | , , , , , |
Format: | Conference Object |
Language: | English |
Published: |
HAL CCSD
2013
|
Subjects: | |
Online Access: | https://hal.science/hal-01269681 https://doi.org/10.1007/978-3-642-41488-6_20 |
Summary: | International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented |
---|