An adaptive mitigation framework for handling suspicious network flows via MPLS policies
International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Ta...
Main Authors: | , , |
---|---|
Other Authors: | , , , , , |
Format: | Conference Object |
Language: | English |
Published: |
HAL CCSD
2013
|
Subjects: | |
Online Access: | https://hal.science/hal-01269681 https://doi.org/10.1007/978-3-642-41488-6_20 |
id |
ftunivnantes:oai:HAL:hal-01269681v1 |
---|---|
record_format |
openpolar |
spelling |
ftunivnantes:oai:HAL:hal-01269681v1 2023-05-15T16:28:23+02:00 An adaptive mitigation framework for handling suspicious network flows via MPLS policies Hachem, Nabil Garcia-Alfaro, Joaquin Debar, Hervé Département Réseaux et Services de Télécommunications (RST) Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP) Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR) Centre National de la Recherche Scientifique (CNRS) Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR) Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP) Ilulissat, Greenland 2013-10-18 https://hal.science/hal-01269681 https://doi.org/10.1007/978-3-642-41488-6_20 en eng HAL CCSD Springer-Verlag info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-41488-6_20 hal-01269681 https://hal.science/hal-01269681 doi:10.1007/978-3-642-41488-6_20 Proceedings NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems https://hal.science/hal-01269681 NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems, Oct 2013, Ilulissat, Greenland. pp.297 - 312, ⟨10.1007/978-3-642-41488-6_20⟩ Network security Policy management MPLS OrBAC [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] info:eu-repo/semantics/conferenceObject Conference papers 2013 ftunivnantes https://doi.org/10.1007/978-3-642-41488-6_20 2023-03-01T06:22:28Z International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented Conference Object Greenland Ilulissat Université de Nantes: HAL-UNIV-NANTES Greenland Ilulissat ENVELOPE(-51.099,-51.099,69.220,69.220) 297 312 |
institution |
Open Polar |
collection |
Université de Nantes: HAL-UNIV-NANTES |
op_collection_id |
ftunivnantes |
language |
English |
topic |
Network security Policy management MPLS OrBAC [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] |
spellingShingle |
Network security Policy management MPLS OrBAC [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Hachem, Nabil Garcia-Alfaro, Joaquin Debar, Hervé An adaptive mitigation framework for handling suspicious network flows via MPLS policies |
topic_facet |
Network security Policy management MPLS OrBAC [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] |
description |
International audience As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented |
author2 |
Département Réseaux et Services de Télécommunications (RST) Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP) Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR) Centre National de la Recherche Scientifique (CNRS) Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR) Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom Paris (IMT)-Télécom SudParis (TSP) |
format |
Conference Object |
author |
Hachem, Nabil Garcia-Alfaro, Joaquin Debar, Hervé |
author_facet |
Hachem, Nabil Garcia-Alfaro, Joaquin Debar, Hervé |
author_sort |
Hachem, Nabil |
title |
An adaptive mitigation framework for handling suspicious network flows via MPLS policies |
title_short |
An adaptive mitigation framework for handling suspicious network flows via MPLS policies |
title_full |
An adaptive mitigation framework for handling suspicious network flows via MPLS policies |
title_fullStr |
An adaptive mitigation framework for handling suspicious network flows via MPLS policies |
title_full_unstemmed |
An adaptive mitigation framework for handling suspicious network flows via MPLS policies |
title_sort |
adaptive mitigation framework for handling suspicious network flows via mpls policies |
publisher |
HAL CCSD |
publishDate |
2013 |
url |
https://hal.science/hal-01269681 https://doi.org/10.1007/978-3-642-41488-6_20 |
op_coverage |
Ilulissat, Greenland |
long_lat |
ENVELOPE(-51.099,-51.099,69.220,69.220) |
geographic |
Greenland Ilulissat |
geographic_facet |
Greenland Ilulissat |
genre |
Greenland Ilulissat |
genre_facet |
Greenland Ilulissat |
op_source |
Proceedings NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems https://hal.science/hal-01269681 NORDSEC 2013 : 18th Nordic Conference on Secure IT Systems, Oct 2013, Ilulissat, Greenland. pp.297 - 312, ⟨10.1007/978-3-642-41488-6_20⟩ |
op_relation |
info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-642-41488-6_20 hal-01269681 https://hal.science/hal-01269681 doi:10.1007/978-3-642-41488-6_20 |
op_doi |
https://doi.org/10.1007/978-3-642-41488-6_20 |
container_start_page |
297 |
op_container_end_page |
312 |
_version_ |
1766018029839187968 |