Development of intrusion tolerant system based on software defined networking소프트웨어 정의 네트워킹 기술 기반의 침입 감내 시스템에 관한 연구
An intrusion tolerant system (ITS) is a network security system composed of redundant virtual servers that are online only in a short time window, called exposure time. The virtual servers are periodically recovered to their clean state, and any infected servers are refreshed again, so attackers have insufficient time to succeed in breaking into the servers. However, there is a conflicting interest in determining exposure time, short for security and long for performance. In other words, the short exposure time can increase security but requires more virtual servers to run to process incoming requests in a timely manner. In this dissertation, we propose an ITS incorporated in SDN (Software Defined Networking), which can reduce exposure time without consuming more computing resources. In the proposed system, there are two types of servers: some servers with long exposure time (White server) and others with short exposure time (Gray server). Then, the proposed system classifies incoming network traffic into benign and suspicious types with the help of SDN/NFV (Network Function Virtualization) technology that also allows dynamically forwarding the classified traffic to White and Gray servers, respectively. By reducing exposure time of a set of servers, the proposed system can decrease exposure time on average.
- Description
- 전산학부,
- Publisher
- 한국과학기술원
- Issue Date
- 2018
- Identifier
- 325007
- Language
- eng
- Description
학위논문(박사) - 전산학부, 2018.8,[iv, 45 p. :]
- Keywords
Intrusion tolerant system▼asoftware defined networking▼anetwork function virtualization▼aexposure time▼avirtualization; 침입감내시스템▼a소프트웨어 정의 네트워킹▼a네트워크 기능 가상화▼a노출 시간▼a가상화
- Appears in Collection
- CS-Theses_Ph.D.(박사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.