Home > Research > Publications & Outputs > TENNISON

Electronic data

  • tennison-CA

    Rights statement: ©2018 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

    Accepted author manuscript, 1.66 MB, PDF document

    Available under license: CC BY

Links

Text available via DOI:

View graph of relations

TENNISON: A Distributed SDN Framework for Scalable Network Security

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published
<mark>Journal publication date</mark>12/2018
<mark>Journal</mark>IEEE Journal on Selected Areas in Communications
Issue number12
Volume36
Number of pages14
Pages (from-to)2805 - 2818
Publication StatusPublished
Early online date19/09/18
<mark>Original language</mark>English

Abstract

Despite the relative maturity of the Internet, the computer networks of today are still susceptible to attack. The necessary distributed nature of networks for wide area connectivity has traditionally led to high cost and complexity in designing and implementing secure networks. With the introduction of Software Defined Networks (SDN) and Network Functions Virtualisation (NFV), there are opportunities for efficient network threat detection and protection. SDN’s global view provides a means of monitoring and defence across the entire network. However, current SDN-based security systems are limited by a centralised framework that introduces significant control plane overhead, leading to the saturation of vital control links. In this paper, we introduce TENNISON, a novel distributed SDN security framework that combines the efficiency of SDN control and monitoring with the resilience and scalability of a distributed system. TENNISON offers effective and proportionate monitoring and remediation, compatibility with widely-available networking hardware, support for legacy networks, and a modular and extensible distributed design. We demonstrate the effectiveness and capabilities of the TENNISON framework through the use of four attack scenarios. These highlight multiple levels of monitoring, rapid detection and remediation, and provide a unique insight into the impact of multiple controllers on network attack detection at scale.

Bibliographic note

©2018 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.