Elastic and Adaptive SDN-based Defenses in Cloud with Programmable Measurement

Friday, March 9, 2018 - 10:15am to 11:15am
Innovation Center, Room 2277

An Wang

Affiliation:George Mason University

Abstract: The past decade has witnessed a dramatic change in the way organizations and enterprises manage their cloud and data center systems. The main drive of such transition is the Network Virtualization techniques, which have been promoted to a new level by the Software-Defined Networking (SDN) paradigm. Along with the programmability and flexibility offered by SDN, there are fundamental challenges in defending against the prevalent large-scale network attacks, such as DDoS attacks, against the SDN-based cloud systems.
This talk presents efficient and flexible solutions to address such challenges in both reactive and proactive modes of SDN. In this talk, I will first discuss the vulnerabilities in the architecture of SDN, which results in risk of congestions on the control path under the reactive mode. For the solution, I will show how the control path capacity could be elastically scaled up by taking advantages of the software switches’ abundant processing powers to handle control messages. Then, for the proactive mode, I will discuss how traffic measurement and monitoring mechanisms are necessary yet incompetent with the existing SDN solutions. To fix this issue, I will present the design and implementation of a separate monitoring plane in SDN that enables flexible and fine-grained data collections for security purposes.

Bio:An Wang is a Ph.D. candidate in the Department of Computer Science at George Mason University. She received BS in Department of Computer Science and Technologies from Jilin University in 2012. Her research interests lie in the areas of security for networked systems and network virtualization, mainly focusing on Software-Defined Networking (SDN) and cloud systems, and large-scale network attacks.

Mar. 09 2018
Innovation Center, Room 2277
10:15 - 11:15 AM