Generation of SDN policies for protecting Android environments based on automata learning

Nicolas Schnepf 1, 2 Rémi Badonnel 2 Abdelkader Lahmadi 2 Stephan Merz 1
1 VERIDIS - Modeling and Verification of Distributed Algorithms and Systems
MPII - Max-Planck-Institut für Informatik, Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
2 RESIST - Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Software-defined networking offers new opportu-nities for protecting end users and their applications. In that context, dedicated chains can be built to combine different security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. To configure these security chains, it is important to have an adequate model of the patterns that end user applications exhibit when accessing the network. We propose an automated strategy for learning the networking behavior of end applications using algorithms for generating finite state models. These models can be exploited for inferring SDN policies ensuring that applications respect the observed behavior: such policies can be formally verified and deployed on SDN infrastructures in a dynamic and flexible manner. Our solution is prototypically implemented as a collection of Python scripts that extend our Synaptic verification package. The performance of our strategy is evaluated through extensive experimentations and is compared to the Synoptic and Invarimint automata learning algorithms.
Type de document :
Communication dans un congrès
NOMS 2018 - IEEE/IFIP Network Operations and Management Symposium, Apr 2018, Taipei, Taiwan. IEEE, 2018, Proceedings of the IEEE/IFIP Network Operations and Management Symposium (IEEE/IFIP NOMS). 〈10.1109/NOMS.2018.8406153〉
Liste complète des métadonnées

Littérature citée [4 références]  Voir  Masquer  Télécharger
https://hal.archives-ouvertes.fr/hal-01892390
Contributeur : Rémi Badonnel <>
Soumis le : vendredi 7 décembre 2018 - 14:52:05
Dernière modification le : mardi 19 février 2019 - 15:40:04

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

UNIV-LORRAINE | LORIA | LORIA-FM | INRIA | LORIA-NSS | LHS

Citation

Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz. Generation of SDN policies for protecting Android environments based on automata learning. NOMS 2018 - IEEE/IFIP Network Operations and Management Symposium, Apr 2018, Taipei, Taiwan. IEEE, 2018, Proceedings of the IEEE/IFIP Network Operations and Management Symposium (IEEE/IFIP NOMS). 〈10.1109/NOMS.2018.8406153〉. 〈hal-01892390〉

Exporter

BibTeX TEI DC DCterms EndNote

Partager

Métriques

Consultations de la notice

65

Téléchargements de fichiers

25

Contact

support.ccsd.cnrs.fr
hal.support@ccsd.cnrs.fr
Logo CCSD