Synaptic: A formal checker for SDN-based security policies

Nicolas Schnepf 1, 2, 3 Rémi Badonnel 1, 3 Abdelkader Lahmadi 1, 3 Stephan Merz 2, 3
1 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
2 VERIDIS - Modeling and Verification of Distributed Algorithms and Systems
MPII - Max-Planck-Institut für Informatik, Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
3 RESIST - Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Software-defined networking offers new opportunities for protecting end users by designing dynamic security policies. In particular, security chains can be built by combining security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. The configuration of these security functions and their associated policies is based on behavioural models of end-user applications when accessing the network. In this demo, we present our tool Synaptic, a SDN-based framework intended for the formal verification of security policies as well as for automatically generating such policies based on automata learning methods applied on NetFlow records of end-user applications collected at the device level.
Type de document :
Communication dans un congrès
NOMS 2018 - IEEE/IFIP Network Operations and Management Symposium, Apr 2018, Taipei, Taiwan. IEEE, 2018, 〈10.1109/NOMS.2018.8406122〉
Liste complète des métadonnées

Littérature citée [5 références]  Voir  Masquer  Télécharger

https://hal.archives-ouvertes.fr/hal-01892397
Contributeur : Rémi Badonnel <>
Soumis le : vendredi 7 décembre 2018 - 14:54:40
Dernière modification le : mardi 19 février 2019 - 15:40:04

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz. Synaptic: A formal checker for SDN-based security policies. NOMS 2018 - IEEE/IFIP Network Operations and Management Symposium, Apr 2018, Taipei, Taiwan. IEEE, 2018, 〈10.1109/NOMS.2018.8406122〉. 〈hal-01892397〉

Partager

Métriques

Consultations de la notice

56

Téléchargements de fichiers

28