TENNISON: A distributed SDN framework for scalable network security

Lyndon Fawcett, Sandra Scott-Hayward, Matthew Broadbent, Andrew Wright, Nicholas Race

Research output: Contribution to journalSpecial issuepeer-review

15 Citations (Scopus)
271 Downloads (Pure)

Abstract

Despite the relative maturity of the Internet, the computer networks of today are still susceptible to attack. The necessary distributed nature of networks for wide area connectivity has traditionally led to high cost and complexity in designing and implementing secure networks. With the introduction of Software Defined Networks (SDN) and Network Functions Virtualisation (NFV), there are opportunities for efficient network threat detection and protection. SDN’s global view provides a means of monitoring and defence across the entire network. However, current SDN-based security systems are limited by a centralised framework that introduces significant control plane overhead, leading to the saturation of vital control links. In this paper, we introduce TENNISON, a novel distributed SDN security framework that combines the efficiency of SDN control and monitoring with the resilience and scalability of a distributed system. TENNISON offers effective and proportionate monitoring and remediation, compatibility with widely-available networking hardware, support for legacy networks, and a modular and extensible distributed design. We demonstrate the effectiveness and capabilities of the TENNISON framework through the use of four attack scenarios. These highlight multiple levels of monitoring, rapid detection and remediation, and provide a unique insight into the impact of multiple controllers on network attack detection at scale.
Original languageEnglish
Pages (from-to)2805-2818
Number of pages14
JournalIEEE Journal on Selected Areas in Communications
Volume36
Issue number12
Early online date19 Sep 2018
DOIs
Publication statusPublished - 19 Sep 2018

Fingerprint Dive into the research topics of 'TENNISON: A distributed SDN framework for scalable network security'. Together they form a unique fingerprint.

Cite this