HADEGA: A novel MPLS-based mitigation solution to handle network attacks

Hachem, Nabil; Debar, Hervé; García-Alfaro, Joaquín

doi:10.1109/pccc.2012.6407750

Cited by 8 publications

(9 citation statements)

References 29 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These dual schemes are achieved in MPLS through Traffic Engineering [5] and Differentiated Services [14] strengths. We presented in [16] HADEGA, a novel mitigation technique that benefits from these strengths to mitigate and reduce the impact of suspicious flows. In HADEGA, each MPLS domain is seen as a single packet forwarding component that first aggregates the suspicious flows, and second controls them (e.g., de-prioritizes their treatment or points them to a blackhole).…”

Section: Hadegamentioning

confidence: 99%

“…We model the management of threat contexts based on the construction of the original HADEGA proposal presented in [16]. This way, the contexts are based on the alert attributes: Impact Level (IL), and Confidence Level (CL).…”

Section: Threat Contextsmentioning

confidence: 99%

“…IL, and CL). For instance and in case of IDMEF alerts [16], the first level assessment context is reported by alerts with (1) an impact.severity low or medium and (2) a confidence.rating low (cf. Listing 1.5 in Appendix A).…”

Section: Threat Contextsmentioning

confidence: 99%

“…In [16] we presented HADEGA, a novel and efficient mitigation technique to counter network attacks. HADEGA relies on MPLS (Multiprotocol Label Switching [25]).…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An Adaptive Mitigation Framework for Handling Suspicious Network Flows via MPLS Policies

2013

Self Cite

View full text Add to dashboard Cite

Abstract. As network attacks become more complex, defence strategies must provide means to handle more flexible and dynamic requirements. The Multiprotocol Label Switching (MPLS) standard is a promising method to properly handle suspicious flows participating in such network attacks. Tasks such as alert data extraction, and MPLS routers configuration present an entailment to activate the defence process. This paper introduces a novel framework to define, generate and implement mitigation policies on MPLS routers. The activation of such policies is triggered by the alerts and expressed using a high level formalism. An implementation of the approach is presented.

show abstract

Section: Hadegamentioning

confidence: 99%

Section: Threat Contextsmentioning

confidence: 99%

Section: Threat Contextsmentioning

confidence: 99%

“…In [16] we presented HADEGA, a novel and efficient mitigation technique to counter network attacks. HADEGA relies on MPLS (Multiprotocol Label Switching [25]).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An Adaptive Mitigation Framework for Handling Suspicious Network Flows via MPLS Policies

2013

Self Cite

View full text Add to dashboard Cite

show abstract

“…Most of the current automated Intrusion Response Systems (IRS)s are based on the risk assessment and the cost-sensitive analysis as detailed in [2][3][4]. They are still suffering from several drawbacks as described in [5]. Usually, they provide isolated response applied in a single Policy Enforcement Point (PEP) of the Information System.…”

Section: Introductionmentioning

confidence: 99%

Service Dependencies-Aware Policy Enforcement Framework Based on Hierarchical Colored Petri Net

Mustapha¹,

Debar²

2013

Communications in Computer and Information Science

View full text Add to dashboard Cite

Abstract. As computer and network security threats become more sophisticated and the number of service dependencies is increasing, optimal response decision is becoming a challenging task for security administrators. They should deploy and implement proper network security policy enforcement mechanisms in order to apply the appropriate countermeasures and defense strategy.In this paper, we propose a novel modeling framework which considers the service dependencies while identifying and selecting the appropriate Policy Enforcement Points during an intrusion response process. First, we present the security implications of the service dependencies that have been developed in the literature. Second, we give an overview of Colored Petri Nets (CPN) and Hierarchical CPN (HCPN) and its application on network security. Third, we specify our Service Dependencies-aware Policy Enforcement Framework which is based on the application of HCPN. Finally and to illustrate the advantage of our approach, we present a webmail application use case with the integration of different Policy Enforcement Points.

show abstract

Cyber‐physical architecture assisted by programmable networking

Rubio‐Hernan

Sahay

Cicco

et al. 2018

Internet Technology Letters

Self Cite

View full text Add to dashboard Cite

Cyber‐physical technologies are prone to attacks in addition to faults and failures. The issue of protecting cyber‐physical systems should be tackled by jointly addressing security at both cyber and physical domains in order to promptly detect and mitigate cyber‐physical threats. Toward this end, this letter proposes a new architecture combining control‐theoretic solutions together with programmable networking techniques to jointly handle crucial threats to cyber‐physical systems. The architecture paves the way for new interesting techniques research directions and challenges which we discuss in our work

show abstract

HADEGA: A novel MPLS-based mitigation solution to handle network attacks

Cited by 8 publications

References 29 publications

An Adaptive Mitigation Framework for Handling Suspicious Network Flows via MPLS Policies

An Adaptive Mitigation Framework for Handling Suspicious Network Flows via MPLS Policies

Service Dependencies-Aware Policy Enforcement Framework Based on Hierarchical Colored Petri Net

Cyber‐physical architecture assisted by programmable networking

Contact Info

Product

Resources

About