论文摘要: 本文为读者提供新兴的SDN带状态数据平面,集中关注SDN数据平面编程性带来的隐患. I部分 介绍 A.带状态SDN数据平面的兴起 B.带状态数据平面带来的安全隐患 引出带状态数据平面的安全隐患问题(比如:有针对的服务否定攻击和状态耗尽攻击以及数据平面攻击等等),要求系统开发人员或者是应用开发人员遵循以下特征: 在交换机内部存储每一条流的信息,即状态,包括状态的分布式存储. 在数据平面,数据包到来或者数据平面事件触发时,有能力改变在交换机中的状态. 交换机基于当前本地的状态信息可以自动…

Swing State: Consistent Updates for Stateful and Programmable Data Planes 年份:2017 来源:ACM 本篇论文解决的问题 Before 原来的状态迁移是三角形路由的方式: NF1->Controller->NF2 浪费时间.还需要控制器开辟额外的存储空间 Now 现在把要更新的流量attach到数据平面的数据流上,借助数据流之手(信使)传递状态信息. ABSTRACT 背景:由于可编程带状态数据平面的飞速发展,得益于数…

The Internet has led to the creation of a digital society, where (almost) everything is connected and is accessible from anywhere. However, despite their widespread adoption, traditional IP networks are complex and very hard to manage. It is both dif…

https://www.gartner.com/doc/reprints?id=1-4LC8PAW&ct=171130&st=sb Summary Security and risk management leaders are implementing and expanding SIEM to improve early targeted attack detection and response. Advanced users seek SIEM with advanced prof…

3. 什么是SDN?(WHAT IS SOFTWARE-DEFINED NETWORKING?) The term SDN was originally coined to represent the ideas and work around OpenFlow at Stanford University, Stanford, CA, USA [24]. As originally defined, SDN refers to a network architecture where the…

http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE Security & Privacymagazine and is brought to you by InfoQ & IEEE Computer Society. Enterprises routinely collect terabytes of security-relevant da…

Understanding and Using HRMS Security in Oracle HRMS Product:Oracle Human Resources Minimum Version:11.5.9 An Oracle White Paper Abstract Understanding and Using HRMS Security in Oracle HRMS Document History Author : Steve Cooper Create Date : 04-OCT…

Active Learning Two Faces of Active Learning, Dasgupta, 2011 Active Learning Literature Survey, Settles, 2010 Applications A Survey of Emerging Approaches to Spam Filtering, Caruana, 2012 Ambient Intelligence: A Survey, Sadri, 2011 A Survey of Online…

这篇教程是展示如何设置一个OAuth2服务来保护REST资源. 源代码下载github. (https://github.com/iainporter/oauth2-provider)你能下载这个源码就开始编写一个被OAuth方法保护的服务.该源码包含功能: * 用户注册和登录* Email验证* Password 丢失 采取的技术有以下: * OAuth2 Protocol * spring Security * Spring Integration * Spring Data * Jerse…

Jaal: Towards Network Intrusion Detection at ISP Scale 论文来源:CoNext 发表时间:2015 解决问题及所做贡献:Jaal:大规模精细网络入侵检测框架. 相关工作: NIDFS:解决企业级网络入侵系统的可扩展性问题. Network Monitoring, Sampling, Sketching:介绍一些检测方法 分类: 安全,入侵检测,与sketch有关 SDNScore: A Statistical Defense Mechanis…