Authors: Mostafa Ammar; Ayman A. Abdel-Hamid; Mohamed R.M. Rizk; Magdy A. Ahmed
Addresses: Computer Networks and Datacenter, Arab Academy for Science, Technology and Maritime Transport, Alexandria, Egypt ' Computer Science Department, College of Computing and Information Technology, Arab Academy for Science, Technology and Maritime Transport, Alexandria, Egypt ' Electrical Engineering Department, Faculty of Engineering, Alexandria University, Alexandria, Egypt ' Computer and Systems Engineering Department, Faculty of Engineering, Alexandria University, Alexandria, Egypt
Abstract: Nowadays, there is a rising demand for enterprises to migrate datacentre into public cloud. This transfer has several drivers such as decreasing datacentre operational cost and increasing scalability. Moreover, it motivated cloud providers to construct more multitenant datacentres. On the other hand, cyber attacks against IT infrastructures are becoming sophisticated. In this paper, a framework is proposed to enhance security for software defined network (SDNs)-based multitenant datacentres. A novel mechanism is introduced to only forward suspicious traffic for deep packet inspection (DPI) without affecting any other traffic. Attack graphs are used to specify all possible attack scenarios against datacentre network. Framework proof of concept prototype is implemented using a mixed emulation and simulation environment. A typical multitenant datacentre network topology is used to test and evaluate framework performance. Performance evaluation results show framework feasibility and performance against attacks while not affecting delay sensitive traffic.
Keywords: software defined network; SDN; datacentre; multitenancy; security; attack graph; deep packet inspection; DPI.
International Journal of Security and Networks, 2020 Vol.15 No.4, pp.183 - 196
Received: 18 Jun 2019
Accepted: 04 Aug 2019
Published online: 26 Oct 2020 *