Um serviço para anonimização em redes definidas por software

Detalhes bibliográficos
Ano de defesa: 2017
Autor(a) principal: Bomfim, Leonardo Henrique da Silva
Orientador(a): Salgueiro, Edilayne Meneses
Banca de defesa: Não Informado pela instituição
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal de Sergipe
Programa de Pós-Graduação: Pós-Graduação em Ciência da Computação
Departamento: Não Informado pela instituição
País: Brasil
Palavras-chave em Português:
Ciência da computação
Programas de computador
Redes de computadores
Desenvolvimento de software
Tecnologia da informação
Redes definidas por software
Anonimização
OpenFlow
Palavras-chave em Inglês:
Software-defined networking
Anonymization
Área do conhecimento CNPq:
CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO
Link de acesso: https://ri.ufs.br/handle/riufs/3352
Resumo: This work has the goal to make an implementation of an anonymization service on Software-Defined Networks (SDN) with the goal to reduce the number of attacks. With an anonymization service is possible to hide the IP address from the network’s hosts, ensuring more protection against security attacks, which allows a more time availability. One of the biggest challenge on SDN architecture is the security issue. The separation of control and data planes allows o generated challenges on security, due to the network’s permissiveness to attacks such as “ Man in the Middle ”, Denial of Service and Saturation. The service developed in this work, named as BomIP, uses the micro-data anonymization technique of randomization of IP address of the hosts. The BomIP was added in the SDN controller RunOS, which was the responsible to make the management of the real and anonymized IP address. To validate this service it was developed two Case Studies with an environment simulating a Denial of Service attack. The first Case Study made a comparison between Crypto-Pan and BomIP. While the second Case Study made a comparison between a traditional network IP and a SDN one using BomIP, both under Denial of Service attack. The analysis of results showed that the service developed has an running time 65% more efficient than Crypto-Pan. The assintotic analysis shows that BomIP is an algorith with running time of quadratic order. The results also showed that the anonymized packets can be tracked and a mitigation of 80% from the attacks trials, ensuring that the services provided by the network remain available.

Registros relacionados