Advances, Systems and Applications
From: OpenStackDP: a scalable network security framework for SDN-based OpenStack cloud infrastructure
Components | Attacks | Countermeasures |
---|---|---|
Tenants and User Applications | Brute Force | Intrusion Prevention System |
Privilege escalation | Virtualization of Services | |
Insider Attacks | Authentication and Security Group | |
Policy Violation | Global View and Access Control | |
Gateway and Internal Network | Injection Attack | Policy Validation and Enforcement |
MITM | Defense Mechanism | |
DNS Poisoning | DNS Proxy in the Switch | |
Reply Attacks | Flow analysis and Dynamic Rules | |
Wormhole | Port Monitoring | |
Flooding | Rate limiting and Proxy Firewall | |
Cloud Servers and Controller Devices | SQL Injection | Input Validation |
Application Persistent Attacks | Packet History Analysis and Stateful Firewall | |
Weak Authentication | 2-level Authentication | |
DDoS | SDN Global View, Flow Analysis & Dynamic Rule Updating | |
Backdoors and Exploits | Anomaly Detection system | |
Malicious Application | Anti-Virus software modules |