Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Citadel: Cyber threat intelligence assisted defense system for software-defined networks
Date
2021-05-22
Author
Yürekten, Özgür
Demirci, Mehmet
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
185
views
0
downloads
Cite This
Defending networks is becoming more challenging due to the growing number and variety of cyber threats. On the other hand, network security professionals have new technologies and tools at their disposal. This paper focuses on a few of these technologies and investigates new ways to take advantage of them. To this end, we present Citadel, a novel security system utilizing cyber threat intelligence (CTI) to construct automated defense solutions in software-defined networking (SDN) environments. Citadel also incorporates network function virtualization (NFV) and service function chaining (SFC) to achieve flexible, cost-efficient, and proactive network defense. We examine CTI data to extract common attacker models and design security services as virtual network functions chained together using SFC to counter these threats. The modular and extensible nature of Citadel makes it suitable for incremental deployment in networks. Besides, we propose a new CTI data model to use as an extension of the existing CTI models for better compatibility with automated network defense. Extensive evaluations demonstrate that our proposals are applicable and effectively facilitate the management of agile defense in SDN/NFV-enabled networks.
Subject Keywords
CTI
,
Cyber defense
,
Cyber security
,
Cyber threat intelligence
,
Network function virtualization
,
NFV
,
Service function chaining
,
Software-defined networking
URI
https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85103412789&origin=inward
https://hdl.handle.net/11511/91271
Journal
Computer Networks
DOI
https://doi.org/10.1016/j.comnet.2021.108013
Collections
Department of Computer Engineering, Article
Suggestions
OpenMETU
Core
Cyber threat intelligence sharing technologies and threat sharing model using blockchain
Özdemir, Ahmet; Acar, Aybar Can; Özgit, Attila; Department of Cybersecurity (2021-5-7)
Against the measures taken, the nature of the threats in the cyber environment is evolving day by day. While script kiddie made amateur cyber attacks were usually experienced beforehand, more sophisticated and targeted attacks are frequently encountered nowadays. Besides that, commonly used signature based techniques for attack detection and threat information staying within organization is insufficient for dynamically changing, organized and targeted threats. Furthermore, with the advance of new technolog...
Challenges of countering cyber terrorism in the hybrid war contexts
Tanrısever, Oktay Fırat (null; 2019-10-15)
This conference paper seeks to explore the characteristics of cyber terrorism and challenges of countering cyber terrorism in the hybrid war contexts. This conference paper also intends to highlight the difficulties of coping with the terrorist uses of the cyber space and social media when the perpetrators of cyber terrorist acts remain anonymous and the parties of hybrid warfare adhere to the principle of deniability constantly The conference paper puts forward the argument that the concept of cyber terror...
Online DDoS attack detection using Mahalanobis distance and Kernel-based learning algorithm
Cakmakci, Salva Daneshgadeh; Kemmerich, Thomas; Ahmed, Tarem; Baykal, Nazife (Elsevier BV, 2020-10-01)
Distributed denial-of-service (DDoS) attacks are constantly evolving as the computer and networking technologies and attackers' motivations are changing. In recent years, several supervised DDoS detection algorithms have been proposed. However, these algorithms require a priori knowledge of the classes and cannot automatically adapt to frequently changing network traffic trends. This emphasizes the need for the development of new DDoS detection mechanisms that target zero-day and sophisticated DDoS attacks....
Determination of network delay distribution over the internet
Karakaş, Mehmet; Ergül, Faruk Rüyal; Department of Electrical and Electronics Engineering (2003)
The rapid growth of the Internet and the proliferation of its new applications pose a serious challenge in network performance management and monitoring. The current Internet has no mechanism for providing feedback on network congestion to the end-systems at the IP layer. For applications and their end hosts, end-to-end measurements may be the only way of measuring network performance. Understanding the packet delay and loss behavior of the Internet is important for proper design of network algorithms such ...
Cyber bullying: A new face of peer bullying
Erdur Baker, Özgür (2007-03-01)
Problem Statement: Information and communication technologies provide a wide range of benefits for schools but it comes with a cost: Cyber bullying (also called electronic bullying) as a new form of bullying has emerged from the misuse of those technologies. Although cyber bullying has been a growing concern in several countries, research substantiating this concern is limited.
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
Ö. Yürekten and M. Demirci, “Citadel: Cyber threat intelligence assisted defense system for software-defined networks,”
Computer Networks
, pp. 0–0, 2021, Accessed: 00, 2021. [Online]. Available: https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85103412789&origin=inward.
