Utilize este identificador para referenciar este registo:
http://hdl.handle.net/10773/28728
Título: | An SFC-enabled approach for processing SSL/TLS encrypted traffic in future enterprise networks |
Autor: | Cunha, Vítor A. Carvalho, Marcio B. de Corujo, Daniel Barraca, João P. Gomes, Diogo Schaeffer-Filho, Alberto E. Santos, Carlos R. P. dos Granville, Lisandro Z. Aguiar, Rui L. |
Data: | Jun-2018 |
Editora: | IEEE |
Resumo: | In this paper, we propose an architecture based on NFV and SDN which allows to balance traffic analysis techniques using a Classifier. It steers flows to the appropriate Service Function Chaining (to open traffic or not) according to network requirements (such as, effectiveness, flexibility, scalability, performance, and privacy). The SSL/TLS traffic processing is carried-out by the centerpiece of this work, the SFC-enabled MITM. A Proof-of-Concept was conducted (focusing on our SFC-enabled MITM) which showed that functionalities lost due to encryption (Content Optimization, Caching, Network Anti-virus, and Content Filter) were recovered when processing opened traffic within its Service Function Chains. We also evaluated its impact on performance. The results show that cipher suite overhead plays a role but can be mitigated, the Classifier can alleviate the performance overhead of different traffic analysis techniques, network functions have lower impact to performance, and Service Function Chaining length influences page load time. |
Peer review: | yes |
URI: | http://hdl.handle.net/10773/28728 |
DOI: | 10.1109/ISCC.2018.8538564 |
ISBN: | 978-153866951-8 |
ISSN: | 15301346 |
Aparece nas coleções: | DETI - Capítulo de livro IT - Capítulo de livro |
Ficheiros deste registo:
Ficheiro | Descrição | Tamanho | Formato | |
---|---|---|---|---|
1570434804.pdf | 204.67 kB | Adobe PDF | Ver/Abrir |
Todos os registos no repositório estão protegidos por leis de copyright, com todos os direitos reservados.