This book provides readers insights into cyber maneuvering or adaptive and intelligent cyber defense. It describes the required models and security supporting functions that enable the analysis of potential threats, detection of attacks, and implementation of countermeasures while expending attacker resources and preserving user experience. This book not only presents significant education-oriented content, but uses advanced content to reveal a blueprint for helping network security professionals design and implement a secure Software-Defined Infrastructure (SDI) for cloud networking environments. These solutions are a less intrusive alternative to security countermeasures taken at the host level and offer centralized control of the distributed network.

The concepts, techniques, and strategies discussed in this book are ideal for students, educators, and security practitioners looking for a clear and concise text to avant-garde cyber security installations or simply to use as a reference.

Hand-on labs and lecture slides are located at http://virtualnetworksecurity.thothlab.com/.

Features

Discusses virtual network security concepts
Considers proactive security using moving target defense
Reviews attack representation models based on attack graphs and attack trees
Examines service function chaining in virtual networks with security considerations
Recognizes machine learning and AI in network security

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes, you can access Software-Defined Networking and Security by Dijiang Huang, Ankur Chowdhary, Sandeep Pisharody in PDF and/or ePUB format, as well as other popular books in Ciencia de la computación & Redes de computadoras. We have over one million books available in our catalogue for you to explore.

Information

Publisher

CRC Press

Year

2018

ISBN

9781351210744

Edition

Topic

Ciencia de la computación

Subtopic

Redes de computadoras

Part I

Foundations of Virtual Networking and Security

This book focuses on Network Functions Virtualization (NFV), Software Defined Networking (SDN), and security models built into/on SDN/NFV technologies. In this part, we will provide preliminary foundations of computer networking and NFV/SDN, which will help readers to understand advanced topics in this book. Moreover, the first part can be used as learning and teaching materials for students starting to learn computer and network security. Before moving forward, several important and highly related terms need to be clearly understood.

What is Software?

The Institute of Electrical and Electronics Engineers (IEEE) defines software as “The complete set of computer programs, procedures, and possibly associated documentation and data designated for delivery to a user” [225]. It possesses no mass, no volume, and no color, which makes it a non-degradable entity over a long period. Software does not wear out or get tired. In short, software can be simply defined as a collection of programs, documentation and operating procedures.

Software controls, integrates, and manages the hardware components of a computer system. It also instructs the computer what needs to be done to perform a specific task and how it is to be done. In general, software characteristics are classified into six major components:

1.Functionality, which refers to the degree of performance of the software against its intended purpose.

2.Reliability, which refers to the ability of the software to provide desired functionality under the given conditions.

3.Usability, which refers to the extent to which the software can be used with ease.

4.Efficiency, which refers to the ability of the software to use system resources in the most efficient manner, with the least waste of time and effort.

5.Maintainability, which refers to the ease with which modifications can be made in a software system to extend its functionality, improve its performance, or correct errors.

6.Portability, which refers to the ease with which software developers can transfer software from one platform to another, without (or with minimum) changes. In simple terms, it refers to the ability of software to function properly on different hardware and software platforms without making any changes in it.

In addition to the above characteristics, robustness and integrity are also important. Robustness refers to the degree to which the software can keep on functioning in spite of being provided with invalid data, while integrity refers to the degree to which unauthorized access to the software or data can be prevented.

Computers work only in response to instructions provided externally. For example, software instructs the hardware how to print a document, take input from the user, and display the output. Usually, the instructions to perform some intended tasks are organized into a program using a programming language like C, C++, Java, etc., and submitted to computer. The computer interprets and executes these instructions and provides response to the user accordingly. The set of programs intended to provide users with a set of interrelated functionalities is known as a software package.

What is Software-Defined?

The term Software-Defined is the ability to abstract the management and administrative capabilities of the technology. In terms of computer networking, it is the ability to control the provisioning of network devices, Virtual LANs (VLANs), Firewall rules, traffic engineering and Quality of Services (QoS), etc. In summary, a system regarded as Software-Defined should rely on software to achieve the following interrelated and supported Abstraction, Automation and Adjustment (AAA) features:

Abstraction of Physical Resources: A software-defined system usually provides a set of Application Platform Interfaces (APIs) to abstract their physical resources to simplify its resource management and allocation.

Automation of Actions/Controls: Actions and controls can be executed based on the incorporated complex application logics by examining software running conditions or being triggered by software monitored systems with a certain level of adaptability and intelligence.

Adjustment of Configurations (Reconfiguration): Adjustments of system resource can be achieved through predictive configuration or control of workloads, which can be performed by changing past administrator defined rule sets.

Definitions of Software-Defined Systems

Software-Defined Networking (SDN) is an emerging architecture that is dynamic, manageable, cost-effective, and adaptable, making it ideal for the high-bandwidth, dynamic nature of today’s applications. This architecture decouples the network control and forwarding functions enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. The OpenFlow protocol is a foundational element for building SDN solutions.

Software-Defined Storage (SDS) is a computer program that manages data storage resources and functionality and has no dependencies on the underlying physical storage hardware. SDS is most often associated with software products designed to run on commodity server hardware. It enables users to upgrade the software separately from the hardware. Common characteristics of SDS products include the ability to aggregate storage resources, scale out the system across a server cluster, manage the shared storage pool and storage services through a single administrative interface, and set policies to control storage features and functionality.

Software-Defined Data Centers ...

Cover
Half Title
Series
Title Page
Copyright Page
Dedication
Contents
Preface
Acknowledgments
About the Authors
Part I: Foundations of Virtual Networking and Security
Part II: Advanced Topics on Software-Defined and Virtual Network Security
Bibliography
Index