718
A framework for enabling security services collaboration across multiple domains
Daniel Migault, Marcos Simplicio Junior, Bruno Barros, Makan Pourzandi, Thiago Almeida, Ewerton Andrade and Tereza Carvalho
Ericsson Security Research, Escola Politécnica, Escola Politécnica, Ericsson Security Research, Escola Politécnica, Escola Politécnica, Escola Politécnica

Collaboration among Security Service Functions (SSF) is expected to become as essential to SECaaS (SECurity as a Service) systems as elasticity is to IaaS (Infrastructure as a Service). The virtualization opens new era in network security as new security appliances can be created on demand in appropriate places in the network. At the same time, the increasing size and diversity of attacks make it necessary to come up with new approaches for more efficient and more resilient security mechanisms. In this paper, we propose a new framework leveraging SDN (Software Defined Networking) and SFC (Service Function Chaining) to enhance the collaboration among different SSFs to mitigate large scale attacks. We describe a framework that allows SSFs from different domains to negotiate and dynamically control the amount of resources allocated for collaboration, in what we call a “best-effort” collaboration mode. This SSF collaboration framework creates a distributed mitigation system for handling large scale attacks in a dynamic and scalable manner. The efficiency and feasibility of this framework is experimentally assessed, showing that our approach incurs low overhead, increases the amount of traffic treated by SSFs and reduces the dropped traffic due to the lack of resources from the security mechanisms.