Using cyber threat intelligence in SDN security

Abstract

As the number and variety of cyber threats increase, it becomes more critical to share intelligence information in a fast and efficient manner. However, current cyber threat intelligence data do not contain sufficient information about how to specify countermeasures or how institutions should apply countermeasures automatically on their networks. A flexible and agile network architecture is required in order to determine and deploy countermeasures quickly. Software-defined networks facilitate timely application of cyber security measures thanks to their programmability. In this work, we propose a novel model for producing software-defined networking-based solutions against cyber threats and configuring networks automatically using risk analysis. We have developed a prototype implementation of the proposed model and demonstrated the applicability of the model. Furthermore, we have identified and presented future research directions in this area.