Πλοήγηση ανά Συγγραφέας "Aspradakis, Panagiotis"

Τώρα δείχνει 1 - 1 of 1
  • Μικρογραφία εικόνας
    Τεκμήριο
    Cyber security analysis on a production environment featuring software defined networks.
    (ΕΛ.ΜΕ.ΠΑ., Σχολή Μηχανικών (ΣΜΗΧ), ΠΜΣ Πληροφορική και Πολυμέσα, 2020-10-09) Aspradakis, Panagiotis; Ασπραδάκης, Παναγιώτης
    The ever-changing cyber threats are a defining feature of today's global landscape. Cyber Security is essential for organizations, businesses and many other stakeholders and one of the major issues for Industry 4.0. With a variety of people participating in organizations, businesses networks, industries, browsing the web, going about their business tasks or other online activities, steps must be taken to ensure the supervision of each user. The problem is that with the conventional network currently in use, a network administrator or an IT practitioner cannot have an accurate real-time view of how many devices are in the organization, business or industry, and does not have the flexibility to change the network topology on the fly, to address the real-time usage requirements or security incidents. SDN is very important for network organisation in Industry 4 because it enables separation of control from data flows. Hence it is inline with the other principles of softwarization and cloudification of the production. The controller orchestrates the network sessions between containerised services and end users or end devices. A firewall at the entrance of an enterprise network monitors the data traffic and enables rules enforcement at flow level. IDS/IPS enables the application of rules concerning protection of the infrastructure from malicious intruders and orchestrates the cybersecurity protection of the overall ecosystem from attackers. Motivated by the above, this Master’s Thesis will leverage the flexibility of Software Defined Networks (SDN), Deep Packet Inspection (DPI) technology and Network Function Virtualization (NFV), exploiting virtual machines to emulate a real production environment consisting of various production systems and security functions. Focusing on cybersecurity aspects, both the expanded attack surface that these new technologies introduced will be assessed, as well as the enhanced security mechanisms that they enable (e.g. reactive or moving defense techniques). To learn more about how SDN and related technologies work, and how someone with the administrative position over it can make it safer, we came up with the idea of setting up a virtual SDN network and implementing security solutions on it, seeing how it would behave while noting traffic and packet flow statistics. Since the virtualization platform that we used does not come with any SDN specific security tools or applications, we incorporated a traditional security feature into my implementation of the infrastructure. Legacy networks are also obsolete, providing a wide array of legacy security resources that one might use. SDN operates very similarly to a standard network, and when it comes to packet traffic and protocols, use of these resources on an SDN infrastructure is and is possible. The entire project then started to address around this, checking the efficient incorporation of existing network security tools into our functions to make SDN safer and more attack-proof.