Title: Improving Security Management with Software Defined Networking
Abstract: It is well known that the original design purpose of Software-Defined Networking (SDN) is to simplify network management by decoupling the legacy network architecture into control plane and data plane. However, it remains unclear whether or not security management can be improved as well. This talk is therefore intended to share our research experiences on studying the feasibility and effectiveness of using SDN to improve security management. First, by leveraging the programmability of SDN, we show that a number of security functions (e.g., firewalls, IDSs), which traditionally run with dedicated hardware devices, can be implemented on SDN controllers. As such, building multi-layered defense line on demand becomes possible. Second, we introduce an SDN based DDoS mitigation framework called ArOMA that aims at bringing ISPs and their customers together to collaboratively defend against DDoS attacks, which can be hardly done by the state-of-the-art approaches. Some ongoing research will be discussed as well.
Bio: Zonghua Zhang is currently an associate professor of Institute Mines-Telecom/TELECOM Lille. He used to work as expert researcher at the Information Security Research Center of NICT, Japan, and postdoc researcher at the University of Waterloo, Canada and INRIA, France. He holds a Ph.D. degree (JAIST, Japan) in information science, and a HDR diploma (accreditation to supervise research from UPMC, France) in computer science. Zonghua's research covers a broad spectrum of security topics such as anomaly detection, network forensics, security management, reputation systems, and security protocols in different type of computer and communication networks. The current targeted scenarios mainly cover the next generation networking paradigms such as Software-Defined Networking (SDN) and Network Functions Virtualization (NFV), as well as Cyber-Physical Systems (CPS) like e-healthcare and Intelligent Transportation Systems (ITS). He serves as the editorial board member of Computer & Security (COSE), Security and Communication Networks (SCN), International Journal of Network Security (IJNS), and IEEE Communications Magazine