Politecnico di Torino (logo)

Automatic security reaction in a virtualized environment

Lorenzo Giglio

Automatic security reaction in a virtualized environment.

Rel. Fulvio Valenza, Riccardo Sisto, Daniele Bringhenti. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2024

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (5MB) | Preview

In the realm of network security management, a significant shift is underway from manual systems to advanced automated methods. This transition, vital in the complex cybersecurity landscape, leads to quicker responses and reduced human error. Central to the study is the VEREFOO framework, a tool for automating the placement and configuration of packet filtering firewalls in virtualized networks. This is achieved by treating the challenge of firewall configuration as a MaxSMT problem. The research primarily focuses on developing a process capable of utilizing Intrusion Detection System alerts as real-time input for VEREFOO to dynamically combat cyber threats. A specialized parser processes these alerts, transforming them into Network Security Requirements in a format that VEREFOO can interpret. A key component in this process is the integration of the virtual network translator module within VEREFOO. This module interprets VEREFOO-generated Firewall Allocation Schemes and translates them into actionable files for initializing the virtual network. The research also includes integrating the React-VEREFOO module into the system. This integration allows the network to be reconfigured with minimal redundancy, preserving computational resources while maintaining efficiency. The culmination of this work is the development of the VEREFOO Log Integrator, which continuously monitors IDS logs. When an alert is detected, it coordinates with the previous components to update the network configuration effectively, addressing the identified threat.

Relators: Fulvio Valenza, Riccardo Sisto, Daniele Bringhenti
Academic year: 2023/24
Publication type: Electronic
Number of Pages: 82
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: UNSPECIFIED
URI: http://webthesis.biblio.polito.it/id/eprint/31063
Modify record (reserved for operators) Modify record (reserved for operators)