The Experts below are selected from a list of 75 Experts worldwide ranked by ideXlab platform
Shinichi Kuribayashi - One of the best experts on this subject based on the ideXlab platform.
-
allocation of Virtual Firewall functions in nfv based networks with minimum network cost
International Journal of Computer Networks & Communications, 2019Co-Authors: Shinichi KuribayashiAbstract:NFV-based network implements a variety of network functions with software on general-purpose servers and this allows the network operator to select any capacity and location of network functions without any physical constraints. It is essential for economical NFV-based network design to determine the place where each network function should be located in the network and what its capacity should be. The authors proposed an algorithm of Virtual routing function allocation in the NFV-based network for minimizing the network cost and provided effective allocation guidelines for Virtual routing functions. This paper proposes the deployment algorithm of Virtual Firewall function in addition to Virtual routing function for minimizing the network cost. Our evaluation results have revealed the following: (1) Installing a packet filtering function, which is a part of the Firewall function, in the sending-side area additionally can reduce wasteful transit bandwidth and routing processing and thereby reduce the network cost. (2) The greater the number of packets filtered by packet filtering function in the sending-side area, the more the reduction of network cost is increased. (3) The greater the bandwidth cost relative to the routing function cost, the greater the effect of statistical multiplexing on reducing the network cost. (4) The proposed algorithm would be approaching about 95% of the deployment with the optimal solution.
-
joint deployment of Virtual routing function and Virtual Firewall function in nfv based network with minimum network cost
Network-Based Information Systems, 2018Co-Authors: Kenichiro Hida, Shinichi KuribayashiAbstract:It is essential for economical NFV-based network design to determine the place where each network function should be located in the network and what its capacity should be. The authors proposed an algorithm of Virtual routing function allocation in the NFV-based network for minimizing the network cost, and provided effective allocation guidelines for Virtual routing functions. This paper proposes the joint deployment algorithm of Virtual routing function and Virtual Firewall function for minimizing the network cost. Our evaluation results have revealed the following: (1) Installing a packet filtering function, which is a part of the Firewall function, in the sending-side area additionally can reduce wasteful transit bandwidth and routing processing and thereby reduce the network cost. (2) The greater the number of packets filtered by packet filtering function in the sending-side area, the more the reduction of network cost is increased. (3) The proposed algorithm would be approaching about 95% of the deployment with the optimal solution.
Mohamed Talea - One of the best experts on this subject based on the ideXlab platform.
-
implementing hy ids mobiles agents and Virtual Firewall to enhance the security in iaas cloud
Procedia Computer Science, 2019Co-Authors: Hicham Toumi, Fatima Zahra Fagroud, Amiyne Zakouni, Mohamed TaleaAbstract:Abstract The growth in customer requirements, big data analysis and pressures on response time, high costs of network platforms pushed companies to migrate to Cloud Computing providing on demand internet hosted IT services. The increase of Cloud users and their interactions with the Cloud infrastructure raise the risk of resources faults. Such a problem can lead to a bad reputation of the Cloud environment, which slows down the evolution of this paradigm. The dynamic architecture and the complex system of the Cloud should be taken into account. In fact, this paradigm Cloud requires that resources protection and healing must be effective, transparent and without external intervention. Thus, it is essential the use fundamental aspects of autonomic Computing in the Cloud to deal with the self-healing of Cloud security. The high degree of match between autonomic Computing systems and multi-agent systems permit to create an intelligent architecture Cloud that support autonomic aspects. Therefore, we propose a cooperative framework based on Hybrid intrusion detection system (Hy-IDS), mobile Agents and Firewall, which permit to detect both insider and outsider attacks with high detection accuracy in Cloud environment. In this paper, we propose a Cloud Computing framework offering the access security, ease of resources management using mobile agents and service availability in a reliable structure with lower cost.
-
mobiles agents and Virtual Firewall to secure the shared network for Virtual machines in iaas cloud
International Conference on Big Data, 2017Co-Authors: Hicham Toumi, Bouchra Marzak, Y Khazri, Amal Talea, Ahmed Eddaoui, Mohamed TaleaAbstract:Cloud computing is a new paradigm based on distributed services. It allows to reduce costs and simplify the management of resources. Positioning the cloud in an operational environment provides easy and quick access to computing resources anywhere, anytime, with any device. However, it is deployed in Virtual resources to provide services to public customers and private organizations. In fact, without security measures, distributed cloud services are vulnerable. It acquires knowledge about vulnerabilities, attacks, activities of attackers and tools to secure it. In this paper, we will propose a framework for detecting and repairing distributed intrusions in private cloud. However, we focus on the security of Virtual network in Virtualized environment. In order to secure inside or outside communication of Virtual machines, we suggest using our framework based on snort, mobile agents and Virtual Firewall. This framework allows to reach three objectives: the first, detection intrusion in a Virtual environment using mobile agents for collecting malicious data. The second, generating new signatures from malicious data, which were collected in the first phase. Finally, dynamic deployment of remote response actions using Virtual Firewall. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively.
Hicham Toumi - One of the best experts on this subject based on the ideXlab platform.
-
implementing hy ids mobiles agents and Virtual Firewall to enhance the security in iaas cloud
Procedia Computer Science, 2019Co-Authors: Hicham Toumi, Fatima Zahra Fagroud, Amiyne Zakouni, Mohamed TaleaAbstract:Abstract The growth in customer requirements, big data analysis and pressures on response time, high costs of network platforms pushed companies to migrate to Cloud Computing providing on demand internet hosted IT services. The increase of Cloud users and their interactions with the Cloud infrastructure raise the risk of resources faults. Such a problem can lead to a bad reputation of the Cloud environment, which slows down the evolution of this paradigm. The dynamic architecture and the complex system of the Cloud should be taken into account. In fact, this paradigm Cloud requires that resources protection and healing must be effective, transparent and without external intervention. Thus, it is essential the use fundamental aspects of autonomic Computing in the Cloud to deal with the self-healing of Cloud security. The high degree of match between autonomic Computing systems and multi-agent systems permit to create an intelligent architecture Cloud that support autonomic aspects. Therefore, we propose a cooperative framework based on Hybrid intrusion detection system (Hy-IDS), mobile Agents and Firewall, which permit to detect both insider and outsider attacks with high detection accuracy in Cloud environment. In this paper, we propose a Cloud Computing framework offering the access security, ease of resources management using mobile agents and service availability in a reliable structure with lower cost.
-
mobiles agents and Virtual Firewall to secure the shared network for Virtual machines in iaas cloud
International Conference on Big Data, 2017Co-Authors: Hicham Toumi, Bouchra Marzak, Y Khazri, Amal Talea, Ahmed Eddaoui, Mohamed TaleaAbstract:Cloud computing is a new paradigm based on distributed services. It allows to reduce costs and simplify the management of resources. Positioning the cloud in an operational environment provides easy and quick access to computing resources anywhere, anytime, with any device. However, it is deployed in Virtual resources to provide services to public customers and private organizations. In fact, without security measures, distributed cloud services are vulnerable. It acquires knowledge about vulnerabilities, attacks, activities of attackers and tools to secure it. In this paper, we will propose a framework for detecting and repairing distributed intrusions in private cloud. However, we focus on the security of Virtual network in Virtualized environment. In order to secure inside or outside communication of Virtual machines, we suggest using our framework based on snort, mobile agents and Virtual Firewall. This framework allows to reach three objectives: the first, detection intrusion in a Virtual environment using mobile agents for collecting malicious data. The second, generating new signatures from malicious data, which were collected in the first phase. Finally, dynamic deployment of remote response actions using Virtual Firewall. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively.
Al A. Mazyad - One of the best experts on this subject based on the ideXlab platform.
-
Implementation of Virtual Firewall Function in SDN (Software Defined Networks)
2017 9th IEEE-GCC Conference and Exhibition (GCCCE), 2017Co-Authors: Saad M. Waheed, Al M. Mufarrej, M. Sobhieh, Al A. Barrak, A. Baig, Al A. MazyadAbstract:With the overhauls and increase in network size, it becomes harder to practice maintainability along with security. In recent years, software-defined networking (SDN) has evolved to replace the traditional design of the current network, and with such evolution, raises issues in the Firewall. Firewalls are one of the most important components used in networks, and new challenges have been driven by the software-defined networks in implementing Firewalls. The main issue of the Firewall is its speed. The speed of the Firewall is a hindrance; often Firewall's link speeds are slower than the supported network interface and can cause the traffic burst from the host to be buffered until packets are processed. To overcome these issues, the aim of our project is to solve by implementing duplicate instances of the Firewall. By designing two topologies, a single and multiple controllers, and implementing them in a simulated environment the resulting studies show that multiple controllers in a network environment tend to show an improved performance in the network than in a single controller network.
Kenichiro Hida - One of the best experts on this subject based on the ideXlab platform.
-
joint deployment of Virtual routing function and Virtual Firewall function in nfv based network with minimum network cost
Network-Based Information Systems, 2018Co-Authors: Kenichiro Hida, Shinichi KuribayashiAbstract:It is essential for economical NFV-based network design to determine the place where each network function should be located in the network and what its capacity should be. The authors proposed an algorithm of Virtual routing function allocation in the NFV-based network for minimizing the network cost, and provided effective allocation guidelines for Virtual routing functions. This paper proposes the joint deployment algorithm of Virtual routing function and Virtual Firewall function for minimizing the network cost. Our evaluation results have revealed the following: (1) Installing a packet filtering function, which is a part of the Firewall function, in the sending-side area additionally can reduce wasteful transit bandwidth and routing processing and thereby reduce the network cost. (2) The greater the number of packets filtered by packet filtering function in the sending-side area, the more the reduction of network cost is increased. (3) The proposed algorithm would be approaching about 95% of the deployment with the optimal solution.
