TY - CONF AB - Remarkable advantages of Containers (CNs) over Virtual Machines (VMs) such as lower overhead and faster startup has gained the attention of Communication Service Providers (CSPs) as using CNs for providing Virtual Network Functions (VNFs) can save costs while increasing the service agility. However, as it is not feasible to realise all types of VNFs in CNs, the coexistence of VMs and CNs is proposed. To put VMs and CNs together, an orchestration framework that can chain services across distributed and heterogeneous domains is required. To this end, we implemented a framework by extending and consolidating state-of-the-art tools and technologies originated from Network Function Virtualization (NFV), Software-defined Networking (SDN) and cloud computing environments. This framework chains services provisioned across Kubernetes and OpenStack domains. During the demo, we deploy a service consist of CN- and VM-based VNFs to demonstrate different features provided by our framework. AU - Razzaghi Kouchaksaraei, Hadi AU - Karl, Holger ID - 9809 KW - Network Function Virtualization KW - Software-defined Networking KW - Cloud Computing KW - service orchestration KW - OpenStack KW - Kubernetes T2 - 13th ACM International Conference on Distributed and Event-based Systems TI - Service Function Chaining Across OpenStack and Kubernetes Domains ER - TY - JOUR AB - Software Defined Networks (SDN) and Network Function Virtualisation (NFV) provide the basis for autonomous response and mitigation against attacks on networked computer infrastructures. We propose a new framework that uses SDNs and NFV to achieve this goal: Secure Autonomous Response Network (SARNET). In a SARNET, an agent running a control loop constantly assesses the security state of the network by means of observables. The agent reacts to and resolves security problems, while learning from its previous decisions. Two main metrics govern the decision process in a SARNET: impact and efficiency; these metrics can be used to compare and evaluate countermeasures and are the building blocks for self-learning SARNETs that exhibit autonomous response. In this paper we present the software implementation of the SARNET framework, evaluate it in a real-life network and discuss the tradeoffs between parameters used by the SARNET agent and the efficiency of its actions. AU - Koning, R. AU - de Graaff, B. AU - Polevoy, Gleb AU - Meijer, R. AU - de Laat, C. AU - Grosso, P. ID - 17666 JF - Future Generation Computer Systems KW - Software defined networks KW - Network function virtualization KW - Cyber attacks KW - Cyber security KW - Defense efficiency KW - Overlay networks SN - 0167-739X TI - Measuring the efficiency of SDN mitigations against attacks on computer infrastructures ER -