SPHINX: Detecting Security Attacks in Software-Defined Networks.

Software-defined networks (SDNs) allow greater control over network entities by centralizing the control plane, but place great burden on the administrator to manually ensure security and correct functioning ... Our evaluation shows that SPHINX is capable of detecting attacks in SDNs in realtime with low performance overheads, and requires no changes to the controllers for deployment. ... INTRODUCTION The value of Software-Defined Networks (SDNs) lies specifically in their ability to provide network virtualization, dynamic network policy enforcement, and greater control over network entities ...

doi:10.14722/ndss.2015.23064 fatcat:zn5ju2n53facloeacxiyl5saca

In particular, this document provides an overview and the main outcomes of the work performed by the SPHINX Consortium on the SPHINX requirements and guidelines. ... This document is the final iteration of the requirements and guidelines for the SPHINX System from the enduser's perspective. ... SPHINX shall detect and alert users in case of abnormal network traffic. ...

doi:10.5281/zenodo.5052747 fatcat:cifiaqslxnbsze6ispouzoouya

Open Access

In particular, this document provides an overview and the main outcomes of the work performed by the SPHINX Consortium on the SPHINX requirements and guidelines, as part of Task 2.3 - Stakeholders' Requirements ... The SPHINX requirements are also introduced with two categorisation methods, which serve as means for understanding the end-users' needs when addressing cybersecurity protection, in particular the design ... Protect; Detect; Respond. STA-F-200 SPHINX shall detect and alert users in case of abnormal network traffic. Networking; Applications. Detect; Respond. ...

doi:10.5281/zenodo.4427816 fatcat:mobnmxuotzhanktweitkcpqe44

Open Access

The key innovation attained in this document is therefore the architectural design of the novel SPHINX concept, focusing on the proactive assessment and mitigation of cyber security vulnerabilities and ... In particular, this document provides an overview and the main outcomes of the work performed by the SPHINX Consortium on the SPHINX architectural design, as part of Task 2.5 - SPHINX Architecture and ... Machine Learning-empowered Intrusion Detection The increase of cyber-attacks against companies has required the advent of enhanced security mechanisms on networks. ...

doi:10.5281/zenodo.3521682 fatcat:k76x3ndrebaablhkb7o6hdkmfe

Open Access

Further to that it presents in detail the several types of Honeypots envisaged in the SPHINX ecosystem along with their internal structure and interfaces. ... Deliverable D4.4 reports on the implementation status of the SPHINX AI Honeypots. In this context, the document first provides a general overview of the Honeypots concept. ... However, by using a honeypot we can prioritize our attention in real attacks and use the honeypot's logs in conjunction with other security solutions to better refine our network security. ...

doi:10.5281/zenodo.4010577 fatcat:k2bk3n5uybfkvee7k5fbkg7la4

Open Access

Experimentation Environment Development" of SPHINX. ... This research is mainly focused on topology emulations, statistical realistic network traffic reproduction and user behaviour simulations. ... relevant deliverable D5.3 Security Incident/Attack Simulator v1. ...

doi:10.5281/zenodo.4280618 fatcat:fu4i7hry3zf75mrb2d5vhrq4bi

Open Access

of security posture and attack response. ... The SPHINX toolkit needs to merge isolated data into higher-level knowledge of network-wide attack vulnerability and mission readiness in the face of cyber threats to go beyond rudimentary assessments ... Finally, the Data Traffic Monitoring (DTM) component captures the packet's features and detect suspicious network traffic (SPHINX D2.6-SPHINX Architecture v2, 2020). ...

doi:10.5281/zenodo.4280567 fatcat:i3utedok7zaxtlxzxykoot6b44

Open Access

This document reports the development status for the SPHINX System Information and Event Management (SIEM) component. ... to solve problems and detect real world security threats. ... The Core Engine in the middle is responsible for managing the data correlations, monitoring security events, and applying the defined actions whenever security alerts are raised. ...

doi:10.5281/zenodo.4010594 fatcat:utgsxhrig5fhbpk2jvdpmdprtm

Open Access

These components are included in the Automated Cyber Security Risk Assessment block, one of the main high-level SPHINX Architecture building blocks, which deals with advanced and automated tools to assess ... The document D4.1 Cross-Layer Anomaly Detection Framework v1 presents the research and development activities that were made to design and build the first version of two of the SPHINX Toolkit components ... tools used in network monitoring, network security investigations and threat detection and prevention. ...

doi:10.5281/zenodo.4010499 fatcat:cyqgqjkhxnecddvs6xia5rc7ki

Open Access

Management of intellectual property rights plays an important role in all Horizon 2020 research projects. ... This generic presentation is followed by a first approach of how SPHINX's results could be protected and exploited in the future. ... To provide a novel information security awareness ecosystem capable to detect and quickly and effectively respond to sophisticated cyber-attacks. 2. ...

doi:10.5281/zenodo.3521697 fatcat:wbaybn46wrf27giwaoutx2i4su

Open Access

We prove the full cryptographic security of Sphinx in the random oracle model, and we describe how it can be used as an efficient drop-in replacement in deployed remailer systems. ... Sphinx is a cryptographic message format used to relay anonymized messages within a mix network. ... Acknowledgements: The authors would like to thank Greg Zaverucha and Emilia Käsper for comments on early drafts of this paper, as well as Steven Murdoch for suggesting micro-blogging as a potential application for Sphinx ...

doi:10.1109/sp.2009.15 dblp:conf/sp/DanezisG09 fatcat:sihh56yt3bgbbg5r722vblqmfa

Sphinx was a monster in Greek mythology devouring those who could not solve her riddle. ... In VoIP, a new service in the role of Sphinx provides protection against SPIT (Spam over Internet Telephony) by discriminating human callers from botnets. ... ACKNOWLEDGMENTS The Sphinx project is co-financed by the European Regional Development Fund and national funds, through the Greek Ministry of Education (Operational Programme "Competitiveness & Entrepreneurship ...

doi:10.1109/iisa.2013.6623704 dblp:conf/iisa/GritzalisSKPKM13 fatcat:njih3idrdzcqdgo5uhdpxxruvq

In addition, this report discloses the relevant work SPHINX partners have been developing to support the SPHINX piloting activities, namely in what concerns the key performance indicators identified as ... In particular, this document provides an overview and the main outcomes of the work performed by the SPHINX Consortium on the SPHINX use cases, as part of Task 2.4 – Reference Scenarios and Pilot Operations ... medical equipment (SPHINX vulnerability assessment tools), in the early detection of the attack by identifying suspicious network activity (SPHINX data traffic monitoring and anomaly detection tools), ...

doi:10.5281/zenodo.4427729 fatcat:3x3cline5vehji5sbwx4nvjzra

Open Access

In particular, this document provides an overview and the main outcomes of the work performed by the SPHINX Consortium on the SPHINX use cases, as part of Task 2.4 – Reference Scenarios and Pilot Operations ... Overall, the SPHINX use cases are intended to highlight the greatest possible breadth of the SPHINX's capabilities, whilst remaining realistic and testable in realistic conditions. ... of vulnerable critical assets (SPHINX vulnerability assessment tool), in the detection of suspicious network activity (SPHINX anomaly detection tool) and in the early detection of attacks by identifying ...

doi:10.5281/zenodo.5052727 fatcat:5ikl6umlafftroplmkbspcbmse

Open Access

Software-Defined Network (SDN) radically changes the network architecture by decoupling the network logic from the underlying forwarding devices. ... However, in its raw form, SDN could potentially make networks more vulnerable to attacks and harder to protect. ... SPHINX Proposed in 2015, SPHINX is a framework to detect attacks on network topology and data plane forwarding. ...

arXiv:1804.00262v1 fatcat:vbflre6ivjabxczkgeiiks5niu

SPHINX: Detecting Security Attacks in Software-Defined Networks

Preserved Fulltext

SPHINX Requirements and Guidelines v3

Preserved Fulltext

SPHINX Requirements and Guidelines v2

Preserved Fulltext

SPHINX Architecture (the first version)

Preserved Fulltext

SPHINX AI Honeypot v1

Preserved Fulltext

SPHINX User Behaviour Simulator v1

Preserved Fulltext

SPHINX Decision Support Engine v1

Preserved Fulltext

SPHINX Embedded SIEM v1

Preserved Fulltext

SPHINX Cross-layer anomaly detection framework v1

Preserved Fulltext

SPHINX IPR Plan & IPR Management (version 1)

Preserved Fulltext

Sphinx: A Compact and Provably Secure Mix Format

Preserved Fulltext

The Sphinx enigma in critical VoIP infrastructures: Human or botnet?

Preserved Fulltext

Use Cases Definition and Pilot Overview Document v2

Preserved Fulltext

Use Cases Definition and Pilot Overview Document v3

Preserved Fulltext

Software-Defined Network (SDN) Data Plane Security: Issues, Solutions and Future Directions [article]

Preserved Fulltext