NEAt: Network error auto-correct

Wenxuan Zhou, Jason Croft, Bingzhe Liu, Matthew Caesar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Configuring and maintaining an enterprise network is a challenging and error-prone process. Administrators must often consider security policies from a variety of sources simultaneously, including regulatory requirements, industry standards, and to mitigate attack vectors. Erroneous implementation of a policy, however, can result in costly data breaches and intrusions. Relying on humans to discover and troubleshoot violations is slow and prone to error, considering the speed at which new attack vectors propagate and the increasing network dynamics, partly an effect of SDN. To ensure the network is always in a state consistent with the desired policies, administrators need frameworks to automatically diagnose and repair violations in real-time. To address this problem, we present NEAt, a system analogous to a smartphone's autocorrect feature that enables on-the-fly repair to policy-violating updates. NEAt modifies the forwarding behavior of updates to automatically repair violations of properties such as reachability, service chaining, and segmentation. NEAt sits between an SDN controller and the forwarding devices, and intercepts updates proposed by SDN applications. If an update violates the policy defined by an administrator, such as reachability or segmentation, NEAt transforms the update into one that complies with the policy. Unlike domain-specific languages or synthesis platforms, NEAt allows enterprise networks to leverage the advanced functionality of SDN applications while simultaneously achieving strong, automated enforcement of general policies.

Original languageEnglish (US)
Title of host publicationSOSR 2017 - Proceedings of the 2017 Symposium on SDN Research
PublisherAssociation for Computing Machinery, Inc
Pages157-163
Number of pages7
ISBN (Electronic)9781450349475
DOIs
StatePublished - Apr 3 2017
Event2017 Symposium on SDN Research, SOSR 2017 - Santa Clara, United States
Duration: Apr 3 2017Apr 4 2017

Publication series

NameSOSR 2017 - Proceedings of the 2017 Symposium on SDN Research

Other

Other2017 Symposium on SDN Research, SOSR 2017
CountryUnited States
CitySanta Clara
Period4/3/174/4/17

Keywords

  • Auto-correct
  • Real-time
  • Software-defined networking

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint Dive into the research topics of 'NEAt: Network error auto-correct'. Together they form a unique fingerprint.

  • Cite this

    Zhou, W., Croft, J., Liu, B., & Caesar, M. (2017). NEAt: Network error auto-correct. In SOSR 2017 - Proceedings of the 2017 Symposium on SDN Research (pp. 157-163). (SOSR 2017 - Proceedings of the 2017 Symposium on SDN Research). Association for Computing Machinery, Inc. https://doi.org/10.1145/3050220.3050238