Software-Defined Networking and Security From Theory to Practice

This book provides readers insights into cyber maneuvering or adaptive and intelligent cyber defense. It describes the required models and security supporting functions that enable the analysis of potential threats, detection of attacks, and implementation of countermeasures while expending attacker resources and preserving user experience. This book not only presents significant education-oriented content, but uses advanced content to reveal a blueprint for helping network security professionals design and implement a secure Software-Defined Infrastructure (SDI) for cloud networking environments. These solutions are a less intrusive alternative to security countermeasures taken at the host level and offer centralized control of the distributed network. The concepts, techniques, and strategies discussed in this book are ideal for students, educators, and security practitioners looking for a clear and concise text to avant-garde cyber security installations or simply to use as a reference. Hand-on labs and lecture slides are located at http://virtualnetworksecurity.thothlab.com/. Features Discusses virtual network security concepts Considers proactive security using moving target defense Reviews attack representation models based on attack graphs and attack trees Examines service function chaining in virtual networks with security considerations Recognizes machine learning and AI in network security

Part I: Computer Network Foundation. Introduction. Network Interconnection. Virtual Network. SDN and NFV. Part II: Network Security Foundation. Network Security Preliminary. Firewalls. Network Intrusion Detection. Penetration and Testing. Authentication and Access Control. Part III: Advanced Topics in Network Security. Moving Target Defense (MTD). Attack Representation. Attack Mitigation Techniques. Countermeasure Analysis. Advanced Topics. Lab Book: ThoTh Lab (hosted online at ASU). Introduction of ThoTh Lab. Network Security. Software Defined Networking. Network Function Virtualization. Appendix: Source Codes of SDN and MTD Schemes.

Dr. Dijiang Huang received his Bachelor of Science degree in Telecommunications from Beijing University of Posts and Telecommunications, China. He received his Master of Science and PhD degrees from University of Missouri-Kansas City, majoring in Computer Science and Telecommunications. He is currently an associate professor at the School of Computing Informatics, and Decision Systems Engineering, at Arizona State University. Dijiang’s research interests are in computer and network security, mobile ad hoc networks, network virtualization, and mobile cloud computing. His research is supported by federal agencies NSF, ONR, ARO, and NATO, and organizations such as Consortium of Embedded System (CES), Hewlett-Packard, and China Mobile. He is a recipient of ONR Young Investigator Award and HP Innovation Research Program (IRP) Award. He is a co-founder of Athena Network Solutions LLC (ATHENETS), and is currently leading the Secure Networking and Computing (SNAC) research group at ASU. Ankur Chowdhary is a PhD Student at ASU. He received a B.Tech in Information Technology from GGSIPU in 2011 and MS in Computer Science from ASU in 2015. He has worked as an Information Security Researcher for Blackberry Ltd., RSG, and an Application Developer for CSC Pvt. Ltd. His research interests include SDN, Web Security, Network Security, and application of Machine Learning in field of Security. Dr. Sandeep Pisharody received a B.S. degree in Electrical Engineering (distinction), a B.S. degree in Computer Engineering (distinction) from the University of Nebraska in 2004, and an M.S. degree in Electrical Engineering from the University of Nebraska in 2006. He completed his PhD in Computer Science (Information Assurance) from Arizona State University under the guidance of Dr. Dijiang Huang in 2017. His current research interests lie in the areas of secure cloud computing, network security, and Software-Defined Networking. Previously, Sandeep has over eight years’ experience in designing, building, maintaining and securing enterprise and carrier class networks, while working in various capacities for Sprint, Iveda, Apollo Education Group, Insight, University of Phoenix, and the US Government.