Visible to the public An SDN/NFV-Enabled Architecture for Detecting Personally Identifiable Information Leaks on Network Traffic

TitleAn SDN/NFV-Enabled Architecture for Detecting Personally Identifiable Information Leaks on Network Traffic
Publication TypeConference Paper
Year of Publication2019
AuthorsGo, Sharleen Joy Y., Guinto, Richard, Festin, Cedric Angelo M., Austria, Isabel, Ocampo, Roel, Tan, Wilson M.
Conference Name2019 Eleventh International Conference on Ubiquitous and Future Networks (ICUFN)
PublisherIEEE
ISBN Number978-1-7281-1340-1
Keywordscloud computing, composability, Computer architecture, computer network security, Data Breach, data breaches, data privacy, data-intensive nature, hardware-specific implementation, Human Behavior, human factors, Internet, leak detection, leak detection systems, load balancer, Measurement, Metrics, Middleboxes, network function virtualization, network traffic, NFV MANO, NFV-enabled system, personally identifiable information detector, personally identifiable information leaks detection, privacy, privacy leaks, pubcrawl, resilience, Resiliency, SDN controllers, SDN/NFV-enabled architecture, Servers, social networking, software defined networking, software defined networking paradigm, software-based solutions, traffic intensity, unintended data disclosure, virtualisation, virtualization privacy
Abstract

The widespread adoption of social networking and cloud computing has transformed today's Internet to a trove of personal information. As a consequence, data breaches are expected to increase in gravity and occurrence. To counteract unintended data disclosure, a great deal of effort has been dedicated in devising methods for uncovering privacy leaks. Existing solutions, however, have not addressed the time- and data-intensive nature of leak detection. The shift from hardware-specific implementation to software-based solutions is the core idea behind the concept of Network Function Virtualization (NFV). On the other hand, the Software Defined Networking (SDN) paradigm is characterized by the decoupling of the forwarding and control planes. In this paper, an SDN/NFV-enabled architecture is proposed for improving the efficiency of leak detection systems. Employing a previously developed identification strategy, Personally Identifiable Information detector (PIID) and load balancer VNFs are packaged and deployed in OpenStack through an NFV MANO. Meanwhile, SDN controllers permit the load balancer to dynamically redistribute traffic among the PIID instances. In a physical testbed, tests are conducted to evaluate the proposed architecture. Experimental results indicate that the proportions of forwarding and parsing on total overhead is influenced by the traffic intensity. Furthermore, an NFV-enabled system with scalability features was found to outperform a non-virtualized implementation in terms of latency (85.1%), packet loss (98.3%) and throughput (8.41%).

URLhttps://ieeexplore.ieee.org/document/8806077/
DOI10.1109/ICUFN.2019.8806077
Citation Keygo_sdnnfv-enabled_2019