Securing against intruders and other threats through a NFV-enabled environment

Objectif

Nowadays, cybercrime is one of the most relevant and critical threats to both the economy and society in Europe. Establishing efficient and effective ways to protect services and infrastructures from ever-evolving cyber threats is crucial for sustaining business integrity and reputation as well as protecting personal and sensitive data.
To that end, the SHIELD project proposes a universal solution for dynamically establishing and deploying virtual security infrastructures into ISP and corporate networks. SHIELD builds on the huge momentum of Network Functions Virtualisation (NFV), as currently standardised by ETSI, in order to virtualise security appliances into virtual Network Security Functions (vNSFs), to be instantiated within the network infrastructure using NFV technologies and concepts, effectively monitoring and filtering network traffic in a distributed manner. Logs and metrics from vNSFs are aggregated into an information-driven Data Analysis and Remediation Engine (DARE), which leverages state-of-the-art big data storage and analytics in order to predict specific vulnerabilities and attacks by analysing the network and understanding the adversary possibilities, behaviour and intent.
The SHIELD virtual security infrastructure can either used by the ISP internally for network monitoring and protection, but it can also be offered as-a-service to ISP customers; for this purpose, SHIELD establishes a “vNSF Store”, i.e. a repository of available virtual security functions (firewalls, DPIs, content filters etc.) from which the ISP customers can select the ones which best match their needs and deploy them to protect their infrastructure. This approach promotes openness and interoperability of security functions and offers an affordable, zero-CAPEX security solution for citizens and SMEs. Moreover, SHIELD services can be easily scaled up or down, configured and upgraded according to customers’ needs, as opposed to security solutions based on monolithic hardware.

Champ scientifique

• sciences naturellesinformatique et science de l’informationscience des donnéesanalyse de données
• sciences naturellesinformatique et science de l’informationlogiciel
• sciences naturellessciences biologiquesécologieécosystème
• sciences naturellesinformatique et science de l’informationsécurité informatiquesécurité du réseau
• sciences socialeséconomie et affaires

Programme(s)

• H2020-EU.3.7. - Secure societies - Protecting freedom and security of Europe and its citizens

Thème(s)

• DS-04-2015 - Information driven Cyber Security Management

Appel à propositions

H2020-DS-2015-1
Voir d’autres projets de cet appel

Régime de financement

Coordinateur

Participants (11)