Abstract
Software-Defined Networking (SDN) relies on open programmability of network devices, which is achieved by defining new communication interfaces, network operating systems, and changing the traditional decision-making logic of regular TCP/IP networks. Network Functions Virtualization (NFV), in turn, permits virtualizing network functions that are traditionally performed by physical middleboxes (e.g., firewalling and intrusion detection/prevention). Although SDN and NFV improve the flexibility of the management of computer networks, SDN remains vulnerable to major network security problems, such as Distributed Denial of Service (DDoS) attacks. These attacks typically result in the disruption of network services and resources. In this paper, we introduce ANSwer, an architecture that combines NFV and SDN features to create sophisticated network resilience strategies. ANSwer relies on a feedback control-loop which explores SDN features to monitor and analyze the behavior of the network infrastructure, indicating whether parts of an existing resilience strategy can be reconfigured to achieve more satisfactory results, or if an entire resilience strategy needs to be added or replaced. Our experiments demonstrate that ANSwer can rapidly identify and handle distinct anomalies in different scenarios, indicating that the reconfiguration and deployment of resilience strategies can be performed in real-time.