A Study of SLA-Based Defense Resource Management Strategy in Network Security Defense System

  • Wen-Hsu Hsiao
  • Hui-Kai Su
  • Yu-Siang Wei
  • Wei-Sheng Ho
  • Kim-Joan Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7513)


This paper mainly propose a service of network security defense provide by the network service provider, and the service system is built on the original ISP network structure, the security decisions center build on the ISP’s core network which is making the policy decisions of security event, and built a defense system on border routers to form a secure domain called security domain, the service provider will join the user who is using the service to the security domain, through the defense system to network traffic monitoring and filtering malice package to provide users of network security threat defense services. Using Service Level Agreements (SLA) to represent users’ needs, so that users can choose services according to their needs, network security defense system provide different type of defense services based on user needs. Finally, we analyze the usage of the defense resource, furthermore we formulate the mechanisms of policy for the client’s needs, and how to allocate resources in the case of resource saturation for the defense to satisfy service providers obtain the best benefits of the service strategy, and design the mechanism of resource management.


Security Policy Management SLA 


  1. 1.
    Aib, I., Boutaba, R.: PS: A Policy Simulator. IEEE Communications Magazine 45(4), 130–136 (2007)CrossRefGoogle Scholar
  2. 2.
    Su, H.-K., Yau, Z.-Z., Wu, C.-S., Chen, K.-J.: Session-Level and Network-Level SLA Structures and VoIP Service Policy over DiffServ-Based MPLS Networks. IEICE Transactions on Communications E89-B(2), 383–392 (2006)CrossRefGoogle Scholar
  3. 3.
    Marilly, E., Martinot, O., Betge-Brezetz, S., Delegue, G.: Requirements for service level agreement management. In: Proc. IEEE Workshop on IP Operations and Management (2002)Google Scholar
  4. 4.
    Yu, M.-R.: Implementation of SLA-Based Security Policy Management for Cooperative Defense Network (2010)Google Scholar
  5. 5.
    Chain, J.-S.: Design of SLA-Based Cooperative Security and Management Mechanism on Soft Network. In: TANet 2008(2008)Google Scholar
  6. 6.
    Lee, W.-H.: On Investigation of Malicious Software’s Activities - A Case Study on a Company’s Internet Connections (2005)Google Scholar
  7. 7.
    Taiwan Computer Emergency Response Team and Coordination Center,

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Wen-Hsu Hsiao
    • 1
  • Hui-Kai Su
    • 2
  • Yu-Siang Wei
    • 3
  • Wei-Sheng Ho
    • 3
  • Kim-Joan Chen
    • 3
  1. 1.Department of Computer Science and Information TechnologyWuFeng UniversityTaiwan
  2. 2.Department of Electrical EngineeringNational Formosa UniversityYunlinTaiwan
  3. 3.Department of Electrical EngineeringNational Chung Cheng UniversityChia-YiTaiwan

Personalised recommendations