Using Cyber Threat Intelligence to Prevent Malicious Known Traffic in a SDN Physical Testbed

Abstract: Since the use of applications and communication tools has increased, one of the concerns of the responsible for network security has been to protect information and information systems, as well as to provide trust to end users for the use of information and communication technologies. Nowadays, attacks on the network have increased and undergone modifications, which make the task for traditional security devices difficult, being necessary to add the intelligence to face the new attacks generated in the network. Hence the need to incorporate Cyber Threat Intelligence (CTI) as a new component in the network. This work focuses on the use of information provided by a CTI to improve the security of Software Defined Networks (SDN), and at the same time, analyze how malicious traffic could be blocked in a physical testbed.