Software-Defined Network Controller Security: Empirical Study.
Saved in:
| Title: | Software-Defined Network Controller Security: Empirical Study. |
|---|---|
| Authors: | Dawoud, Ahmed1, Shahristani, Seyed1, Chun Raun |
| Source: | Annual International Conference on Information Technology & Applications. 2017, p1-7. 7p. |
| Subjects: | Software-defined networking, Computer network software, Data transmission systems, Application program interfaces, Risk assessment |
| Abstract: | Software-defined networks (SDN) introduce a novel networking paradigm. SDN architecture separates the control and data planes, whereas the control plane generates flow rules required to forward packets by data plane devices. Devices logic detached to form a new plane named controller. SDN model decomposes the complexity of the traditional network and leverages management flexibility and scalability. Nevertheless, security is a major challenge in SDN networks. The controller is a crucial element in the SDN model, considering a single entity governs the entire network. A centralized configuration is highly vulnerable, as the controller is an attractive target for intruders. This paper explores the threats related to the SDN architecture, specifically, threats originated from the existence of controller. The study analyzes controller security on three levels. The first phase of the analysis defines potential threats in various literature. Therefore, we expand and formalize threats in a STRIDE analysis. In the second phase, we deeply analyze the attacks through several attack trees. The third phase is an experiment to evince the threats and the consequence. The study investigates the current security solutions and their limitations. The paper provides an empirical analysis of the controller security to identify, formalize, and quantify the security concerns related to the new model. [ABSTRACT FROM AUTHOR] |
| Copyright of Annual International Conference on Information Technology & Applications is the property of Global Science & Technology Forum and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
| FullText | Links: – Type: pdflink Text: Availability: 0 |
|---|---|
| Header | DbId: egs DbLabel: Engineering Source An: 124295051 AccessLevel: 6 PubType: Conference PubTypeId: conference PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Software-Defined Network Controller Security: Empirical Study. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Dawoud%2C+Ahmed%22">Dawoud, Ahmed</searchLink><relatesTo>1</relatesTo><br /><searchLink fieldCode="AR" term="%22Shahristani%2C+Seyed%22">Shahristani, Seyed</searchLink><relatesTo>1</relatesTo><br /><searchLink fieldCode="AR" term="%22Chun+Raun%22">Chun Raun</searchLink> – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22Annual+International+Conference+on+Information+Technology+%26+Applications%22">Annual International Conference on Information Technology & Applications</searchLink>. 2017, p1-7. 7p. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22Software-defined+networking%22">Software-defined networking</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+network+software%22">Computer network software</searchLink><br /><searchLink fieldCode="DE" term="%22Data+transmission+systems%22">Data transmission systems</searchLink><br /><searchLink fieldCode="DE" term="%22Application+program+interfaces%22">Application program interfaces</searchLink><br /><searchLink fieldCode="DE" term="%22Risk+assessment%22">Risk assessment</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: Software-defined networks (SDN) introduce a novel networking paradigm. SDN architecture separates the control and data planes, whereas the control plane generates flow rules required to forward packets by data plane devices. Devices logic detached to form a new plane named controller. SDN model decomposes the complexity of the traditional network and leverages management flexibility and scalability. Nevertheless, security is a major challenge in SDN networks. The controller is a crucial element in the SDN model, considering a single entity governs the entire network. A centralized configuration is highly vulnerable, as the controller is an attractive target for intruders. This paper explores the threats related to the SDN architecture, specifically, threats originated from the existence of controller. The study analyzes controller security on three levels. The first phase of the analysis defines potential threats in various literature. Therefore, we expand and formalize threats in a STRIDE analysis. In the second phase, we deeply analyze the attacks through several attack trees. The third phase is an experiment to evince the threats and the consequence. The study investigates the current security solutions and their limitations. The paper provides an empirical analysis of the controller security to identify, formalize, and quantify the security concerns related to the new model. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of Annual International Conference on Information Technology & Applications is the property of Global Science & Technology Forum and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=124295051 |
| RecordInfo | BibRecord: BibEntity: Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 7 StartPage: 1 Subjects: – SubjectFull: Software-defined networking Type: general – SubjectFull: Computer network software Type: general – SubjectFull: Data transmission systems Type: general – SubjectFull: Application program interfaces Type: general – SubjectFull: Risk assessment Type: general Titles: – TitleFull: Software-Defined Network Controller Security: Empirical Study. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Dawoud, Ahmed – PersonEntity: Name: NameFull: Shahristani, Seyed – PersonEntity: Name: NameFull: Chun Raun IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 01 Text: 2017 Type: published Y: 2017 Titles: – TitleFull: Annual International Conference on Information Technology & Applications Type: main |
| ResultId | 1 |