Biblio

Filters: Author is Hong, Jin Bum  [Clear All Filters]
2020-08-28
Eom, Taehoon, Hong, Jin Bum, An, SeongMo, Park, Jong Sou, Kim, Dong Seong.  2019.  Security and Performance Modeling and Optimization for Software Defined Networking. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :610—617.

Software Defined Networking (SDN) provides new functionalities to efficiently manage the network traffic, which can be used to enhance the networking capabilities to support the growing communication demands today. But at the same time, it introduces new attack vectors that can be exploited by attackers. Hence, evaluating and selecting countermeasures to optimize the security of the SDN is of paramount importance. However, one should also take into account the trade-off between security and performance of the SDN. In this paper, we present a security optimization approach for the SDN taking into account the trade-off between security and performance. We evaluate the security of the SDN using graphical security models and metrics, and use queuing models to measure the performance of the SDN. Further, we use Genetic Algorithms, namely NSGA-II, to optimally select the countermeasure with performance and security constraints. Our experimental analysis results show that the proposed approach can efficiently compute the countermeasures that will optimize the security of the SDN while satisfying the performance constraints.

2020-10-05
Hong, Jin Bum, Yusuf, Simon Enoch, Kim, Dong Seong, Khan, Khaled MD.  2018.  Stateless Security Risk Assessment for Dynamic Networks. 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). :65–66.
Emerging networking technologies, such as cloud and Software Defined Networking, provide flexibility, elasticity and functionalities to change the network configurations over time. However, changes also impose unpredictable security postures at different times, creating difficulties to the security assessment of the network. To address this issue, we propose a stateless security risk assessment, which combines the security posture of network states at different times to provide an overall security overview. This paper describes the methodologies of the stateless security risk assessment. Our approach is applicable to any emerging networking technologies with dynamic changes.