| Title | Risk Assessment Approach to Secure Northbound Interface of SDN Networks |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Niemiec, Marcin, Jaglarz, Piotr, Jekot, Marcin, Chołda, Piotr, Boryło, Piotr |
| Conference Name | 2019 International Conference on Computing, Networking and Communications (ICNC) |
| Keywords | accurate risk estimation, application program interfaces, computer network management, computer network security, human factors, Metrics, network cost, network optimization tool, Northbound-API, pubcrawl, RAMSES, Resiliency, risk assessment, risk assessment approach, risk management, Scalability, SDN, SDN network administrators, secure Northbound interface, security, Security Risk Estimation, software defined networking, telecommunication traffic, traffic demand requests |
| Abstract | The most significant threats to networks usually originate from external entities. As such, the Northbound interface of SDN networks which ensures communication with external applications requires particularly close attention. In this paper we propose the Risk Assessment and Management approach to SEcure SDN (RAMSES). This novel solution is able to estimate the risk associated with traffic demand requests received via the Northbound-API in SDN networks. RAMSES quantifies the impact on network cost incurred by expected traffic demands and specifies the likelihood of adverse requests estimated using the reputation system. Accurate risk estimation allows SDN network administrators to make the right decisions and mitigate potential threat scenarios. This can be observed using extensive numerical verification based on an network optimization tool and several scenarios related to the reputation of the sender of the request. The verification of RAMSES confirmed the usefulness of its risk assessment approach to protecting SDN networks against threats associated with the Northbound-API. |
| DOI | 10.1109/ICCNC.2019.8685486 |
| Citation Key | niemiec_risk_2019 |
Risk Assessment Approach to Secure Northbound Interface of SDN Networks