Visible to the public SDNLog-Foren: Ensuring the Integrity and Tamper Resistance of Log Files for SDN Forensics using Blockchain

TitleSDNLog-Foren: Ensuring the Integrity and Tamper Resistance of Log Files for SDN Forensics using Blockchain
Publication TypeConference Paper
Year of Publication2019
AuthorsDuy, Phan The, Do Hoang, Hien, Thu Hien, Do Thi, Ba Khanh, Nguyen, Pham, Van-Hau
Conference Name2019 6th NAFOSTED Conference on Information and Computer Science (NICS)
ISBN Number978-1-7281-5163-2
Keywordsauthorisation, blockchain, Blockchain-based security, Computer crime, Computer hacking, computer network security, control systems, cybersecurity, digital forensics, fine-grained access control, global network configuration, Human Behavior, human factors, information forensics, Integrity and Tamper Resistance., log file analysis, log file collection, log file identification, log management, Metrics, network forensics, pubcrawl, resilience, Resiliency, Scalability, SDN forensics, SDN security, SDNLog-Foren, Secure log files, security enhancement, sensitive log data, software defined networking, Southbound interfaces, system monitoring
Abstract

Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both digital forensics and cybersecurity. In fact, there are various attacks targeting a range of vulnerabilities on vital elements of this paradigm such as controller, Northbound and Southbound interfaces. In addition to solutions of security enhancement, it is important to build mechanisms for digital forensics in SDN which provide the ability to investigate and evaluate the security of the whole network system. It should provide features of identifying, collecting and analyzing log files and detailed information about network devices and their traffic. However, upon penetrating a machine or device, hackers can edit, even delete log files to remove the evidences about their presence and actions in the system. In this case, securing log files with fine-grained access control in proper storage without any modification plays a crucial role in digital forensics and cybersecurity. This work proposes a blockchain-based approach to improve the security of log management in SDN for network forensics, called SDNLog-Foren. This model is also evaluated with different experiments to prove that it can help organizations keep sensitive log data of their network system in a secure way regardless of being compromised at some different components of SDN.

URLhttps://ieeexplore.ieee.org/document/9023852
DOI10.1109/NICS48868.2019.9023852
Citation Keyduy_sdnlog-foren_2019