SDNLog-Foren: Ensuring the Integrity and Tamper Resistance of Log Files for SDN Forensics using Blockchain
Title | SDNLog-Foren: Ensuring the Integrity and Tamper Resistance of Log Files for SDN Forensics using Blockchain |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Duy, Phan The, Do Hoang, Hien, Thu Hien, Do Thi, Ba Khanh, Nguyen, Pham, Van-Hau |
Conference Name | 2019 6th NAFOSTED Conference on Information and Computer Science (NICS) |
ISBN Number | 978-1-7281-5163-2 |
Keywords | authorisation, blockchain, Blockchain-based security, Computer crime, Computer hacking, computer network security, control systems, cybersecurity, digital forensics, fine-grained access control, global network configuration, Human Behavior, human factors, information forensics, Integrity and Tamper Resistance., log file analysis, log file collection, log file identification, log management, Metrics, network forensics, pubcrawl, resilience, Resiliency, Scalability, SDN forensics, SDN security, SDNLog-Foren, Secure log files, security enhancement, sensitive log data, software defined networking, Southbound interfaces, system monitoring |
Abstract | Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both digital forensics and cybersecurity. In fact, there are various attacks targeting a range of vulnerabilities on vital elements of this paradigm such as controller, Northbound and Southbound interfaces. In addition to solutions of security enhancement, it is important to build mechanisms for digital forensics in SDN which provide the ability to investigate and evaluate the security of the whole network system. It should provide features of identifying, collecting and analyzing log files and detailed information about network devices and their traffic. However, upon penetrating a machine or device, hackers can edit, even delete log files to remove the evidences about their presence and actions in the system. In this case, securing log files with fine-grained access control in proper storage without any modification plays a crucial role in digital forensics and cybersecurity. This work proposes a blockchain-based approach to improve the security of log management in SDN for network forensics, called SDNLog-Foren. This model is also evaluated with different experiments to prove that it can help organizations keep sensitive log data of their network system in a secure way regardless of being compromised at some different components of SDN. |
URL | https://ieeexplore.ieee.org/document/9023852 |
DOI | 10.1109/NICS48868.2019.9023852 |
Citation Key | duy_sdnlog-foren_2019 |
- SDN security
- log management
- Metrics
- network forensics
- pubcrawl
- resilience
- Resiliency
- Scalability
- SDN forensics
- log file identification
- SDNLog-Foren
- Secure log files
- security enhancement
- sensitive log data
- software defined networking
- Southbound interfaces
- system monitoring
- fine-grained access control
- blockchain
- Blockchain-based security
- Computer crime
- Computer hacking
- computer network security
- control systems
- Cybersecurity
- Digital Forensics
- authorisation
- global network configuration
- Human behavior
- Human Factors
- information forensics
- Integrity and Tamper Resistance.
- log file analysis
- log file collection