Visible to the public Using advanced detection and prevention technique to mitigate threats in SDN architecture

Submitted by aekwall on Mon, 06/29/2020 - 12:05pm
TitleUsing advanced detection and prevention technique to mitigate threats in SDN architecture
Publication TypeConference Paper
Year of Publication2019
AuthorsSebbar, Anass, Zkik, Karim, Baadi, Youssef, Boulmalf, Mohammed, ECH-CHERIF El KETTANI, Mohamed Dafir
Conference Name2019 15th International Wireless Communications Mobile Computing Conference (IWCMC)
Date Publishedjun
Keywordsauthentication, centralized architecture, centralized network abstraction, composability, Computer architecture, Computer crime, computer network security, DDoS Attack Prevention, Denial of Service attacks, distributed SDN, DoS/DDoS, Human Behavior, invasive software, KPG-MT, Malware, malware-based attacks, malwares, man in the middle attacks, Metrics, MITM, OpenFlow KPG-MT, performance evaluation, pubcrawl, Resiliency, SDN, SDN architecture, SDN threats, security devices, services deployment, software defined networking, Software Defined Networks
AbstractSoftware defined networks represent a new centralized network abstraction that aims to ease configuration and facilitate applications and services deployment to manage the upper layers. However, SDN faces several challenges that slow down its implementation such as security which represents one of the top concerns of SDN experts. Indeed, SDN inherits all security matters from traditional networks and suffers from some additional vulnerability due to its centralized and unique architecture. Using traditional security devices and solutions to mitigate SDN threats can be very complicated and can negatively effect the networks performance. In this paper we propose a study that measures the impact of using some well-known security solution to mitigate intrusions on SDN's performances. We will also present an algorithm named KPG-MT adapted to SDN architecture that aims to mitigate threats such as a Man in the Middle, Deny of Services and malware-based attacks. An implementation of our algorithm based on multiple attacks' scenarios and mitigation processes will be made to prove the efficiency of the proposed framework.
DOI10.1109/IWCMC.2019.8766552
Citation Keysebbar_using_2019
Groups: