Biblio
Filters: Keyword is Software Defined Networking (SDN) Security [Clear All Filters]
.
2022. Implementation of Techniques for Enhancing Security of Southbound Infrastructure in SDN. 2022 13th International Conference on Network of the Future (NoF). :1–5.
In this paper we present techniques for enhancing the security of south bound infrastructure in SDN which includes OpenFlow switches and end hosts. In particular, the proposed security techniques have three main goals: (i) validation and secure configuration of flow rules in the OpenFlow switches by trusted SDN controller in the domain; (ii) securing the flows from the end hosts; and (iii) detecting attacks on the switches by malicious entities in the SDN domain. We have implemented the proposed security techniques as an application for ONOS SDN controller. We have also validated our application by detecting various OpenFlow switch specific attacks such as malicious flow rule insertions and modifications in the switches over a mininet emulated network.
ISSN: 2833-0072
.
2020. Attack Detection on the Software Defined Networking Switches. 2020 6th IEEE Conference on Network Softwarization (NetSoft). :262–266.
Software Defined Networking (SDN) is disruptive networking technology which adopts a centralised framework to facilitate fine-grained network management. However security in SDN is still in its infancy and there is need for significant work to deal with different attacks in SDN. In this paper we discuss some of the possible attacks on SDN switches and propose techniques for detecting the attacks on switches. We have developed a Switch Security Application (SSA)for SDN Controller which makes use of trusted computing technology and some additional components for detecting attacks on the switches. In particular TPM attestation is used to ensure that switches are in trusted state during boot time before configuring the flow rules on the switches. The additional components are used for storing and validating messages related to the flow rule configuration of the switches. The stored information is used for generating a trusted report on the expected flow rules in the switches and using this information for validating the flow rules that are actually enforced in the switches. If there is any variation to flow rules that are enforced in the switches compared to the expected flow rules by the SSA, then, the switch is considered to be under attack and an alert is raised to the SDN Administrator. The administrator can isolate the switch from network or make use of trusted report for restoring the flow rules in the switches. We will also present a prototype implementation of our technique.