Security modeling and analysis of a SDN based web service

Taehoon Eom; Jin B. Hong; Jong Sou Park; Dong Seong Kim

doi:10.1007/978-3-319-27161-3_68

Security modeling and analysis of a SDN based web service

Taehoon Eom, Jin B. Hong, Jong Sou Park, Dong Seong Kim

Research output: Chapter in Book/Conference paper › Conference paper

Abstract

The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.

Original language	English
Title of host publication	Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings
Editors	G.M. Perez, A. Zomaya, K. Li, G. Wang
Place of Publication	Germany
Publisher	Springer-Verlag London Ltd.
Pages	746-756
Number of pages	11
Volume	9532
ISBN (Print)	9783319271606
DOIs	https://doi.org/10.1007/978-3-319-27161-3_68
Publication status	Published - 1 Jan 2015
Externally published	Yes
Event	15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015 - Zhangjiajie, China Duration: 18 Nov 2015 → 20 Nov 2015

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9532
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015
Country	China
City	Zhangjiajie
Period	18/11/15 → 20/11/15

Fingerprint

Web services

Web Services

Software

Modeling

Reconfiguration

Servers

Controllers

Exponential time

Vulnerability

Networking

Usability

Time Complexity

Server

Trade-offs

Controller

Computing

Simulation

Model

Cite this

Eom, T., Hong, J. B., Park, J. S., & Kim, D. S. (2015). Security modeling and analysis of a SDN based web service. In G. M. Perez, A. Zomaya, K. Li, & G. Wang (Eds.), Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings (Vol. 9532, pp. 746-756). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9532). Germany: Springer-Verlag London Ltd.. https://doi.org/10.1007/978-3-319-27161-3_68

Eom, Taehoon ; Hong, Jin B. ; Park, Jong Sou ; Kim, Dong Seong. / Security modeling and analysis of a SDN based web service. Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings. editor / G.M. Perez ; A. Zomaya ; K. Li ; G. Wang. Vol. 9532 Germany : Springer-Verlag London Ltd., 2015. pp. 746-756 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{275e2270f5e84321bd086c9c3a56dbaa,

title = "Security modeling and analysis of a SDN based web service",

abstract = "The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.",

keywords = "Attack Graphs, Attack modeling, Security analysis, Security models, Software defined networks",

author = "Taehoon Eom and Hong, {Jin B.} and Park, {Jong Sou} and Kim, {Dong Seong}",

year = "2015",

month = "1",

day = "1",

doi = "10.1007/978-3-319-27161-3_68",

language = "English",

isbn = "9783319271606",

volume = "9532",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer-Verlag London Ltd.",

pages = "746--756",

editor = "G.M. Perez and A. Zomaya and K. Li and Wang, {G. }",

booktitle = "Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings",

address = "Germany",

}

Eom, T, Hong, JB, Park, JS & Kim, DS 2015, Security modeling and analysis of a SDN based web service. in GM Perez, A Zomaya, K Li & G Wang (eds), Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings. vol. 9532, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9532, Springer-Verlag London Ltd., Germany, pp. 746-756, 15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015, Zhangjiajie, China, 18/11/15. https://doi.org/10.1007/978-3-319-27161-3_68

Security modeling and analysis of a SDN based web service. / Eom, Taehoon; Hong, Jin B.; Park, Jong Sou; Kim, Dong Seong.

Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings. ed. / G.M. Perez; A. Zomaya; K. Li; G. Wang. Vol. 9532 Germany : Springer-Verlag London Ltd., 2015. p. 746-756 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9532).

Research output: Chapter in Book/Conference paper › Conference paper

TY - GEN

T1 - Security modeling and analysis of a SDN based web service

AU - Eom, Taehoon

AU - Hong, Jin B.

AU - Park, Jong Sou

AU - Kim, Dong Seong

PY - 2015/1/1

Y1 - 2015/1/1

N2 - The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.

AB - The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.

KW - Attack Graphs

KW - Attack modeling

KW - Security analysis

KW - Security models

KW - Software defined networks

UR - http://www.scopus.com/inward/record.url?scp=84951967055&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-27161-3_68

DO - 10.1007/978-3-319-27161-3_68

M3 - Conference paper

SN - 9783319271606

VL - 9532

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 746

EP - 756

BT - Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings

A2 - Perez, G.M.

A2 - Zomaya, A.

A2 - Li, K.

A2 - Wang, G.

PB - Springer-Verlag London Ltd.

CY - Germany

ER -

Eom T, Hong JB, Park JS, Kim DS. Security modeling and analysis of a SDN based web service. In Perez GM, Zomaya A, Li K, Wang G, editors, Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings. Vol. 9532. Germany: Springer-Verlag London Ltd. 2015. p. 746-756. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-27161-3_68

Access to Document

10.1007/978-3-319-27161-3_68

Link to publication in Scopus