Abstract
The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.
Original language | English |
---|---|
Title of host publication | Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings |
Editors | G.M. Perez, A. Zomaya, K. Li, G. Wang |
Place of Publication | Germany |
Publisher | Springer-Verlag London Ltd. |
Pages | 746-756 |
Number of pages | 11 |
Volume | 9532 |
ISBN (Print) | 9783319271606 |
DOIs | |
Publication status | Published - 1 Jan 2015 |
Externally published | Yes |
Event | 15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015 - Zhangjiajie, China Duration: 18 Nov 2015 → 20 Nov 2015 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 9532 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015 |
---|---|
Country | China |
City | Zhangjiajie |
Period | 18/11/15 → 20/11/15 |
Fingerprint
Cite this
}
Security modeling and analysis of a SDN based web service. / Eom, Taehoon; Hong, Jin B.; Park, Jong Sou; Kim, Dong Seong.
Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings. ed. / G.M. Perez; A. Zomaya; K. Li; G. Wang. Vol. 9532 Germany : Springer-Verlag London Ltd., 2015. p. 746-756 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9532).Research output: Chapter in Book/Conference paper › Conference paper
TY - GEN
T1 - Security modeling and analysis of a SDN based web service
AU - Eom, Taehoon
AU - Hong, Jin B.
AU - Park, Jong Sou
AU - Kim, Dong Seong
PY - 2015/1/1
Y1 - 2015/1/1
N2 - The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.
AB - The introduction of a Software-Defined Network (SDN) provides a better functionality and usability over the traditionally static networks. The SDN separates controllers and networking peripherals onto the Control and Data Planes respectively. However, this separation creates new vulnerabilities between the planes. To address this problem, we propose to model and analyze the security of the SDN. Further, we propose a network reconfiguration technique to assess its effectiveness of minimizing the system risk. Our simulation results show that computing the optimal reconfiguration has an exponential time complexity, and there is also a trade-off between the system risk and the server delay.
KW - Attack Graphs
KW - Attack modeling
KW - Security analysis
KW - Security models
KW - Software defined networks
UR - http://www.scopus.com/inward/record.url?scp=84951967055&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-27161-3_68
DO - 10.1007/978-3-319-27161-3_68
M3 - Conference paper
SN - 9783319271606
VL - 9532
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 746
EP - 756
BT - Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, Proceedings
A2 - Perez, G.M.
A2 - Zomaya, A.
A2 - Li, K.
A2 - Wang, G.
PB - Springer-Verlag London Ltd.
CY - Germany
ER -