A study on securing software defined networks
Paper
Paper/Presentation Title | A study on securing software defined networks |
---|---|
Presentation Type | Paper |
Authors | Ur Rasool, Raihan (Author), Wang, Hua (Author), Rafique, Wajid (Author), Yong, Jianming (Author) and Cao, Jinli (Author) |
Journal or Proceedings Title | Web Information Systems Engineering – WISE 2017 |
ERA Conference ID | 43582 |
Article Number | Part 2 |
Number of Pages | 11 |
Year | 2017 |
Place of Publication | Switzerland |
ISBN | 9783319687858 |
9783319687865 | |
Digital Object Identifier (DOI) | https://doi.org/10.1007/978-3-319-68786-5 |
Web Address (URL) of Paper | https://link.springer.com/chapter/10.1007%2F978-3-319-68786-5_38#citeas |
Conference/Event | 18th International Conference on Web Information Systems Engineering - WISE 2017 |
International Conference on Web Information Systems Engineering | |
Event Details | International Conference on Web Information Systems Engineering WISE Rank A A A A A A A A A |
Event Details | 18th International Conference on Web Information Systems Engineering - WISE 2017 Event Date 07 to end of 11 Oct 2017 Event Location Puschino, Russia |
Abstract | Most of the IT infrastructure across the globe is virtualized and is backed by Software Defined Networks (SDN). Hence, any threat to SDN’s core components would potentially mean to harm today’s Internet and the very fabric of utility computing. After thorough analysis, this study identifies Crossfire link flooding technique as one of the lethal attacks that can potentially target the link connecting the control plane to the data plane in SDNs. In such a situation, the control plane may get disconnected, resulting in the degradation of the performance of the whole network and service disruption. In this work we present a detailed comparative analysis of the link flooding mitigation techniques and propose a framework for effective defense. It comprises of a separate controller consisting of a flood detection module, a link listener module and a flood detection module, which will work together to detect and mitigate attacks and facilitate the normal flow of traffic. This paper serves as a first effort towards identifying and mitigating the crossfire LFA on the channel that connects control plane to data plane in SDNs. We expect that further optimizations in the proposed solution can bring remarkable results. |
Keywords | Network security; Target link flooding; Software defined network |
ANZSRC Field of Research 2020 | 460999. Information systems not elsewhere classified |
Public Notes | Files associated with this item cannot be displayed due to copyright restrictions. |
Byline Affiliations | Victoria University |
National University of Sciences and Technology, Pakistan | |
University of Southern Queensland | |
La Trobe University | |
Institution of Origin | University of Southern Queensland |
https://research.usq.edu.au/item/q4949/a-study-on-securing-software-defined-networks
175
total views11
total downloads3
views this month0
downloads this month