Security Threats in the Data Plane of Software-Defined Networks

被引：38

作者：

Gao, Shang ^{[1
]}

Li, Zecheng ^{[1
]}

Xiao, Bin ^{[1
]}

Wei, Guiyi ^{[2
]}

机构：

[1] Hong Kong Polytech Univ, Dept Comp, Hong Kong, Hong Kong, Peoples R China

[2] Zhejiang Gongshang Univ, Sch Comp Sci & Informat Engn, Hangzhou, Zhejiang, Peoples R China

来源：

IEEE NETWORK | 2018年 / 32卷 / 04期

关键词：

D O I：

10.1109/MNET.2018.1700283

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

SDN has enabled extensive network programmability and speedy network innovations by decoupling the control plane from the data plane. However, the separation of the two planes could also be a potential threat to the whole network. Previous approaches pointed out that attackers can launch various attacks from the data plane against SDN, such as DoS attacks, topology poisoning attacks, and side-channel attacks. To address the security issues, we present a comprehensive study of data plane attacks in SDN, and propose FlowKeeper, a common framework to build a robust data plane against different attacks. FlowKeeper enforces port control of the data plane and reduces the workload of the control plane by filtering out illegal packets. Experimental results show that FlowKeeper could be used to efficiently mitigate different kinds of attacks (i.e., DoS and topology poisoning attacks).

引用

页码：108 / 113

页数：6

共 50 条

[11] Detection and Mitigation of Security Threats Using Virtualized Network Functions in Software-Defined Networks
Dominguez-Dorado, Manuel
Calle-Cancho, Jesus
Galeano-Brajones, Jesus
Rodriguez-Perez, Francisco-Javier
Cortes-Polo, David
APPLIED SCIENCES-BASEL, 2024, 14 (01):
[12] Security Threats and Countermeasures in Software Defined Networks
Ahmed, Adnan
Manzoor, Adnan
Halepoto, Imtiaz Ali
Abbas, Fizza
Rajput, Ubaidullah
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2018, 18 (04): : 69 - 74
[13] Towards trust-based routing for data plane security in heterogeneous Software-Defined Wireless Networks
Quinn, Travis
Shah, Syed Danial Ali
Bouhafs, Faycal
den Hartog, Frank
2024 IEEE 10TH INTERNATIONAL CONFERENCE ON NETWORK SOFTWARIZATION, NETSOFT 2024, 2024, : 37 - 42
[14] Improving the Routing Security in Software-Defined Networks
Ai, Jianjian
Guo, Zehua
Chen, Hongchang
Cheng, Guozhen
IEEE COMMUNICATIONS LETTERS, 2019, 23 (05) : 838 - 841
[15] Semantic Security Tools in Software-Defined Networks
Antoshina, E. Ju.
Chalyy, D. Ju.
AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2018, 52 (07) : 605 - 607
[16] Fine-Grained Fingerprinting Threats to Software-Defined Networks
Zhang, Minjian
Hou, Jianwei
Zhang, Ziqi
Shi, Wenchang
Qin, Bo
Liang, Bin
2017 16TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS / 11TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING / 14TH IEEE INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS, 2017, : 128 - 135
[17] Scale the Data Plane of Software-Defined Networks: a Lazy Rule Placement Approach
Li, Qing
Huang, Nanyang
Jiang, Yong
Sinnott, Richard
Xu, Mingwei
2020 IEEE 40TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS (ICDCS), 2020, : 366 - 376
[18] Dynamic control plane management for software-defined networks
Li, Jian
Yoo, Jae-Hyoung
Hong, James Won-Ki
INTERNATIONAL JOURNAL OF NETWORK MANAGEMENT, 2016, 26 (02) : 111 - 130
[19] Hybrid Testbed for Security Research in Software-Defined Networks
Windisch, Fritz
Abedi, Kamyar
Doan, Tung
Strufe, Thorsten
Nguyen, Giang T.
2023 IEEE CONFERENCE ON NETWORK FUNCTION VIRTUALIZATION AND SOFTWARE DEFINED NETWORKS, NFV-SDN, 2023, : 147 - 152
[20] Automated Factorization of Security Chains in Software-Defined Networks
Schnepf, Nicolas
Badonnel, Remi
Lahmadi, Abdelkader
Merz, Stephan
2019 IFIP/IEEE SYMPOSIUM ON INTEGRATED NETWORK AND SERVICE MANAGEMENT (IM), 2019, : 374 - 380

← 1 2 3 4 5 →