A comprehensive security assessment framework for software-defined networks. Issue 91 (April 2020)
- Record Type:
- Journal Article
- Title:
- A comprehensive security assessment framework for software-defined networks. Issue 91 (April 2020)
- Main Title:
- A comprehensive security assessment framework for software-defined networks
- Authors:
- Lee, Seungsoo
Kim, Jinwoo
Woo, Seungwon
Yoon, Changhoon
Scott-Hayward, Sandra
Yegneswaran, Vinod
Porras, Phillip
Shin, Seungwon - Abstract:
- Abstract: As Software-Defined Networking (SDN) is getting popular, its security issue is being magnified as a new controversy, and this trend can be found from recent studies of presenting possible security vulnerabilities in SDN. Understanding the attack surface of SDN is necessary, and it is the starting point to make it more secure. However, most existing studies depend on empirical methods in different environments, and thus they have stopped short of converging on a systematic methodology or developing automated systems to rigorously test for security flaws in SDNs. Therefore, we need to disclose any possible attack scenarios in diverse SDN environments and examine how these attacks operate in those environments. Inspired by the necessity for disclosing the vulnerabilities in diverse SDN operating scenarios, we suggest an SDN penetration tool, DELTA, to regenerate known attack scenarios in diverse test cases. Furthermore, DELTA can even provide a chance of discovering unknown security problems in SDN by employing a fuzzing module. In our evaluation, DELTA successfully reproduced 26 known attack scenarios, across diverse SDN controller environments, and also discovered 9 novel SDN application mislead attacks.
- Is Part Of:
- Computers & security. Issue 91(2020)
- Journal:
- Computers & security
- Issue:
- Issue 91(2020)
- Issue Display:
- Volume 91, Issue 91 (2020)
- Year:
- 2020
- Volume:
- 91
- Issue:
- 91
- Issue Sort Value:
- 2020-0091-0091-0000
- Page Start:
- Page End:
- Publication Date:
- 2020-04
- Subjects:
- Software-Defined Networking -- Security -- Network security -- Penetration testing
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2020.101720 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 13523.xml