| Title |
|
On the design and implementation of a security architecture for software defined networks |
|
|
| Publication Date |
|
| Author(s) |
|
| Type of document |
|
| Language |
|
| Entity Type |
|
| Publisher |
|
Institute of Electrical and Electronics Engineers |
|
|
| Place of publication |
|
| DOI |
|
10.1109/HPCC-SmartCity-DSS.2016.0099 |
|
|
| UNE publication id |
|
| Abstract |
In this paper, we propose techniques for securing Software Defined Networks(SDN). We describe the design of a security architecture that makes use of security applications on top of the SDN Controller to specify fine granular security policies based on domain wide knowledge of the domain and Security Agents to enforce these policies in the switches in the data plane. We have extended the Open Flow protocol to enable communication of the security policies between the security applications in the Controller to the agents in the switches. We have implemented the security architecture using POX Controller and demonstrated the operation of our architecture in a range of scenarios such as enforcing specific security policies for different traffic with different services, counteracting attacks such as Heartbleed and Shellshock as well as spoofing attacks, and protecting Content Management Systems(CMS) from data confidentiality attacks. |
|
|
| Link |
|
| Citation |
|
Proceedings of the 18th IEEE International Conference on High Performance Computing and Communications (HPCC 2016), p. 671-678 |
|
|
| ISBN |
|
| Start page |
|
| End page |
|