On the design and implementation of a security architecture for software defined networks

Author(s)
Karmakar, Kallol Krishna
Varadharajan, Vijay
Tupakula, Udaya
Publication Date
2016
Abstract
<p>In this paper, we propose techniques for securing Software Defined Networks(SDN). We describe the design of a security architecture that makes use of security applications on top of the SDN Controller to specify fine granular security policies based on domain wide knowledge of the domain and Security Agents to enforce these policies in the switches in the data plane. We have extended the Open Flow protocol to enable communication of the security policies between the security applications in the Controller to the agents in the switches. We have implemented the security architecture using POX Controller and demonstrated the operation of our architecture in a range of scenarios such as enforcing specific security policies for different traffic with different services, counteracting attacks such as Heartbleed and Shellshock as well as spoofing attacks, and protecting Content Management Systems(CMS) from data confidentiality attacks.</p>
Citation
Proceedings of the 18th IEEE International Conference on High Performance Computing and Communications (HPCC 2016), p. 671-678
ISBN
9781509042975
9781509042982
Link
Publisher
Institute of Electrical and Electronics Engineers
Title
On the design and implementation of a security architecture for software defined networks
Type of document
Conference Publication
Entity Type
Publication

Files:

NameSizeformatDescriptionLink