Modelling cyber security for software-defined networks those grow strong when exposed to threats: Analysis and propositions

被引:3
作者
Ahmed U. [1 ,2 ]
Raza I. [1 ]
Hussain S.A. [1 ]
Ali A. [1 ]
Iqbal M. [3 ]
Wang X. [3 ]
机构
[1] Department of Computer Science, Communication and Networks Research Centre, COMSATS Institute of Information Technology, Lahore
[2] Department of Software Engineering, Government College University, Faisalabad
[3] Pak-UK Institute of Innovative Technologies for Disaster Management, University of Gujrat, Gujrat
来源
Journal of Reliable Intelligent Environments | 2015年 / 1卷 / 2-4期
关键词
Antifragility; Cyber security; Modelling; SDN;
D O I
10.1007/s40860-015-0008-0
中图分类号
学科分类号
摘要
With each passing day, the information and communication technologies are evolving with more and more information shared across the globe using the internet superhighway. The threats to information, while connected to the cyber world are getting more targeted, voluminous, and sophisticated requiring new antifragile and resilient network security mechanisms. Whether the information is being processed in the application, in transit within the network or residing in the storage, it is equally susceptible to attack at every level of abstraction and cannot be handled in isolation as the case has been with conventional security mechanisms. The advent of Software-Defined Networks (SDN) has given a new outlook to information protection, where the network can aid in the design of a system that is secure and dependable in case of cyber threats. The nature of SDN, mainly its programmability and centrality of network information and control has led us to think of security in an antifragile perspective. Our networks can now thrive and grow stronger when they are exposed to volatility by overwhelming cyber threats. However, SDN infrastructure itself is susceptible to severe threats that may mutilate the provision of its usability as security provider. Both these perspectives of “Security with SDN” and “Security for SDN” have invited research and innovations, yet both these approaches remain disintegrated, failing to support each other. The contribution of this paper is threefold, with first reviewing the current state of the art work for both perspectives of SDN security. Second, it advocates the necessity and introduces a novel approach of antifragile cyber security within SDN paradigm and finally it proposes a unified model for integrating both approaches of “Security with SDN” and “Security for SDN” to achieve the overall objective of protecting our information from cyber threats in this globally connected internetwork. © 2015, Springer International Publishing Switzerland.
引用
收藏
页码:123 / 146
页数:23
相关论文
共 57 条
[1]  
1, (2014)
[2]  
Scott-Hayward S., O'Callaghan G., Sezer S., Sdn security: A survey. Future Networks and Services (SDN4FNS), 2013 IEEE SDN For, (2013)
[3]  
McKeown N., Anderson T., Balakrishnan H., Parulkar G., Peterson L., Rexford J., Turner J., OpenFlow: enabling innovation in campus networks, ACM SIGCOMM Comput Commu Rev, 38, 2, pp. 69-74, (2008)
[4]  
Schehlmann L., Abt S., Baier H., Blessing or curse? Revisiting security aspects of Software-Defined Networking, 2014 10Th International Conference on Network and Service Management (CNSM), (2014)
[5]  
Anwer B., Benson T., Feamster N., Levin D., Rexford J., A slick control plane for network middleboxes, Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 147-148, (2013)
[6]  
Fayazbakhsh S.K., Sekar V., Yu M., Mogul J.C., Flowtags: Enforcing network-wide policies in the presence of dynamic middlebox actions, Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 19-24, (2013)
[7]  
Qazi Z.A., Tu C.C., Chiang L., Miao R., Sekar V., Yu M., SIMPLE-fying middlebox policy enforcement using SDN, ACM SIGCOMM Computer Communication Review, 43, 4, pp. 27-38, (2013)
[8]  
Ballard J.R., Rae I., Akella A., Extensible and scalable network monitoring using opensafe, Proc, INM/WREN, (2010)
[9]  
Shin S., Gu G., CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?), 2012 20Th IEEE International Conference on Network Protocols (ICNP), pp. 1-6, (2012)
[10]  
Gude N., Koponen T., Pettit J., Pfaff B., Casado M., McKeown N., Shenker S., NOX: towards an operating system for networks, ACM SIGCOMM Comput Commun Rev, 38, 3, pp. 105-110, (2008)
123456