Research Area: Software Defined Networks
In this paper, we propose techniques for securing Software Defined Networks(SDN). We describe the design of a security architecture that makes use of security applications on top of the SDN Controller to specify fine granular security policies based on domain wide knowledge of the domain and Security Agents to enforce these policies in the switches in the data plane. We have extended the Open Flow protocol to enable communication of the security policies between the security applications in the Controller to the agents in the switches. We have implemented the security architecture using POX Controller and demonstrated the operation of our architecture in a range of scenarios such as enforcing specific security policies for different traffic with different services, counteracting attacks such as Heartbleed and Shellshock as well as spoofing attacks, and protecting Content Management Systems(CMS) from data confidentiality attacks.
Keywords:
Author(s) Name: Kallol Krishna Karmakar; Vijay Varadharajan; Udaya Tupakula
Journal name:
Conferrence name: IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC/SmartCity/DSS)
Publisher name: IEEE
DOI: 10.1109/HPCC-SmartCity-DSS.2016.0099
Volume Information:
