A Framework for Real-Time Intrusion Response in Software Defined Networking Using Precomputed Graphical Security Models

Software defined networking (SDN) has been adopted in many application domains as it provides functionalities to dynamically control the network flow more robust and more economical compared to the traditional networks. In order to strengthen the security of the SDN against cyber attacks, many secur...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Security and communication networks 2020, Vol.2020 (2020), p.1-15, Article 7235043
Hauptverfasser: Park, Jong Sou, An, SeongMo, Hong, Jin B., Eom, Taehoon, Kim, Dong Seong
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Software defined networking (SDN) has been adopted in many application domains as it provides functionalities to dynamically control the network flow more robust and more economical compared to the traditional networks. In order to strengthen the security of the SDN against cyber attacks, many security solutions have been proposed. However, those solutions need to be compared in order to optimize the security of the SDN. To assess and evaluate the security of the SDN systematically, one can use graphical security models (e.g., attack graphs and attack trees). However, it is difficult to provide defense against an attack in real time due to their high computational complexity. In this paper, we propose a real-time intrusion response in SDN using precomputation to estimate the likelihood of future attack paths from an ongoing attack. We also take into account various SDN components to conduct a security assessment, which were not available when addressing only the components of an existing network. Our experimental analysis shows that we are able to estimate possible attack paths of an ongoing attack to mitigate it in real time, as well as showing the security metrics that depend on the flow table, including the SDN component. Hence, the proposed approach can be used to provide effective real-time mitigation solutions for securing SDN.
ISSN:1939-0114
1939-0122
DOI:10.1155/2020/7235043