Quantitative Analysis of the Security of Software‐Defined Network Controller Using Threat/Effort Model

Wu, Zehui; Wei, Qiang

doi:10.1155/2017/8740217

Cited by 7 publications

(3 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such approaches may be based on the use of the list of attacks [15][16][17][18][19] or the list of attack scenarios [20]. Some approaches come down to analyzing the exploitation of vulnerabilities in the system [21][22][23].…”

Section: Related Workmentioning

confidence: 99%

Model of Threats to Computer Network Software

2019

View full text Add to dashboard Cite

This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

show abstract

Section: Related Workmentioning

confidence: 99%

Model of Threats to Computer Network Software

2019

View full text Add to dashboard Cite

show abstract

“…As the basis of the threat model, the authors most often use the list of attacks [11][12][13][14][15], the list of attack scenarios [16], the description of exploitation of vulnerabilities [17,18], and the description of attackers [19]. This approach does not allow to determine the list of threats.…”

Section: Introductionmentioning

confidence: 99%

Information Security Methods—Modern Research Directions

et al. 2019

View full text Add to dashboard Cite

In Tomsk University of Control Systems and Radioelectronics (TUSUR) one of the main areas of research is information security. The work is carried out by a scientific group under the guidance of Professor Shelupanov. One of the directions is the development of a comprehensive approach to assessing the security of the information systems. This direction includes the construction of an information security threats model and a protection system model, which allow to compile a complete list of threats and methods of protection against them. The main directions of information security tools development are dynamic methods of biometrics, methods for generating prime numbers for data encryption, steganography, methods and means of data protection in Internet of Things (IoT) systems. The article presents the main results of research in the listed areas of information security. The resultant properties in symmetric cryptography are based on the properties of the power of the generating functions. The authors have obtained symmetric principles for the development of primality testing algorithms, as discussed in the Appendix.Symmetry 2018, 10, x FOR PEER REVIEW 3 of 33 Ported to AMR system devices, IPsec ensures mutual authentication of network devices using the IKEv2 protocol. Optionally, the network can be configured based on the EAP-PSK protocol. During configuration, the devices receive network addresses and authentication keys, at which point the execution of EAP-PSK is stopped and data is transferred via IPsec. Another option is to use pre-installed certificates on the devices. In this case, the initial configuration is done manually, but the network does not require EAP-PSK to be used.Data integrity control and encryption during transmission are provided by ESP, which is the protocol used in IPsec at the transport level. This protocol ensures the security of both the data transmitted and packet headers at the network level.This approach makes it possible to ensure reliable authentication of the AMR system devices and the security of the data to be transmitted and opens a wide range of options for the configuration of network operation; however, it cannot be used in networks with heterogeneous communication channels. The EAP-PSK-based approach offers less flexibility but is suitable for networks with heterogeneous communication channels. For an AMR system, a list of threats was proposed based on the developed methodology. Threats to the confidentiality of the system are threats related to the collection of information about the system. This can be a list of devices, software versions, authentication data, access control policies, network addresses, interaction protocols, etc. Threats to the integrity of the automated system for commercial accounting are: substitution of an object, substitution of a communication channel, deletion of an object, destruction of a communication channel, addition of an unauthorized object, creation of an unauthorized communication channel; change of communication channel or object settings...

show abstract

“…Reference compares and evaluates the 2 controllers, OpenDaylight and ONOS, in particular their northbound interfaces (NBIs), based on the use cases such as discovering the network, adding a new network function, and changing an existing function. Reference employs a quantitative approach to analyze the security of the SDN controllers using threat/effort model. Reference is a framework to exploit the security of SDN, specifically the control plane.…”

Section: Introductionmentioning

confidence: 99%

A comprehensive 3‐dimensional security analysis of a controller in software‐defined networking

Tseng

Naït‐Abdesselam

Khokhar

2018

Security and Privacy

View full text Add to dashboard Cite

Software-defined networking (SDN) has recently emerged as a novel networking paradigm that enables network administrators to manage network services through high-level abstraction of networking functions. This is achieved by mainly decoupling the control plane from the data plane. The control plane, namely the SDN controller, makes dynamic decisions on where traffic is sent in the underlying systems that forward data to the selected destinations. The SDN controller, seen as a networking operating system, acts, therefore, as the brain in SDN. Consequently, its importance makes it a privileged new target for future attackers. In order to have a comprehensive security assessment of the SDN controller, we conducted a 3-dimensional analysis to study the security of OpenFlow-based SDN controllers. This study includes: (1) the essential components of a controller, (2) the characteristics provided by a controller, and (3) the STRIDE model. At the end, we also summarized 9 principles that are necessary to secure an SDN controller from the reported attacks and analyzed the security of 5 active open-source controllers following those principles. KEYWORDSOpenFlow, SDN, SDN controller, security INTRODUCTIONSoftware-defined networking (SDN) is as susceptible to attacks as traditionally managed networks. A long and continuous series of attacks have revealed many areas of network vulnerability. The SDN controller is a key to any software-defined network and offers attackers a target not present in earlier network technologies. Clearly, any successful attack on the controller will halt or disrupt network operations. 1 To address this problem, some researchers have proposed to harden the SDN control plane. For example, FortNOX 2 hardens the kernel of the SDN controller (NOX) to avoid malicious rule injection from the application plane. Extending FortNOX, SE-Floodlight 3 enhances the security of the overall control plane through authentication, role authorization, and network application operation auditing. Rosemary 4 isolates the net-app from the control plane via interprocess communication (IPC), which enables the SDN controller to be immune from resource exhaustion attacks. Moreover, the distributed controllers have also been proposed for providing a more scalable control plane, such as ONOS, 5 Onix, 6 Kandoo, 7 and the 3-level controller architecture for IoT (Internet of things). 8 Moreover, a distributed architecture brings new challenges for data consistency between controllers. 9 However, the SDN controller remains vulnerable to many threats, such as data inconsistency, OpenFlow messages flooding, topology spoofing, malicious scanning, etc. Hence, the motivation of this work is to provide a clear view in order to evaluate the security of the control plane. A number of surveys on SDN/OpenFlow security also precede this analysis such as References 10-16. Reference 13 adopts STRIDE to evaluate the security of SDN. Conversely, Reference 17 uses STRIDE to evaluate the security of the Security Privacy. 2018;1:e21.wileyonlinelibrar...

show abstract

Quantitative Analysis of the Security of Software‐Defined Network Controller Using Threat/Effort Model

Cited by 7 publications

References 10 publications

Model of Threats to Computer Network Software

Model of Threats to Computer Network Software

Information Security Methods—Modern Research Directions

A comprehensive 3‐dimensional security analysis of a controller in software‐defined networking

Contact Info

Product

Resources

About