Secured Communication Channels in Software-Defined Networks

Yiğit, Beytüllah; Gûr, Gûrkan; Tellenbach, Bernhard; Alagöz, Fatíh

doi:10.1109/mcom.001.1900060

Cited by 14 publications

(8 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(1) During the SIP call process, the calling and called SIP terminals obtain the address information of the media channel [1] and the start time of the RTP media stream for this call by parsing key signaling such as INVITE and 200 OK. The address information of the media channel mainly includes the IP addresses of the calling parties, the negotiated RTP media stream port information, etc;…”

Section: Analysis Of Media Security Implementation Processmentioning

confidence: 99%

Communication security between SDN controllers and switches based on IPsec

Huang,

Song,

2023

Third International Conference on Green Communication, Network, and Internet of Things (CNIoT 2023)

View full text Add to dashboard Cite

The emergence of Software Defined Network (SDN) technology greatly simplifies network management, separating the control plane from the data plane, achieving the separation of network logic and data, making the deployment and management of network devices easier. However, the openness of SDN provides attackers with the opportunity to invade and disrupt the network, while traditional switches do not have access control capabilities. Therefore, in SDN environments, traditional switches will become a springboard for attackers to invade the network. Therefore, it is necessary to design a security mechanism to achieve secure communication between controllers and switches. This article first analyzes the security mechanism of traditional switches and points out their shortcomings and shortcomings; Next, the security issues brought about by separating network logic and data after separating SDN control plane and data plane were introduced; Then a solution was proposed.

show abstract

Section: Analysis Of Media Security Implementation Processmentioning

confidence: 99%

Communication security between SDN controllers and switches based on IPsec

Huang,

Song,

2023

Third International Conference on Green Communication, Network, and Internet of Things (CNIoT 2023)

View full text Add to dashboard Cite

show abstract

“…While authors in [21] developed a hybrid strategy to protect communications between 5G network slices in distinct public cryptosystems, and two heterogeneous cipher schemes to achieve reciprocal communications between the public key infrastructure (PKI) and Certificate Less Public Key Cryptography (CLC) environments. The authors in [22] introduced a security solution to address security problems related to data exchange in software-defined networks. Where proposed that the TLS use of protocol between the SDN nodes to provide adequate security for communication channel.…”

Section: B Proxy Mobile Ipv6mentioning

confidence: 99%

Enhanced Security of Software-defined Network and Network Slice Through Hybrid Quantum Key Distribution Protocol

Mahdi¹,

Abdullah²

2022

Infocommunications journal

View full text Add to dashboard Cite

Software-defined networking (SDN) has revolutionized the world of technology as networks have become more flexible, dynamic and programmable. The ability to conduct network slicing in 5G networks is one of the most crucial features of SDN implementation. Although network programming provides new security solutions of traditional networks, SDN and network slicing also have security issues, an important one being the weaknesses related to openflow channel between the data plane and controller as the network can be attacked via the openflow channel and exploit communications with the control plane. Our work proposes a solution to provide adequate security for openflow messages through using a hybrid key consisting of classical and quantum key distribution protocols to provide double security depending on the computational complexity and physical properties of quantum. To achieve this goal, the hybrid key used with transport layer security protocol to provide confidentiality, integrity and quantum authentication to secure openflow channel. We experimentally based on the SDN-testbed and network slicing to show the workflow of exchanging quantum and classical keys between the control plane and data plane and our results showed the effectiveness of the hybrid key to enhance the security of the transport layer security protocol. Thereby achieving adequate security for openflow channel against classical and quantum computer attacks.

show abstract

“…Given its complexity, many operators dispense with the use of TLS in switches [6], or in some controllers, the security configuration in HTTP headers is omitted [209]. Noting these drawbacks, there are solutions to reducing the workload for administrators and to provide them solutions for enabling or disabling TLS [210].…”

Section: ) Configurationmentioning

confidence: 99%

A Survey of the Main Security Issues and Solutions for the SDN Architecture

et al. 2021

View full text Add to dashboard Cite

The software-defined networking (SDN) paradigm proposes the decoupling of control and data planes and a centralized software-oriented management approach based on a central controller, easing the development of new applications and services. These design principles pave the way for a more flexible, fast, and dynamic software-controlled network. However, in terms of security, the elements that comprise the SDN architecture present several vulnerabilities, which could be exploited by attackers to carry out malicious actions and thus affect the network and its services. Although for several years, some studies have already focused on identifying the weaknesses of the SDN layer structure, the nature of the attacks, and possible solutions for this paradigm, the literature contains few contributions that review and discuss this topic in an integral fashion. This paper provides a comprehensive, updated, and detailed review of the main security issues and mitigating measures for all layers and interfaces of the SDN architecture, classifying the contributions according to the STRIDE threat modeling methodology categories. Finally, this manuscript identifies, discusses, and synthesizes open challenges and future research directions in this area.

show abstract

Secured Communication Channels in Software-Defined Networks

Cited by 14 publications

References 13 publications

Communication security between SDN controllers and switches based on IPsec

Communication security between SDN controllers and switches based on IPsec

Enhanced Security of Software-defined Network and Network Slice Through Hybrid Quantum Key Distribution Protocol

A Survey of the Main Security Issues and Solutions for the SDN Architecture

Contact Info

Product

Resources

About