Skowyra et al., 2018 - Google Patents
Effective topology tampering attacks and defenses in software-defined networksSkowyra et al., 2018
View PDF- Document ID
- 9881220294833838233
- Author
- Skowyra R
- Xu L
- Gu G
- Dedhia V
- Hobson T
- Okhravi H
- Landry J
- Publication year
- Publication venue
- 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
External Links
Snippet
As Software-Defined Networking has gained increasing prominence, new attacks have been demonstrated which can corrupt the SDN controller's view of network topology. These topology poisoning attacks, most notably host-location hijacking and link fabrication attacks …
- 208000000044 Amnesia 0 abstract description 31
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/06—Arrangements for maintenance or administration or management of packet switching networks involving management of faults or events or alarms
- H04L41/0654—Network fault recovery
- H04L41/0659—Network fault recovery by isolating the faulty entity
- H04L41/0663—Network fault recovery by isolating the faulty entity involving offline failover planning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/08—Monitoring based on specific metrics
- H04L43/0805—Availability
- H04L43/0817—Availability functioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/08—Monitoring based on specific metrics
- H04L43/0805—Availability
- H04L43/0811—Connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/16—Arrangements for monitoring or testing packet switching networks using threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/06—Report generation
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Skowyra et al. | Effective topology tampering attacks and defenses in software-defined networks | |
| Birkinshaw et al. | Implementing an intrusion detection and prevention system using software-defined networking: Defending against port-scanning and denial-of-service attacks | |
| Dayal et al. | Research trends in security and DDoS in SDN | |
| Marin et al. | An in-depth look into SDN topology discovery mechanisms: Novel attacks and practical countermeasures | |
| Hong et al. | Poisoning network visibility in software-defined networks: New attacks and countermeasures. | |
| Karmakar et al. | Mitigating attacks in software defined networks | |
| Bello et al. | On sustained zero trust conceptualization security for mobile core networks in 5g and beyond | |
| Kyung et al. | HoneyProxy: Design and implementation of next-generation honeynet via SDN | |
| Chung et al. | NICE: Network intrusion detection and countermeasure selection in virtual network systems | |
| Jero et al. | Beads: Automated attack discovery in openflow-based sdn systems | |
| US7823204B2 (en) | Method and apparatus for detecting intrusions on a computer system | |
| Krishnan et al. | SDN/NFV security framework for fog‐to‐things computing infrastructure | |
| Hlavacek et al. | DISCO: Sidestepping RPKI's deployment barriers | |
| Hussein et al. | Software-Defined Networking (SDN): the security review | |
| Kong et al. | Combination attacks and defenses on sdn topology discovery | |
| Ahmed et al. | Modelling cyber security for software-defined networks those grow strong when exposed to threats: Analysis and propositions | |
| Grigoryan et al. | Enabling cooperative IoT security via software defined networks (SDN) | |
| Feldmann et al. | NetCo: Reliable routing with unreliable routers | |
| Jeyanthi et al. | Packet resonance strategy: a spoof attack detection and prevention mechanism in cloud computing environment | |
| Ádám et al. | Artificial neural network based IDS | |
| Gomez et al. | Controller-oblivious dynamic access control in software-defined networks | |
| Khosravifar et al. | An experience improving intrusion detection systems false alarm ratio by using honeypot | |
| Mahmood et al. | Review paper on neighbour discovery protocol in IPv6 link-local network | |
| DeCusatis et al. | Zero trust cloud networks using transport access control and high availability optical bypass switching | |
| Thimmaraju et al. | Preacher: Network policy checker for adversarial environments |