Publication Type : Journal Article
Source : International Conference on Operating System Security (ICOSS 2017)
Campus : Amritapuri
Year : 2017
Abstract : — Software Defined Networking (SDN) offers programmability at multiple layers of the network and flexibility in deriving abstractions, traffic engineering, security and orchestration services. This emerging paradigm of open network operating systems, network virtualization and SDN initiates new perspectives in network, but also presents new security challenges in the modern networks. In this paper, we investigate some of the major problems in securing the SDN architecture such as: detection of Side channel attacks, targeted control plane and data plane attacks, ensuring security policies as defined by the applications and chain of trust across all the SDN elements such as network switches, controllers, middle-boxes, end-point hosts, applications. The new features from SDN paradigm may help solve many of the current hard security problems, as these advanced functions are added, we need to ensure security in the design and operations. This paper contributes to a detailed analysis of the vulnerabilities in the SDN architecture and a discussion of the state of the art in countermeasures for securing modern network operating systems. We also propose a comprehensive approach for operational security monitoring and defending the SDN stack. This novel Multi-Plane correlated attack detection framework for SDN Operational Security (MP-SNOS) has a suite of real-time analytics engines that: analyses multiple data planes, traffic flows and patterns, network and protocols indicators, violations, attack signatures in control, data and application layers. Our multi plane cooperative design bases decisions on multiple data points, observations and indicators rather than an isolated event or data point at one layer or plane. The proposed design for a secure SDN architecture and open network operating systems is highly portable; extensible that may not require special hardware or any major software modifications to elements in a network environment. This secure SDN framework can be seamlessly deployed/integrated in the modern networks as an advanced real-time monitoring, operational security and defense System for securing modern Cloud, Software-Defined Data Center, SD-WAN, SDX, IoT, Smart Cities, Connected Health, Wireless and Vehicular networks.
Cite this Research Publication : Prabhakar Krishnan, J Najeem, " A multi plane network monitoring and defense framework for sdn operational security" , International Conference on Operating System Security (ICOSS 2017)