On the design and implementation of a security architecture for Software Defined Networks

Kallol Krishna Karmakar, Vijay Varadharajan, Udaya Tupakula

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

1 Citation (Scopus)

Abstract

In this paper, we propose techniques for securing Software Defined Networks(SDN). We describe the design of a security architecture that makes use of security applications on top of the SDN Controller to specify fine granular security policies based on domain wide knowledge of the domain and Security Agents to enforce these policies in the switches in the data plane. We have extended the Open Flow protocol to enable communication of the security policies between the security applications in the Controller to the agents in the switches. We have implemented the security architecture using POX Controller and demonstrated the operation of our architecture in a range of scenarios such as enforcing specific security policies for different traffic with different services, counteracting attacks such as Heartbleed and Shellshock as well as spoofing attacks, and protecting Content Management Systems(CMS) from data confidentiality attacks.

Original languageEnglish
Title of host publicationHPCC/SmartCity/DSS 2016
Subtitle of host publicationProceedings of the 18th IEEE International Conference on High Performance Computing and Communications, 14th IEEE International Conference on Smart City and 2nd IEEE International Conference on Data Science and Systems
EditorsJinjun Chen, Laurence T. Yang
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages671-678
Number of pages8
ISBN (Electronic)9781509042975
ISBN (Print)9781509042982
DOIs
Publication statusPublished - 2016
Event18th IEEE International Conference on High Performance Computing and Communications, 14th IEEE International Conference on Smart City and 2nd IEEE International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2016 - Sydney, Australia
Duration: 12 Dec 201614 Dec 2016

Other

Other18th IEEE International Conference on High Performance Computing and Communications, 14th IEEE International Conference on Smart City and 2nd IEEE International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2016
CountryAustralia
CitySydney
Period12/12/1614/12/16

Keywords

  • ACL
  • OpenFlow
  • Policy Control
  • Software Defined Networking (SDN) Security
  • Source Spoofing

Fingerprint Dive into the research topics of 'On the design and implementation of a security architecture for Software Defined Networks'. Together they form a unique fingerprint.

  • Cite this

    Karmakar, K. K., Varadharajan, V., & Tupakula, U. (2016). On the design and implementation of a security architecture for Software Defined Networks. In J. Chen, & L. T. Yang (Eds.), HPCC/SmartCity/DSS 2016: Proceedings of the 18th IEEE International Conference on High Performance Computing and Communications, 14th IEEE International Conference on Smart City and 2nd IEEE International Conference on Data Science and Systems (pp. 671-678). Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/HPCC-SmartCity-DSS.2016.0099