Collaborating with the Enemy on Network Management

Hall, Chris; Yu, Dongting; Stout, Jonathan; Odlyzko, Andrew; Moore, Andrew W.; Camp, L. Jean; Benton, Kevin; Anderson, Ross

doi:10.1007/978-3-319-12400-1_15

Cited by 7 publications

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…can be used to test these components and assess their feature set and performance, an assessment framework to evaluate the component risks and vulnerabilities is still missing. Quagga SDN Module (QuaSM) has been proposed in [168] to support experimentation and testing of BGP functions within SDN with a view to support security researchers. It is proposed that information learned by BGP can be integrated with the rest of the SDN network state to provide increased network security.…”

Section: Security Assessment Frameworkmentioning

confidence: 99%

A Survey of Security in Software Defined Networks

Scott-Hayward

Natarajan²,

Sezer

2016

IEEE Commun. Surv. Tutorials

413

213

View full text Add to dashboard Cite

The proposition of increased innovation in network applications and reduced cost for network operators has won over the networking world to the vision of Software-Defined Networking (SDN). With the excitement of holistic visibility across the network and the ability to program network devices, developers have rushed to present a range of new SDN-compliant hardware, software and services. However, amidst this frenzy of activity, one key element has only recently entered the debate: Network Security. In this article, security in SDN is surveyed presenting both the research community and industry advances in this area. The challenges to securing the network from the persistent attacker are discussed and the holistic approach to the security architecture that is required for SDN is described. Future research directions that will be key to providing network security in SDN are identified.

show abstract

Section: Security Assessment Frameworkmentioning

confidence: 99%

A Survey of Security in Software Defined Networks

Scott-Hayward

Natarajan²,

Sezer

2016

IEEE Commun. Surv. Tutorials

413

213

View full text Add to dashboard Cite

show abstract

“…It then quickly infiltrated datacenters due to the benefits that it offered to these environments in terms of virtualization and ease of management 6,7 . In both scenarios, the network is relatively small in terms of diameter and usually under a single domain authority 8 …”

Section: Introductionmentioning

confidence: 99%

Performance analysis of SDN vs OSPF in diverse network environments

Abdallah

Kayssi

Elhajj

et al. 2019

Concurrency and Computation

View full text Add to dashboard Cite

Network convergence is an important aspect in networks because it can limit the damage resulting from network failures and changes. Consequently, a lot of research considered comparing the performance of different routing protocols, whether in IP or SDN, to assess their convergence speed and reaction to failures. We previously modeled OSPF vs SDN networks in general network deployments and studied their comparative convergence delays for different network conditions. However, the type of network and the architecture choices also affect performance. Consequently in this paper, we model network convergence for two network architectures, datacenters and WANs, to discern the difference in SDN and IP convergence processes and speeds when the network type and characteristics change.

show abstract

“…These approaches are powerful, but there has not been widespread adoption [13]. This may be because of processor requirements, memory requirements, or a lack of incentive alignment [20]. Cryptographic solutions are also expensive.…”

Section: Introductionmentioning

confidence: 99%

Using Bursty Announcements for Detecting BGP Routing Anomalies

Moriano,

Hill,

Camp

2019

Preprint

View full text Add to dashboard Cite

Despite the robust structure of the Internet, it is still susceptible to disruptive routing updates that prevent network traffic from reaching its destination. In this work, we propose a method for early detection of large-scale disruptions based on the analysis of bursty BGP announcements. We hypothesize that the occurrence of large-scale disruptions is preceded by bursty announcements. Our method is grounded in analysis of changes in the inter-arrival times of announcements. BGP announcements that are associated with disruptive updates tend to occur in groups of relatively high frequency, followed by periods of infrequent activity. To test our hypothesis, we quantify the burstiness of inter-arrival times around the date and times of three large-scale incidents: the Indosat hijacking event in April 2014, the Telecom Malaysia leak in June 2015, and the Bharti Airtel Ltd. hijack in November 2015. We show that we can detect these events several hours prior to when they were originally detected. We propose an algorithm that leverages the burstiness of disruptive updates to provide early detection of large-scale malicious incidents using local collector data. We describe limitations, open challenges, and how this method can be used for large-scale routing anomaly detection.

show abstract

Collaborating with the Enemy on Network Management

Cited by 7 publications

References 5 publications

A Survey of Security in Software Defined Networks

A Survey of Security in Software Defined Networks

Performance analysis of SDN vs OSPF in diverse network environments

Using Bursty Announcements for Detecting BGP Routing Anomalies

Contact Info

Product

Resources

About