Service function chaining policy compliance checking

Qiu, Yangjun; Qiu, Xin; Cai, Yibin

doi:10.1109/noms.2018.8406194

Cited by 3 publications

(3 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By incorporating periodic checks in the orchestrator, the compatibility of all devices can be verified. The Network orchestration software can also be given permissions to upgrade devices automatically [13] or manually to maintain connectivity in the network.…”

Section: Compliance Checkmentioning

confidence: 99%

A study of Storage Area Networks and issues in its management

Kulkarni¹,

Bhat²

2021

JUSST

View full text Add to dashboard Cite

A data center has hundreds of servers and storage devices running on virtual machines that can be deployed and migrated over servers as per the requirement. If each server uses local storage, migration of this storage and restoration is mandatory. An attempt to organize and track storage throughout the data center is quite tedious. Using a dedicated storage system like a storage array, it possible to collectively monitor and manage such a network. A storage area network is essentially a network dedicated to storage devices. A storage area network can interconnect devices in all its layers, therefore improving storage availability. Interconnecting all elements in SAN also reduces the chances of a single point of failure. Using the storage devices collectively improves their utilization. SAN offers to manage and maintain all devices in the network. Although SAN is beneficial, it has drawbacks when configuring, monitoring, and managing components in a large-scale network. This paper consolidates the problems associated with SAN and offers possible solutions to overcome them.

show abstract

Section: Compliance Checkmentioning

confidence: 99%

A study of Storage Area Networks and issues in its management

Kulkarni¹,

Bhat²

2021

JUSST

View full text Add to dashboard Cite

show abstract

“…Various countermeasures have been proposed to protect SFC and SDN from compromised switches [11] - [24]. There are two main categories of such a solution: probe-based and statisticsbased method.…”

Section: A Compromised Switch Attacksmentioning

confidence: 99%

“…R. A. Eichelberger [23] tries to track every packet, notify the controller every time a packet comes through a switch in SFC. Y. Qiu [24] defines and checks the key information of SFC policy, collect the flow rule of network and compare the relations of flow rules and flow pattern. The statistics-based method can find out the compromised switches, but it does not support real-time detection because it [25] needs time to gather data and only works after packets are forwarded.…”

Section: A Compromised Switch Attacksmentioning

confidence: 99%

An efficient defense method for compromised switch and middlebox-bypass attacks in service function chaining

Thang

Park

2020

J. Commun. Netw.

View full text Add to dashboard Cite

Service function chaining (SFC) has a special and powerful ability to define an ordered list of required network services as a virtual chain and makes a network more flexible and manageable. However, there are many vulnerabilities to SFC, such as compromised switches and middlebox-bypass attacks, which can damage the operation and security of the network. In this study, we propose a mechanism that not only detects both middlebox-bypass attacks and compromised switch attacks in multiple service function chains scenario but also prevents such attacks and protects the network. The proposed mechanism uses both probe-based and statisticsbased methods to handle the probe packets and collect statistics from middleboxes for detecting any attacks in SFC. After detection, the mechanism changes the network topology to eliminate the compromised switches, while meeting the initial requirements of the service chains. By combining probe-based and statistics-based methods, our proposal overcomes the disadvantages of other proposed solutions and brings about a robust protection to SFC. As the experimental results indicate, the proposed mechanism is an effective and relevant approach for detecting and preventing compromised switches and middlebox-bypass attacks in SFC.

show abstract

Detecting Compromised Switches And Middlebox-Bypass Attacks In Service Function Chaining

Thang

Park

2019

2019 29th International Telecommunication Networks and Applications Conference (ITNAC)

View full text Add to dashboard Cite

Service function chaining policy compliance checking

Cited by 3 publications

References 1 publication

A study of Storage Area Networks and issues in its management

A study of Storage Area Networks and issues in its management

An efficient defense method for compromised switch and middlebox-bypass attacks in service function chaining

Detecting Compromised Switches And Middlebox-Bypass Attacks In Service Function Chaining

Contact Info

Product

Resources

About