Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft) 2015
DOI: 10.1109/netsoft.2015.7116186
|View full text |Cite
|
Sign up to set email alerts
|

Towards trusted software-defined networks using a hardware-based Integrity Measurement Architecture

Abstract: The rise of software-defined networks in recent years has allowed unprecedented agility in network configuration and orchestration. As physical links and configurations become virtualised, this has created many opportunities for dynamic and transparent deployment of services. This however, opens up a potential attack surface for new forms of attack. Thus, with the combination of SDN elements abstracting their administration to network administrators and the growing attack surface in network element software, t… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
11
0

Year Published

2017
2017
2022
2022

Publication Types

Select...
4
3
2

Relationship

0
9

Authors

Journals

citations
Cited by 19 publications
(11 citation statements)
references
References 6 publications
0
11
0
Order By: Relevance
“…Furthermore, an attacker could inject malicious data into flow tables to propagate deeper into the network and compromise systems otherwise not reachable [8]. Proposed solutions to address flow table security issues include auditing flow table to detect discrepancies between the configured and current behavior [19], validating both executables and flow tables with a TPM [10], or moving critical components (the OpenFlow flow tables and forwarding logic) into Intel SGX enclaves [21]. The latter, while promising from a security point of view, is a very labor-intensive task and introduces additional overhead.…”
Section: Open Vswitchmentioning
confidence: 99%
“…Furthermore, an attacker could inject malicious data into flow tables to propagate deeper into the network and compromise systems otherwise not reachable [8]. Proposed solutions to address flow table security issues include auditing flow table to detect discrepancies between the configured and current behavior [19], validating both executables and flow tables with a TPM [10], or moving critical components (the OpenFlow flow tables and forwarding logic) into Intel SGX enclaves [21]. The latter, while promising from a security point of view, is a very labor-intensive task and introduces additional overhead.…”
Section: Open Vswitchmentioning
confidence: 99%
“…Some of the techniques used for SDN systems (e.g. trusted configuration [8]) are applicable in our scenario.…”
Section: Discussion and Related Workmentioning
confidence: 99%
“…Proposed solutions to address flow table security issues include auditing flow table to detect discrepancies between the configured and current behavior [20], validating both executables and flow tables with a TPM [12], or moving critical components (the OpenFlow flow tables and forwarding logic) into Intel SGX enclaves [22]. The latter, while promising from a security point of view, is a very labor-intensive task and introduces additional overhead.…”
Section: Open Vswitchmentioning
confidence: 99%