A Novel Approach to Dynamic Policy Based Security in SDN: A Survey

IJCSEC Front Page

Abstract:
Software Defined Networking (SDN) is a proposal to networking world for a global administration to manage network services and also to provide an abstraction of networking elements. Most of the security innovations in SDN are bound to an OpenFlow security framework which creates and implement security policies when malicious traffic is detected, in a flexible way. Existing methodologies convert policies in to human readable form, which reduces the complexity to use it. In this article, security in SDN is analyzed, which considers the research works and industry growths in this area. The challenges to securing the network from the sticky attacker are mentioned and the integrated approach to the security architecture that is essential for SDN is also described.

Keywords: SDN, OpenFlow, OpenSec

References:

  1. A. Voellmy, H. Kim, and N. Feamster(2012), Procera: A language for highlevel reactive network control, in Proc. Workshop Hot Topics Softw. Defined Netw. (HotSDN), Helsinki, Finland, Aug. 2012, pp. 4348.
  2. E. Bertino et al.(2009), Analysis of privacy and security policies, IBM Journal of Research and Development, pp 1-18.
  3. N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner (2008), OpenFlow: enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev. 38, 2 (March 2008), 69-74.
  4. Adrian Lara and Byrav Ramamurthy(2016), OpenSec: Policy-Based Security Using Software-Defined Networking, IEEE Transactions On Network And Service Management, VOL. 13, NO. 1,MARCH 2016 .
  5. S. Shin and G. Gu(2012), CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?), in Proc. 20th IEEE Int. Conf. Netw. Protocols (ICNP), Austin, TX, USA, Oct. 2012, pp.16.
  6. S. Shin, P. Porras, V. Yegneswaran, M. Fong, G. Gu, and M. Tyson(2013), FRESCO: Modular composable security services for software defined Networks, in Proc. Netw. Distrib. Syst. Sec. Symp. (NDSS), San Diego,CA, USA, Feb. 2013, pp. 116.
  7. Kuerban et.al. (2016), FlowSec: DOS attack Mitigation Strategy on SDN Controller, 2016 IEEE International Conference on Networking, Architecture and Storage (NAS).
  8. Feliksas Kuliesius , and Vainius Dangovas(2016), SDN Enhanced Campus Network Authentication and Access Control System, 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN).
  9. Bata Krishna Tripathy, Ananta Gopal Sethy and Padmalochan Bera, A Novel Secure and Efficient Policy Management Framework for Software Defined Network, 2016 IEEE 40th Annual Computer Software and Applications Conference.
  10. A. Lara and B. Ramamurthy(2014), OpenSec: A framework for implementing security policies using OpenFlow, in Proc. IEEE Globecom Conf., Austin,TX, USA, Dec. 2014, pp. 781786.
  11. R. Bhatia, J. Lobo, and M. Kohli, Policy evaluation for network management, in Proc. IEEE INFOCOM, Mar. 2000, vol. 3, pp. 11071116.