发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization最新文献

筛选
英文 中文
IDS Alert Priority Determination Based on Traffic Behavior 基于流量行为的IDS警报优先级确定
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-08-28 DOI: 10.1007/978-3-030-26834-3_11
Shohei Hiruta, Satoshi Ikeda, Shigeyoshi Shima, H. Takakura
{"title":"IDS Alert Priority Determination Based on Traffic Behavior","authors":"Shohei Hiruta, Satoshi Ikeda, Shigeyoshi Shima, H. Takakura","doi":"10.1007/978-3-030-26834-3_11","DOIUrl":"https://doi.org/10.1007/978-3-030-26834-3_11","url":null,"abstract":"","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"30 1","pages":"189-206"},"PeriodicalIF":0.0,"publicationDate":"2019-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76668025","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
How to Solve Multiple Short-Exponent Discrete Logarithm Problem 如何解决多重短指数离散对数问题
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-08-28 DOI: 10.1007/978-3-030-26834-3_4
K. Kurosawa, Akinaga Ueda, Hayato Matsuhashi, Y. Sakagami
{"title":"How to Solve Multiple Short-Exponent Discrete Logarithm Problem","authors":"K. Kurosawa, Akinaga Ueda, Hayato Matsuhashi, Y. Sakagami","doi":"10.1007/978-3-030-26834-3_4","DOIUrl":"https://doi.org/10.1007/978-3-030-26834-3_4","url":null,"abstract":"","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"1 1","pages":"53-64"},"PeriodicalIF":0.0,"publicationDate":"2019-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88556037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Blockchain Future for Secure Clinical Data Sharing: A Position Paper 安全临床数据共享的区块链未来:立场文件
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-03-19 DOI: 10.1145/3309194.3309198
Yan Luo, Hao Jin, Peilong Li
{"title":"A Blockchain Future for Secure Clinical Data Sharing: A Position Paper","authors":"Yan Luo, Hao Jin, Peilong Li","doi":"10.1145/3309194.3309198","DOIUrl":"https://doi.org/10.1145/3309194.3309198","url":null,"abstract":"In the digital healthcare era, it is utmost important to harness medical information scattered across healthcare institutions to support in-depth data analysis. However, the boundaries of cyberinfrastructure of healthcare providers place obstacles on data sharing. In this position paper, we firstly identify the challenges of medical data sharing and management. Then we introduce the background and give a brief survey on the state-of-the-art. Finally, we conclude the paper by discussing a few possible research directions to cope with the challenges in current medical information sharing.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"46 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90940405","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Securing Large-scale Data Transfers in Campus Networks: Experiences, Issues, and Challenges 保护校园网中的大规模数据传输:经验、问题和挑战
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-03-19 DOI: 10.1145/3309194.3309444
Deepak Nadig, B. Ramamurthy
{"title":"Securing Large-scale Data Transfers in Campus Networks: Experiences, Issues, and Challenges","authors":"Deepak Nadig, B. Ramamurthy","doi":"10.1145/3309194.3309444","DOIUrl":"https://doi.org/10.1145/3309194.3309444","url":null,"abstract":"Increasingly, campus networks manage a multitude of large-scale data transfers. Big data plays a pivotal role in university research and impacts domains such as engineering, agriculture, natural sciences, and humanities. Over the years, numerous solutions have been proposed to manage and secure large-scale data transfers efficiently. Examples consist of the inclusion of security policies at the network edge, optimized middlebox management, and the Science Demilitarized Zone (Science DMZ). These solutions either severely degrade data transfer performance or result in data flows completely bypassing the campus network security controls. In this paper, we present our experience with the design, development, and management of large-scale data transfers using software defined networking (SDN) and network functions virtualization (NFV). We also discuss the issues and challenges associated with securing large-scale data transfers in campus networks.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"13 2 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80738221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Formal Access Control Model for SE-Floodlight Controller se泛光灯控制器的形式化访问控制模型
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-03-19 DOI: 10.1145/3309194.3309195
Abdullah Al-Alaj, R. Sandhu, R. Krishnan
{"title":"A Formal Access Control Model for SE-Floodlight Controller","authors":"Abdullah Al-Alaj, R. Sandhu, R. Krishnan","doi":"10.1145/3309194.3309195","DOIUrl":"https://doi.org/10.1145/3309194.3309195","url":null,"abstract":"Software defined networking (SDN) offers a promising approach for the next generation of networking technology. However, at present there is no widely accepted model for network applications authorization. One reason for lack of access control system is the absence of clear definition of an authorization model in SDN. Porras et al citeporras2015securing recently developed SE-Floodlight for this purpose. They partly employed the notion of the well-known role-based access control (RBAC) model. They informally presented a role-based authorization system to manage applications access rights to network operations, submitted during the interaction between the application layer and the switch-side infrastructure. In this paper we develop a formal role-based authorization model in SDN using SE-Floodlight as a reference controller. Based on the formal model we discuss security aspects and propose some extensions. We also provide an administrative model for the authorization system. We show a configuration of the formal model for a use case scenario and discuss the security aspects of the authorization model and describe some security issues related to over-privileged apps, limitations of role hierarchy, app upgrading, and app downgrading problem. Finally, we propose a refined role hierarchy to address these problems.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90802197","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Enabling Dynamic Network Access Control with Anomaly-based IDS and SDN 启用基于异常的IDS和SDN动态网络访问控制
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-03-19 DOI: 10.1145/3309194.3309199
Hongda Li, Feng Wei, Hongxin Hu
{"title":"Enabling Dynamic Network Access Control with Anomaly-based IDS and SDN","authors":"Hongda Li, Feng Wei, Hongxin Hu","doi":"10.1145/3309194.3309199","DOIUrl":"https://doi.org/10.1145/3309194.3309199","url":null,"abstract":"In the Software Defined Networking (SDN) and Network Function Virtualization (NFV) era, it is critical to enable dynamic network access control. Traditionally, network access control policies are statically predefined as router entries or firewall rules. SDN enables more flexibility by re-actively installing flow rules into the switches to achieve dynamic network access control. However, SDN is limited in capturing network anomalies, which are usually important signs of security threats. In this paper, we propose to employ anomaly-based Intrusion Detection System (IDS) to capture network anomalies and generate SDN flow rules to enable dynamic network access control. We gain the knowledge of network anomalies from anomaly-based IDS by training an interpretable model to explain its outcome. Based on the explanation, we derive access control policies. We demonstrate the feasibility of our approach by explaining the outcome of an anomaly-based IDS built upon a Recurrent Neural Network (RNN) and generating SDN flow rules based on our explanation.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"24 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87628985","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
SDNSOC: Object Oriented SDN Framework 面向对象的SDN框架
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-03-19 DOI: 10.1145/3309194.3309196
Ankur Chowdhary, Dijiang Huang, Gail-Joon Ahn, Myong H. Kang, Anya Kim, Alexander Velazquez
{"title":"SDNSOC: Object Oriented SDN Framework","authors":"Ankur Chowdhary, Dijiang Huang, Gail-Joon Ahn, Myong H. Kang, Anya Kim, Alexander Velazquez","doi":"10.1145/3309194.3309196","DOIUrl":"https://doi.org/10.1145/3309194.3309196","url":null,"abstract":"The cloud networks managed by SDN can have multi-tier policy and rule conflicts. The application plane can have conflicting user-defined policies, and the infrastructure layer can have OpenFlow rules conflicting with each other. There is no scalable, and, automated programming framework to detect and resolve multi-tier conflicts in SDN-based cloud networks. We present an object-oriented programming framework - SDN Security Operation Center (SDNSOC), which handles policy composition at application plane, flow rule conflict detection and resolution at the control plane. We follow the design principles of object-oriented paradigm such as code-re-utilization, methods abstraction, aggregation for the implementation of SDNSOC on a multi-tenant cloud network. The key benefits obtained using this approach are (i) The network administrator is abstracted from complex-implementation details of SFC. The end-to-end policy composition of different network functions is handled by an object-oriented framework in an automated fashion. We achieve 37% lower latency in SFC composition compared to nearest competitors - SICS and PGA. (ii) Policy conflict detection between the existing traffic rules and incoming traffic is handled by SDNSOC in a scalable manner. The solution scales well on a large cloud network., and 18% faster security policy conflict detection on a cloud network with 100k OpenFlow rules compared to similar works - Brew, and Flowguard.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"38 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80029412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
An Anonymous Credential System with Constant-Size Attribute Proofs for CNF Formulas with Negations 带否定的CNF公式的常大小属性证明匿名凭证系统
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2019-01-01 DOI: 10.1007/978-3-030-26834-3_6
Ryo Okishima, T. Nakanishi
{"title":"An Anonymous Credential System with Constant-Size Attribute Proofs for CNF Formulas with Negations","authors":"Ryo Okishima, T. Nakanishi","doi":"10.1007/978-3-030-26834-3_6","DOIUrl":"https://doi.org/10.1007/978-3-030-26834-3_6","url":null,"abstract":"","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"272 1","pages":"89-106"},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75028313","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem 基于保序分配问题的加密数据库推理攻击
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2018-09-03 DOI: 10.1007/978-3-319-97916-8_3
Sota Onozawa, N. Kunihiro, M. Yoshino, Ken Naganuma
{"title":"Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem","authors":"Sota Onozawa, N. Kunihiro, M. Yoshino, Ken Naganuma","doi":"10.1007/978-3-319-97916-8_3","DOIUrl":"https://doi.org/10.1007/978-3-319-97916-8_3","url":null,"abstract":"","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"281 1","pages":"35-47"},"PeriodicalIF":0.0,"publicationDate":"2018-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77897040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Integer Linear Programming for Three-Subset Meet-in-the-Middle Attacks: Application to GIFT 三子集中间相遇攻击的整数线性规划:在GIFT中的应用
Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2018-09-03 DOI: 10.1007/978-3-319-97916-8_15
Yu Sasaki
{"title":"Integer Linear Programming for Three-Subset Meet-in-the-Middle Attacks: Application to GIFT","authors":"Yu Sasaki","doi":"10.1007/978-3-319-97916-8_15","DOIUrl":"https://doi.org/10.1007/978-3-319-97916-8_15","url":null,"abstract":"","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"114 1","pages":"227-243"},"PeriodicalIF":0.0,"publicationDate":"2018-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80774690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信